Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/594d25-f1c6-4044-a8a7-c8f182e95ea5/1/NuoH07lrjioUbYobQv22IBUxWR4.roa
File: NuoH07lrjioUbYobQv22IBUxWR4.roa (raw, json)
Hash identifier: /1r1or4Kj1Bc0bjkaGE1lqWuSvsvNANGARbI4Rgtuso=
Subject key identifier: 36:EA:07:D3:B9:6B:8E:2A:14:6D:8A:1B:42:FD:B6:20:15:31:59:1E
Certificate issuer: /CN=0e64f81b9e36b849917787678d014db4bfcef311
Certificate serial: 018CCEFABDE40D0882FF36A16830F32872C9
Authority key identifier: 0E:64:F8:1B:9E:36:B8:49:91:77:87:67:8D:01:4D:B4:BF:CE:F3:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DmT4G542uEmRd4dnjQFNtL_O8xE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/594d25-f1c6-4044-a8a7-c8f182e95ea5/1/NuoH07lrjioUbYobQv22IBUxWR4.roa
Signing time: Wed 03 Jan 2024 10:59:48 +0000
ROA not before: Wed 03 Jan 2024 10:59:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3258
IP address blocks: 146.19.163.0/24 maxlen: 32
194.50.154.0/24 maxlen: 32
146.19.19.0/24 maxlen: 32
2a14:1f80::/29 maxlen: 128
2a12:a300::/29 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/594d25-f1c6-4044-a8a7-c8f182e95ea5/1/DmT4G542uEmRd4dnjQFNtL_O8xE.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/594d25-f1c6-4044-a8a7-c8f182e95ea5/1/DmT4G542uEmRd4dnjQFNtL_O8xE.mft
rsync://rpki.ripe.net/repository/DEFAULT/DmT4G542uEmRd4dnjQFNtL_O8xE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ce:fa:bd:e4:0d:08:82:ff:36:a1:68:30:f3:28:72:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e64f81b9e36b849917787678d014db4bfcef311
Validity
Not Before: Jan 3 10:59:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=36ea07d3b96b8e2a146d8a1b42fdb6201531591e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:af:a1:cd:91:52:07:85:9a:40:a6:2b:d8:c9:
c5:1c:94:78:49:f3:02:b4:c4:11:60:00:b7:8e:7d:
ae:85:85:28:20:82:21:0a:b1:5a:dc:4f:6c:a1:b2:
9e:9b:09:2d:05:da:42:d7:e0:0a:98:a7:d8:1d:31:
82:1d:bd:6d:ee:7e:a8:bf:be:34:3e:2a:b4:86:88:
e2:28:b6:03:05:e1:d3:33:90:23:a3:34:7b:35:4f:
4a:7d:b5:f1:3e:8a:c7:0e:58:5b:38:df:ab:a9:e7:
3e:8b:1b:f1:65:5c:31:80:8a:2c:e2:9c:70:57:f6:
b8:a1:5e:ea:75:68:af:c2:84:4e:bc:fc:e0:ac:17:
b7:45:c4:0e:e4:2d:61:bd:83:bc:91:e7:ae:c0:dd:
65:d4:4a:8f:55:33:79:6b:38:49:c2:8b:01:a4:65:
6b:e4:26:ac:e9:dd:5d:01:4f:bc:18:3d:9f:c4:7b:
98:8c:f6:a8:78:a8:26:2c:ff:22:cc:f8:43:6d:d9:
77:05:85:d6:0f:69:17:2e:9c:cf:d7:36:9c:b2:0e:
5b:d3:50:e0:2c:11:6c:f5:d3:7d:00:46:6a:1d:ee:
aa:27:4d:4b:75:e1:49:ca:49:90:65:6d:fd:c3:60:
ea:d5:f4:6d:67:3a:a0:75:2c:21:cf:f0:79:d4:3e:
08:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:EA:07:D3:B9:6B:8E:2A:14:6D:8A:1B:42:FD:B6:20:15:31:59:1E
X509v3 Authority Key Identifier:
keyid:0E:64:F8:1B:9E:36:B8:49:91:77:87:67:8D:01:4D:B4:BF:CE:F3:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DmT4G542uEmRd4dnjQFNtL_O8xE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/594d25-f1c6-4044-a8a7-c8f182e95ea5/1/NuoH07lrjioUbYobQv22IBUxWR4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/594d25-f1c6-4044-a8a7-c8f182e95ea5/1/DmT4G542uEmRd4dnjQFNtL_O8xE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.19.0/24
146.19.163.0/24
194.50.154.0/24
IPv6:
2a12:a300::/29
2a14:1f80::/29
Signature Algorithm: sha256WithRSAEncryption
22:15:4f:ba:a1:f6:53:80:02:e4:b2:54:a9:89:a3:80:c3:f3:
0c:83:01:10:87:b3:56:7c:7e:e4:77:17:55:99:90:ae:97:4f:
61:97:bc:70:f2:c4:bb:b3:11:d3:e9:65:1f:94:2f:2a:de:f3:
67:ab:94:06:0f:a1:01:32:aa:28:0b:5a:eb:a5:c1:b8:b2:02:
dc:86:fb:4f:d8:fc:88:44:23:72:a4:8d:3b:6f:f7:17:b2:e3:
53:d8:91:b4:53:5d:ab:e1:c0:be:5d:78:8f:fa:d3:57:ea:70:
c2:88:9b:7b:e2:e3:c5:de:31:df:85:0b:56:4a:cc:96:5a:4c:
ff:70:5c:ea:3a:30:69:0e:8c:9b:9f:30:e2:a4:61:bb:64:dd:
63:7f:86:c4:c3:d1:16:d8:02:f7:59:36:f6:fc:42:86:15:b7:
ac:f5:61:70:59:4b:e6:c9:cd:47:5b:1c:8a:6b:ce:f3:14:e7:
5f:b9:66:6c:5c:e3:01:3b:59:d3:00:22:6d:c4:76:d2:60:40:
3b:1b:09:24:3f:9b:3f:2d:97:ce:65:fc:d6:ba:1d:61:93:5c:
7e:75:db:70:06:43:98:b2:f2:71:03:3a:5b:b3:9e:57:db:56:
80:76:0c:79:31:af:cc:5d:5d:15:45:32:6d:b6:f8:fb:15:53:
0d:6f:db:3f
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYzO+r3kDQiC/zahaDDzKHLJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlNjRmODFiOWUzNmI4NDk5MTc3ODc2NzhkMDE0ZGI0YmZj
ZWYzMTEwHhcNMjQwMTAzMTA1OTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmVhMDdkM2I5NmI4ZTJhMTQ2ZDhhMWI0MmZkYjYyMDE1MzE1OTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmq+hzZFSB4WaQKYr2MnFHJR4SfMC
tMQRYAC3jn2uhYUoIIIhCrFa3E9sobKemwktBdpC1+AKmKfYHTGCHb1t7n6ov740
Piq0hojiKLYDBeHTM5AjozR7NU9KfbXxPorHDlhbON+rqec+ixvxZVwxgIos4pxw
V/a4oV7qdWivwoROvPzgrBe3RcQO5C1hvYO8keeuwN1l1EqPVTN5azhJwosBpGVr
5Cas6d1dAU+8GD2fxHuYjPaoeKgmLP8izPhDbdl3BYXWD2kXLpzP1zacsg5b01Dg
LBFs9dN9AEZqHe6qJ01LdeFJykmQZW39w2Dq1fRtZzqgdSwhz/B51D4ICQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFDbqB9O5a44qFG2KG0L9tiAVMVkeMB8GA1UdIwQY
MBaAFA5k+BueNrhJkXeHZ40BTbS/zvMRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRG1UNEc1NDJ1RW1SZDRkbmpRRk50TF9POHhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy81OTRkMjUtZjFjNi00MDQ0LWE4YTct
YzhmMTgyZTk1ZWE1LzEvTnVvSDA3bHJqaW9VYllvYlF2MjJJQlV4V1I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy81OTRkMjUtZjFjNi00MDQ0LWE4YTctYzhmMTgyZTk1ZWE1
LzEvRG1UNEc1NDJ1RW1SZDRkbmpRRk50TF9POHhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQAkhMTAwQA
khOjAwQAwjKaMBQEAgACMA4DBQMqEqMAAwUDKhQfgDANBgkqhkiG9w0BAQsFAAOC
AQEAIhVPuqH2U4AC5LJUqYmjgMPzDIMBEIezVnx+5HcXVZmQrpdPYZe8cPLEu7MR
0+llH5QvKt7zZ6uUBg+hATKqKAta66XBuLIC3Ib7T9j8iEQjcqSNO2/3F7LjU9iR
tFNdq+HAvl14j/rTV+pwwoibe+Ljxd4x34ULVkrMllpM/3Bc6jowaQ6Mm58w4qRh
u2TdY3+GxMPRFtgC91k29vxChhW3rPVhcFlL5snNR1scimvO8xTnX7lmbFzjATtZ
0wAibcR20mBAOxsJJD+bPy2XzmX81rodYZNcfnXbcAZDmLLycQM6W7OeV9tWgHYM
eTGvzF1dFUUybbb4+xVTDW/bPw==
-----END CERTIFICATE-----
Generated at Fri Jun 7 22:50:49 2024 by rpki-client on console-fra.rpki-client.org