Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/d6ad96-5478-40f7-b1ac-6c72092c0f18/1/nFIARbRxs9TrOFR1SKAC63wEeoE.roa
File: nFIARbRxs9TrOFR1SKAC63wEeoE.roa (raw, json)
Hash identifier: XQxDh/pUfvMtVRPjgox1jT1r27lxo6IvodybsFCgtaI=
Subject key identifier: 9C:52:00:45:B4:71:B3:D4:EB:38:54:75:48:A0:02:EB:7C:04:7A:81
Certificate issuer: /CN=c76b082f17c20b5dba245cea6e4e6e9c6099cef7
Certificate serial: 018CC79531D269F9CA02097BA24573E423D2
Authority key identifier: C7:6B:08:2F:17:C2:0B:5D:BA:24:5C:EA:6E:4E:6E:9C:60:99:CE:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x2sILxfCC126JFzqbk5unGCZzvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/d6ad96-5478-40f7-b1ac-6c72092c0f18/1/nFIARbRxs9TrOFR1SKAC63wEeoE.roa
Signing time: Tue 02 Jan 2024 00:31:32 +0000
ROA not before: Tue 02 Jan 2024 00:31:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201587
IP address blocks: 185.72.116.0/22 maxlen: 22
2a04:5980::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/d6ad96-5478-40f7-b1ac-6c72092c0f18/1/x2sILxfCC126JFzqbk5unGCZzvc.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/d6ad96-5478-40f7-b1ac-6c72092c0f18/1/x2sILxfCC126JFzqbk5unGCZzvc.mft
rsync://rpki.ripe.net/repository/DEFAULT/x2sILxfCC126JFzqbk5unGCZzvc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:31:d2:69:f9:ca:02:09:7b:a2:45:73:e4:23:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c76b082f17c20b5dba245cea6e4e6e9c6099cef7
Validity
Not Before: Jan 2 00:31:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c520045b471b3d4eb38547548a002eb7c047a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:e1:1b:2d:1f:a0:06:2b:21:00:4b:dd:b9:9d:
25:64:87:7c:0f:fa:3c:ab:0a:a9:26:73:57:6d:bb:
d3:e3:28:c8:9f:1c:71:04:b5:29:f5:72:a4:f7:f8:
d3:97:94:eb:c9:52:49:69:38:7b:f8:f8:2c:e2:bc:
d3:0f:2d:fd:4c:82:47:a8:1f:aa:cb:b0:a8:2f:bd:
12:3a:8e:5f:36:af:0b:7a:04:6b:a6:a9:a1:51:f9:
fd:c5:f0:92:d8:55:e0:7f:0f:01:db:90:2b:54:e0:
27:98:3c:02:9e:f8:bd:c5:89:cf:a3:45:ae:b5:29:
44:4a:22:a4:02:3f:b6:18:ea:51:fe:d1:a8:c4:28:
89:f4:5d:ce:5f:29:10:4c:a8:ef:29:01:91:21:31:
9b:19:a8:2e:8f:31:82:41:a2:e3:dc:45:14:7e:04:
7e:0c:41:ea:b2:f7:5e:0d:0c:56:b1:b5:59:bd:31:
8c:f2:b7:7d:6a:e9:dc:5b:bc:6b:a1:3b:c4:0b:93:
b2:40:7c:fd:07:9a:bb:7c:92:e8:8d:11:2b:23:4a:
3c:01:47:96:a5:7e:7f:d1:e5:f6:bc:1c:b6:eb:70:
63:62:b4:d2:97:fe:b0:7d:2d:b5:16:cc:af:e2:ca:
4e:6e:bc:bb:e5:62:04:c8:9b:a8:85:43:ab:be:45:
e0:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:52:00:45:B4:71:B3:D4:EB:38:54:75:48:A0:02:EB:7C:04:7A:81
X509v3 Authority Key Identifier:
keyid:C7:6B:08:2F:17:C2:0B:5D:BA:24:5C:EA:6E:4E:6E:9C:60:99:CE:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x2sILxfCC126JFzqbk5unGCZzvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d6ad96-5478-40f7-b1ac-6c72092c0f18/1/nFIARbRxs9TrOFR1SKAC63wEeoE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d6ad96-5478-40f7-b1ac-6c72092c0f18/1/x2sILxfCC126JFzqbk5unGCZzvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.116.0/22
IPv6:
2a04:5980::/29
Signature Algorithm: sha256WithRSAEncryption
6a:91:f1:27:7e:5b:89:ae:55:25:17:62:9e:f7:60:1f:70:ee:
54:26:5f:00:0c:3b:4e:db:ff:3a:23:34:9f:10:55:52:99:41:
e1:d8:f5:35:e3:7d:ec:c2:2a:d8:65:3b:a0:3e:09:a2:e1:63:
38:af:cb:dd:cd:0a:2f:f8:cf:5e:e4:39:64:b9:7d:29:2a:fe:
8d:2c:ba:91:83:48:a3:2f:5c:e3:d2:4c:99:1e:61:00:78:95:
78:ec:48:37:fc:c5:85:0b:1f:c2:54:6d:02:bb:a1:bb:ee:cd:
0a:cc:18:c7:98:df:b4:a1:96:1c:70:f4:59:60:a7:43:e8:b4:
c9:24:cb:cf:4a:fd:06:88:d6:c1:59:e5:33:ed:0a:a3:4b:4c:
50:fc:7e:62:53:91:61:e7:df:7b:9d:89:c9:93:60:a1:b2:1f:
08:9d:8e:24:76:51:d0:20:fa:8e:44:1a:98:19:83:d9:40:5b:
76:14:07:3c:40:80:a3:70:a5:e0:05:cc:95:28:53:96:aa:0f:
c9:c7:b6:e8:c3:65:64:a8:15:01:33:fc:a2:75:ff:a3:f0:2a:
30:3b:2a:05:72:31:03:93:d3:33:81:6d:ee:c9:5f:45:26:49:
76:17:d5:58:c6:d7:8c:79:a5:7f:50:67:ed:fa:32:8b:5a:a2:
1a:77:03:6d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHlTHSafnKAgl7okVz5CPSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NmIwODJmMTdjMjBiNWRiYTI0NWNlYTZlNGU2ZTljNjA5
OWNlZjcwHhcNMjQwMTAyMDAzMTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzUyMDA0NWI0NzFiM2Q0ZWIzODU0NzU0OGEwMDJlYjdjMDQ3YTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyuEbLR+gBishAEvduZ0lZId8D/o8
qwqpJnNXbbvT4yjInxxxBLUp9XKk9/jTl5TryVJJaTh7+Pgs4rzTDy39TIJHqB+q
y7CoL70SOo5fNq8LegRrpqmhUfn9xfCS2FXgfw8B25ArVOAnmDwCnvi9xYnPo0Wu
tSlESiKkAj+2GOpR/tGoxCiJ9F3OXykQTKjvKQGRITGbGagujzGCQaLj3EUUfgR+
DEHqsvdeDQxWsbVZvTGM8rd9auncW7xroTvEC5OyQHz9B5q7fJLojRErI0o8AUeW
pX5/0eX2vBy263BjYrTSl/6wfS21Fsyv4spObry75WIEyJuohUOrvkXggQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJxSAEW0cbPU6zhUdUigAut8BHqBMB8GA1UdIwQY
MBaAFMdrCC8XwgtduiRc6m5Obpxgmc73MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDJzSUx4ZkNDMTI2SkZ6cWJrNXVuR0NaenZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9kNmFkOTYtNTQ3OC00MGY3LWIxYWMt
NmM3MjA5MmMwZjE4LzEvbkZJQVJiUnhzOVRyT0ZSMVNLQUM2M3dFZW9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9kNmFkOTYtNTQ3OC00MGY3LWIxYWMtNmM3MjA5MmMwZjE4
LzEveDJzSUx4ZkNDMTI2SkZ6cWJrNXVuR0NaenZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuUh0MA0E
AgACMAcDBQMqBFmAMA0GCSqGSIb3DQEBCwUAA4IBAQBqkfEnfluJrlUlF2Ke92Af
cO5UJl8ADDtO2/86IzSfEFVSmUHh2PU1433swirYZTugPgmi4WM4r8vdzQov+M9e
5DlkuX0pKv6NLLqRg0ijL1zj0kyZHmEAeJV47Eg3/MWFCx/CVG0Cu6G77s0KzBjH
mN+0oZYccPRZYKdD6LTJJMvPSv0GiNbBWeUz7QqjS0xQ/H5iU5Fh5997nYnJk2Ch
sh8InY4kdlHQIPqORBqYGYPZQFt2FAc8QICjcKXgBcyVKFOWqg/Jx7bow2VkqBUB
M/yidf+j8CowOyoFcjEDk9MzgW3uyV9FJkl2F9VYxteMeaV/UGft+jKLWqIadwNt
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:35:45 2024 by rpki-client on console-ams.rpki-client.org