Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/ab586e-4b2a-47f6-ace8-d292ab7ce9fa/1/NgiZIvgfSE3gRbXKWGjL7-RX4JA.roa
File: NgiZIvgfSE3gRbXKWGjL7-RX4JA.roa (raw, json)
Hash identifier: s1nxacAoqwvGw7o6uKwGOjxFDbTY351bALOZ7RPT8kE=
Subject key identifier: 36:08:99:22:F8:1F:48:4D:E0:45:B5:CA:58:68:CB:EF:E4:57:E0:90
Certificate issuer: /CN=0350df78fc785813724ec66648df9b494f9b8da7
Certificate serial: 018CC6B8664E98004657A0BA086D1CBBD07D
Authority key identifier: 03:50:DF:78:FC:78:58:13:72:4E:C6:66:48:DF:9B:49:4F:9B:8D:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A1DfePx4WBNyTsZmSN-bSU-bjac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/ab586e-4b2a-47f6-ace8-d292ab7ce9fa/1/NgiZIvgfSE3gRbXKWGjL7-RX4JA.roa
Signing time: Mon 01 Jan 2024 20:30:22 +0000
ROA not before: Mon 01 Jan 2024 20:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59905
IP address blocks: 185.92.125.0/24 maxlen: 24
185.92.126.0/24 maxlen: 24
185.92.127.0/24 maxlen: 24
91.220.77.0/24 maxlen: 24
185.49.220.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/ab586e-4b2a-47f6-ace8-d292ab7ce9fa/1/A1DfePx4WBNyTsZmSN-bSU-bjac.crl
rsync://rpki.ripe.net/repository/DEFAULT/1b/ab586e-4b2a-47f6-ace8-d292ab7ce9fa/1/A1DfePx4WBNyTsZmSN-bSU-bjac.mft
rsync://rpki.ripe.net/repository/DEFAULT/A1DfePx4WBNyTsZmSN-bSU-bjac.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 31 May 2024 13:21:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:66:4e:98:00:46:57:a0:ba:08:6d:1c:bb:d0:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0350df78fc785813724ec66648df9b494f9b8da7
Validity
Not Before: Jan 1 20:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=36089922f81f484de045b5ca5868cbefe457e090
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:36:00:6e:17:3d:9e:99:ec:b6:52:bf:91:7e:
70:30:5a:6b:56:8c:be:74:a3:65:2c:99:a6:36:db:
85:51:c3:3c:ef:2f:86:24:28:5e:11:13:2a:36:26:
fb:91:d8:d7:01:75:65:cf:3b:ce:ef:bf:72:70:56:
af:f7:23:f5:00:df:b7:b0:fe:46:1b:bc:bc:b3:dd:
77:9a:60:f8:da:41:3b:bf:35:ac:c0:55:0b:5b:f9:
cc:0a:75:70:ce:64:fd:1c:f3:89:fb:f0:b5:3a:b4:
51:8e:b1:c7:d3:40:ac:0b:9b:d0:21:6d:5a:eb:04:
36:dc:4a:94:f9:49:ae:da:93:d0:b4:aa:cd:bb:98:
1d:77:59:8d:99:b2:73:76:1e:22:cd:d3:e5:96:ff:
9c:ee:a3:25:9e:42:ee:65:5a:6b:a4:ec:da:07:53:
47:14:2b:e5:03:80:52:0b:64:ca:4a:d6:7b:01:65:
f8:b7:be:55:a3:22:73:9c:31:4a:05:9a:a3:4a:26:
a1:44:05:9c:31:a5:45:62:ea:53:eb:74:fa:bf:c0:
5c:77:07:4d:e1:6c:fc:02:66:f5:5f:22:59:7a:5f:
9d:10:1f:1a:9f:5c:71:2d:bd:0f:1e:43:7a:8f:16:
2b:e9:fc:bf:de:c6:e1:7d:42:66:78:c3:b4:b7:e5:
48:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:08:99:22:F8:1F:48:4D:E0:45:B5:CA:58:68:CB:EF:E4:57:E0:90
X509v3 Authority Key Identifier:
keyid:03:50:DF:78:FC:78:58:13:72:4E:C6:66:48:DF:9B:49:4F:9B:8D:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A1DfePx4WBNyTsZmSN-bSU-bjac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/ab586e-4b2a-47f6-ace8-d292ab7ce9fa/1/NgiZIvgfSE3gRbXKWGjL7-RX4JA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/ab586e-4b2a-47f6-ace8-d292ab7ce9fa/1/A1DfePx4WBNyTsZmSN-bSU-bjac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.77.0/24
185.49.220.0/22
185.92.125.0-185.92.127.255
Signature Algorithm: sha256WithRSAEncryption
2c:f4:47:c0:6a:35:d1:d6:a1:c3:d6:1e:bd:db:ed:dd:46:9a:
d8:2b:7d:bc:78:ce:5f:f8:c2:4d:eb:03:d6:23:e8:ea:54:cc:
4c:7a:07:1f:4d:39:5f:96:c4:65:07:79:0c:0d:50:87:e7:bf:
be:76:18:2d:0f:17:7a:ac:10:1d:d0:dc:de:61:59:24:cc:03:
79:65:ff:5d:30:f0:91:56:5c:01:08:90:77:69:7e:85:24:22:
46:bb:7b:5b:f0:64:6a:e6:ff:3d:43:d3:19:b8:16:d7:fe:f1:
d1:de:50:8a:05:c4:1d:09:39:cc:f2:a2:b3:cc:e0:c2:f0:9c:
c5:bf:64:33:74:88:49:bc:b2:65:c9:90:d7:23:62:0f:c2:06:
bb:07:99:a9:2f:86:3b:c1:6a:80:70:3d:77:95:b8:a0:72:9e:
0e:3f:16:89:e0:cb:ec:3b:7a:66:86:da:34:a2:18:c0:08:8e:
3e:48:b6:8d:e3:87:a7:f4:12:a2:f4:6c:e8:56:00:df:c4:9e:
4e:97:23:2d:c8:df:92:53:5d:1c:d0:fb:76:9d:72:40:86:5b:
8f:60:12:27:f4:60:ce:79:17:f1:61:07:6a:0d:8f:fa:f3:98:
cd:0e:0c:33:a6:2f:17:d5:f4:72:22:d4:d3:4f:7f:3e:40:f4:
41:be:3e:d6
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzGuGZOmABGV6C6CG0cu9B9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzNTBkZjc4ZmM3ODU4MTM3MjRlYzY2NjQ4ZGY5YjQ5NGY5
YjhkYTcwHhcNMjQwMTAxMjAzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjA4OTkyMmY4MWY0ODRkZTA0NWI1Y2E1ODY4Y2JlZmU0NTdlMDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhjYAbhc9npnstlK/kX5wMFprVoy+
dKNlLJmmNtuFUcM87y+GJCheERMqNib7kdjXAXVlzzvO779ycFav9yP1AN+3sP5G
G7y8s913mmD42kE7vzWswFULW/nMCnVwzmT9HPOJ+/C1OrRRjrHH00CsC5vQIW1a
6wQ23EqU+Umu2pPQtKrNu5gdd1mNmbJzdh4izdPllv+c7qMlnkLuZVprpOzaB1NH
FCvlA4BSC2TKStZ7AWX4t75VoyJznDFKBZqjSiahRAWcMaVFYupT63T6v8BcdwdN
4Wz8Amb1XyJZel+dEB8an1xxLb0PHkN6jxYr6fy/3sbhfUJmeMO0t+VIfQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFDYImSL4H0hN4EW1ylhoy+/kV+CQMB8GA1UdIwQY
MBaAFANQ33j8eFgTck7GZkjfm0lPm42nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTFEZmVQeDRXQk55VHNabVNOLWJTVS1iamFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi9hYjU4NmUtNGIyYS00N2Y2LWFjZTgt
ZDI5MmFiN2NlOWZhLzEvTmdpWkl2Z2ZTRTNnUmJYS1dHakw3LVJYNEpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi9hYjU4NmUtNGIyYS00N2Y2LWFjZTgtZDI5MmFiN2NlOWZh
LzEvQTFEZmVQeDRXQk55VHNabVNOLWJTVS1iamFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAW9xNAwQC
uTHcMAwDBAC5XH0DBAe5XAAwDQYJKoZIhvcNAQELBQADggEBACz0R8BqNdHWocPW
Hr3b7d1Gmtgrfbx4zl/4wk3rA9Yj6OpUzEx6Bx9NOV+WxGUHeQwNUIfnv752GC0P
F3qsEB3Q3N5hWSTMA3ll/10w8JFWXAEIkHdpfoUkIka7e1vwZGrm/z1D0xm4Ftf+
8dHeUIoFxB0JOczyorPM4MLwnMW/ZDN0iEm8smXJkNcjYg/CBrsHmakvhjvBaoBw
PXeVuKByng4/Fongy+w7emaG2jSiGMAIjj5Ito3jh6f0EqL0bOhWAN/Enk6XIy3I
35JTXRzQ+3adckCGW49gEif0YM55F/FhB2oNj/rzmM0ODDOmLxfV9HIi1NNPfz5A
9EG+PtY=
-----END CERTIFICATE-----
Generated at Thu May 30 20:40:16 2024 by rpki-client on console-fra.rpki-client.org