Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/acf2a2-4d52-40cd-a5f8-59591389e242/1/ntWSHdVqZKkq_t_Tn9Fapj1GmCo.roa
File: ntWSHdVqZKkq_t_Tn9Fapj1GmCo.roa (raw, json)
Hash identifier: C02Sf2mfOtxdUFD9gIBa4IizazYZRVERZ3vXVABpZWw=
Subject key identifier: 9E:D5:92:1D:D5:6A:64:A9:2A:FE:DF:D3:9F:D1:5A:A6:3D:46:98:2A
Certificate issuer: /CN=9da4e95d2f4cc34a7376b73c0f039b3e158f5152
Certificate serial: 019016427D0AF2E955BB8B787A2A7AFA9F2C
Authority key identifier: 9D:A4:E9:5D:2F:4C:C3:4A:73:76:B7:3C:0F:03:9B:3E:15:8F:51:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/naTpXS9Mw0pzdrc8DwObPhWPUVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/acf2a2-4d52-40cd-a5f8-59591389e242/1/ntWSHdVqZKkq_t_Tn9Fapj1GmCo.roa
Signing time: Fri 14 Jun 2024 10:19:34 +0000
ROA not before: Fri 14 Jun 2024 10:19:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198504
IP address blocks: 185.19.80.0/24 maxlen: 24
185.19.81.0/24 maxlen: 24
185.19.83.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/acf2a2-4d52-40cd-a5f8-59591389e242/1/naTpXS9Mw0pzdrc8DwObPhWPUVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/acf2a2-4d52-40cd-a5f8-59591389e242/1/naTpXS9Mw0pzdrc8DwObPhWPUVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/naTpXS9Mw0pzdrc8DwObPhWPUVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Jun 2024 10:19:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:16:42:7d:0a:f2:e9:55:bb:8b:78:7a:2a:7a:fa:9f:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9da4e95d2f4cc34a7376b73c0f039b3e158f5152
Validity
Not Before: Jun 14 10:19:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9ed5921dd56a64a92afedfd39fd15aa63d46982a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:91:7b:e1:67:a9:86:20:e9:31:da:c0:37:ee:
14:b5:76:ff:f0:c4:6b:6d:aa:d5:c8:ab:f7:33:58:
95:e8:cf:96:c9:14:76:68:30:e0:c9:17:b3:a1:47:
7e:a4:32:0d:47:2b:b2:03:ad:18:51:8e:37:32:e7:
1c:7f:78:c6:af:b2:61:8c:32:2b:88:17:b7:85:a8:
27:ac:58:9d:4a:fe:8f:2b:cb:a1:9a:cb:c7:f2:74:
7b:7c:b3:56:7f:d4:e9:06:1d:d5:5a:0a:77:53:80:
41:88:31:71:4d:85:ee:3b:0f:6f:64:9f:6d:51:fb:
e3:72:5f:c6:bf:2e:47:a8:fc:df:d9:12:bf:f6:e0:
39:be:be:96:c3:fb:d4:0f:de:db:1d:e4:b1:f3:2f:
40:72:25:aa:6e:7b:11:ee:12:c6:d5:70:1b:ab:81:
2c:b0:a7:99:86:a7:01:ef:49:0d:ed:48:c6:06:a0:
86:e7:77:e9:6c:45:3a:5e:0b:02:0f:88:fc:70:5f:
82:b1:70:c7:b7:cc:70:5a:8b:df:73:19:03:73:9b:
0d:48:1e:6f:05:4a:7e:09:40:b4:3a:88:51:16:8d:
01:e0:07:a6:28:37:3c:6e:8e:83:f0:f0:7d:e0:06:
2d:cb:f7:5f:f0:6b:d6:b6:c0:cf:c0:41:2b:d5:57:
c3:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:D5:92:1D:D5:6A:64:A9:2A:FE:DF:D3:9F:D1:5A:A6:3D:46:98:2A
X509v3 Authority Key Identifier:
keyid:9D:A4:E9:5D:2F:4C:C3:4A:73:76:B7:3C:0F:03:9B:3E:15:8F:51:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/naTpXS9Mw0pzdrc8DwObPhWPUVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/acf2a2-4d52-40cd-a5f8-59591389e242/1/ntWSHdVqZKkq_t_Tn9Fapj1GmCo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/acf2a2-4d52-40cd-a5f8-59591389e242/1/naTpXS9Mw0pzdrc8DwObPhWPUVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.19.80.0/23
185.19.83.0/24
Signature Algorithm: sha256WithRSAEncryption
03:d3:88:e1:1c:fe:e8:9d:44:6d:93:c3:14:a5:86:72:05:4b:
ac:1d:f7:6c:23:bd:a0:b6:29:fc:e8:17:26:db:58:0d:7f:09:
2d:a5:b7:da:fb:5f:c9:6e:35:93:48:21:66:b0:df:90:9b:40:
73:32:dd:ee:92:c7:f3:08:f9:24:01:9d:ae:41:b1:19:02:8d:
de:8a:f6:9d:04:36:b2:4f:8d:11:64:b9:3f:2b:8e:af:f3:4c:
08:9e:b6:fe:ae:7f:9b:f7:a4:97:22:ec:44:d3:e0:84:dd:20:
3d:cc:03:fb:d4:61:93:33:4d:1b:02:47:dc:5a:20:a3:1a:82:
82:9f:8e:62:73:e7:d8:79:bc:6d:58:0e:66:c5:23:eb:85:6e:
09:7e:92:80:c0:9f:8a:2b:8d:4e:45:28:f3:11:00:79:82:40:
36:56:53:9f:46:8e:5b:c7:87:cb:aa:bc:22:f5:72:12:f9:f1:
3a:fe:f1:c2:68:60:da:d3:23:64:b7:5d:48:9d:eb:cc:87:cb:
1d:83:9e:97:a1:60:c5:8c:8a:75:a1:f3:63:43:93:a9:b9:58:
8a:93:fc:01:e0:d4:95:9f:de:d2:c8:bd:b2:81:71:de:4b:64:
13:82:5b:83:7e:12:75:31:74:86:dd:83:50:d5:18:bc:05:4d:
a0:77:3e:5f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZAWQn0K8ulVu4t4eip6+p8sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkYTRlOTVkMmY0Y2MzNGE3Mzc2YjczYzBmMDM5YjNlMTU4
ZjUxNTIwHhcNMjQwNjE0MTAxOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWQ1OTIxZGQ1NmE2NGE5MmFmZWRmZDM5ZmQxNWFhNjNkNDY5ODJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZF74WephiDpMdrAN+4UtXb/8MRr
barVyKv3M1iV6M+WyRR2aDDgyRezoUd+pDINRyuyA60YUY43Muccf3jGr7JhjDIr
iBe3hagnrFidSv6PK8uhmsvH8nR7fLNWf9TpBh3VWgp3U4BBiDFxTYXuOw9vZJ9t
Ufvjcl/Gvy5HqPzf2RK/9uA5vr6Ww/vUD97bHeSx8y9AciWqbnsR7hLG1XAbq4Es
sKeZhqcB70kN7UjGBqCG53fpbEU6XgsCD4j8cF+CsXDHt8xwWovfcxkDc5sNSB5v
BUp+CUC0OohRFo0B4AemKDc8bo6D8PB94AYty/df8GvWtsDPwEEr1VfDUwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJ7Vkh3VamSpKv7f05/RWqY9RpgqMB8GA1UdIwQY
MBaAFJ2k6V0vTMNKc3a3PA8Dmz4Vj1FSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmFUcFhTOU13MHB6ZHJjOER3T2JQaFdQVVZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9hY2YyYTItNGQ1Mi00MGNkLWE1Zjgt
NTk1OTEzODllMjQyLzEvbnRXU0hkVnFaS2txX3RfVG45RmFwajFHbUNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9hY2YyYTItNGQ1Mi00MGNkLWE1ZjgtNTk1OTEzODllMjQy
LzEvbmFUcFhTOU13MHB6ZHJjOER3T2JQaFdQVVZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuRNQAwQA
uRNTMA0GCSqGSIb3DQEBCwUAA4IBAQAD04jhHP7onURtk8MUpYZyBUusHfdsI72g
tin86Bcm21gNfwktpbfa+1/JbjWTSCFmsN+Qm0BzMt3uksfzCPkkAZ2uQbEZAo3e
ivadBDayT40RZLk/K46v80wInrb+rn+b96SXIuxE0+CE3SA9zAP71GGTM00bAkfc
WiCjGoKCn45ic+fYebxtWA5mxSPrhW4JfpKAwJ+KK41ORSjzEQB5gkA2VlOfRo5b
x4fLqrwi9XIS+fE6/vHCaGDa0yNkt11InevMh8sdg56XoWDFjIp1ofNjQ5OpuViK
k/wB4NSVn97SyL2ygXHeS2QTgluDfhJ1MXSG3YNQ1Ri8BU2gdz5f
-----END CERTIFICATE-----
Generated at Fri Jun 14 12:33:52 2024 by rpki-client on console-fra.rpki-client.org