Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/e00d1e-4a18-4956-82a4-190a5c8d9d95/1/nGzM67sFUVGf7p-Tv5Osrss6IMA.roa
File: nGzM67sFUVGf7p-Tv5Osrss6IMA.roa (raw, json)
Hash identifier: t7KIdsX+s8gbvEt1kEdBiDFbsuwD6S6kATsCB7h68+0=
Subject key identifier: 9C:6C:CC:EB:BB:05:51:51:9F:EE:9F:93:BF:93:AC:AE:CB:3A:20:C0
Certificate issuer: /CN=90afdcff7de3a65947631f92c67e272767194478
Certificate serial: 018CC4244EF04C4508BBB4F68BA00A0F78BA
Authority key identifier: 90:AF:DC:FF:7D:E3:A6:59:47:63:1F:92:C6:7E:27:27:67:19:44:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kK_c_33jpllHYx-Sxn4nJ2cZRHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/e00d1e-4a18-4956-82a4-190a5c8d9d95/1/nGzM67sFUVGf7p-Tv5Osrss6IMA.roa
Signing time: Mon 01 Jan 2024 08:29:23 +0000
ROA not before: Mon 01 Jan 2024 08:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199441
IP address blocks: 195.192.236.0/22 maxlen: 24
185.14.128.0/23 maxlen: 24
185.14.130.0/24 maxlen: 24
185.14.131.0/24 maxlen: 24
2a03:a240:2::/48 maxlen: 48
2a03:a240::/47 maxlen: 48
2a03:a240:3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/e00d1e-4a18-4956-82a4-190a5c8d9d95/1/kK_c_33jpllHYx-Sxn4nJ2cZRHg.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/e00d1e-4a18-4956-82a4-190a5c8d9d95/1/kK_c_33jpllHYx-Sxn4nJ2cZRHg.mft
rsync://rpki.ripe.net/repository/DEFAULT/kK_c_33jpllHYx-Sxn4nJ2cZRHg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 16 Jun 2024 04:02:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:4e:f0:4c:45:08:bb:b4:f6:8b:a0:0a:0f:78:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90afdcff7de3a65947631f92c67e272767194478
Validity
Not Before: Jan 1 08:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c6cccebbb0551519fee9f93bf93acaecb3a20c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:fa:d5:ca:1a:bc:f1:28:89:48:79:05:aa:23:
15:fa:c4:b2:c3:fd:bb:5d:bf:2c:eb:d5:26:3d:d4:
5b:29:69:db:e0:ac:5c:c9:b2:84:be:65:62:9f:c0:
dc:e6:a6:53:6d:59:65:77:59:30:3c:ef:9f:40:c4:
80:6e:63:6f:9c:2e:2b:9b:a9:66:70:dc:45:d8:e4:
53:e5:f0:93:e1:06:d9:78:ff:00:ac:a3:a1:7b:e1:
1d:1f:a2:59:77:9b:e1:20:9e:5e:5d:67:80:6c:a7:
86:71:01:b7:ac:4a:4a:a9:61:25:e9:ec:b3:a5:94:
da:64:54:70:46:cc:cf:87:1e:ff:30:3f:ef:b3:fd:
5e:b7:18:44:ae:8d:6a:55:24:e8:89:f1:08:dd:13:
20:a3:18:c8:c4:70:89:18:5d:ff:7b:41:8f:3b:b4:
33:fa:3f:87:b3:0b:25:2a:bf:a1:2e:ad:7b:b0:40:
be:74:34:54:d3:a4:2a:74:4c:39:af:6d:2f:ee:d3:
3b:b5:bd:08:24:79:92:e9:23:59:0c:02:dd:01:0a:
0d:37:52:9a:c4:89:44:f8:f0:33:48:e9:82:8b:0b:
fb:be:02:5d:40:7a:07:00:5f:94:1a:8d:fc:5a:30:
70:c4:b3:12:6c:a0:cd:42:96:0c:99:21:32:f5:93:
eb:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:6C:CC:EB:BB:05:51:51:9F:EE:9F:93:BF:93:AC:AE:CB:3A:20:C0
X509v3 Authority Key Identifier:
keyid:90:AF:DC:FF:7D:E3:A6:59:47:63:1F:92:C6:7E:27:27:67:19:44:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kK_c_33jpllHYx-Sxn4nJ2cZRHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/e00d1e-4a18-4956-82a4-190a5c8d9d95/1/nGzM67sFUVGf7p-Tv5Osrss6IMA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/e00d1e-4a18-4956-82a4-190a5c8d9d95/1/kK_c_33jpllHYx-Sxn4nJ2cZRHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.14.128.0/22
195.192.236.0/22
IPv6:
2a03:a240::/46
Signature Algorithm: sha256WithRSAEncryption
23:b1:ca:49:4e:87:70:50:fb:63:e4:ba:b1:6c:db:7e:0e:b6:
75:ba:16:ca:d2:06:e6:20:2f:a7:0c:e3:2b:e8:2e:0a:49:c5:
ec:ec:bc:a8:de:0e:11:4f:ce:5b:e0:9d:6d:e8:f2:f2:eb:a5:
f2:61:71:3f:16:ed:be:78:8a:4c:9e:73:27:28:85:f0:c9:10:
dd:2b:db:92:c5:d3:9f:4f:c4:74:9b:1d:6e:b0:60:0b:d2:80:
a0:a1:c1:1e:82:bf:d1:af:de:12:99:53:21:81:45:22:76:2d:
84:37:0c:06:f6:51:6e:7c:41:a2:8a:63:df:6a:70:c1:78:93:
98:0d:06:40:a2:f2:88:f7:aa:36:47:61:a8:ec:1c:5b:9d:09:
f4:95:87:6a:42:6e:9b:eb:a0:f5:ad:b6:50:b1:ec:37:7d:10:
76:fd:9f:c2:ac:4c:67:99:66:99:cd:35:3f:2a:29:6c:9a:f9:
c2:b6:ee:ee:92:02:f2:7a:8b:74:3c:b3:9a:45:2d:f3:43:eb:
43:29:a4:6c:ee:3a:17:7d:9e:0f:3e:50:53:c8:c9:24:18:73:
10:c5:85:e6:3e:27:2a:73:41:36:14:0e:82:4a:b6:39:54:56:
73:fe:ce:de:7a:5c:02:81:7a:63:f9:fa:2a:73:b8:95:a2:fe:
85:01:6c:88
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzEJE7wTEUIu7T2i6AKD3i6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwYWZkY2ZmN2RlM2E2NTk0NzYzMWY5MmM2N2UyNzI3Njcx
OTQ0NzgwHhcNMjQwMTAxMDgyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzZjY2NlYmJiMDU1MTUxOWZlZTlmOTNiZjkzYWNhZWNiM2EyMGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl/rVyhq88SiJSHkFqiMV+sSyw/27
Xb8s69UmPdRbKWnb4KxcybKEvmVin8Dc5qZTbVlld1kwPO+fQMSAbmNvnC4rm6lm
cNxF2ORT5fCT4QbZeP8ArKOhe+EdH6JZd5vhIJ5eXWeAbKeGcQG3rEpKqWEl6eyz
pZTaZFRwRszPhx7/MD/vs/1etxhEro1qVSToifEI3RMgoxjIxHCJGF3/e0GPO7Qz
+j+HswslKr+hLq17sEC+dDRU06QqdEw5r20v7tM7tb0IJHmS6SNZDALdAQoNN1Ka
xIlE+PAzSOmCiwv7vgJdQHoHAF+UGo38WjBwxLMSbKDNQpYMmSEy9ZPr8wIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFJxszOu7BVFRn+6fk7+TrK7LOiDAMB8GA1UdIwQY
MBaAFJCv3P9946ZZR2MfksZ+JydnGUR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0tfY18zM2pwbGxIWXgtU3huNG5KMmNaUkhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9lMDBkMWUtNGExOC00OTU2LTgyYTQt
MTkwYTVjOGQ5ZDk1LzEvbkd6TTY3c0ZVVkdmN3AtVHY1T3Nyc3M2SU1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9lMDBkMWUtNGExOC00OTU2LTgyYTQtMTkwYTVjOGQ5ZDk1
LzEva0tfY18zM2pwbGxIWXgtU3huNG5KMmNaUkhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCuQ6AAwQC
w8DsMA8EAgACMAkDBwIqA6JAAAAwDQYJKoZIhvcNAQELBQADggEBACOxyklOh3BQ
+2PkurFs234OtnW6FsrSBuYgL6cM4yvoLgpJxezsvKjeDhFPzlvgnW3o8vLrpfJh
cT8W7b54ikyecycohfDJEN0r25LF059PxHSbHW6wYAvSgKChwR6Cv9Gv3hKZUyGB
RSJ2LYQ3DAb2UW58QaKKY99qcMF4k5gNBkCi8oj3qjZHYajsHFudCfSVh2pCbpvr
oPWttlCx7Dd9EHb9n8KsTGeZZpnNNT8qKWya+cK27u6SAvJ6i3Q8s5pFLfND60Mp
pGzuOhd9ng8+UFPIySQYcxDFheY+JypzQTYUDoJKtjlUVnP+zt56XAKBemP5+ipz
uJWi/oUBbIg=
-----END CERTIFICATE-----
Generated at Sat Jun 15 13:54:41 2024 by rpki-client on console-ams.rpki-client.org