Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/e82de9-25f4-466e-9c0c-c08997a7a08f/1/NGH-jH7k8xks6blvNgybOYPzwSI.roa
File: NGH-jH7k8xks6blvNgybOYPzwSI.roa (raw, json)
Hash identifier: 9wYriLvGhsbvf+kw8hZNIYQYMnHiZYij1PDvwfhpaIo=
Subject key identifier: 34:61:FE:8C:7E:E4:F3:19:2C:E9:B9:6F:36:0C:9B:39:83:F3:C1:22
Certificate issuer: /CN=814edbd19634cbb91a0d2dafd759d4c9a7e77b7a
Certificate serial: 018CC9BBA9BB2F670D50D24C48730C2491CF
Authority key identifier: 81:4E:DB:D1:96:34:CB:B9:1A:0D:2D:AF:D7:59:D4:C9:A7:E7:7B:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gU7b0ZY0y7kaDS2v11nUyafne3o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/e82de9-25f4-466e-9c0c-c08997a7a08f/1/NGH-jH7k8xks6blvNgybOYPzwSI.roa
Signing time: Tue 02 Jan 2024 10:32:48 +0000
ROA not before: Tue 02 Jan 2024 10:32:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198949
IP address blocks: 45.92.13.0/24 maxlen: 24
45.92.12.0/24 maxlen: 24
45.92.15.0/24 maxlen: 24
45.92.14.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/e82de9-25f4-466e-9c0c-c08997a7a08f/1/gU7b0ZY0y7kaDS2v11nUyafne3o.crl
rsync://rpki.ripe.net/repository/DEFAULT/26/e82de9-25f4-466e-9c0c-c08997a7a08f/1/gU7b0ZY0y7kaDS2v11nUyafne3o.mft
rsync://rpki.ripe.net/repository/DEFAULT/gU7b0ZY0y7kaDS2v11nUyafne3o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:a9:bb:2f:67:0d:50:d2:4c:48:73:0c:24:91:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=814edbd19634cbb91a0d2dafd759d4c9a7e77b7a
Validity
Not Before: Jan 2 10:32:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3461fe8c7ee4f3192ce9b96f360c9b3983f3c122
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:7b:a4:85:e1:40:4f:01:a8:08:36:03:e3:29:
16:27:b4:10:99:84:d4:55:5c:ae:87:7d:b6:3a:e7:
ed:98:11:85:b3:53:1c:ee:d9:65:88:58:6c:4d:6e:
4d:96:12:81:11:10:39:9f:22:4a:9a:b8:21:3d:f9:
b3:e1:ff:cc:e2:85:32:3a:a7:7d:02:d4:f6:c2:a3:
2f:24:de:8b:a1:4d:fa:06:2b:28:9c:8c:ba:3e:2d:
21:b8:65:24:56:8b:fe:f7:b3:fe:45:bd:84:66:93:
ee:6f:8b:db:2d:2f:b5:b1:16:3a:6f:40:51:29:63:
3d:71:1c:8a:0e:79:d3:8e:07:46:60:69:55:d4:29:
e2:3b:32:90:b4:29:24:d6:b0:ba:0e:3c:d6:ce:1c:
6b:53:f0:c4:15:26:c1:91:b1:ad:ae:ae:f8:16:b9:
66:a4:f9:0d:b4:9f:15:ad:47:5e:59:08:c4:1e:e7:
03:b2:0c:10:c7:87:4c:87:16:60:dc:4f:7f:ad:30:
b9:0b:b5:70:2a:f1:69:72:b1:5e:54:6d:5e:dc:aa:
b5:3e:79:0f:f4:13:88:c2:21:2a:2c:66:82:f6:f7:
0e:24:28:f5:1a:ef:2e:e9:65:5a:4b:26:49:ca:ee:
ff:ea:3c:6e:5c:7b:49:4b:1e:89:de:97:da:a8:45:
61:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:61:FE:8C:7E:E4:F3:19:2C:E9:B9:6F:36:0C:9B:39:83:F3:C1:22
X509v3 Authority Key Identifier:
keyid:81:4E:DB:D1:96:34:CB:B9:1A:0D:2D:AF:D7:59:D4:C9:A7:E7:7B:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gU7b0ZY0y7kaDS2v11nUyafne3o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/e82de9-25f4-466e-9c0c-c08997a7a08f/1/NGH-jH7k8xks6blvNgybOYPzwSI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/e82de9-25f4-466e-9c0c-c08997a7a08f/1/gU7b0ZY0y7kaDS2v11nUyafne3o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.92.12.0/22
Signature Algorithm: sha256WithRSAEncryption
8f:48:7e:b1:2e:bc:95:66:38:d7:70:7f:e7:7a:06:e9:d1:55:
8a:af:e2:15:b1:08:4a:1e:4e:70:8a:3d:58:90:01:b6:1d:86:
81:32:2b:77:d3:5c:30:34:4b:3b:ec:4c:c1:16:92:74:a8:0e:
61:53:ca:1e:63:d6:60:f5:2e:f0:81:de:29:39:8d:ca:40:60:
de:04:7c:b9:b4:a2:db:94:9f:92:1e:18:0d:ec:b5:4a:bd:07:
d4:b4:e9:87:21:cf:34:27:ee:a6:b1:b7:e6:76:c6:4a:17:e5:
25:9b:78:52:d5:eb:31:08:a1:07:73:88:39:ff:1b:70:c4:29:
16:ae:64:e4:94:7c:34:6d:11:0f:e0:9b:c6:64:b6:ca:42:7d:
38:ba:f0:c3:b8:bc:a1:de:38:20:3c:ae:60:13:a6:5b:6f:95:
8f:14:3f:d7:be:1d:46:e2:7e:06:ec:52:40:77:98:91:4b:0d:
76:31:5c:ec:69:9c:79:d3:c9:e0:0d:c6:a9:9c:ef:71:6b:0e:
18:33:ed:8a:bc:81:ef:1e:fd:d7:5b:6d:7e:14:1c:03:a5:cc:
f8:73:48:32:41:e0:7d:ac:d9:93:05:7f:90:d8:31:77:14:74:
2b:19:15:6d:9f:54:da:dc:9c:fb:e2:92:79:e9:f7:c3:5a:3e:
40:9d:84:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJu6m7L2cNUNJMSHMMJJHPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxNGVkYmQxOTYzNGNiYjkxYTBkMmRhZmQ3NTlkNGM5YTdl
NzdiN2EwHhcNMjQwMTAyMTAzMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDYxZmU4YzdlZTRmMzE5MmNlOWI5NmYzNjBjOWIzOTgzZjNjMTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqHukheFATwGoCDYD4ykWJ7QQmYTU
VVyuh322OuftmBGFs1Mc7tlliFhsTW5NlhKBERA5nyJKmrghPfmz4f/M4oUyOqd9
AtT2wqMvJN6LoU36BisonIy6Pi0huGUkVov+97P+Rb2EZpPub4vbLS+1sRY6b0BR
KWM9cRyKDnnTjgdGYGlV1CniOzKQtCkk1rC6DjzWzhxrU/DEFSbBkbGtrq74Frlm
pPkNtJ8VrUdeWQjEHucDsgwQx4dMhxZg3E9/rTC5C7VwKvFpcrFeVG1e3Kq1PnkP
9BOIwiEqLGaC9vcOJCj1Gu8u6WVaSyZJyu7/6jxuXHtJSx6J3pfaqEVhlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDRh/ox+5PMZLOm5bzYMmzmD88EiMB8GA1UdIwQY
MBaAFIFO29GWNMu5Gg0tr9dZ1Mmn53t6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1U3YjBaWTB5N2thRFMydjExblV5YWZuZTNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9lODJkZTktMjVmNC00NjZlLTljMGMt
YzA4OTk3YTdhMDhmLzEvTkdILWpIN2s4eGtzNmJsdk5neWJPWVB6d1NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi9lODJkZTktMjVmNC00NjZlLTljMGMtYzA4OTk3YTdhMDhm
LzEvZ1U3YjBaWTB5N2thRFMydjExblV5YWZuZTNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLVwMMA0G
CSqGSIb3DQEBCwUAA4IBAQCPSH6xLryVZjjXcH/negbp0VWKr+IVsQhKHk5wij1Y
kAG2HYaBMit301wwNEs77EzBFpJ0qA5hU8oeY9Zg9S7wgd4pOY3KQGDeBHy5tKLb
lJ+SHhgN7LVKvQfUtOmHIc80J+6msbfmdsZKF+Ulm3hS1esxCKEHc4g5/xtwxCkW
rmTklHw0bREP4JvGZLbKQn04uvDDuLyh3jggPK5gE6Zbb5WPFD/Xvh1G4n4G7FJA
d5iRSw12MVzsaZx508ngDcapnO9xaw4YM+2KvIHvHv3XW21+FBwDpcz4c0gyQeB9
rNmTBX+Q2DF3FHQrGRVtn1Ta3Jz74pJ56ffDWj5AnYQm
-----END CERTIFICATE-----
Generated at Sun May 5 22:41:16 2024 by rpki-client on console-ams.rpki-client.org