Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/307607-5706-4e44-bb8e-189d00a333ee/1/NRmmLHL0knTruqzxV_WeJCi85rw.roa
File: NRmmLHL0knTruqzxV_WeJCi85rw.roa (raw, json)
Hash identifier: gMKgLmCQjygCIQx14vESsx2UnOgP1dnPyr9krtrAEaI=
Subject key identifier: 35:19:A6:2C:72:F4:92:74:EB:BA:AC:F1:57:F5:9E:24:28:BC:E6:BC
Certificate issuer: /CN=432fe70f4cef10376836152f38e4e08532cc7b9f
Certificate serial: 018F61DB0D04C021EC1DA743296FD2AF14D7
Authority key identifier: 43:2F:E7:0F:4C:EF:10:37:68:36:15:2F:38:E4:E0:85:32:CC:7B:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qy_nD0zvEDdoNhUvOOTghTLMe58.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/307607-5706-4e44-bb8e-189d00a333ee/1/NRmmLHL0knTruqzxV_WeJCi85rw.roa
Signing time: Fri 10 May 2024 09:34:56 +0000
ROA not before: Fri 10 May 2024 09:34:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29399
IP address blocks: 185.95.168.0/22 maxlen: 24
185.95.168.0/24 maxlen: 24
185.95.169.0/24 maxlen: 24
185.95.170.0/24 maxlen: 24
185.95.171.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/307607-5706-4e44-bb8e-189d00a333ee/1/Qy_nD0zvEDdoNhUvOOTghTLMe58.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/307607-5706-4e44-bb8e-189d00a333ee/1/Qy_nD0zvEDdoNhUvOOTghTLMe58.mft
rsync://rpki.ripe.net/repository/DEFAULT/Qy_nD0zvEDdoNhUvOOTghTLMe58.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:61:db:0d:04:c0:21:ec:1d:a7:43:29:6f:d2:af:14:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=432fe70f4cef10376836152f38e4e08532cc7b9f
Validity
Not Before: May 10 09:34:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3519a62c72f49274ebbaacf157f59e2428bce6bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:bf:6a:5a:34:f1:f5:b3:d5:f7:0a:22:07:08:
52:5b:e6:5c:97:aa:90:17:b5:89:1a:85:fc:2a:fc:
6d:a6:5b:6e:58:b3:68:c9:43:23:50:88:ad:30:dd:
34:a2:c3:db:10:01:6e:1b:a2:27:95:56:f0:5b:f5:
a4:33:13:af:6e:67:72:48:84:4c:2a:86:47:3a:25:
30:38:85:c1:85:24:8c:99:11:44:9b:97:87:1b:4e:
cf:dc:0c:a9:91:cc:ee:f2:e2:30:1a:f2:34:2a:24:
af:29:5c:c8:63:4a:8d:28:a0:3a:88:bf:ac:28:f0:
2f:cd:61:63:83:37:0c:00:55:43:46:81:cd:e7:c4:
09:fa:54:4a:3d:e6:e8:a7:a6:90:8e:b1:cf:81:a5:
11:7f:ad:81:c2:88:b3:8e:30:1c:b2:d1:a7:e3:a1:
6f:21:e8:1b:07:33:32:d4:4e:dc:20:39:ca:1d:ec:
26:8e:db:ef:4b:7f:45:4b:e7:e2:06:35:b0:83:96:
37:75:97:87:0d:0a:da:fd:fa:e6:cc:76:7e:78:ac:
d7:52:db:1e:6d:e9:a3:e3:95:b6:a8:01:f8:5e:10:
49:98:e9:f9:3e:0e:ea:25:bc:94:4d:04:fd:64:92:
51:5b:c8:76:16:b3:17:0b:c1:f4:f5:51:52:eb:28:
09:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:19:A6:2C:72:F4:92:74:EB:BA:AC:F1:57:F5:9E:24:28:BC:E6:BC
X509v3 Authority Key Identifier:
keyid:43:2F:E7:0F:4C:EF:10:37:68:36:15:2F:38:E4:E0:85:32:CC:7B:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qy_nD0zvEDdoNhUvOOTghTLMe58.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/307607-5706-4e44-bb8e-189d00a333ee/1/NRmmLHL0knTruqzxV_WeJCi85rw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/307607-5706-4e44-bb8e-189d00a333ee/1/Qy_nD0zvEDdoNhUvOOTghTLMe58.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.95.168.0/22
Signature Algorithm: sha256WithRSAEncryption
36:10:ed:c6:88:0b:f6:c9:ad:14:84:b2:e7:3a:25:cd:ef:fc:
5d:fd:cb:64:f5:fa:f8:08:50:d0:b2:cc:d2:69:f4:f1:bb:fa:
8f:ec:69:ba:8c:da:5c:a9:35:f0:e6:ee:b7:78:c6:aa:34:ec:
dc:e6:b2:c4:50:72:12:28:6b:2c:60:6a:4d:c4:b7:15:90:87:
1d:f0:99:93:f7:aa:42:9c:a2:ea:16:4f:0a:f2:10:14:9a:29:
bb:68:ec:5f:eb:6b:8e:c7:7c:66:16:86:f5:87:2f:91:c4:93:
27:03:af:44:fd:f6:0f:c5:c2:29:22:10:fe:f3:9b:27:f5:e9:
f5:cf:b0:3b:5e:2d:de:74:5e:a7:2e:5d:0e:0b:04:0d:0c:d9:
fd:0f:70:2a:39:45:7d:9e:17:bd:c7:b8:2d:57:f3:a6:bb:79:
b4:c2:c1:2e:f9:55:30:8f:57:78:af:67:04:4c:08:60:73:b4:
e1:25:b7:0e:9b:ea:42:ea:f7:52:c9:a2:52:a5:0e:f2:92:67:
94:11:5e:e4:8d:bb:c3:bd:83:5d:43:b1:fa:eb:e8:c2:32:f2:
a1:60:7c:01:3a:80:90:95:58:22:ea:2e:f2:d2:2e:7a:65:cf:
2c:02:3f:bc:14:6b:79:2e:b5:86:2b:35:83:7f:a0:07:f4:36:
cc:ab:3a:2f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY9h2w0EwCHsHadDKW/SrxTXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMmZlNzBmNGNlZjEwMzc2ODM2MTUyZjM4ZTRlMDg1MzJj
YzdiOWYwHhcNMjQwNTEwMDkzNDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTE5YTYyYzcyZjQ5Mjc0ZWJiYWFjZjE1N2Y1OWUyNDI4YmNlNmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqr9qWjTx9bPV9woiBwhSW+Zcl6qQ
F7WJGoX8KvxtpltuWLNoyUMjUIitMN00osPbEAFuG6InlVbwW/WkMxOvbmdySIRM
KoZHOiUwOIXBhSSMmRFEm5eHG07P3Aypkczu8uIwGvI0KiSvKVzIY0qNKKA6iL+s
KPAvzWFjgzcMAFVDRoHN58QJ+lRKPebop6aQjrHPgaURf62BwoizjjAcstGn46Fv
IegbBzMy1E7cIDnKHewmjtvvS39FS+fiBjWwg5Y3dZeHDQra/frmzHZ+eKzXUtse
bemj45W2qAH4XhBJmOn5Pg7qJbyUTQT9ZJJRW8h2FrMXC8H09VFS6ygJNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDUZpixy9JJ067qs8Vf1niQovOa8MB8GA1UdIwQY
MBaAFEMv5w9M7xA3aDYVLzjk4IUyzHufMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXlfbkQwenZFRGRvTmhVdk9PVGdoVExNZTU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8zMDc2MDctNTcwNi00ZTQ0LWJiOGUt
MTg5ZDAwYTMzM2VlLzEvTlJtbUxITDBrblRydXF6eFZfV2VKQ2k4NXJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8zMDc2MDctNTcwNi00ZTQ0LWJiOGUtMTg5ZDAwYTMzM2Vl
LzEvUXlfbkQwenZFRGRvTmhVdk9PVGdoVExNZTU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuV+oMA0G
CSqGSIb3DQEBCwUAA4IBAQA2EO3GiAv2ya0UhLLnOiXN7/xd/ctk9fr4CFDQsszS
afTxu/qP7Gm6jNpcqTXw5u63eMaqNOzc5rLEUHISKGssYGpNxLcVkIcd8JmT96pC
nKLqFk8K8hAUmim7aOxf62uOx3xmFob1hy+RxJMnA69E/fYPxcIpIhD+85sn9en1
z7A7Xi3edF6nLl0OCwQNDNn9D3AqOUV9nhe9x7gtV/Omu3m0wsEu+VUwj1d4r2cE
TAhgc7ThJbcOm+pC6vdSyaJSpQ7ykmeUEV7kjbvDvYNdQ7H66+jCMvKhYHwBOoCQ
lVgi6i7y0i56Zc8sAj+8FGt5LrWGKzWDf6AH9DbMqzov
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:30:14 2024 by rpki-client on console-fra.rpki-client.org