Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/3e7210-0528-4456-b68e-a713a1915c90/1/NknVoQs23lBQQN2VKDTS-HMWmnw.roa
File: NknVoQs23lBQQN2VKDTS-HMWmnw.roa (raw, json)
Hash identifier: BVsuqfiIGqLYk3nPRAXYbbVDG+vn4IuyABHistJ/CIg=
Subject key identifier: 36:49:D5:A1:0B:36:DE:50:50:40:DD:95:28:34:D2:F8:73:16:9A:7C
Certificate issuer: /CN=9c1394768c9a39a6112674d7375972a6696b4680
Certificate serial: 019081FE82B50EFCEBA0BD3F321D973AA4A1
Authority key identifier: 9C:13:94:76:8C:9A:39:A6:11:26:74:D7:37:59:72:A6:69:6B:46:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nBOUdoyaOaYRJnTXN1lypmlrRoA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/3e7210-0528-4456-b68e-a713a1915c90/1/NknVoQs23lBQQN2VKDTS-HMWmnw.roa
Signing time: Fri 05 Jul 2024 08:24:18 +0000
ROA not before: Fri 05 Jul 2024 08:24:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207083
IP address blocks: 194.146.104.0/24 maxlen: 24
194.146.114.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/3e7210-0528-4456-b68e-a713a1915c90/1/nBOUdoyaOaYRJnTXN1lypmlrRoA.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/3e7210-0528-4456-b68e-a713a1915c90/1/nBOUdoyaOaYRJnTXN1lypmlrRoA.mft
rsync://rpki.ripe.net/repository/DEFAULT/nBOUdoyaOaYRJnTXN1lypmlrRoA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:81:fe:82:b5:0e:fc:eb:a0:bd:3f:32:1d:97:3a:a4:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c1394768c9a39a6112674d7375972a6696b4680
Validity
Not Before: Jul 5 08:24:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3649d5a10b36de505040dd952834d2f873169a7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:dc:4b:c4:2a:30:67:c6:e4:fb:3d:3c:ef:9a:
63:41:27:83:5b:8a:1f:fa:e2:c7:f5:02:5c:3b:79:
0a:6a:ea:5b:b0:2f:d6:34:69:1f:cb:3d:39:9a:02:
86:56:58:d3:fb:09:c3:0e:d4:a9:33:9b:82:9f:a8:
a1:fa:8c:e9:83:7c:cf:bf:fd:79:3e:c7:3f:8e:18:
34:c0:77:40:b3:8c:39:62:7d:28:ff:f5:7c:c5:34:
a1:44:2d:3d:e8:32:94:de:df:f2:d2:2e:a6:b9:26:
25:6e:52:2f:df:29:56:bb:fc:63:2f:28:5f:e0:eb:
20:80:da:94:c5:66:77:31:8e:35:75:3a:35:5c:70:
39:80:7b:71:12:10:92:c1:c9:05:c9:13:86:49:39:
1c:c6:25:64:ec:15:95:84:48:e0:35:b0:77:ee:d1:
4e:5c:88:75:65:4b:ae:57:1d:a8:27:21:58:17:38:
33:76:9c:ba:51:dd:af:06:bf:fc:5b:a8:a7:77:46:
77:2b:dd:0a:e1:75:a7:17:df:ac:64:b5:a1:db:0a:
94:35:2c:bb:1e:cb:14:df:6a:8c:bc:33:13:3d:de:
a8:be:dc:14:48:47:f8:01:6a:7a:a2:b6:d3:6b:93:
43:77:28:ae:70:df:b4:39:1b:0d:41:af:87:e4:9c:
98:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:49:D5:A1:0B:36:DE:50:50:40:DD:95:28:34:D2:F8:73:16:9A:7C
X509v3 Authority Key Identifier:
keyid:9C:13:94:76:8C:9A:39:A6:11:26:74:D7:37:59:72:A6:69:6B:46:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nBOUdoyaOaYRJnTXN1lypmlrRoA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/3e7210-0528-4456-b68e-a713a1915c90/1/NknVoQs23lBQQN2VKDTS-HMWmnw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/3e7210-0528-4456-b68e-a713a1915c90/1/nBOUdoyaOaYRJnTXN1lypmlrRoA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.146.104.0/24
194.146.114.0/24
Signature Algorithm: sha256WithRSAEncryption
28:31:77:dc:c6:06:ea:7b:ce:0f:93:3f:04:fa:d4:a6:5d:a9:
29:06:fe:81:95:a1:41:63:96:cc:30:db:b1:ed:8d:28:c6:d0:
be:d6:77:5f:a1:76:c9:b2:ca:41:18:85:ff:f2:6c:de:5c:41:
c1:6f:c3:cf:4f:51:e4:19:36:d2:b8:68:3f:a1:13:29:78:96:
c3:74:d8:ba:36:f7:8d:0d:93:7f:bb:22:f1:6e:08:99:de:5a:
f5:2c:1b:f0:98:b1:40:dd:97:b0:bd:0d:9e:d7:5a:e2:87:9b:
4f:6f:02:78:a2:67:f1:82:1b:5f:1f:46:5c:27:8b:61:00:ce:
19:02:60:e5:a1:bb:90:f7:91:25:40:de:07:90:4a:1a:18:06:
19:e5:1d:2f:46:a2:c4:02:6e:c3:26:98:04:89:c1:bf:97:fb:
ce:17:00:e0:bf:0c:ad:5d:be:14:35:37:2e:b1:53:dd:59:e4:
51:16:00:dc:8f:17:6b:9e:b7:e3:dc:8c:3b:21:f1:7f:d8:af:
ec:7b:54:64:4f:c3:86:03:35:72:15:ba:f5:f4:79:79:a6:03:
86:17:83:eb:b7:80:35:25:07:a2:0a:b7:87:9c:85:a0:3b:74:
6b:3d:fe:59:00:63:bd:b8:fd:3b:1c:da:8a:d6:96:e8:f6:18:
85:cb:7a:b2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZCB/oK1DvzroL0/Mh2XOqShMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljMTM5NDc2OGM5YTM5YTYxMTI2NzRkNzM3NTk3MmE2Njk2
YjQ2ODAwHhcNMjQwNzA1MDgyNDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjQ5ZDVhMTBiMzZkZTUwNTA0MGRkOTUyODM0ZDJmODczMTY5YTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv9xLxCowZ8bk+z0875pjQSeDW4of
+uLH9QJcO3kKaupbsC/WNGkfyz05mgKGVljT+wnDDtSpM5uCn6ih+ozpg3zPv/15
Psc/jhg0wHdAs4w5Yn0o//V8xTShRC096DKU3t/y0i6muSYlblIv3ylWu/xjLyhf
4OsggNqUxWZ3MY41dTo1XHA5gHtxEhCSwckFyROGSTkcxiVk7BWVhEjgNbB37tFO
XIh1ZUuuVx2oJyFYFzgzdpy6Ud2vBr/8W6ind0Z3K90K4XWnF9+sZLWh2wqUNSy7
HssU32qMvDMTPd6ovtwUSEf4AWp6orbTa5NDdyiucN+0ORsNQa+H5JyYbwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDZJ1aELNt5QUEDdlSg00vhzFpp8MB8GA1UdIwQY
MBaAFJwTlHaMmjmmESZ01zdZcqZpa0aAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkJPVWRveWFPYVlSSm5UWE4xbHlwbWxyUm9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8zZTcyMTAtMDUyOC00NDU2LWI2OGUt
YTcxM2ExOTE1YzkwLzEvTmtuVm9RczIzbEJRUU4yVktEVFMtSE1XbW53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8zZTcyMTAtMDUyOC00NDU2LWI2OGUtYTcxM2ExOTE1Yzkw
LzEvbkJPVWRveWFPYVlSSm5UWE4xbHlwbWxyUm9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwpJoAwQA
wpJyMA0GCSqGSIb3DQEBCwUAA4IBAQAoMXfcxgbqe84Pkz8E+tSmXakpBv6BlaFB
Y5bMMNux7Y0oxtC+1ndfoXbJsspBGIX/8mzeXEHBb8PPT1HkGTbSuGg/oRMpeJbD
dNi6NveNDZN/uyLxbgiZ3lr1LBvwmLFA3ZewvQ2e11rih5tPbwJ4omfxghtfH0Zc
J4thAM4ZAmDlobuQ95ElQN4HkEoaGAYZ5R0vRqLEAm7DJpgEicG/l/vOFwDgvwyt
Xb4UNTcusVPdWeRRFgDcjxdrnrfj3Iw7IfF/2K/se1RkT8OGAzVyFbr19Hl5pgOG
F4Prt4A1JQeiCreHnIWgO3RrPf5ZAGO9uP07HNqK1pbo9hiFy3qy
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:09:12 2024 by rpki-client on console-fra.rpki-client.org