Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/a70a84-f552-4354-a104-0e1db98ad231/1/nw7R6o0Nahsy8Yxqld0wWC5TK8k.roa
File: nw7R6o0Nahsy8Yxqld0wWC5TK8k.roa (raw, json)
Hash identifier: /09ZnuntbtTGuPB7v6lSWJ+P24BU0LbGAxEq/AZj3W0=
Subject key identifier: 9F:0E:D1:EA:8D:0D:6A:1B:32:F1:8C:6A:95:DD:30:58:2E:53:2B:C9
Certificate issuer: /CN=5e1d4060fd501ebae93ed44da6b7a79e66705b2f
Certificate serial: 018CCA998858BD3A3BECD8196D4A2AB5A4CE
Authority key identifier: 5E:1D:40:60:FD:50:1E:BA:E9:3E:D4:4D:A6:B7:A7:9E:66:70:5B:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xh1AYP1QHrrpPtRNprennmZwWy8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/a70a84-f552-4354-a104-0e1db98ad231/1/nw7R6o0Nahsy8Yxqld0wWC5TK8k.roa
Signing time: Tue 02 Jan 2024 14:35:08 +0000
ROA not before: Tue 02 Jan 2024 14:35:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20609
IP address blocks: 185.108.120.0/22 maxlen: 24
91.202.52.0/22 maxlen: 24
2a06:4ac0::/32 maxlen: 33
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/a70a84-f552-4354-a104-0e1db98ad231/1/Xh1AYP1QHrrpPtRNprennmZwWy8.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/a70a84-f552-4354-a104-0e1db98ad231/1/Xh1AYP1QHrrpPtRNprennmZwWy8.mft
rsync://rpki.ripe.net/repository/DEFAULT/Xh1AYP1QHrrpPtRNprennmZwWy8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 16:02:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:88:58:bd:3a:3b:ec:d8:19:6d:4a:2a:b5:a4:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e1d4060fd501ebae93ed44da6b7a79e66705b2f
Validity
Not Before: Jan 2 14:35:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9f0ed1ea8d0d6a1b32f18c6a95dd30582e532bc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:db:1c:a0:5f:f8:4f:e6:14:33:d6:60:b4:48:
92:13:5b:c0:5a:50:c1:a1:0e:52:9d:77:aa:94:ba:
3d:3e:2a:34:68:56:4c:df:70:bf:48:5a:86:27:7d:
c6:56:45:f8:0a:97:9f:12:40:0c:0c:6b:59:45:eb:
3d:b9:99:47:fb:7c:96:a9:ac:f0:4e:b0:ba:bc:23:
15:de:eb:87:49:f3:e5:d7:5a:4b:51:f3:6e:68:b0:
36:42:bb:47:46:1b:69:0f:02:fa:74:3a:18:6c:d2:
b9:77:b6:5e:1d:a6:8a:42:af:0c:ff:d5:0e:41:f6:
d3:92:56:eb:f7:d0:07:c6:70:e6:e4:a3:8f:ae:5b:
42:b7:f2:38:61:18:81:a6:66:bc:a5:fb:96:84:03:
34:5f:b4:1c:69:e5:98:d9:1e:9c:48:fe:2a:f1:7a:
6a:f2:71:50:eb:69:66:5c:bd:f5:f7:e5:8d:9b:d2:
fc:38:ce:3e:49:89:d2:99:a6:82:59:95:7a:91:1f:
2e:e0:42:b5:58:72:65:62:07:42:6b:15:fa:cd:8f:
ac:49:67:cd:d4:6c:c3:54:0f:2d:b4:bd:bd:08:a1:
4a:be:63:78:03:47:2e:70:fb:8d:c0:7e:f6:1f:17:
e0:71:1b:a1:47:10:03:72:59:c8:e7:36:fd:4b:5c:
b6:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:0E:D1:EA:8D:0D:6A:1B:32:F1:8C:6A:95:DD:30:58:2E:53:2B:C9
X509v3 Authority Key Identifier:
keyid:5E:1D:40:60:FD:50:1E:BA:E9:3E:D4:4D:A6:B7:A7:9E:66:70:5B:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xh1AYP1QHrrpPtRNprennmZwWy8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/a70a84-f552-4354-a104-0e1db98ad231/1/nw7R6o0Nahsy8Yxqld0wWC5TK8k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/a70a84-f552-4354-a104-0e1db98ad231/1/Xh1AYP1QHrrpPtRNprennmZwWy8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.202.52.0/22
185.108.120.0/22
IPv6:
2a06:4ac0::/32
Signature Algorithm: sha256WithRSAEncryption
7e:e9:03:b0:46:de:9d:92:92:b8:3b:da:e4:d3:c2:48:62:61:
6a:41:35:a7:1b:95:c3:90:48:53:88:4c:f3:b7:af:62:c8:13:
d9:87:0a:da:e3:01:22:50:24:62:61:e4:60:06:58:88:c6:f3:
b1:9a:34:f0:93:5c:a5:d9:5c:c5:5e:41:71:2d:6b:33:b1:65:
d7:e9:88:91:8d:b6:c3:41:73:e0:ad:18:9c:be:a9:ef:8e:cc:
f1:5e:63:0c:04:bf:7d:09:c9:92:9c:4b:81:9f:a7:c5:2a:a8:
86:80:fb:a9:b7:0f:fc:0e:32:20:1f:c5:49:72:79:90:4c:94:
ce:a9:80:a2:3f:14:c6:25:dc:d9:c0:2e:9b:09:09:0d:5a:2b:
c8:f8:02:31:87:12:1e:ee:cf:ef:f8:c6:e5:89:fa:f1:99:4e:
55:53:fb:81:10:8c:e7:db:16:20:a1:75:2e:b6:fa:65:6a:31:
ed:c4:91:b1:7b:09:3f:dd:92:b3:02:37:e6:d1:e7:1e:88:be:
df:99:02:57:9e:be:dc:07:d4:76:13:b5:6d:86:5d:c1:95:04:
69:4a:db:6a:34:dc:37:5e:f8:af:4b:e2:54:b0:cf:ae:ca:38:
1c:3c:3b:23:ee:8d:2e:2d:0f:9b:a7:fc:17:94:73:e0:41:98:
53:3b:f8:a9
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzKmYhYvTo77NgZbUoqtaTOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlMWQ0MDYwZmQ1MDFlYmFlOTNlZDQ0ZGE2YjdhNzllNjY3
MDViMmYwHhcNMjQwMTAyMTQzNTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjBlZDFlYThkMGQ2YTFiMzJmMThjNmE5NWRkMzA1ODJlNTMyYmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAptscoF/4T+YUM9ZgtEiSE1vAWlDB
oQ5SnXeqlLo9Pio0aFZM33C/SFqGJ33GVkX4CpefEkAMDGtZRes9uZlH+3yWqazw
TrC6vCMV3uuHSfPl11pLUfNuaLA2QrtHRhtpDwL6dDoYbNK5d7ZeHaaKQq8M/9UO
QfbTklbr99AHxnDm5KOPrltCt/I4YRiBpma8pfuWhAM0X7QcaeWY2R6cSP4q8Xpq
8nFQ62lmXL319+WNm9L8OM4+SYnSmaaCWZV6kR8u4EK1WHJlYgdCaxX6zY+sSWfN
1GzDVA8ttL29CKFKvmN4A0cucPuNwH72HxfgcRuhRxADclnI5zb9S1y2fQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJ8O0eqNDWobMvGMapXdMFguUyvJMB8GA1UdIwQY
MBaAFF4dQGD9UB666T7UTaa3p55mcFsvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGgxQVlQMVFIcnJwUHRSTnByZW5ubVp3V3k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9hNzBhODQtZjU1Mi00MzU0LWExMDQt
MGUxZGI5OGFkMjMxLzEvbnc3UjZvME5haHN5OFl4cWxkMHdXQzVUSzhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9hNzBhODQtZjU1Mi00MzU0LWExMDQtMGUxZGI5OGFkMjMx
LzEvWGgxQVlQMVFIcnJwUHRSTnByZW5ubVp3V3k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCW8o0AwQC
uWx4MA0EAgACMAcDBQAqBkrAMA0GCSqGSIb3DQEBCwUAA4IBAQB+6QOwRt6dkpK4
O9rk08JIYmFqQTWnG5XDkEhTiEzzt69iyBPZhwra4wEiUCRiYeRgBliIxvOxmjTw
k1yl2VzFXkFxLWszsWXX6YiRjbbDQXPgrRicvqnvjszxXmMMBL99CcmSnEuBn6fF
KqiGgPuptw/8DjIgH8VJcnmQTJTOqYCiPxTGJdzZwC6bCQkNWivI+AIxhxIe7s/v
+MblifrxmU5VU/uBEIzn2xYgoXUutvplajHtxJGxewk/3ZKzAjfm0eceiL7fmQJX
nr7cB9R2E7Vthl3BlQRpSttqNNw3XvivS+JUsM+uyjgcPDsj7o0uLQ+bp/wXlHPg
QZhTO/ip
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:15:40 2024 by rpki-client on console-fra.rpki-client.org