Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/7966ae-9c88-43e9-b899-d003e56fe753/1/nc_QXt_JhgvAwAPU3RfSpKWB9l8.roa
File: nc_QXt_JhgvAwAPU3RfSpKWB9l8.roa (raw, json)
Hash identifier: lnlukQ2Un4xXpngI4FwpF7JRGxV4/x7LfP0ISJ/X/fc=
Subject key identifier: 9D:CF:D0:5E:DF:C9:86:0B:C0:C0:03:D4:DD:17:D2:A4:A5:81:F6:5F
Certificate issuer: /CN=7a350d024af01f8eaf125717caa03aafad184e1d
Certificate serial: 018CC348D7025F6CA8778E63E8CB468398F4
Authority key identifier: 7A:35:0D:02:4A:F0:1F:8E:AF:12:57:17:CA:A0:3A:AF:AD:18:4E:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ejUNAkrwH46vElcXyqA6r60YTh0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/7966ae-9c88-43e9-b899-d003e56fe753/1/nc_QXt_JhgvAwAPU3RfSpKWB9l8.roa
Signing time: Mon 01 Jan 2024 04:29:39 +0000
ROA not before: Mon 01 Jan 2024 04:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56974
IP address blocks: 109.104.248.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/7966ae-9c88-43e9-b899-d003e56fe753/1/ejUNAkrwH46vElcXyqA6r60YTh0.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/7966ae-9c88-43e9-b899-d003e56fe753/1/ejUNAkrwH46vElcXyqA6r60YTh0.mft
rsync://rpki.ripe.net/repository/DEFAULT/ejUNAkrwH46vElcXyqA6r60YTh0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 14:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:d7:02:5f:6c:a8:77:8e:63:e8:cb:46:83:98:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a350d024af01f8eaf125717caa03aafad184e1d
Validity
Not Before: Jan 1 04:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9dcfd05edfc9860bc0c003d4dd17d2a4a581f65f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ec:be:2f:08:1f:c2:1b:0d:a6:8e:ed:46:6c:
54:e6:45:61:52:6d:54:7d:15:81:40:89:65:9b:04:
86:61:a6:a4:ef:44:2a:18:b6:ab:ef:d2:a7:3f:51:
e9:23:43:0f:d4:17:ec:25:2d:e9:6f:06:10:bc:80:
21:ad:09:1d:f6:c6:65:7a:06:a0:43:13:59:85:0c:
f7:1e:41:07:c8:17:04:bc:24:51:82:96:e9:57:8a:
39:90:20:8b:bd:63:42:f7:32:92:a4:4d:c4:4b:51:
76:15:e8:a0:c3:dc:0a:c2:68:b6:a7:17:5c:b6:32:
38:db:55:b9:65:71:34:88:f6:9f:18:4e:20:b8:47:
6e:6c:31:fa:c7:ac:0a:49:93:5c:78:bc:07:57:d8:
1c:ac:28:fe:10:ae:ad:8e:b9:8b:cc:4b:02:80:ee:
ef:60:36:44:f8:c7:22:f3:6c:8f:55:65:7b:80:a9:
d5:d6:72:86:e2:17:5b:00:f0:94:6f:ae:66:0a:6b:
2d:dc:71:8e:cd:4f:3a:ca:64:e9:f9:8e:da:13:75:
ea:bb:be:42:14:09:22:dc:16:b6:1d:0a:47:33:c7:
f1:59:32:86:74:1f:a0:ea:8b:9f:24:0b:f2:0e:9b:
c9:aa:3c:f0:97:ae:2c:b2:0a:6f:ef:99:07:8e:c1:
ea:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:CF:D0:5E:DF:C9:86:0B:C0:C0:03:D4:DD:17:D2:A4:A5:81:F6:5F
X509v3 Authority Key Identifier:
keyid:7A:35:0D:02:4A:F0:1F:8E:AF:12:57:17:CA:A0:3A:AF:AD:18:4E:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ejUNAkrwH46vElcXyqA6r60YTh0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/7966ae-9c88-43e9-b899-d003e56fe753/1/nc_QXt_JhgvAwAPU3RfSpKWB9l8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/7966ae-9c88-43e9-b899-d003e56fe753/1/ejUNAkrwH46vElcXyqA6r60YTh0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.104.248.0/22
Signature Algorithm: sha256WithRSAEncryption
94:fd:06:51:fd:b3:7d:88:1d:a3:01:ea:50:8c:f7:1b:52:fa:
d7:c7:ff:95:58:2c:7d:ff:b8:62:c1:51:8a:a9:fe:fc:80:77:
bb:ea:63:29:1a:c1:ca:ac:db:18:b8:8a:93:3f:96:7f:0c:e0:
6c:66:9d:be:b8:e2:cc:b7:9d:be:2a:1f:30:4a:41:71:84:e5:
e0:02:37:e5:82:7c:f9:f1:c3:cf:03:08:7b:b2:be:ce:c6:44:
53:ad:bb:7e:57:8c:2e:df:46:c0:3c:71:f1:f0:80:6d:76:ac:
e1:a9:26:f8:00:25:5b:1c:08:eb:78:fc:89:97:18:39:cc:02:
b4:c2:ae:64:3c:0c:64:27:c6:a5:78:b5:bc:22:80:89:9b:a1:
f3:b7:02:4e:cf:23:1c:ff:cf:bc:75:c4:ff:c4:fe:af:38:ac:
70:1f:72:ca:f4:e7:99:ba:aa:57:0d:12:12:b4:f5:26:9c:7e:
f5:f7:9f:61:2a:76:fd:dc:75:25:77:b1:ea:46:44:84:e1:5b:
e8:41:9d:a3:b3:37:a5:dc:b9:94:92:e3:31:7b:92:95:3a:dc:
7e:b0:7b:a7:b2:0e:7a:e5:75:b5:c4:b6:14:16:79:ac:1c:92:
ec:7c:cd:29:89:2c:e6:1b:1a:e6:39:72:ab:91:8d:ef:df:99:
e9:34:47:cb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSNcCX2yod45j6MtGg5j0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhMzUwZDAyNGFmMDFmOGVhZjEyNTcxN2NhYTAzYWFmYWQx
ODRlMWQwHhcNMjQwMTAxMDQyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGNmZDA1ZWRmYzk4NjBiYzBjMDAzZDRkZDE3ZDJhNGE1ODFmNjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+y+LwgfwhsNpo7tRmxU5kVhUm1U
fRWBQIllmwSGYaak70QqGLar79KnP1HpI0MP1BfsJS3pbwYQvIAhrQkd9sZlegag
QxNZhQz3HkEHyBcEvCRRgpbpV4o5kCCLvWNC9zKSpE3ES1F2Feigw9wKwmi2pxdc
tjI421W5ZXE0iPafGE4guEdubDH6x6wKSZNceLwHV9gcrCj+EK6tjrmLzEsCgO7v
YDZE+Mci82yPVWV7gKnV1nKG4hdbAPCUb65mCmst3HGOzU86ymTp+Y7aE3Xqu75C
FAki3Ba2HQpHM8fxWTKGdB+g6oufJAvyDpvJqjzwl64ssgpv75kHjsHqAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ3P0F7fyYYLwMAD1N0X0qSlgfZfMB8GA1UdIwQY
MBaAFHo1DQJK8B+OrxJXF8qgOq+tGE4dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWpVTkFrcndINDZ2RWxjWHlxQTZyNjBZVGgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi83OTY2YWUtOWM4OC00M2U5LWI4OTkt
ZDAwM2U1NmZlNzUzLzEvbmNfUVh0X0poZ3ZBd0FQVTNSZlNwS1dCOWw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi83OTY2YWUtOWM4OC00M2U5LWI4OTktZDAwM2U1NmZlNzUz
LzEvZWpVTkFrcndINDZ2RWxjWHlxQTZyNjBZVGgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCbWj4MA0G
CSqGSIb3DQEBCwUAA4IBAQCU/QZR/bN9iB2jAepQjPcbUvrXx/+VWCx9/7hiwVGK
qf78gHe76mMpGsHKrNsYuIqTP5Z/DOBsZp2+uOLMt52+Kh8wSkFxhOXgAjflgnz5
8cPPAwh7sr7OxkRTrbt+V4wu30bAPHHx8IBtdqzhqSb4ACVbHAjrePyJlxg5zAK0
wq5kPAxkJ8aleLW8IoCJm6HztwJOzyMc/8+8dcT/xP6vOKxwH3LK9OeZuqpXDRIS
tPUmnH71959hKnb93HUld7HqRkSE4VvoQZ2jszel3LmUkuMxe5KVOtx+sHunsg56
5XW1xLYUFnmsHJLsfM0piSzmGxrmOXKrkY3v35npNEfL
-----END CERTIFICATE-----
Generated at Sat Sep 28 21:03:29 2024 by rpki-client on console-ams.rpki-client.org