Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/c0fc0a-15d4-46cc-a8b9-47632cb5b854/1/NyAUU7lcE2XpXz-URbm6vSlCA2k.roa
File: NyAUU7lcE2XpXz-URbm6vSlCA2k.roa (raw, json)
Hash identifier: JdMyqnbER90lIiGN5p5tjWb0daxLmrRiIlKhXSpoQEU=
Subject key identifier: 37:20:14:53:B9:5C:13:65:E9:5F:3F:94:45:B9:BA:BD:29:42:03:69
Certificate issuer: /CN=7de98f48e988790d0e0793537941b413d2e60306
Certificate serial: 018CC3B690B39C985EFD14A640BECE4D978B
Authority key identifier: 7D:E9:8F:48:E9:88:79:0D:0E:07:93:53:79:41:B4:13:D2:E6:03:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/femPSOmIeQ0OB5NTeUG0E9LmAwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/c0fc0a-15d4-46cc-a8b9-47632cb5b854/1/NyAUU7lcE2XpXz-URbm6vSlCA2k.roa
Signing time: Mon 01 Jan 2024 06:29:30 +0000
ROA not before: Mon 01 Jan 2024 06:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41071
IP address blocks: 5.252.44.0/22 maxlen: 22
91.102.128.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/c0fc0a-15d4-46cc-a8b9-47632cb5b854/1/femPSOmIeQ0OB5NTeUG0E9LmAwY.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/c0fc0a-15d4-46cc-a8b9-47632cb5b854/1/femPSOmIeQ0OB5NTeUG0E9LmAwY.mft
rsync://rpki.ripe.net/repository/DEFAULT/femPSOmIeQ0OB5NTeUG0E9LmAwY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 May 2024 14:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:90:b3:9c:98:5e:fd:14:a6:40:be:ce:4d:97:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7de98f48e988790d0e0793537941b413d2e60306
Validity
Not Before: Jan 1 06:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=37201453b95c1365e95f3f9445b9babd29420369
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:0a:16:fd:3f:b5:f7:df:fd:c0:e0:b4:c4:ed:
eb:9d:1e:d0:c0:ad:f3:30:b3:c7:1a:58:d1:aa:9a:
c9:ed:e4:0c:df:a0:64:aa:b2:c6:ff:30:5f:1c:35:
9d:13:37:f5:61:6c:e8:b7:ee:36:40:b2:6f:df:3e:
31:f1:80:27:47:dc:d3:3c:9f:0b:72:75:cc:1e:d4:
65:cf:ad:f4:57:fb:73:d5:47:a5:cb:a0:e0:7c:44:
ea:a1:ad:ea:bf:3d:2a:88:0e:ea:3a:f3:d4:77:c0:
4f:41:99:37:66:7b:16:59:13:a4:cc:a6:73:65:39:
e2:5f:33:b1:04:ce:52:49:ec:df:9f:cd:d7:91:f0:
3b:38:48:e8:9d:ef:2e:31:64:1a:50:bb:94:ba:bf:
b9:36:0c:eb:06:1c:bd:27:09:3a:8e:50:c0:ba:93:
6b:f6:ee:83:f2:0a:1f:93:c8:a8:a7:2f:88:d9:58:
a9:66:06:c5:11:30:ea:b9:41:22:37:5e:4e:f6:8f:
16:61:52:74:d8:f3:d8:63:e7:d2:61:cf:74:cf:c2:
b6:28:57:7e:c9:42:10:2f:78:db:08:a3:84:b2:87:
0f:81:03:c8:78:d0:e0:f5:84:3f:46:33:fe:49:88:
2f:ff:d2:f8:8f:33:ee:27:11:2f:b7:ab:17:97:5f:
80:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:20:14:53:B9:5C:13:65:E9:5F:3F:94:45:B9:BA:BD:29:42:03:69
X509v3 Authority Key Identifier:
keyid:7D:E9:8F:48:E9:88:79:0D:0E:07:93:53:79:41:B4:13:D2:E6:03:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/femPSOmIeQ0OB5NTeUG0E9LmAwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/c0fc0a-15d4-46cc-a8b9-47632cb5b854/1/NyAUU7lcE2XpXz-URbm6vSlCA2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/c0fc0a-15d4-46cc-a8b9-47632cb5b854/1/femPSOmIeQ0OB5NTeUG0E9LmAwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.44.0/22
91.102.128.0/21
Signature Algorithm: sha256WithRSAEncryption
a2:2b:25:b6:3e:7d:1b:70:9b:99:66:f9:fa:26:d4:9e:98:4c:
30:0a:45:0e:7a:6a:24:d8:4e:c2:f9:32:37:3c:d3:83:60:79:
8f:9a:b5:bf:f4:f0:70:7d:96:fb:a4:ae:ed:f2:06:84:3c:5f:
b6:eb:53:6a:0b:c2:16:17:29:5a:68:49:ce:27:e6:84:69:c1:
95:96:80:86:80:41:e8:6d:42:dc:65:cb:0f:cd:15:3d:08:52:
fd:03:d5:ef:53:4b:a7:3a:42:e6:9d:30:ba:90:e7:7b:b0:0d:
55:35:de:9a:ad:a3:00:5f:8b:d2:44:1e:31:12:32:10:00:f4:
0f:ea:df:7d:79:ea:e5:65:c8:c1:54:ae:15:69:02:3b:84:40:
e3:87:23:0e:35:0c:2a:58:21:9e:10:68:94:3a:9c:9b:15:1d:
24:74:1c:dd:5a:c1:57:7c:b0:c0:11:2a:e7:cd:0f:22:fb:d0:
15:f3:6b:02:38:38:d9:1d:6d:20:6d:eb:5e:70:c4:9c:c3:46:
8f:b7:3e:de:cc:a4:2d:6f:cb:bc:f4:ab:34:71:e3:b2:02:b4:
9a:1b:21:e2:56:83:ab:96:35:82:c5:a6:6f:28:46:0f:9d:43:
e7:11:df:fa:da:cc:bd:b8:bc:af:5b:b5:0f:6e:6f:49:3c:be:
8c:96:7a:1a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzDtpCznJhe/RSmQL7OTZeLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZTk4ZjQ4ZTk4ODc5MGQwZTA3OTM1Mzc5NDFiNDEzZDJl
NjAzMDYwHhcNMjQwMTAxMDYyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzIwMTQ1M2I5NWMxMzY1ZTk1ZjNmOTQ0NWI5YmFiZDI5NDIwMzY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjgoW/T+199/9wOC0xO3rnR7QwK3z
MLPHGljRqprJ7eQM36BkqrLG/zBfHDWdEzf1YWzot+42QLJv3z4x8YAnR9zTPJ8L
cnXMHtRlz630V/tz1Uely6DgfETqoa3qvz0qiA7qOvPUd8BPQZk3ZnsWWROkzKZz
ZTniXzOxBM5SSezfn83XkfA7OEjone8uMWQaULuUur+5NgzrBhy9Jwk6jlDAupNr
9u6D8gofk8iopy+I2VipZgbFETDquUEiN15O9o8WYVJ02PPYY+fSYc90z8K2KFd+
yUIQL3jbCKOEsocPgQPIeNDg9YQ/RjP+SYgv/9L4jzPuJxEvt6sXl1+AlQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDcgFFO5XBNl6V8/lEW5ur0pQgNpMB8GA1UdIwQY
MBaAFH3pj0jpiHkNDgeTU3lBtBPS5gMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmVtUFNPbUllUTBPQjVOVGVVRzBFOUxtQXdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jMGZjMGEtMTVkNC00NmNjLWE4Yjkt
NDc2MzJjYjViODU0LzEvTnlBVVU3bGNFMlhwWHotVVJibTZ2U2xDQTJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jMGZjMGEtMTVkNC00NmNjLWE4YjktNDc2MzJjYjViODU0
LzEvZmVtUFNPbUllUTBPQjVOVGVVRzBFOUxtQXdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCBfwsAwQD
W2aAMA0GCSqGSIb3DQEBCwUAA4IBAQCiKyW2Pn0bcJuZZvn6JtSemEwwCkUOemok
2E7C+TI3PNODYHmPmrW/9PBwfZb7pK7t8gaEPF+261NqC8IWFylaaEnOJ+aEacGV
loCGgEHobULcZcsPzRU9CFL9A9XvU0unOkLmnTC6kOd7sA1VNd6araMAX4vSRB4x
EjIQAPQP6t99eerlZcjBVK4VaQI7hEDjhyMONQwqWCGeEGiUOpybFR0kdBzdWsFX
fLDAESrnzQ8i+9AV82sCODjZHW0gbetecMScw0aPtz7ezKQtb8u89Ks0ceOyArSa
GyHiVoOrljWCxaZvKEYPnUPnEd/62sy9uLyvW7UPbm9JPL6Mlnoa
-----END CERTIFICATE-----
Generated at Tue May 28 18:03:48 2024 by rpki-client on console-fra.rpki-client.org