Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e52b07-f2a4-47c1-9460-1e4e0400844b/1/ntGFXPt57g7F155iNRh-oCXExso.roa
File: ntGFXPt57g7F155iNRh-oCXExso.roa (raw, json)
Hash identifier: sdgQG+z4eP2bDj2Xs+vVCCiVDzBM1eBpfCnGsFqlYno=
Subject key identifier: 9E:D1:85:5C:FB:79:EE:0E:C5:D7:9E:62:35:18:7E:A0:25:C4:C6:CA
Certificate issuer: /CN=21351865b767dd7b9c22314bfc8055bd57db0065
Certificate serial: 018CC94E4BB4241E292D25888CA73485DB96
Authority key identifier: 21:35:18:65:B7:67:DD:7B:9C:22:31:4B:FC:80:55:BD:57:DB:00:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITUYZbdn3XucIjFL_IBVvVfbAGU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e52b07-f2a4-47c1-9460-1e4e0400844b/1/ntGFXPt57g7F155iNRh-oCXExso.roa
Signing time: Tue 02 Jan 2024 08:33:20 +0000
ROA not before: Tue 02 Jan 2024 08:33:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205381
IP address blocks: 194.107.229.0/24 maxlen: 24
185.220.58.0/23 maxlen: 23
185.220.57.0/24 maxlen: 24
185.220.56.0/24 maxlen: 24
194.110.1.0/24 maxlen: 24
45.88.33.0/24 maxlen: 24
45.88.32.0/24 maxlen: 24
194.110.7.0/24 maxlen: 24
45.88.34.0/24 maxlen: 24
45.88.35.0/24 maxlen: 24
194.110.19.0/24 maxlen: 24
2a0c:f587:fffd::/48 maxlen: 48
2a07:86c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/e52b07-f2a4-47c1-9460-1e4e0400844b/1/ITUYZbdn3XucIjFL_IBVvVfbAGU.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/e52b07-f2a4-47c1-9460-1e4e0400844b/1/ITUYZbdn3XucIjFL_IBVvVfbAGU.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITUYZbdn3XucIjFL_IBVvVfbAGU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 14:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:4b:b4:24:1e:29:2d:25:88:8c:a7:34:85:db:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21351865b767dd7b9c22314bfc8055bd57db0065
Validity
Not Before: Jan 2 08:33:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9ed1855cfb79ee0ec5d79e6235187ea025c4c6ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ae:0c:bb:f5:7f:cb:a9:00:cd:a5:17:b0:3b:
c3:12:84:c4:2e:7e:4f:5d:77:31:c9:f6:c0:11:71:
16:e3:28:29:6f:3e:32:37:43:f7:a5:3c:3f:fd:64:
02:8c:79:1b:00:f7:69:8f:48:3f:24:02:ac:64:79:
b1:a5:1c:cb:8d:71:57:fb:8d:7d:aa:4b:1e:72:be:
09:ba:28:43:28:c2:d6:b5:0d:96:ee:f3:2e:d6:0f:
1d:95:e2:b6:3a:2a:c9:b4:1c:ae:d7:b6:8d:46:dd:
d3:89:60:5d:ba:c2:e4:03:8e:c0:fc:ae:ba:c5:47:
ed:23:9a:d5:f7:3b:85:25:ca:a5:84:24:a9:68:b7:
b6:b4:d3:1d:87:1e:e4:bd:a3:03:2f:17:11:44:1d:
32:b7:77:ba:d1:c7:9f:be:0a:42:22:eb:86:44:23:
c2:43:9e:ae:fb:99:b7:db:2a:fd:18:64:18:8f:d5:
36:c7:a0:e1:59:30:fa:b0:f9:62:50:36:4d:ec:77:
6d:33:e3:33:20:59:2b:0b:1e:a6:dd:6f:ef:d1:30:
83:70:54:6d:af:ac:7e:e5:44:15:ba:29:40:32:ee:
78:15:e7:db:d8:50:21:42:c8:22:69:67:74:1a:2d:
a6:c9:db:56:17:3d:09:7c:4f:0d:f8:ae:db:a6:48:
0d:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:D1:85:5C:FB:79:EE:0E:C5:D7:9E:62:35:18:7E:A0:25:C4:C6:CA
X509v3 Authority Key Identifier:
keyid:21:35:18:65:B7:67:DD:7B:9C:22:31:4B:FC:80:55:BD:57:DB:00:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITUYZbdn3XucIjFL_IBVvVfbAGU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e52b07-f2a4-47c1-9460-1e4e0400844b/1/ntGFXPt57g7F155iNRh-oCXExso.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e52b07-f2a4-47c1-9460-1e4e0400844b/1/ITUYZbdn3XucIjFL_IBVvVfbAGU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.32.0/22
185.220.56.0/22
194.107.229.0/24
194.110.1.0/24
194.110.7.0/24
194.110.19.0/24
IPv6:
2a07:86c0::/29
2a0c:f587:fffd::/48
Signature Algorithm: sha256WithRSAEncryption
6b:27:68:b0:8e:c7:c7:4a:ff:d6:7a:d8:75:9c:f1:e2:77:b5:
af:29:44:c2:ab:b3:0b:55:1b:5e:0b:8b:f8:4a:b1:d8:1c:dd:
e2:36:ca:73:ef:db:6c:33:dd:99:f4:c5:c9:6e:4b:e2:ab:44:
ed:72:c1:c8:04:7f:2b:c9:9c:6c:8a:f7:c4:ab:64:90:c2:1e:
fd:39:91:e8:47:9c:9d:9b:84:0c:20:5a:f1:a4:3a:9c:86:36:
bf:20:17:2c:95:e7:42:28:24:cb:7f:97:66:f4:9a:f1:22:8e:
6a:53:53:a8:7d:23:f2:8c:8d:3e:ee:b1:da:4b:e8:c2:41:5a:
83:1b:1a:04:41:3c:74:fe:20:0d:c3:3f:ca:0f:b8:aa:ef:c8:
f9:db:c3:9d:03:0d:00:1a:a3:1d:f5:c9:c4:2b:22:a5:fc:01:
be:10:c8:83:2e:0f:59:d9:22:bf:43:77:4b:5e:2c:aa:75:55:
c0:10:f1:58:70:00:b3:3f:00:51:0a:b4:4b:b2:46:85:00:e0:
0d:a0:63:12:69:3f:1b:dd:a1:57:c0:e2:06:32:7b:86:df:82:
16:16:17:90:2f:1a:27:93:58:b9:88:c1:97:97:1e:02:77:8c:
7e:b4:37:6e:47:79:eb:ee:23:0c:37:24:a5:7f:95:62:78:4e:
e5:42:97:cb
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYzJTku0JB4pLSWIjKc0hduWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzUxODY1Yjc2N2RkN2I5YzIyMzE0YmZjODA1NWJkNTdk
YjAwNjUwHhcNMjQwMTAyMDgzMzIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWQxODU1Y2ZiNzllZTBlYzVkNzllNjIzNTE4N2VhMDI1YzRjNmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqK4Mu/V/y6kAzaUXsDvDEoTELn5P
XXcxyfbAEXEW4ygpbz4yN0P3pTw//WQCjHkbAPdpj0g/JAKsZHmxpRzLjXFX+419
qksecr4JuihDKMLWtQ2W7vMu1g8dleK2OirJtByu17aNRt3TiWBdusLkA47A/K66
xUftI5rV9zuFJcqlhCSpaLe2tNMdhx7kvaMDLxcRRB0yt3e60cefvgpCIuuGRCPC
Q56u+5m32yr9GGQYj9U2x6DhWTD6sPliUDZN7HdtM+MzIFkrCx6m3W/v0TCDcFRt
r6x+5UQVuilAMu54Fefb2FAhQsgiaWd0Gi2mydtWFz0JfE8N+K7bpkgNuwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFJ7RhVz7ee4OxdeeYjUYfqAlxMbKMB8GA1UdIwQY
MBaAFCE1GGW3Z917nCIxS/yAVb1X2wBlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRVWVpiZG4zWHVjSWpGTF9JQlZ2VmZiQUdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lNTJiMDctZjJhNC00N2MxLTk0NjAt
MWU0ZTA0MDA4NDRiLzEvbnRHRlhQdDU3ZzdGMTU1aU5SaC1vQ1hFeHNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lNTJiMDctZjJhNC00N2MxLTk0NjAtMWU0ZTA0MDA4NDRi
LzEvSVRVWVpiZG4zWHVjSWpGTF9JQlZ2VmZiQUdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDAqBAIAATAkAwQCLVggAwQC
udw4AwQAwmvlAwQAwm4BAwQAwm4HAwQAwm4TMBYEAgACMBADBQMqB4bAAwcAKgz1
h//9MA0GCSqGSIb3DQEBCwUAA4IBAQBrJ2iwjsfHSv/Weth1nPHid7WvKUTCq7ML
VRteC4v4SrHYHN3iNspz79tsM92Z9MXJbkviq0TtcsHIBH8ryZxsivfEq2SQwh79
OZHoR5ydm4QMIFrxpDqchja/IBcsledCKCTLf5dm9JrxIo5qU1OofSPyjI0+7rHa
S+jCQVqDGxoEQTx0/iANwz/KD7iq78j528OdAw0AGqMd9cnEKyKl/AG+EMiDLg9Z
2SK/Q3dLXiyqdVXAEPFYcACzPwBRCrRLskaFAOANoGMSaT8b3aFXwOIGMnuG34IW
FheQLxonk1i5iMGXlx4Cd4x+tDduR3nr7iMMNySlf5VieE7lQpfL
-----END CERTIFICATE-----
Generated at Tue May 21 19:03:32 2024 by rpki-client on console-fra.rpki-client.org