Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/NIwSFYQ28azbhyI0BpS5oMHWdQA.roa
File: NIwSFYQ28azbhyI0BpS5oMHWdQA.roa (raw, json)
Hash identifier: 67n1413GjNZj81EaUPN4KfbjJHqGjzfU84LMlkhJ1Yc=
Subject key identifier: 34:8C:12:15:84:36:F1:AC:DB:87:22:34:06:94:B9:A0:C1:D6:75:00
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 018EAD9C6F274C3D692EA57A59160582A6AE
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/NIwSFYQ28azbhyI0BpS5oMHWdQA.roa
Signing time: Fri 05 Apr 2024 09:34:54 +0000
ROA not before: Fri 05 Apr 2024 09:34:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 91.228.14.0/24 maxlen: 24
94.154.36.0/24 maxlen: 24
94.154.37.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.mft
rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 21 Apr 2024 20:00:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ad:9c:6f:27:4c:3d:69:2e:a5:7a:59:16:05:82:a6:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Apr 5 09:34:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=348c12158436f1acdb8722340694b9a0c1d67500
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:a0:e9:a5:c3:11:3a:35:12:8c:6d:8d:d4:d2:
a4:df:b1:5c:fd:be:8a:c8:ff:4b:59:33:c3:99:e6:
0b:6c:6e:27:d3:8a:7a:29:34:3e:ad:9d:39:a9:b5:
1f:68:79:d7:07:a6:5d:33:f9:46:2e:fe:14:ad:fa:
d8:bc:01:3c:57:35:88:68:51:d6:25:2c:45:3e:c6:
4a:7e:1f:f0:24:70:30:d0:04:c7:5e:4c:01:00:f1:
d6:4d:6c:33:85:95:19:84:47:f3:1c:d6:bf:9e:ad:
cb:6a:85:5a:f4:c5:13:17:c5:1f:84:d3:9b:dd:eb:
36:01:b9:00:dd:6b:c3:fa:05:c6:51:8c:55:5e:86:
2d:e8:6f:5a:c1:1d:9e:62:3e:5f:5e:91:0d:29:4f:
2e:ff:fa:ba:5f:2d:f0:47:fb:39:bd:f3:06:88:ed:
76:aa:f7:64:c2:8a:db:37:f8:e0:b8:18:ea:50:4b:
e7:00:77:5f:28:4c:e5:27:e9:3e:f9:7c:1e:1b:97:
04:d4:a7:b6:ee:c7:cf:b5:b8:b9:c2:54:f6:8f:d2:
67:5f:49:6a:03:a8:2c:44:14:48:18:22:64:71:ee:
2c:6c:99:bc:41:7d:37:e0:9a:03:d7:3c:29:37:22:
d7:13:36:aa:6a:09:d9:a2:0d:97:6d:69:90:f7:9a:
dc:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:8C:12:15:84:36:F1:AC:DB:87:22:34:06:94:B9:A0:C1:D6:75:00
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/NIwSFYQ28azbhyI0BpS5oMHWdQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.14.0/24
94.154.36.0/23
Signature Algorithm: sha256WithRSAEncryption
b2:82:b3:af:9a:86:ac:95:fc:ad:98:7f:5e:96:be:c7:01:a8:
2c:d4:17:19:f4:a3:f7:f3:02:0a:65:3b:ca:50:a7:17:9c:e9:
41:db:61:4f:fb:ec:84:72:6a:16:84:07:8d:e3:3c:1c:df:52:
c7:7a:24:06:40:3e:0e:92:b3:01:34:90:0c:43:44:b2:84:01:
9c:8f:5e:e9:71:62:e9:66:9e:7c:75:0e:d3:f8:fa:da:ed:2d:
eb:26:31:b8:8e:3b:4a:bf:4f:7a:09:ce:13:7c:76:54:a7:7a:
a8:58:1d:e6:fd:a4:e9:10:39:09:a4:04:24:e5:2e:59:ee:e3:
3f:ac:03:83:90:35:f0:5a:19:36:f7:fa:f7:07:c7:e9:f5:0a:
bd:a1:b4:53:0f:8a:e4:c8:b5:10:d6:09:4d:62:49:73:6d:8b:
18:b0:9b:24:8f:c9:9e:8a:f9:1f:50:bf:58:3d:23:38:9f:5b:
04:c0:8f:6c:d3:dd:e3:85:bf:bc:9b:d8:fa:a2:5f:25:66:d7:
c8:2e:8d:ce:64:00:91:a7:9d:9c:d1:96:65:56:2c:a8:c5:ad:
cd:af:e4:3e:63:38:b1:81:71:0b:dd:ad:7c:8f:1a:e7:6b:77:
7a:61:77:cf:1d:da:ab:86:ca:a3:8d:d0:0a:63:ae:ca:45:59:
1d:f2:68:95
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY6tnG8nTD1pLqV6WRYFgqauMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjQwNDA1MDkzNDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDhjMTIxNTg0MzZmMWFjZGI4NzIyMzQwNjk0YjlhMGMxZDY3NTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr6DppcMROjUSjG2N1NKk37Fc/b6K
yP9LWTPDmeYLbG4n04p6KTQ+rZ05qbUfaHnXB6ZdM/lGLv4UrfrYvAE8VzWIaFHW
JSxFPsZKfh/wJHAw0ATHXkwBAPHWTWwzhZUZhEfzHNa/nq3LaoVa9MUTF8UfhNOb
3es2AbkA3WvD+gXGUYxVXoYt6G9awR2eYj5fXpENKU8u//q6Xy3wR/s5vfMGiO12
qvdkworbN/jguBjqUEvnAHdfKEzlJ+k++XweG5cE1Ke27sfPtbi5wlT2j9JnX0lq
A6gsRBRIGCJkce4sbJm8QX034JoD1zwpNyLXEzaqagnZog2XbWmQ95rcXQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDSMEhWENvGs24ciNAaUuaDB1nUAMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvTkl3U0ZZUTI4YXpiaHlJMEJwUzVvTUhXZFFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+QOAwQB
XpokMA0GCSqGSIb3DQEBCwUAA4IBAQCygrOvmoaslfytmH9elr7HAags1BcZ9KP3
8wIKZTvKUKcXnOlB22FP++yEcmoWhAeN4zwc31LHeiQGQD4OkrMBNJAMQ0SyhAGc
j17pcWLpZp58dQ7T+Pra7S3rJjG4jjtKv096Cc4TfHZUp3qoWB3m/aTpEDkJpAQk
5S5Z7uM/rAODkDXwWhk29/r3B8fp9Qq9obRTD4rkyLUQ1glNYklzbYsYsJskj8me
ivkfUL9YPSM4n1sEwI9s093jhb+8m9j6ol8lZtfILo3OZACRp52c0ZZlViyoxa3N
r+Q+YzixgXEL3a18jxrna3d6YXfPHdqrhsqjjdAKY67KRVkd8miV
-----END CERTIFICATE-----
Generated at Sun Apr 21 03:52:20 2024 by rpki-client on console-fra.rpki-client.org