Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/N-GyLcEjrv7_or8Kv3qbcCpg5R0.roa
File: N-GyLcEjrv7_or8Kv3qbcCpg5R0.roa (raw, json)
Hash identifier: z6Wrprt67rB+4iYuqOBMlrpP/w43vgpsRjHYHWH838E=
Subject key identifier: 37:E1:B2:2D:C1:23:AE:FE:FF:A2:BF:0A:BF:7A:9B:70:2A:60:E5:1D
Certificate issuer: /CN=aeb66ec5e8f2405f6f8d486e73fb82b8de0dee0f
Certificate serial: 018CC348ED8E7BF2CDC7EE2247443192F457
Authority key identifier: AE:B6:6E:C5:E8:F2:40:5F:6F:8D:48:6E:73:FB:82:B8:DE:0D:EE:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rrZuxejyQF9vjUhuc_uCuN4N7g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/N-GyLcEjrv7_or8Kv3qbcCpg5R0.roa
Signing time: Mon 01 Jan 2024 04:29:45 +0000
ROA not before: Mon 01 Jan 2024 04:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47971
IP address blocks: 81.94.218.0/23 maxlen: 24
81.94.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/rrZuxejyQF9vjUhuc_uCuN4N7g8.crl
rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/rrZuxejyQF9vjUhuc_uCuN4N7g8.mft
rsync://rpki.ripe.net/repository/DEFAULT/rrZuxejyQF9vjUhuc_uCuN4N7g8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 10:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:ed:8e:7b:f2:cd:c7:ee:22:47:44:31:92:f4:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aeb66ec5e8f2405f6f8d486e73fb82b8de0dee0f
Validity
Not Before: Jan 1 04:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=37e1b22dc123aefeffa2bf0abf7a9b702a60e51d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:28:e5:95:38:eb:db:ba:a1:38:2f:e2:d0:dd:
87:a6:41:70:2f:6f:2d:e0:d5:a0:23:ca:8d:e9:6b:
d7:35:69:10:d9:56:d9:b4:fb:06:75:3e:e5:a0:fd:
1e:d8:ca:51:20:c9:68:22:e9:2d:0d:df:d9:24:5b:
b6:0b:fa:d0:95:62:96:21:17:47:f3:8d:19:5a:a3:
c0:fd:30:b9:0b:81:31:7b:6a:ab:67:0b:c2:a3:40:
f7:0e:74:63:70:a1:3f:3d:47:22:a1:1d:1f:b5:18:
15:d1:43:22:29:68:95:52:2a:0c:33:2d:a1:92:fd:
35:1d:ec:ce:8a:d4:3f:23:0f:b6:f3:0b:d3:f2:1b:
44:ae:46:2b:5e:17:83:89:c0:e1:92:32:9d:67:e8:
1a:fc:c8:68:58:78:20:1e:9f:cc:69:fd:f6:57:61:
07:b8:9d:ea:12:2c:f9:b5:1b:a4:43:73:6e:0a:b6:
3b:9a:9b:c7:ba:ec:f9:83:be:8d:9a:8c:35:46:56:
86:02:15:d2:94:e0:11:bb:43:5a:12:20:eb:cc:1d:
e6:90:71:ca:07:4a:45:20:0b:28:17:4e:67:5e:94:
72:ab:40:e7:ab:2b:61:76:15:21:b2:7c:5d:12:b3:
54:f5:58:f6:ca:00:cb:3f:72:ba:77:92:fc:d2:b0:
a9:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:E1:B2:2D:C1:23:AE:FE:FF:A2:BF:0A:BF:7A:9B:70:2A:60:E5:1D
X509v3 Authority Key Identifier:
keyid:AE:B6:6E:C5:E8:F2:40:5F:6F:8D:48:6E:73:FB:82:B8:DE:0D:EE:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rrZuxejyQF9vjUhuc_uCuN4N7g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/N-GyLcEjrv7_or8Kv3qbcCpg5R0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/rrZuxejyQF9vjUhuc_uCuN4N7g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.94.218.0/23
81.94.222.0/24
Signature Algorithm: sha256WithRSAEncryption
05:39:28:51:44:1d:6d:da:7c:54:2f:33:d2:a8:b8:75:0f:a3:
81:8e:ab:0a:04:a7:1f:d2:32:5c:5f:d7:97:53:af:66:9c:a3:
8c:54:b4:b4:10:b1:26:48:ea:94:52:d2:9f:47:06:9d:bb:e6:
27:00:0a:20:fa:17:1c:6a:21:5b:5e:51:5e:43:1c:b5:10:01:
e5:b4:34:f3:55:9d:0c:0c:38:7c:3a:79:04:60:4d:de:79:5c:
1a:ba:50:9e:82:ea:82:aa:4a:be:6e:84:b3:cb:a3:a0:2a:ff:
5a:25:be:13:4b:c0:2a:1e:6c:ec:13:86:97:eb:c4:9f:dc:2d:
7e:51:13:8d:3a:22:74:3e:55:f6:64:34:78:63:ef:20:7b:5b:
24:d4:86:2f:b2:e3:e8:cf:e5:d5:38:71:cc:fd:d3:8e:54:35:
79:83:58:09:57:5f:0b:d5:88:fd:2e:cd:da:17:45:e0:55:03:
94:38:a1:a7:37:af:cf:d2:5b:08:6a:c1:b1:93:33:cc:be:ab:
7d:59:73:5a:5e:55:02:de:29:24:63:ab:13:bf:45:85:4c:40:
10:82:50:ac:1d:5c:9c:c9:11:71:48:1e:98:2b:bb:b1:00:41:
f9:b4:31:3e:18:fd:65:5e:31:02:8c:db:0c:0f:31:ac:71:cc:
fd:23:f4:45
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzDSO2Oe/LNx+4iR0QxkvRXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlYjY2ZWM1ZThmMjQwNWY2ZjhkNDg2ZTczZmI4MmI4ZGUw
ZGVlMGYwHhcNMjQwMTAxMDQyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2UxYjIyZGMxMjNhZWZlZmZhMmJmMGFiZjdhOWI3MDJhNjBlNTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ijllTjr27qhOC/i0N2HpkFwL28t
4NWgI8qN6WvXNWkQ2VbZtPsGdT7loP0e2MpRIMloIuktDd/ZJFu2C/rQlWKWIRdH
840ZWqPA/TC5C4Exe2qrZwvCo0D3DnRjcKE/PUcioR0ftRgV0UMiKWiVUioMMy2h
kv01HezOitQ/Iw+28wvT8htErkYrXheDicDhkjKdZ+ga/MhoWHggHp/Maf32V2EH
uJ3qEiz5tRukQ3NuCrY7mpvHuuz5g76Nmow1RlaGAhXSlOARu0NaEiDrzB3mkHHK
B0pFIAsoF05nXpRyq0DnqythdhUhsnxdErNU9Vj2ygDLP3K6d5L80rCp6QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDfhsi3BI67+/6K/Cr96m3AqYOUdMB8GA1UdIwQY
MBaAFK62bsXo8kBfb41IbnP7grjeDe4PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnJadXhlanlRRjl2alVodWNfdUN1TjRON2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi8xNTM3ODgtMTRiNy00NTUxLTlhZGUt
NmFlYTkwNTdjODAwLzEvTi1HeUxjRWpydjdfb3I4S3YzcWJjQ3BnNVIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi8xNTM3ODgtMTRiNy00NTUxLTlhZGUtNmFlYTkwNTdjODAw
LzEvcnJadXhlanlRRjl2alVodWNfdUN1TjRON2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBUV7aAwQA
UV7eMA0GCSqGSIb3DQEBCwUAA4IBAQAFOShRRB1t2nxULzPSqLh1D6OBjqsKBKcf
0jJcX9eXU69mnKOMVLS0ELEmSOqUUtKfRwadu+YnAAog+hccaiFbXlFeQxy1EAHl
tDTzVZ0MDDh8OnkEYE3eeVwaulCeguqCqkq+boSzy6OgKv9aJb4TS8AqHmzsE4aX
68Sf3C1+URONOiJ0PlX2ZDR4Y+8ge1sk1IYvsuPoz+XVOHHM/dOOVDV5g1gJV18L
1Yj9Ls3aF0XgVQOUOKGnN6/P0lsIasGxkzPMvqt9WXNaXlUC3ikkY6sTv0WFTEAQ
glCsHVycyRFxSB6YK7uxAEH5tDE+GP1lXjECjNsMDzGsccz9I/RF
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:10:42 2024 by rpki-client on console-fra.rpki-client.org