Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/nIHQVUFj1kVIS5V6jICu6mVlUFY.roa
File: nIHQVUFj1kVIS5V6jICu6mVlUFY.roa (raw, json)
Hash identifier: 9g4Lao/DzmFhufOPmiSUlpSRlN0noeOnjfUVNj95Deo=
Subject key identifier: 9C:81:D0:55:41:63:D6:45:48:4B:95:7A:8C:80:AE:EA:65:65:50:56
Certificate issuer: /CN=34f1726ea4bd6d3c8091ae0c8ad1a03e91e359a2
Certificate serial: 018CC725F78E643F3DB8CFDC3E1296C76C5D
Authority key identifier: 34:F1:72:6E:A4:BD:6D:3C:80:91:AE:0C:8A:D1:A0:3E:91:E3:59:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NPFybqS9bTyAka4MitGgPpHjWaI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/nIHQVUFj1kVIS5V6jICu6mVlUFY.roa
Signing time: Mon 01 Jan 2024 22:30:03 +0000
ROA not before: Mon 01 Jan 2024 22:30:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39239
IP address blocks: 2a01:b960:230b::/48 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/NPFybqS9bTyAka4MitGgPpHjWaI.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/NPFybqS9bTyAka4MitGgPpHjWaI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NPFybqS9bTyAka4MitGgPpHjWaI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 13:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:f7:8e:64:3f:3d:b8:cf:dc:3e:12:96:c7:6c:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34f1726ea4bd6d3c8091ae0c8ad1a03e91e359a2
Validity
Not Before: Jan 1 22:30:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c81d0554163d645484b957a8c80aeea65655056
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:2b:fb:a8:b0:5b:69:b3:61:f0:39:bd:3a:bb:
c1:64:10:32:5d:84:0e:17:3b:f2:94:2f:66:bf:3c:
34:37:a3:22:22:44:7e:a1:30:88:0d:b4:a6:a6:94:
e9:de:8f:38:9c:25:d4:7b:f4:15:23:37:c0:5e:47:
f6:1b:f7:3c:95:a7:7b:55:d4:52:c9:ea:1e:af:a1:
b2:f1:eb:38:a7:11:30:7a:e8:33:f2:32:b6:b5:b3:
30:08:03:66:48:d2:5f:38:cb:6f:b6:29:9c:3b:f3:
87:34:22:3a:b4:f5:13:ca:3f:0b:5b:ad:42:85:b5:
38:eb:c9:b9:d7:98:fa:ca:ee:d7:4d:df:e9:f4:5d:
21:79:28:0e:53:85:9e:07:a2:cf:3e:68:61:34:3f:
6b:ae:8f:21:51:74:1a:35:7e:d4:7a:49:46:e5:dc:
79:87:90:08:97:6f:e9:55:c2:8c:01:5b:88:96:fc:
a3:d5:0b:ba:fa:41:f1:01:d7:2a:ba:ca:02:1c:8e:
f5:b1:db:e6:1b:79:a5:ae:28:79:e8:57:59:99:5e:
4b:2a:ff:cf:a5:23:60:fe:f5:af:19:50:18:e8:10:
ea:37:e8:0c:d1:a8:1f:79:49:3b:91:3f:44:fe:12:
0b:c6:62:cb:62:88:54:4a:b5:dd:de:2c:e6:19:dc:
b2:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:81:D0:55:41:63:D6:45:48:4B:95:7A:8C:80:AE:EA:65:65:50:56
X509v3 Authority Key Identifier:
keyid:34:F1:72:6E:A4:BD:6D:3C:80:91:AE:0C:8A:D1:A0:3E:91:E3:59:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NPFybqS9bTyAka4MitGgPpHjWaI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/nIHQVUFj1kVIS5V6jICu6mVlUFY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/NPFybqS9bTyAka4MitGgPpHjWaI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:b960:230b::/48
Signature Algorithm: sha256WithRSAEncryption
67:41:a7:06:1f:80:ad:c9:2e:11:27:20:53:5a:ba:e3:3c:cc:
a8:39:1e:f3:a6:6e:35:1c:af:2e:0a:59:1a:5f:d4:c6:bb:c8:
fb:5c:8b:ca:a3:75:4e:c0:07:12:b9:ff:b3:7f:dd:9b:16:00:
2c:b2:83:4c:19:c9:1e:5b:e6:84:56:9a:b9:60:2d:26:23:2e:
63:69:09:00:e5:c2:7a:04:54:b1:8e:fe:6d:ff:c5:cd:68:23:
c2:e1:86:fa:b3:7d:a8:3a:56:a1:42:95:13:3e:ed:58:1c:9f:
58:ee:c4:5d:90:3f:79:67:8f:8f:e1:66:50:89:e2:78:86:e1:
95:50:bd:a4:17:29:6a:f2:48:b1:30:2d:77:c9:7d:9e:09:c6:
ba:b7:39:55:4a:d4:dc:dc:16:f9:71:9c:64:1d:58:ef:e2:4e:
57:2d:ec:d1:8e:e7:3d:23:b5:e1:8f:ad:d9:09:6f:07:28:80:
a3:1b:93:52:3d:c3:c3:b7:45:8c:6e:b9:3a:6c:b4:28:a8:29:
90:61:8e:36:b6:37:54:ff:93:98:7a:b9:b3:79:c8:57:8c:09:
d7:93:61:d8:3e:f9:09:b5:0a:be:05:4f:78:28:f1:9d:f6:a4:
c9:28:00:e7:8c:e2:e1:e7:7a:d8:c8:4e:db:b6:50:4f:3d:c4:
5e:3d:f4:93
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzHJfeOZD89uM/cPhKWx2xdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ZjE3MjZlYTRiZDZkM2M4MDkxYWUwYzhhZDFhMDNlOTFl
MzU5YTIwHhcNMjQwMTAxMjIzMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzgxZDA1NTQxNjNkNjQ1NDg0Yjk1N2E4YzgwYWVlYTY1NjU1MDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtCv7qLBbabNh8Dm9OrvBZBAyXYQO
FzvylC9mvzw0N6MiIkR+oTCIDbSmppTp3o84nCXUe/QVIzfAXkf2G/c8lad7VdRS
yeoer6Gy8es4pxEweugz8jK2tbMwCANmSNJfOMtvtimcO/OHNCI6tPUTyj8LW61C
hbU468m515j6yu7XTd/p9F0heSgOU4WeB6LPPmhhND9rro8hUXQaNX7UeklG5dx5
h5AIl2/pVcKMAVuIlvyj1Qu6+kHxAdcqusoCHI71sdvmG3mlrih56FdZmV5LKv/P
pSNg/vWvGVAY6BDqN+gM0agfeUk7kT9E/hILxmLLYohUSrXd3izmGdyyywIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJyB0FVBY9ZFSEuVeoyAruplZVBWMB8GA1UdIwQY
MBaAFDTxcm6kvW08gJGuDIrRoD6R41miMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlBGeWJxUzliVHlBa2E0TWl0R2dQcEhqV2FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9lZjhlODQtOTE2MS00MDJjLTgxYWQt
ZThlOGQyZmU3MGZlLzEvbklIUVZVRmoxa1ZJUzVWNmpJQ3U2bVZsVUZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9lZjhlODQtOTE2MS00MDJjLTgxYWQtZThlOGQyZmU3MGZl
LzEvTlBGeWJxUzliVHlBa2E0TWl0R2dQcEhqV2FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgG5YCML
MA0GCSqGSIb3DQEBCwUAA4IBAQBnQacGH4CtyS4RJyBTWrrjPMyoOR7zpm41HK8u
ClkaX9TGu8j7XIvKo3VOwAcSuf+zf92bFgAssoNMGckeW+aEVpq5YC0mIy5jaQkA
5cJ6BFSxjv5t/8XNaCPC4Yb6s32oOlahQpUTPu1YHJ9Y7sRdkD95Z4+P4WZQieJ4
huGVUL2kFylq8kixMC13yX2eCca6tzlVStTc3Bb5cZxkHVjv4k5XLezRjuc9I7Xh
j63ZCW8HKICjG5NSPcPDt0WMbrk6bLQoqCmQYY42tjdU/5OYermzechXjAnXk2HY
PvkJtQq+BU94KPGd9qTJKADnjOLh53rYyE7btlBPPcRePfST
-----END CERTIFICATE-----
Generated at Sun May 19 17:28:45 2024 by rpki-client on console-ams.rpki-client.org