Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/NL9SQnwduL8zDD4owffLomt9d9k.roa
File: NL9SQnwduL8zDD4owffLomt9d9k.roa (raw, json)
Hash identifier: cuwiaILinUZV0seVWZYlBISvD2nm7YIsrdoz6Om3oGE=
Subject key identifier: 34:BF:52:42:7C:1D:B8:BF:33:0C:3E:28:C1:F7:CB:A2:6B:7D:77:D9
Certificate issuer: /CN=76670236cd0e038684a33194bde7d4b95adc66f7
Certificate serial: 01934F8708FCD4DB6E757539174F2B51B76E
Authority key identifier: 76:67:02:36:CD:0E:03:86:84:A3:31:94:BD:E7:D4:B9:5A:DC:66:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dmcCNs0OA4aEozGUvefUuVrcZvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/NL9SQnwduL8zDD4owffLomt9d9k.roa
Signing time: Thu 21 Nov 2024 16:21:09 +0000
ROA not before: Thu 21 Nov 2024 16:21:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207713
IP address blocks: 5.44.42.0/24 maxlen: 24
2a05:541:102::/48 maxlen: 48
2a05:541:103::/48 maxlen: 48
2a05:541:104::/48 maxlen: 48
2a05:541:105::/48 maxlen: 48
2a05:541:106::/48 maxlen: 48
2a05:541:107::/48 maxlen: 48
2a05:541:108::/48 maxlen: 48
2a05:541:109::/48 maxlen: 48
2a05:541:110::/48 maxlen: 48
2a05:541:111::/48 maxlen: 48
2a05:541:112::/48 maxlen: 48
2a05:541:113::/48 maxlen: 48
2a05:541:114::/48 maxlen: 48
2a05:541:115::/48 maxlen: 48
2a05:541:116::/48 maxlen: 48
2a05:541:117::/48 maxlen: 48
2a05:541:118::/48 maxlen: 48
2a05:541:119::/48 maxlen: 48
2a05:541:121::/48 maxlen: 48
2a05:541:122::/48 maxlen: 48
2a05:541:123::/48 maxlen: 48
2a05:541:124::/48 maxlen: 48
2a05:541:125::/48 maxlen: 48
2a05:541:126::/48 maxlen: 48
2a05:541:127::/48 maxlen: 48
2a05:541:129::/48 maxlen: 48
2a05:541:131::/48 maxlen: 48
2a05:541:132::/48 maxlen: 48
2a05:541:133::/48 maxlen: 48
2a05:541:134::/48 maxlen: 48
2a05:541:135::/48 maxlen: 48
2a05:541:136::/48 maxlen: 48
2a05:541:137::/48 maxlen: 48
2a05:541:138::/48 maxlen: 48
2a05:541:139::/48 maxlen: 48
2a05:541:140::/48 maxlen: 48
2a05:541:141::/48 maxlen: 48
2a05:544::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/dmcCNs0OA4aEozGUvefUuVrcZvc.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/dmcCNs0OA4aEozGUvefUuVrcZvc.mft
rsync://rpki.ripe.net/repository/DEFAULT/dmcCNs0OA4aEozGUvefUuVrcZvc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 01:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:4f:87:08:fc:d4:db:6e:75:75:39:17:4f:2b:51:b7:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76670236cd0e038684a33194bde7d4b95adc66f7
Validity
Not Before: Nov 21 16:21:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=34bf52427c1db8bf330c3e28c1f7cba26b7d77d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:fb:74:9b:fe:2c:29:01:d0:c1:50:db:0b:9f:
06:1f:f6:01:92:9c:29:8f:fc:f8:5c:78:6b:9a:7b:
a8:9e:0e:63:45:23:54:d5:be:d2:31:f8:8f:a9:ae:
14:e6:92:29:5f:f7:b1:5d:ad:1b:0f:9e:e4:12:57:
11:1c:e7:93:d0:7f:bd:63:48:4f:11:39:a3:c6:73:
e6:03:65:d2:90:3e:1c:cc:e7:a4:74:88:d4:e1:ed:
8c:e9:3c:f0:a8:87:c8:56:34:ad:fd:f1:0f:75:59:
80:26:f4:ff:bb:55:18:d9:2a:aa:d4:8a:ce:1f:c7:
38:e1:ac:69:5a:3b:b8:6e:e6:92:0a:e2:3c:f5:b6:
47:50:35:57:44:e6:02:db:8f:38:67:1d:b0:03:c0:
74:60:73:34:8e:5f:c5:9a:03:8b:26:4b:90:03:f4:
02:2c:eb:a0:92:fd:7a:21:62:c3:7c:e1:77:60:ee:
5c:e6:a9:f7:1e:58:7c:0e:bd:90:83:34:00:69:c7:
99:56:ad:5a:8d:08:70:c6:bd:97:dd:94:e1:48:60:
16:44:25:2b:ee:a2:64:08:ad:c9:5d:b9:a5:1f:3f:
20:50:fd:e2:b7:f6:ec:a6:e9:ec:15:44:d4:23:0e:
12:df:b8:a0:95:64:4a:ed:58:80:39:3b:5d:23:10:
34:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:BF:52:42:7C:1D:B8:BF:33:0C:3E:28:C1:F7:CB:A2:6B:7D:77:D9
X509v3 Authority Key Identifier:
keyid:76:67:02:36:CD:0E:03:86:84:A3:31:94:BD:E7:D4:B9:5A:DC:66:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dmcCNs0OA4aEozGUvefUuVrcZvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/NL9SQnwduL8zDD4owffLomt9d9k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/dmcCNs0OA4aEozGUvefUuVrcZvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.42.0/24
IPv6:
2a05:541:102::-2a05:541:109:ffff:ffff:ffff:ffff:ffff
2a05:541:110::-2a05:541:119:ffff:ffff:ffff:ffff:ffff
2a05:541:121::-2a05:541:127:ffff:ffff:ffff:ffff:ffff
2a05:541:129::/48
2a05:541:131::-2a05:541:139:ffff:ffff:ffff:ffff:ffff
2a05:541:140::/47
2a05:544::/32
Signature Algorithm: sha256WithRSAEncryption
40:56:b3:f4:58:13:b4:e9:9d:6d:bf:e0:f8:90:39:42:7c:e7:
5e:80:66:e4:28:cb:63:4a:5b:36:a2:d5:26:e2:e0:85:9c:51:
57:75:67:f7:0b:04:e9:cf:f6:cd:04:45:85:96:27:33:d8:d7:
08:61:f4:a8:c1:10:46:89:02:6a:5b:61:16:ff:09:6e:95:d1:
43:88:11:16:0b:3f:c7:59:dc:f4:26:88:f3:bb:cf:14:c7:9f:
b7:fe:40:21:52:34:25:eb:b4:c6:6a:f6:2e:8e:38:cc:ca:28:
66:55:bb:62:17:3e:db:93:82:3a:37:9d:a6:ba:fe:70:36:7a:
58:ac:13:95:57:c7:5c:06:b1:b8:e6:b3:ba:0d:52:aa:29:bf:
cf:34:6e:1e:22:9c:81:2e:36:4f:96:11:ff:b8:7e:97:98:24:
75:6d:40:0d:00:1e:0d:af:72:23:d7:55:7a:7b:1d:3e:fe:5e:
46:70:91:66:9f:86:ab:e8:52:7e:7e:27:26:99:2d:fc:93:21:
05:bc:a5:82:e5:55:ed:a2:04:2b:8e:1b:df:44:69:0d:bb:cb:
89:48:3c:a1:54:67:3b:b6:99:c5:04:4c:71:61:3b:87:4a:2b:
56:2c:0b:4c:45:c6:d2:94:20:79:7d:0e:00:56:50:bf:03:17:
71:ff:05:9b
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgISAZNPhwj81NtudXU5F08rUbduMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2NjcwMjM2Y2QwZTAzODY4NGEzMzE5NGJkZTdkNGI5NWFk
YzY2ZjcwHhcNMjQxMTIxMTYyMTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGJmNTI0MjdjMWRiOGJmMzMwYzNlMjhjMWY3Y2JhMjZiN2Q3N2Q5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgvt0m/4sKQHQwVDbC58GH/YBkpwp
j/z4XHhrmnuong5jRSNU1b7SMfiPqa4U5pIpX/exXa0bD57kElcRHOeT0H+9Y0hP
ETmjxnPmA2XSkD4czOekdIjU4e2M6TzwqIfIVjSt/fEPdVmAJvT/u1UY2Sqq1IrO
H8c44axpWju4buaSCuI89bZHUDVXROYC2484Zx2wA8B0YHM0jl/FmgOLJkuQA/QC
LOugkv16IWLDfOF3YO5c5qn3Hlh8Dr2QgzQAaceZVq1ajQhwxr2X3ZThSGAWRCUr
7qJkCK3JXbmlHz8gUP3it/bspunsFUTUIw4S37iglWRK7ViAOTtdIxA0MQIDAQAB
o4ICfDCCAngwHQYDVR0OBBYEFDS/UkJ8Hbi/Mww+KMH3y6JrfXfZMB8GA1UdIwQY
MBaAFHZnAjbNDgOGhKMxlL3n1Lla3Gb3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG1jQ05zME9BNGFFb3pHVXZlZlV1VnJjWnZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8xODA5ZGEtMWM2Zi00NGRiLWFhMjgt
YmE0ZmMyMzQ2ODNlLzEvTkw5U1Fud2R1TDh6REQ0b3dmZkxvbXQ5ZDlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8xODA5ZGEtMWM2Zi00NGRiLWFhMjgtYmE0ZmMyMzQ2ODNl
LzEvZG1jQ05zME9BNGFFb3pHVXZlZlV1VnJjWnZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGRBggrBgEFBQcBBwEB/wSBgTB/MAwEAgABMAYDBAAFLCow
bwQCAAIwaTASAwcBKgUFQQECAwcBKgUFQQEIMBIDBwQqBQVBARADBwEqBQVBARgw
EgMHACoFBUEBIQMHAyoFBUEBIAMHACoFBUEBKTASAwcAKgUFQQExAwcBKgUFQQE4
AwcBKgUFQQFAAwUAKgUFRDANBgkqhkiG9w0BAQsFAAOCAQEAQFaz9FgTtOmdbb/g
+JA5QnznXoBm5CjLY0pbNqLVJuLghZxRV3Vn9wsE6c/2zQRFhZYnM9jXCGH0qMEQ
RokCalthFv8JbpXRQ4gRFgs/x1nc9CaI87vPFMeft/5AIVI0Jeu0xmr2Lo44zMoo
ZlW7Yhc+25OCOjedprr+cDZ6WKwTlVfHXAaxuOazug1Sqim/zzRuHiKcgS42T5YR
/7h+l5gkdW1ADQAeDa9yI9dVensdPv5eRnCRZp+Gq+hSfn4nJpkt/JMhBbylguVV
7aIEK44b30RpDbvLiUg8oVRnO7aZxQRMcWE7h0orViwLTEXG0pQgeX0OAFZQvwMX
cf8Fmw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:47:16 2024 by rpki-client on console-ams.rpki-client.org