Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/dc352b-1b3b-45a1-adcc-22750cfa6ebf/1/NkbufksIxVJ8T0tvcGLRlO9Uma4.roa
File: NkbufksIxVJ8T0tvcGLRlO9Uma4.roa (raw, json)
Hash identifier: a03cVY5rxZg+Kf1X+HQteTedl3ORnHdR7YPmnlMG7EM=
Subject key identifier: 36:46:EE:7E:4B:08:C5:52:7C:4F:4B:6F:70:62:D1:94:EF:54:99:AE
Certificate issuer: /CN=1757277f02ce151d8d86bebf75dad90d9c2d6ff9
Certificate serial: 018CC500F793DE57F25E9970FCC2424709BA
Authority key identifier: 17:57:27:7F:02:CE:15:1D:8D:86:BE:BF:75:DA:D9:0D:9C:2D:6F:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F1cnfwLOFR2Nhr6_ddrZDZwtb_k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/dc352b-1b3b-45a1-adcc-22750cfa6ebf/1/NkbufksIxVJ8T0tvcGLRlO9Uma4.roa
Signing time: Mon 01 Jan 2024 12:30:24 +0000
ROA not before: Mon 01 Jan 2024 12:30:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39453
IP address blocks: 193.16.104.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3f/dc352b-1b3b-45a1-adcc-22750cfa6ebf/1/F1cnfwLOFR2Nhr6_ddrZDZwtb_k.crl
rsync://rpki.ripe.net/repository/DEFAULT/3f/dc352b-1b3b-45a1-adcc-22750cfa6ebf/1/F1cnfwLOFR2Nhr6_ddrZDZwtb_k.mft
rsync://rpki.ripe.net/repository/DEFAULT/F1cnfwLOFR2Nhr6_ddrZDZwtb_k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Dec 2024 18:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:f7:93:de:57:f2:5e:99:70:fc:c2:42:47:09:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1757277f02ce151d8d86bebf75dad90d9c2d6ff9
Validity
Not Before: Jan 1 12:30:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3646ee7e4b08c5527c4f4b6f7062d194ef5499ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:dc:8f:9d:9d:6b:1e:4e:25:0b:0f:19:24:1e:
20:dd:14:a2:99:1b:cc:2f:56:c4:46:08:3f:47:0b:
4a:ca:ff:4b:37:97:94:62:0f:c1:27:1e:09:b6:00:
cd:e6:3e:03:49:f3:03:18:81:d9:4f:c7:c2:d4:75:
dc:fc:9e:a5:e5:c2:ba:f6:03:7e:28:9e:e5:ef:de:
57:d8:48:80:77:27:e5:67:a5:86:8f:7f:e4:85:33:
53:36:9d:6d:0c:0b:28:09:e4:66:7c:ce:99:76:77:
8b:41:ac:74:97:67:05:63:da:2f:8b:b1:df:dc:1b:
ea:13:18:29:eb:dc:5f:4c:f5:cf:dd:bc:a9:4b:4e:
be:95:3a:68:fd:a0:1d:68:a8:cc:56:60:f5:9a:20:
4b:d3:ee:0a:98:0b:e5:e3:1e:9f:85:1e:b5:26:14:
84:50:a5:46:21:e7:84:ee:49:bc:90:58:6c:cc:00:
da:63:6d:a6:60:f2:9e:80:c8:0b:99:9b:58:17:1b:
76:64:93:e5:9e:23:ec:f2:ba:70:10:7f:c3:63:38:
cb:0e:4d:7a:f6:9e:68:78:0e:c2:12:5b:2b:35:81:
de:b3:c1:8f:3d:65:7a:95:00:84:80:27:71:7d:cf:
60:0c:3b:01:a0:30:33:21:78:c7:63:91:2e:1a:7b:
2b:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:46:EE:7E:4B:08:C5:52:7C:4F:4B:6F:70:62:D1:94:EF:54:99:AE
X509v3 Authority Key Identifier:
keyid:17:57:27:7F:02:CE:15:1D:8D:86:BE:BF:75:DA:D9:0D:9C:2D:6F:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F1cnfwLOFR2Nhr6_ddrZDZwtb_k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/dc352b-1b3b-45a1-adcc-22750cfa6ebf/1/NkbufksIxVJ8T0tvcGLRlO9Uma4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/dc352b-1b3b-45a1-adcc-22750cfa6ebf/1/F1cnfwLOFR2Nhr6_ddrZDZwtb_k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.16.104.0/24
Signature Algorithm: sha256WithRSAEncryption
56:64:b5:07:30:36:84:f2:de:4f:44:f5:f9:f4:4d:84:37:af:
1a:b4:31:5b:28:a2:4c:78:7b:af:ae:40:ec:81:2f:90:8e:75:
72:8c:48:f1:05:92:91:ea:64:90:e8:75:6f:55:cc:cd:aa:87:
d9:01:48:c8:31:79:b1:49:f4:e0:49:f5:fc:c9:de:9d:39:11:
1b:11:70:fc:8d:33:8d:a5:cd:9c:c6:7e:0c:6d:66:69:74:f6:
6c:13:d4:21:e1:f6:56:2d:51:7b:bb:36:17:44:57:14:57:ed:
3a:5b:16:90:74:82:bb:ad:82:f7:e6:bd:89:fb:83:07:36:56:
45:b2:94:b5:42:60:6e:7e:c8:72:34:00:9c:0d:56:ef:b5:f5:
c2:6c:d4:05:55:3b:4e:0f:6b:73:f3:43:da:45:26:1c:69:5e:
de:2d:be:2a:1b:30:23:22:d8:1a:27:73:4a:f6:5c:6d:91:4b:
9f:03:f5:d4:a5:9d:df:2e:b0:77:eb:8b:81:68:fd:a7:f5:78:
eb:dd:3c:4b:12:e3:94:23:5f:dd:ff:92:84:f9:b0:ec:99:6d:
a3:10:df:ef:b9:d1:aa:dc:f3:b4:e7:7b:51:ee:0e:e4:56:ce:
26:f7:d9:3a:5b:01:8b:6b:67:43:5b:05:e1:ba:e8:b6:de:7b:
ce:53:54:f0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFAPeT3lfyXplw/MJCRwm6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NTcyNzdmMDJjZTE1MWQ4ZDg2YmViZjc1ZGFkOTBkOWMy
ZDZmZjkwHhcNMjQwMTAxMTIzMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjQ2ZWU3ZTRiMDhjNTUyN2M0ZjRiNmY3MDYyZDE5NGVmNTQ5OWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6tyPnZ1rHk4lCw8ZJB4g3RSimRvM
L1bERgg/RwtKyv9LN5eUYg/BJx4JtgDN5j4DSfMDGIHZT8fC1HXc/J6l5cK69gN+
KJ7l795X2EiAdyflZ6WGj3/khTNTNp1tDAsoCeRmfM6ZdneLQax0l2cFY9ovi7Hf
3BvqExgp69xfTPXP3bypS06+lTpo/aAdaKjMVmD1miBL0+4KmAvl4x6fhR61JhSE
UKVGIeeE7km8kFhszADaY22mYPKegMgLmZtYFxt2ZJPlniPs8rpwEH/DYzjLDk16
9p5oeA7CElsrNYHes8GPPWV6lQCEgCdxfc9gDDsBoDAzIXjHY5EuGnsrywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDZG7n5LCMVSfE9Lb3Bi0ZTvVJmuMB8GA1UdIwQY
MBaAFBdXJ38CzhUdjYa+v3Xa2Q2cLW/5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjFjbmZ3TE9GUjJOaHI2X2RkclpEWnd0Yl9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9kYzM1MmItMWIzYi00NWExLWFkY2Mt
MjI3NTBjZmE2ZWJmLzEvTmtidWZrc0l4Vko4VDB0dmNHTFJsTzlVbWE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9kYzM1MmItMWIzYi00NWExLWFkY2MtMjI3NTBjZmE2ZWJm
LzEvRjFjbmZ3TE9GUjJOaHI2X2RkclpEWnd0Yl9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwRBoMA0G
CSqGSIb3DQEBCwUAA4IBAQBWZLUHMDaE8t5PRPX59E2EN68atDFbKKJMeHuvrkDs
gS+QjnVyjEjxBZKR6mSQ6HVvVczNqofZAUjIMXmxSfTgSfX8yd6dOREbEXD8jTON
pc2cxn4MbWZpdPZsE9Qh4fZWLVF7uzYXRFcUV+06WxaQdIK7rYL35r2J+4MHNlZF
spS1QmBufshyNACcDVbvtfXCbNQFVTtOD2tz80PaRSYcaV7eLb4qGzAjItgaJ3NK
9lxtkUufA/XUpZ3fLrB364uBaP2n9Xjr3TxLEuOUI1/d/5KE+bDsmW2jEN/vudGq
3PO053tR7g7kVs4m99k6WwGLa2dDWwXhuui23nvOU1Tw
-----END CERTIFICATE-----
Generated at Sat Dec 28 02:58:50 2024 by rpki-client on console-fra.rpki-client.org