Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/1cfe5c-0546-4482-935a-cb386358d151/1/NqN4JNjgZ3Exu4FwOoM6oU6kimA.roa
File: NqN4JNjgZ3Exu4FwOoM6oU6kimA.roa (raw, json)
Hash identifier: 2zdBMBFSIP7aJX0wcciZNpSd6rHe7CoDdO4C5fS3gbk=
Subject key identifier: 36:A3:78:24:D8:E0:67:71:31:BB:81:70:3A:83:3A:A1:4E:A4:8A:60
Certificate issuer: /CN=0194ab9a8f4a20e829dd4575a88c8125c1c8a67f
Certificate serial: 018CC6B8F1A4F44432B8A581B53EB00976F1
Authority key identifier: 01:94:AB:9A:8F:4A:20:E8:29:DD:45:75:A8:8C:81:25:C1:C8:A6:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AZSrmo9KIOgp3UV1qIyBJcHIpn8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/1cfe5c-0546-4482-935a-cb386358d151/1/NqN4JNjgZ3Exu4FwOoM6oU6kimA.roa
Signing time: Mon 01 Jan 2024 20:30:58 +0000
ROA not before: Mon 01 Jan 2024 20:30:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51300
IP address blocks: 46.28.24.0/24 maxlen: 24
46.28.24.0/21 maxlen: 21
46.28.27.0/24 maxlen: 24
46.28.28.0/24 maxlen: 24
46.28.29.0/24 maxlen: 24
46.28.30.0/24 maxlen: 24
46.28.31.0/24 maxlen: 24
46.28.25.0/24 maxlen: 24
46.28.26.0/24 maxlen: 24
185.202.122.0/24 maxlen: 24
185.202.123.0/24 maxlen: 24
185.202.120.0/22 maxlen: 22
185.202.120.0/24 maxlen: 24
185.202.121.0/24 maxlen: 24
193.135.146.0/24 maxlen: 24
193.135.146.0/23 maxlen: 23
193.135.147.0/24 maxlen: 24
207.244.214.0/23 maxlen: 23
207.244.214.0/24 maxlen: 24
207.244.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/1cfe5c-0546-4482-935a-cb386358d151/1/AZSrmo9KIOgp3UV1qIyBJcHIpn8.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/1cfe5c-0546-4482-935a-cb386358d151/1/AZSrmo9KIOgp3UV1qIyBJcHIpn8.mft
rsync://rpki.ripe.net/repository/DEFAULT/AZSrmo9KIOgp3UV1qIyBJcHIpn8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:f1:a4:f4:44:32:b8:a5:81:b5:3e:b0:09:76:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0194ab9a8f4a20e829dd4575a88c8125c1c8a67f
Validity
Not Before: Jan 1 20:30:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=36a37824d8e0677131bb81703a833aa14ea48a60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:55:6d:36:0e:97:6d:4f:cb:a1:34:49:3d:b9:
eb:36:97:03:fc:25:21:32:ec:cc:2f:06:dc:55:0f:
24:29:bc:2f:ad:18:b6:a6:a3:a5:9f:ea:b7:da:41:
8a:58:28:2b:71:4a:2e:e8:3f:5d:93:66:3e:6c:a5:
6d:8f:3b:0b:ab:81:7f:e0:24:db:60:09:78:23:10:
cc:27:ef:d1:ff:ed:3f:a4:30:9b:e3:b2:85:88:49:
d2:1a:13:99:3d:16:75:4d:df:92:c1:ab:04:db:59:
04:e4:03:32:20:87:bc:6b:53:5e:7d:e3:7a:f0:96:
1e:24:43:2e:5d:45:cb:7d:b7:d3:51:2a:ed:80:2a:
93:a4:e0:eb:f3:a8:6d:29:8d:21:9c:ce:df:1c:a6:
98:9e:83:37:5f:09:70:6e:3e:cc:92:89:7e:3c:5a:
8a:f2:7f:ec:83:44:2b:b6:36:6b:29:b0:ce:18:c3:
05:b0:bb:8c:69:56:84:33:47:cf:f7:7a:d9:29:59:
57:cd:2d:40:c7:a9:c8:25:db:f6:9f:1f:96:9a:50:
2f:a0:4b:23:b4:49:9b:d3:14:4e:d7:c1:86:6d:c1:
a5:a9:d2:af:dc:e1:3e:de:53:e9:67:4e:00:da:7b:
e1:7a:a5:c5:78:89:71:64:b2:83:3f:d8:c1:57:72:
b2:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:A3:78:24:D8:E0:67:71:31:BB:81:70:3A:83:3A:A1:4E:A4:8A:60
X509v3 Authority Key Identifier:
keyid:01:94:AB:9A:8F:4A:20:E8:29:DD:45:75:A8:8C:81:25:C1:C8:A6:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AZSrmo9KIOgp3UV1qIyBJcHIpn8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/1cfe5c-0546-4482-935a-cb386358d151/1/NqN4JNjgZ3Exu4FwOoM6oU6kimA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/1cfe5c-0546-4482-935a-cb386358d151/1/AZSrmo9KIOgp3UV1qIyBJcHIpn8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.28.24.0/21
185.202.120.0/22
193.135.146.0/23
207.244.214.0/23
Signature Algorithm: sha256WithRSAEncryption
5b:0d:62:c8:c7:fe:b1:32:c5:62:35:0b:28:ae:6e:99:e9:fa:
3f:03:46:50:6b:29:a2:4a:73:df:3e:1c:99:aa:c4:e0:21:f7:
46:ae:55:58:6f:e4:90:78:98:c4:c3:53:bb:9d:2b:fe:cd:27:
cb:29:c4:82:a2:7b:cb:10:e0:15:12:f1:50:d7:02:e8:2a:f7:
1c:20:01:63:2d:e8:b2:66:30:59:4c:a3:49:cb:fd:03:27:5d:
a5:2f:9e:c9:c2:5a:cc:8d:08:c8:88:be:f9:96:e6:17:49:76:
4e:5e:ac:56:3b:82:eb:6e:0f:fb:41:b7:31:f7:b4:65:5e:98:
24:d0:4b:67:45:8d:d2:51:fa:de:11:04:f3:a4:87:4a:df:f8:
2c:b6:57:6a:1e:45:3a:32:c1:88:ce:de:2b:35:b7:74:3e:ef:
e5:f5:3b:66:23:8c:a3:59:64:f2:64:1e:e7:60:13:e3:71:1c:
c3:a1:ae:d2:f0:5f:51:a4:bf:84:e5:e0:56:d4:fb:2c:c3:3c:
70:05:04:9e:f9:ea:9e:d5:c6:08:da:a7:8f:91:b0:78:f2:4e:
10:8f:20:2a:8e:b3:1b:9d:25:70:a7:b5:ed:d2:7e:d0:0e:01:
c7:f6:8f:be:91:25:7a:b9:48:18:f4:ff:81:94:5e:0c:36:d6:
78:b6:24:d3
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzGuPGk9EQyuKWBtT6wCXbxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxOTRhYjlhOGY0YTIwZTgyOWRkNDU3NWE4OGM4MTI1YzFj
OGE2N2YwHhcNMjQwMTAxMjAzMDU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmEzNzgyNGQ4ZTA2NzcxMzFiYjgxNzAzYTgzM2FhMTRlYTQ4YTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo1VtNg6XbU/LoTRJPbnrNpcD/CUh
MuzMLwbcVQ8kKbwvrRi2pqOln+q32kGKWCgrcUou6D9dk2Y+bKVtjzsLq4F/4CTb
YAl4IxDMJ+/R/+0/pDCb47KFiEnSGhOZPRZ1Td+SwasE21kE5AMyIIe8a1NefeN6
8JYeJEMuXUXLfbfTUSrtgCqTpODr86htKY0hnM7fHKaYnoM3Xwlwbj7Mkol+PFqK
8n/sg0QrtjZrKbDOGMMFsLuMaVaEM0fP93rZKVlXzS1Ax6nIJdv2nx+WmlAvoEsj
tEmb0xRO18GGbcGlqdKv3OE+3lPpZ04A2nvheqXFeIlxZLKDP9jBV3KyjwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDajeCTY4GdxMbuBcDqDOqFOpIpgMB8GA1UdIwQY
MBaAFAGUq5qPSiDoKd1FdaiMgSXByKZ/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVpTcm1vOUtJT2dwM1VWMXFJeUJKY0hJcG44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8xY2ZlNWMtMDU0Ni00NDgyLTkzNWEt
Y2IzODYzNThkMTUxLzEvTnFONEpOamdaM0V4dTRGd09vTTZvVTZraW1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS8xY2ZlNWMtMDU0Ni00NDgyLTkzNWEtY2IzODYzNThkMTUx
LzEvQVpTcm1vOUtJT2dwM1VWMXFJeUJKY0hJcG44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDLhwYAwQC
ucp4AwQBwYeSAwQBz/TWMA0GCSqGSIb3DQEBCwUAA4IBAQBbDWLIx/6xMsViNQso
rm6Z6fo/A0ZQaymiSnPfPhyZqsTgIfdGrlVYb+SQeJjEw1O7nSv+zSfLKcSConvL
EOAVEvFQ1wLoKvccIAFjLeiyZjBZTKNJy/0DJ12lL57JwlrMjQjIiL75luYXSXZO
XqxWO4Lrbg/7Qbcx97RlXpgk0EtnRY3SUfreEQTzpIdK3/gstldqHkU6MsGIzt4r
Nbd0Pu/l9TtmI4yjWWTyZB7nYBPjcRzDoa7S8F9RpL+E5eBW1PsswzxwBQSe+eqe
1cYI2qePkbB48k4QjyAqjrMbnSVwp7Xt0n7QDgHH9o++kSV6uUgY9P+BlF4MNtZ4
tiTT
-----END CERTIFICATE-----
Generated at Sat Jun 8 03:11:29 2024 by rpki-client on console-ams.rpki-client.org