Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/NY1-Ahgw26hAdeRSiI7BBhC124w.roa
File: NY1-Ahgw26hAdeRSiI7BBhC124w.roa (raw, json)
Hash identifier: VP6cIYdFJ59biLvyaK92NPPtxqc6/jFs9ox3ULwa/PI=
Subject key identifier: 35:8D:7E:02:18:30:DB:A8:40:75:E4:52:88:8E:C1:06:10:B5:DB:8C
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 019322F4D22D92AC7A227965721984021C34
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/NY1-Ahgw26hAdeRSiI7BBhC124w.roa
Signing time: Wed 13 Nov 2024 00:38:09 +0000
ROA not before: Wed 13 Nov 2024 00:38:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 95.82.0.0/20 maxlen: 20
109.111.32.0/20 maxlen: 24
109.111.34.0/23 maxlen: 24
109.111.42.0/23 maxlen: 24
176.221.20.0/22 maxlen: 24
176.221.24.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.mft
rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:22:f4:d2:2d:92:ac:7a:22:79:65:72:19:84:02:1c:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Nov 13 00:38:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=358d7e021830dba84075e452888ec10610b5db8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:9e:9f:b7:5e:d4:56:05:c9:f4:5e:20:ab:47:
4e:5d:ce:52:68:8a:6b:3b:04:78:8f:cb:df:f5:2b:
f5:dd:ea:0a:61:22:fc:b1:20:80:e1:e7:d0:19:21:
2e:9f:2e:f9:0e:8f:89:a2:20:d8:19:60:b0:01:b2:
a5:1c:ba:fa:49:6b:d2:f4:6a:27:b9:dd:d4:32:3d:
bf:f8:a8:0e:ae:75:28:08:50:2a:ff:c7:db:ef:09:
be:8f:1f:1c:7b:89:ce:51:c5:13:49:1e:a1:20:47:
66:60:eb:6c:8d:5c:89:00:6f:8c:04:fd:04:94:c1:
77:3e:20:e6:35:44:39:9f:6c:c4:69:c9:ee:a6:d3:
52:60:98:e5:7d:28:42:86:f2:ef:41:2e:0f:c8:f9:
56:a4:de:aa:0f:57:e9:ae:d7:71:e9:59:f3:0a:36:
c8:27:9e:41:e3:1b:83:e2:dd:da:ed:e2:7e:ea:fc:
ca:b7:d6:08:82:00:3f:fb:95:95:97:05:b6:a9:18:
c7:49:74:45:81:6f:0d:76:53:7e:93:ed:21:d0:01:
07:ad:86:db:ca:4c:b2:92:50:a9:7d:ec:84:87:f9:
9e:a1:20:40:67:4f:a1:7a:60:86:4d:4a:1b:24:2e:
49:9a:45:68:d0:64:59:ed:00:e3:8f:fa:06:f8:d4:
8d:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:8D:7E:02:18:30:DB:A8:40:75:E4:52:88:8E:C1:06:10:B5:DB:8C
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/NY1-Ahgw26hAdeRSiI7BBhC124w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.82.0.0/20
109.111.32.0/20
176.221.20.0-176.221.27.255
Signature Algorithm: sha256WithRSAEncryption
89:67:54:1a:23:12:82:d2:1f:31:01:d5:3a:60:8c:a4:cb:3a:
40:29:03:be:5f:85:44:2d:1f:6e:1d:79:0b:64:2c:3e:56:1c:
2a:e0:bb:81:f5:7c:b1:1a:2d:ef:c2:c4:ce:72:ef:cb:45:34:
0b:14:96:99:28:5d:4c:1c:dd:f7:8c:bb:3c:8f:39:38:6f:cc:
3a:0d:d2:0f:c7:c0:3d:17:6e:f1:c8:dd:09:02:9a:e7:84:ce:
8e:47:4f:ce:c1:37:e7:c9:dd:f2:e0:e0:97:d9:14:c7:12:7f:
51:29:54:8f:28:7a:76:2e:4b:88:85:78:08:ae:2e:3a:25:68:
cb:c1:46:10:92:39:e1:cf:2f:c0:04:8d:42:1b:20:8f:24:76:
66:0b:93:45:c4:9c:31:f6:3f:ef:f4:6a:15:c6:db:be:1f:0a:
97:42:59:0d:e3:06:76:31:6b:46:5e:80:77:3c:02:a4:22:ca:
14:83:2f:40:0b:08:75:24:39:28:71:7e:37:c2:3e:6e:82:aa:
e8:c4:6b:c6:de:28:56:92:1b:64:0b:68:3d:6d:ba:9a:92:c4:
54:57:7b:e9:49:e8:9f:e7:8c:c7:d2:8f:fb:80:f3:f9:0f:87:
70:b5:d5:62:2f:bc:4d:1a:37:38:54:c1:52:7f:9b:76:9f:bf:
7d:64:98:67
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZMi9NItkqx6InllchmEAhw0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjQxMTEzMDAzODA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNThkN2UwMjE4MzBkYmE4NDA3NWU0NTI4ODhlYzEwNjEwYjVkYjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAup6ft17UVgXJ9F4gq0dOXc5SaIpr
OwR4j8vf9Sv13eoKYSL8sSCA4efQGSEuny75Do+JoiDYGWCwAbKlHLr6SWvS9Gon
ud3UMj2/+KgOrnUoCFAq/8fb7wm+jx8ce4nOUcUTSR6hIEdmYOtsjVyJAG+MBP0E
lMF3PiDmNUQ5n2zEacnuptNSYJjlfShChvLvQS4PyPlWpN6qD1fprtdx6VnzCjbI
J55B4xuD4t3a7eJ+6vzKt9YIggA/+5WVlwW2qRjHSXRFgW8NdlN+k+0h0AEHrYbb
ykyyklCpfeyEh/meoSBAZ0+hemCGTUobJC5JmkVo0GRZ7QDjj/oG+NSNNwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFDWNfgIYMNuoQHXkUoiOwQYQtduMMB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvTlkxLUFoZ3cyNmhBZGVSU2lJN0JCaEMxMjR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQEX1IAAwQE
bW8gMAwDBAKw3RQDBAKw3RgwDQYJKoZIhvcNAQELBQADggEBAIlnVBojEoLSHzEB
1TpgjKTLOkApA75fhUQtH24deQtkLD5WHCrgu4H1fLEaLe/CxM5y78tFNAsUlpko
XUwc3feMuzyPOThvzDoN0g/HwD0XbvHI3QkCmueEzo5HT87BN+fJ3fLg4JfZFMcS
f1EpVI8oenYuS4iFeAiuLjolaMvBRhCSOeHPL8AEjUIbII8kdmYLk0XEnDH2P+/0
ahXG274fCpdCWQ3jBnYxa0ZegHc8AqQiyhSDL0ALCHUkOShxfjfCPm6CqujEa8be
KFaSG2QLaD1tupqSxFRXe+lJ6J/njMfSj/uA8/kPh3C11WIvvE0aNzhUwVJ/m3af
v31kmGc=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:10:47 2024 by rpki-client on console-ams.rpki-client.org