Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/3cc135-f166-42eb-8203-f49120bed51c/1/NGFpI09iUmrJ91Y3MJnGVBst-g4.roa
File: NGFpI09iUmrJ91Y3MJnGVBst-g4.roa (raw, json)
Hash identifier: e/w6E9kjdPyHtvuAlroCEQNqnpwy0RTGRByFojmRUyY=
Subject key identifier: 34:61:69:23:4F:62:52:6A:C9:F7:56:37:30:99:C6:54:1B:2D:FA:0E
Certificate issuer: /CN=345ae646ea34ad2688aca2fdd1a6f3340356495e
Certificate serial: 018CC56E17C9E44BDBD8CABCFAE1E2FBBA0A
Authority key identifier: 34:5A:E6:46:EA:34:AD:26:88:AC:A2:FD:D1:A6:F3:34:03:56:49:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NFrmRuo0rSaIrKL90abzNANWSV4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/3cc135-f166-42eb-8203-f49120bed51c/1/NGFpI09iUmrJ91Y3MJnGVBst-g4.roa
Signing time: Mon 01 Jan 2024 14:29:35 +0000
ROA not before: Mon 01 Jan 2024 14:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 185.120.172.0/24 maxlen: 24
185.120.174.0/24 maxlen: 24
185.120.173.0/24 maxlen: 24
185.120.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/3cc135-f166-42eb-8203-f49120bed51c/1/NFrmRuo0rSaIrKL90abzNANWSV4.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/3cc135-f166-42eb-8203-f49120bed51c/1/NFrmRuo0rSaIrKL90abzNANWSV4.mft
rsync://rpki.ripe.net/repository/DEFAULT/NFrmRuo0rSaIrKL90abzNANWSV4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:17:c9:e4:4b:db:d8:ca:bc:fa:e1:e2:fb:ba:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=345ae646ea34ad2688aca2fdd1a6f3340356495e
Validity
Not Before: Jan 1 14:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=346169234f62526ac9f756373099c6541b2dfa0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:f8:cd:b2:10:b0:f3:bd:1d:0e:0e:9a:d6:5c:
2d:e8:a4:c2:9f:da:d6:30:29:d3:f0:76:2e:d1:ce:
97:e5:e9:ec:bf:c0:a7:46:7d:9d:21:e4:47:bc:43:
0a:11:aa:a9:21:f6:f4:d4:cd:cc:ed:31:68:af:bc:
9f:53:06:5d:72:63:f0:b4:fa:c4:4d:20:20:ee:6f:
ed:a0:b9:3d:1f:37:38:cc:be:0e:89:70:95:22:98:
cc:05:d0:28:6c:f1:9d:80:02:30:9a:91:11:75:88:
28:63:23:95:40:8e:e3:9c:e6:53:a8:2d:db:eb:48:
b7:35:68:3c:6b:a8:4a:c6:60:a8:3e:6c:46:5e:be:
e8:7e:56:8a:7f:db:34:b0:dd:d2:c9:d3:5c:8b:5f:
fe:9d:57:0b:b8:61:20:60:7e:46:8d:e8:8e:ba:cc:
31:e0:00:a0:12:4b:ac:b7:9e:5c:69:0c:75:6a:5f:
0c:92:24:89:5b:06:7d:12:24:3c:b9:05:4e:44:5f:
3e:fb:f5:2f:d2:72:e2:a4:b0:71:a8:bc:ec:3e:bd:
70:0f:f2:2d:ae:a1:7a:47:b1:33:cf:de:8c:8c:0d:
a4:05:48:1c:d1:39:73:54:b8:c7:b6:87:48:20:f1:
a3:1d:6e:26:27:cc:54:a8:09:c0:98:85:f3:53:f2:
87:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:61:69:23:4F:62:52:6A:C9:F7:56:37:30:99:C6:54:1B:2D:FA:0E
X509v3 Authority Key Identifier:
keyid:34:5A:E6:46:EA:34:AD:26:88:AC:A2:FD:D1:A6:F3:34:03:56:49:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NFrmRuo0rSaIrKL90abzNANWSV4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/3cc135-f166-42eb-8203-f49120bed51c/1/NGFpI09iUmrJ91Y3MJnGVBst-g4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/3cc135-f166-42eb-8203-f49120bed51c/1/NFrmRuo0rSaIrKL90abzNANWSV4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.120.172.0/22
Signature Algorithm: sha256WithRSAEncryption
82:12:96:d8:c8:59:9a:50:1a:df:43:94:ed:f0:70:d4:8e:39:
33:e7:d7:48:d3:fa:a2:87:0b:95:94:37:9c:54:b4:5a:cb:31:
a5:70:a1:2c:e3:df:3e:e8:b8:2e:83:f7:2a:e2:83:e6:a6:09:
25:d8:2a:91:56:da:e5:03:6c:03:ab:cc:08:a3:1f:2f:73:f5:
43:42:0c:3c:0f:32:03:52:1c:a6:6b:7e:30:6d:0d:f6:2b:ba:
a0:f5:a6:1e:06:34:c3:d3:6d:22:6b:5b:67:68:a1:ef:93:b4:
91:73:7d:2d:ef:e1:f2:26:d9:ff:64:fb:81:81:d5:7d:ea:2b:
55:a6:4f:04:ef:29:ea:a3:fb:87:ff:00:67:e7:1a:95:a4:da:
3e:ca:0d:75:76:70:2c:84:ec:32:55:8e:1e:a5:9c:a3:51:63:
b7:ac:64:6d:6d:95:a1:6a:ff:34:41:bd:6f:55:a0:5e:91:a4:
e7:4c:18:48:e1:e4:ba:89:b2:f2:bf:e5:99:b6:11:0c:2f:09:
1d:48:2a:6c:0a:f1:e9:c4:e8:dc:ed:e5:7e:da:29:ce:b6:3d:
f5:bc:3b:5e:42:4c:0f:de:26:5d:c0:a2:02:09:99:e6:34:45:
d3:92:e6:80:ac:13:05:20:41:02:50:f3:56:fd:8b:c5:c4:a2:
d0:bf:21:de
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbhfJ5Evb2Mq8+uHi+7oKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NWFlNjQ2ZWEzNGFkMjY4OGFjYTJmZGQxYTZmMzM0MDM1
NjQ5NWUwHhcNMjQwMTAxMTQyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDYxNjkyMzRmNjI1MjZhYzlmNzU2MzczMDk5YzY1NDFiMmRmYTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPjNshCw870dDg6a1lwt6KTCn9rW
MCnT8HYu0c6X5ensv8CnRn2dIeRHvEMKEaqpIfb01M3M7TFor7yfUwZdcmPwtPrE
TSAg7m/toLk9Hzc4zL4OiXCVIpjMBdAobPGdgAIwmpERdYgoYyOVQI7jnOZTqC3b
60i3NWg8a6hKxmCoPmxGXr7oflaKf9s0sN3SydNci1/+nVcLuGEgYH5GjeiOuswx
4ACgEkust55caQx1al8MkiSJWwZ9EiQ8uQVORF8++/Uv0nLipLBxqLzsPr1wD/It
rqF6R7Ezz96MjA2kBUgc0TlzVLjHtodIIPGjHW4mJ8xUqAnAmIXzU/KHlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDRhaSNPYlJqyfdWNzCZxlQbLfoOMB8GA1UdIwQY
MBaAFDRa5kbqNK0miKyi/dGm8zQDVkleMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkZybVJ1bzByU2FJcktMOTBhYnpOQU5XU1Y0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My8zY2MxMzUtZjE2Ni00MmViLTgyMDMt
ZjQ5MTIwYmVkNTFjLzEvTkdGcEkwOWlVbXJKOTFZM01KbkdWQnN0LWc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My8zY2MxMzUtZjE2Ni00MmViLTgyMDMtZjQ5MTIwYmVkNTFj
LzEvTkZybVJ1bzByU2FJcktMOTBhYnpOQU5XU1Y0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXisMA0G
CSqGSIb3DQEBCwUAA4IBAQCCEpbYyFmaUBrfQ5Tt8HDUjjkz59dI0/qihwuVlDec
VLRayzGlcKEs498+6Lgug/cq4oPmpgkl2CqRVtrlA2wDq8wIox8vc/VDQgw8DzID
Uhyma34wbQ32K7qg9aYeBjTD020ia1tnaKHvk7SRc30t7+HyJtn/ZPuBgdV96itV
pk8E7ynqo/uH/wBn5xqVpNo+yg11dnAshOwyVY4epZyjUWO3rGRtbZWhav80Qb1v
VaBekaTnTBhI4eS6ibLyv+WZthEMLwkdSCpsCvHpxOjc7eV+2inOtj31vDteQkwP
3iZdwKICCZnmNEXTkuaArBMFIEECUPNW/YvFxKLQvyHe
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:10:50 2024 by rpki-client on console-ams.rpki-client.org