Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/42db52-dca7-4fa3-9a73-1d7b229d4e3b/1/nGipjGiyzDwze7ohQXWPp3LuMNg.roa
File: nGipjGiyzDwze7ohQXWPp3LuMNg.roa (raw, json)
Hash identifier: FkPgZ4TKoKthLJdEuIXAULV4q3W9b0MSpwU9sxPBjWk=
Subject key identifier: 9C:68:A9:8C:68:B2:CC:3C:33:7B:BA:21:41:75:8F:A7:72:EE:30:D8
Certificate issuer: /CN=45aa88dc675ce5dc35574bff6290e2ae88ce082b
Certificate serial: 018CC64B7DA217787E601E9E7DB6922B34AD
Authority key identifier: 45:AA:88:DC:67:5C:E5:DC:35:57:4B:FF:62:90:E2:AE:88:CE:08:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RaqI3Gdc5dw1V0v_YpDirojOCCs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/42db52-dca7-4fa3-9a73-1d7b229d4e3b/1/nGipjGiyzDwze7ohQXWPp3LuMNg.roa
Signing time: Mon 01 Jan 2024 18:31:25 +0000
ROA not before: Mon 01 Jan 2024 18:31:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39489
IP address blocks: 87.239.176.0/21 maxlen: 24
2001:67c:2b28::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/42db52-dca7-4fa3-9a73-1d7b229d4e3b/1/RaqI3Gdc5dw1V0v_YpDirojOCCs.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/42db52-dca7-4fa3-9a73-1d7b229d4e3b/1/RaqI3Gdc5dw1V0v_YpDirojOCCs.mft
rsync://rpki.ripe.net/repository/DEFAULT/RaqI3Gdc5dw1V0v_YpDirojOCCs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 23:23:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:7d:a2:17:78:7e:60:1e:9e:7d:b6:92:2b:34:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=45aa88dc675ce5dc35574bff6290e2ae88ce082b
Validity
Not Before: Jan 1 18:31:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c68a98c68b2cc3c337bba2141758fa772ee30d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:95:7a:70:31:55:85:22:6b:90:ba:33:9f:b0:
9d:08:e2:0e:9c:0f:bc:8b:42:a8:0f:55:76:d0:a2:
15:b3:4f:ad:45:22:68:64:81:dd:a0:bf:c4:4d:0f:
a2:98:3a:5f:4f:d1:bf:fa:c5:68:94:8a:63:9b:c8:
75:40:1d:d9:c7:c7:9f:22:09:c2:2c:f9:3a:c3:7e:
f8:83:30:f5:21:44:69:78:46:47:a0:aa:d0:66:08:
5b:ab:84:9c:75:44:09:ce:90:2c:02:27:3f:13:0d:
bb:f2:92:9d:84:a3:0c:a3:af:24:4c:2e:37:fd:2f:
58:56:9d:28:1e:e1:ab:6f:8a:bc:af:be:10:df:d5:
ba:18:8f:6c:3e:18:b5:d6:be:95:88:a1:e3:16:25:
97:dc:0a:32:46:21:30:20:8e:10:a8:2e:4e:41:94:
16:89:22:d5:08:d3:1b:5c:40:cd:21:0e:bb:47:b8:
d5:03:fa:64:05:85:9b:42:ff:1d:a5:26:01:82:3b:
aa:ba:31:44:77:45:c0:3f:ff:76:65:06:88:ef:af:
ea:17:7b:48:a3:8f:10:97:aa:84:1c:8b:7e:cf:9d:
18:77:b7:d1:14:99:5e:8a:15:2c:5a:80:46:ca:b6:
e7:b9:16:f7:95:4f:df:d2:4d:cb:3c:a3:e3:35:28:
44:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:68:A9:8C:68:B2:CC:3C:33:7B:BA:21:41:75:8F:A7:72:EE:30:D8
X509v3 Authority Key Identifier:
keyid:45:AA:88:DC:67:5C:E5:DC:35:57:4B:FF:62:90:E2:AE:88:CE:08:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RaqI3Gdc5dw1V0v_YpDirojOCCs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/42db52-dca7-4fa3-9a73-1d7b229d4e3b/1/nGipjGiyzDwze7ohQXWPp3LuMNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/42db52-dca7-4fa3-9a73-1d7b229d4e3b/1/RaqI3Gdc5dw1V0v_YpDirojOCCs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.239.176.0/21
IPv6:
2001:67c:2b28::/48
Signature Algorithm: sha256WithRSAEncryption
1b:5b:cd:6f:15:1c:c5:bd:81:2f:56:0f:c6:53:4d:fe:04:95:
73:49:aa:41:00:97:81:5e:f5:65:62:bf:aa:11:33:bf:ea:55:
fa:fc:2f:c0:ed:c3:34:be:e5:4d:af:9d:ce:3e:94:78:c0:52:
87:9a:58:67:10:56:30:76:b9:c2:95:a3:07:c8:d4:55:cd:69:
a7:13:81:7f:94:a6:ae:1f:7d:b3:86:c9:52:9c:e5:4b:f6:ba:
5f:af:5e:33:0c:10:82:9c:3a:62:98:66:33:a3:f4:83:a0:45:
0a:56:09:e6:c6:57:08:23:1c:41:aa:3c:f4:d7:87:ab:31:f1:
c8:8e:13:fc:e4:a7:dd:05:12:0a:b0:3f:4b:f0:fb:b9:d4:67:
14:25:7f:7f:06:8c:c5:88:bc:39:57:73:68:0d:44:5b:0a:19:
26:3f:3e:4c:9d:73:b1:6f:a9:63:ab:6b:9f:53:3c:4f:74:c8:
38:dc:2a:37:79:ca:2c:b9:15:91:88:60:2a:9b:33:e2:54:5d:
16:c7:fd:3d:8f:9d:76:43:da:f0:a7:d4:2a:cc:82:8e:79:23:
bc:85:f7:64:3a:31:46:d9:72:3a:7b:d1:f6:53:b5:ce:0c:78:
37:f8:ae:52:3e:fc:7d:5b:5a:d5:ff:30:c7:72:1c:3a:5f:36:
bc:6c:36:34
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzGS32iF3h+YB6efbaSKzStMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1YWE4OGRjNjc1Y2U1ZGMzNTU3NGJmZjYyOTBlMmFlODhj
ZTA4MmIwHhcNMjQwMTAxMTgzMTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzY4YTk4YzY4YjJjYzNjMzM3YmJhMjE0MTc1OGZhNzcyZWUzMGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJV6cDFVhSJrkLozn7CdCOIOnA+8
i0KoD1V20KIVs0+tRSJoZIHdoL/ETQ+imDpfT9G/+sVolIpjm8h1QB3Zx8efIgnC
LPk6w374gzD1IURpeEZHoKrQZghbq4ScdUQJzpAsAic/Ew278pKdhKMMo68kTC43
/S9YVp0oHuGrb4q8r74Q39W6GI9sPhi11r6ViKHjFiWX3AoyRiEwII4QqC5OQZQW
iSLVCNMbXEDNIQ67R7jVA/pkBYWbQv8dpSYBgjuqujFEd0XAP/92ZQaI76/qF3tI
o48Ql6qEHIt+z50Yd7fRFJleihUsWoBGyrbnuRb3lU/f0k3LPKPjNShE0QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJxoqYxossw8M3u6IUF1j6dy7jDYMB8GA1UdIwQY
MBaAFEWqiNxnXOXcNVdL/2KQ4q6IzggrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmFxSTNHZGM1ZHcxVjB2X1lwRGlyb2pPQ0NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS80MmRiNTItZGNhNy00ZmEzLTlhNzMt
MWQ3YjIyOWQ0ZTNiLzEvbkdpcGpHaXl6RHd6ZTdvaFFYV1BwM0x1TU5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS80MmRiNTItZGNhNy00ZmEzLTlhNzMtMWQ3YjIyOWQ0ZTNi
LzEvUmFxSTNHZGM1ZHcxVjB2X1lwRGlyb2pPQ0NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDV++wMA8E
AgACMAkDBwAgAQZ8KygwDQYJKoZIhvcNAQELBQADggEBABtbzW8VHMW9gS9WD8ZT
Tf4ElXNJqkEAl4Fe9WViv6oRM7/qVfr8L8DtwzS+5U2vnc4+lHjAUoeaWGcQVjB2
ucKVowfI1FXNaacTgX+Upq4ffbOGyVKc5Uv2ul+vXjMMEIKcOmKYZjOj9IOgRQpW
CebGVwgjHEGqPPTXh6sx8ciOE/zkp90FEgqwP0vw+7nUZxQlf38GjMWIvDlXc2gN
RFsKGSY/Pkydc7FvqWOra59TPE90yDjcKjd5yiy5FZGIYCqbM+JUXRbH/T2PnXZD
2vCn1CrMgo55I7yF92Q6MUbZcjp70fZTtc4MeDf4rlI+/H1bWtX/MMdyHDpfNrxs
NjQ=
-----END CERTIFICATE-----
Generated at Tue Nov 26 03:09:31 2024 by rpki-client on console-ams.rpki-client.org