Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/64ab99-49aa-4aae-8dd5-382355fc2ff1/1/nc1mP5BfexK_yeyVv2zTWCwwwzY.roa
File: nc1mP5BfexK_yeyVv2zTWCwwwzY.roa (raw, json)
Hash identifier: zkO6Pll4dK4kF42u+5vqnHBGhM3Wi1hRQbcUmOb3Iqw=
Subject key identifier: 9D:CD:66:3F:90:5F:7B:12:BF:C9:EC:95:BF:6C:D3:58:2C:30:C3:36
Certificate issuer: /CN=f8a966664ec96edbd12e8e82e940bfb9faec105e
Certificate serial: 018CC6B78F1ABAC88F600EAD9FD1A087C0A9
Authority key identifier: F8:A9:66:66:4E:C9:6E:DB:D1:2E:8E:82:E9:40:BF:B9:FA:EC:10:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-KlmZk7JbtvRLo6C6UC_ufrsEF4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/64ab99-49aa-4aae-8dd5-382355fc2ff1/1/nc1mP5BfexK_yeyVv2zTWCwwwzY.roa
Signing time: Mon 01 Jan 2024 20:29:27 +0000
ROA not before: Mon 01 Jan 2024 20:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60729
IP address blocks: 185.177.207.0/24 maxlen: 24
2a0a:4587:2010::/46 maxlen: 46
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/64ab99-49aa-4aae-8dd5-382355fc2ff1/1/1-KlmZk7JbtvRLo6C6UC_ufrsEF4.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/64ab99-49aa-4aae-8dd5-382355fc2ff1/1/1-KlmZk7JbtvRLo6C6UC_ufrsEF4.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-KlmZk7JbtvRLo6C6UC_ufrsEF4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:8f:1a:ba:c8:8f:60:0e:ad:9f:d1:a0:87:c0:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8a966664ec96edbd12e8e82e940bfb9faec105e
Validity
Not Before: Jan 1 20:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9dcd663f905f7b12bfc9ec95bf6cd3582c30c336
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:6c:63:7c:2e:91:8b:a9:fb:8a:27:9a:7c:82:
31:a7:74:73:1e:f3:75:e1:9c:06:97:95:a8:d3:ee:
f1:7d:9f:a2:b7:de:01:03:27:64:a3:38:71:c2:26:
b4:1d:17:61:61:ed:e8:ad:43:b1:4c:b6:5f:ae:0b:
1f:a4:47:56:5d:f5:95:42:bf:4d:4e:c1:1b:60:f2:
57:57:e2:25:d6:96:2c:1a:b6:12:72:ff:75:21:fb:
5b:65:60:85:1f:c1:d0:7b:80:91:19:cb:52:23:bb:
44:a2:31:60:52:3c:2e:9a:02:bb:5e:f3:91:9b:2b:
b9:0c:9f:fb:c0:ca:08:38:20:82:05:d7:c7:88:ac:
c6:44:b5:f1:7e:b2:17:ec:98:19:6a:04:56:93:1f:
f1:dc:59:a0:5f:20:e9:e8:70:b2:d4:78:26:65:82:
df:3d:77:60:89:22:d8:4c:76:22:ca:cd:7e:db:c9:
cf:ae:08:95:ce:bd:09:48:d3:02:2a:28:e2:20:ac:
87:f8:bc:a6:fc:cd:5e:79:d1:d5:79:c9:c5:d8:ed:
d7:0e:c5:6b:05:86:94:e7:9a:fc:e9:b2:60:0e:42:
8f:a7:78:14:0b:b1:80:16:f5:2b:23:7e:aa:af:73:
4d:79:31:bb:eb:14:79:8e:a2:6c:e1:94:0e:3b:ae:
02:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:CD:66:3F:90:5F:7B:12:BF:C9:EC:95:BF:6C:D3:58:2C:30:C3:36
X509v3 Authority Key Identifier:
keyid:F8:A9:66:66:4E:C9:6E:DB:D1:2E:8E:82:E9:40:BF:B9:FA:EC:10:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-KlmZk7JbtvRLo6C6UC_ufrsEF4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/64ab99-49aa-4aae-8dd5-382355fc2ff1/1/nc1mP5BfexK_yeyVv2zTWCwwwzY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/64ab99-49aa-4aae-8dd5-382355fc2ff1/1/1-KlmZk7JbtvRLo6C6UC_ufrsEF4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.177.207.0/24
IPv6:
2a0a:4587:2010::/46
Signature Algorithm: sha256WithRSAEncryption
8a:2e:1f:4c:76:77:73:f8:a7:1d:7e:3e:9c:50:34:e9:09:3f:
c0:4a:30:25:72:62:86:da:17:06:9e:95:2e:40:8a:9e:fd:81:
0a:f3:6a:02:97:d1:f8:51:a9:a5:00:dc:b7:c1:f2:81:23:f0:
46:7f:0e:43:0c:9f:e6:5a:0a:9a:dc:11:7f:0e:97:b1:4b:22:
e2:0c:a3:8c:0b:55:00:fc:c5:00:6a:93:d7:bc:e9:b1:e3:71:
ae:a6:a0:e4:68:ad:89:19:79:c5:0e:36:67:c0:38:bb:b0:7d:
10:a6:23:25:b1:93:3e:2c:00:a7:d4:62:7b:71:6f:e3:c4:03:
06:5b:9f:63:90:66:42:d5:14:fe:6d:4e:22:34:50:e3:ea:cd:
8f:0a:de:02:d6:86:a1:0d:58:e8:8b:5e:81:1f:3c:1b:fd:5b:
1d:60:1c:5b:e8:dc:ed:8f:35:9b:1a:b0:dd:ba:e8:a0:1e:7e:
b3:eb:eb:54:d8:90:ca:49:9d:9c:36:63:af:40:92:3c:82:aa:
a4:cc:91:be:f0:db:13:0d:2a:5d:ad:ea:73:32:88:99:a1:46:
ad:f1:5a:07:2a:cf:a0:13:11:36:2c:37:b3:77:85:82:2e:7a:
91:fc:08:d8:32:b6:bf:5a:49:c1:b5:de:d0:d8:11:65:3e:b7:
b1:a9:93:86
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYzGt48ausiPYA6tn9Ggh8CpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4YTk2NjY2NGVjOTZlZGJkMTJlOGU4MmU5NDBiZmI5ZmFl
YzEwNWUwHhcNMjQwMTAxMjAyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGNkNjYzZjkwNWY3YjEyYmZjOWVjOTViZjZjZDM1ODJjMzBjMzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm2xjfC6Ri6n7iieafIIxp3RzHvN1
4ZwGl5Wo0+7xfZ+it94BAydkozhxwia0HRdhYe3orUOxTLZfrgsfpEdWXfWVQr9N
TsEbYPJXV+Il1pYsGrYScv91IftbZWCFH8HQe4CRGctSI7tEojFgUjwumgK7XvOR
myu5DJ/7wMoIOCCCBdfHiKzGRLXxfrIX7JgZagRWkx/x3FmgXyDp6HCy1HgmZYLf
PXdgiSLYTHYiys1+28nPrgiVzr0JSNMCKijiIKyH+Lym/M1eedHVecnF2O3XDsVr
BYaU55r86bJgDkKPp3gUC7GAFvUrI36qr3NNeTG76xR5jqJs4ZQOO64CtwIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFJ3NZj+QX3sSv8nslb9s01gsMMM2MB8GA1UdIwQY
MBaAFPipZmZOyW7b0S6OgulAv7n67BBeMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1LbG1aazdKYnR2UkxvNkM2VUNfdWZyc0VGNC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDUvNjRhYjk5LTQ5YWEtNGFhZS04ZGQ1
LTM4MjM1NWZjMmZmMS8xL25jMW1QNUJmZXhLX3lleVZ2MnpUV0N3d3d6WS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNDUvNjRhYjk5LTQ5YWEtNGFhZS04ZGQ1LTM4MjM1NWZjMmZm
MS8xLzEtS2xtWms3SmJ0dlJMbzZDNlVDX3VmcnNFRjQuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAC5sc8w
DwQCAAIwCQMHAioKRYcgEDANBgkqhkiG9w0BAQsFAAOCAQEAii4fTHZ3c/inHX4+
nFA06Qk/wEowJXJihtoXBp6VLkCKnv2BCvNqApfR+FGppQDct8HygSPwRn8OQwyf
5loKmtwRfw6XsUsi4gyjjAtVAPzFAGqT17zpseNxrqag5GitiRl5xQ42Z8A4u7B9
EKYjJbGTPiwAp9Rie3Fv48QDBlufY5BmQtUU/m1OIjRQ4+rNjwreAtaGoQ1Y6Ite
gR88G/1bHWAcW+jc7Y81mxqw3brooB5+s+vrVNiQykmdnDZjr0CSPIKqpMyRvvDb
Ew0qXa3qczKImaFGrfFaByrPoBMRNiw3s3eFgi56kfwI2DK2v1pJwbXe0NgRZT63
samThg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:23:45 2024 by rpki-client on console-ams.rpki-client.org