Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/6b0344-8229-4d25-b498-8ce7c4fc5e0b/1/NB0XtAJVbvrDgV-r1vAQZSRnzXU.roa
File: NB0XtAJVbvrDgV-r1vAQZSRnzXU.roa (raw, json)
Hash identifier: wX0GUP+W1hVds9Bir37GI7hO4wZFzHu5fVEX7dqSr68=
Subject key identifier: 34:1D:17:B4:02:55:6E:FA:C3:81:5F:AB:D6:F0:10:65:24:67:CD:75
Certificate issuer: /CN=37e751a11c1a7888fa58dbfc32c8959bc946303e
Certificate serial: 018CC56E312C6DCCF624FA387EDEBDA02CF4
Authority key identifier: 37:E7:51:A1:1C:1A:78:88:FA:58:DB:FC:32:C8:95:9B:C9:46:30:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N-dRoRwaeIj6WNv8MsiVm8lGMD4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/6b0344-8229-4d25-b498-8ce7c4fc5e0b/1/NB0XtAJVbvrDgV-r1vAQZSRnzXU.roa
Signing time: Mon 01 Jan 2024 14:29:42 +0000
ROA not before: Mon 01 Jan 2024 14:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62371
IP address blocks: 185.205.70.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/6b0344-8229-4d25-b498-8ce7c4fc5e0b/1/N-dRoRwaeIj6WNv8MsiVm8lGMD4.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/6b0344-8229-4d25-b498-8ce7c4fc5e0b/1/N-dRoRwaeIj6WNv8MsiVm8lGMD4.mft
rsync://rpki.ripe.net/repository/DEFAULT/N-dRoRwaeIj6WNv8MsiVm8lGMD4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 10:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:31:2c:6d:cc:f6:24:fa:38:7e:de:bd:a0:2c:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37e751a11c1a7888fa58dbfc32c8959bc946303e
Validity
Not Before: Jan 1 14:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=341d17b402556efac3815fabd6f010652467cd75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:b6:89:5a:b8:62:4f:c3:2d:e4:84:fb:52:50:
20:0f:30:2d:65:36:e8:bd:de:d4:e7:19:c8:9e:f9:
d3:f2:20:c3:09:1e:18:2b:5a:f2:1d:9e:38:52:da:
11:9b:19:eb:79:1f:dd:e6:69:16:9c:d3:d3:af:6c:
49:11:3d:99:a1:af:18:58:5f:a4:ab:86:4b:b8:d9:
59:04:a0:19:62:5d:76:3e:16:b0:a0:08:69:6b:f6:
1a:d0:6f:a6:9b:21:ef:bc:e6:01:c0:1e:db:48:7e:
b1:e7:56:fb:19:cd:66:19:79:4b:20:4c:2f:28:4a:
06:7d:b4:a7:7f:99:b0:c0:70:30:67:1a:a0:c7:75:
97:f4:1b:08:6e:6d:a6:40:fb:bb:4f:18:41:32:a5:
c7:60:6e:4b:f8:9d:8d:6e:89:91:81:46:ea:5d:59:
c7:5b:44:a4:48:ab:fc:b1:f0:19:af:ac:0b:9c:0c:
b1:f8:6d:b1:30:ad:43:09:ed:96:3a:39:85:c1:b4:
12:75:6f:18:bf:0d:dc:8c:4d:ab:36:2e:4e:01:2b:
b4:80:12:ab:cc:24:41:98:fc:85:43:c7:25:03:56:
f6:d9:c8:64:05:76:97:37:7e:f0:3c:29:98:14:41:
72:68:08:af:da:10:36:dd:8d:4a:9d:e8:98:0a:f1:
87:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:1D:17:B4:02:55:6E:FA:C3:81:5F:AB:D6:F0:10:65:24:67:CD:75
X509v3 Authority Key Identifier:
keyid:37:E7:51:A1:1C:1A:78:88:FA:58:DB:FC:32:C8:95:9B:C9:46:30:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N-dRoRwaeIj6WNv8MsiVm8lGMD4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/6b0344-8229-4d25-b498-8ce7c4fc5e0b/1/NB0XtAJVbvrDgV-r1vAQZSRnzXU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/6b0344-8229-4d25-b498-8ce7c4fc5e0b/1/N-dRoRwaeIj6WNv8MsiVm8lGMD4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.205.70.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:f6:9a:b6:39:c0:cf:27:b8:24:7a:8d:cb:32:96:a1:83:0f:
a6:10:c4:eb:80:fc:25:b5:8a:d0:9f:bf:fd:ff:0c:c3:3d:00:
ce:71:51:fb:6c:e1:d1:41:be:c8:ee:56:bb:a6:92:b9:f8:36:
45:95:05:ce:68:3a:f9:7c:68:37:94:ba:4d:3f:d9:bf:f5:db:
cb:f9:23:f5:c3:ae:1f:43:89:4e:82:b5:8f:17:a3:0f:e9:fd:
b5:7e:35:8b:da:63:5b:d8:66:94:4c:d2:e6:61:a7:a1:37:bd:
a4:3c:95:68:19:2f:2e:c4:cb:e2:8d:e1:89:55:8e:db:6b:99:
6a:1c:38:fa:f5:7d:25:88:f1:77:3d:cf:63:a7:99:eb:ac:7d:
64:1f:50:8d:7e:f6:fd:9b:d6:42:68:45:5d:c6:43:58:d3:24:
14:3a:1d:e5:62:ea:26:43:ef:9b:9d:36:41:f8:81:6f:0c:98:
cb:b3:8d:fd:08:c1:45:80:34:58:d8:f9:7e:92:f6:2a:5a:af:
fc:85:86:e5:b8:fc:3f:63:df:30:77:2b:37:21:c0:95:09:ce:
8a:0b:c2:9b:79:b8:8a:ef:c9:be:02:15:be:0e:02:9c:98:bc:
24:da:a4:57:90:83:0c:9f:1e:70:e0:ac:ff:77:4f:a9:c3:29:
37:8d:3d:b2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbjEsbcz2JPo4ft69oCz0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3ZTc1MWExMWMxYTc4ODhmYTU4ZGJmYzMyYzg5NTliYzk0
NjMwM2UwHhcNMjQwMTAxMTQyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDFkMTdiNDAyNTU2ZWZhYzM4MTVmYWJkNmYwMTA2NTI0NjdjZDc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7aJWrhiT8Mt5IT7UlAgDzAtZTbo
vd7U5xnInvnT8iDDCR4YK1ryHZ44UtoRmxnreR/d5mkWnNPTr2xJET2Zoa8YWF+k
q4ZLuNlZBKAZYl12PhawoAhpa/Ya0G+mmyHvvOYBwB7bSH6x51b7Gc1mGXlLIEwv
KEoGfbSnf5mwwHAwZxqgx3WX9BsIbm2mQPu7TxhBMqXHYG5L+J2NbomRgUbqXVnH
W0SkSKv8sfAZr6wLnAyx+G2xMK1DCe2WOjmFwbQSdW8Yvw3cjE2rNi5OASu0gBKr
zCRBmPyFQ8clA1b22chkBXaXN37wPCmYFEFyaAiv2hA23Y1KneiYCvGHvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDQdF7QCVW76w4Ffq9bwEGUkZ811MB8GA1UdIwQY
MBaAFDfnUaEcGniI+ljb/DLIlZvJRjA+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTi1kUm9Sd2FlSWo2V052OE1zaVZtOGxHTUQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS82YjAzNDQtODIyOS00ZDI1LWI0OTgt
OGNlN2M0ZmM1ZTBiLzEvTkIwWHRBSlZidnJEZ1YtcjF2QVFaU1JuelhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS82YjAzNDQtODIyOS00ZDI1LWI0OTgtOGNlN2M0ZmM1ZTBi
LzEvTi1kUm9Sd2FlSWo2V052OE1zaVZtOGxHTUQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuc1GMA0G
CSqGSIb3DQEBCwUAA4IBAQB99pq2OcDPJ7gkeo3LMpahgw+mEMTrgPwltYrQn7/9
/wzDPQDOcVH7bOHRQb7I7la7ppK5+DZFlQXOaDr5fGg3lLpNP9m/9dvL+SP1w64f
Q4lOgrWPF6MP6f21fjWL2mNb2GaUTNLmYaehN72kPJVoGS8uxMvijeGJVY7ba5lq
HDj69X0liPF3Pc9jp5nrrH1kH1CNfvb9m9ZCaEVdxkNY0yQUOh3lYuomQ++bnTZB
+IFvDJjLs439CMFFgDRY2Pl+kvYqWq/8hYbluPw/Y98wdys3IcCVCc6KC8KbebiK
78m+AhW+DgKcmLwk2qRXkIMMnx5w4Kz/d0+pwyk3jT2y
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:12:17 2024 by rpki-client on console-fra.rpki-client.org