Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Nv5fGdpJ1EMjj5oGIHpObQn9vfo.roa
File: Nv5fGdpJ1EMjj5oGIHpObQn9vfo.roa (raw, json)
Hash identifier: VtR3XKh+72F/cYHKNNjM2psZrY+KExv4vAIu9lww8wA=
Subject key identifier: 36:FE:5F:19:DA:49:D4:43:23:8F:9A:06:20:7A:4E:6D:09:FD:BD:FA
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018E5799DE302E718496AC9B86697C5094D2
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Nv5fGdpJ1EMjj5oGIHpObQn9vfo.roa
Signing time: Tue 19 Mar 2024 16:44:45 +0000
ROA not before: Tue 19 Mar 2024 16:44:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200017
IP address blocks: 84.32.148.0/24 maxlen: 24
84.32.210.0/24 maxlen: 24
88.216.108.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.mft
rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:57:99:de:30:2e:71:84:96:ac:9b:86:69:7c:50:94:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Mar 19 16:44:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=36fe5f19da49d443238f9a06207a4e6d09fdbdfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:54:b7:68:13:a7:22:91:b3:dd:f0:16:f0:6d:
83:69:72:ab:7d:61:f6:62:24:84:cd:df:7f:52:3d:
b4:5e:8c:68:57:6c:6f:ba:0a:6e:bb:a4:83:cd:ae:
89:af:88:ff:d3:f2:58:60:b6:6c:81:3e:83:12:7c:
3b:40:6a:47:f0:ce:3c:4d:dc:68:56:3b:71:92:d0:
2b:42:1d:1b:5d:e4:b2:76:d5:9d:63:28:54:10:6c:
6f:e1:e9:a6:54:10:1b:51:93:2d:d2:27:e9:ba:4e:
cf:e4:ab:d9:6d:04:eb:d6:e3:1f:05:9c:71:46:c1:
50:73:9c:f4:da:8c:5d:76:e8:7a:ef:b3:f9:96:77:
7b:9f:49:3d:9f:80:cc:d2:5e:5e:b0:0e:92:31:5d:
3b:a1:2e:18:80:58:2e:36:09:c8:25:9e:b4:48:57:
4b:82:91:b8:7a:57:4e:9e:e9:35:b0:c4:0d:df:82:
15:ce:f7:fa:be:88:e7:9a:d8:02:b8:37:21:e6:90:
1c:86:8c:41:67:6a:fb:60:47:0f:c3:b6:13:86:06:
19:6e:f6:77:40:44:51:f6:a4:16:e4:76:fa:0d:26:
cc:76:ff:df:75:e9:9e:a2:69:0c:a9:b9:df:ec:59:
8c:77:d4:22:ce:de:75:1d:bb:bc:c8:98:f2:d5:67:
af:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:FE:5F:19:DA:49:D4:43:23:8F:9A:06:20:7A:4E:6D:09:FD:BD:FA
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Nv5fGdpJ1EMjj5oGIHpObQn9vfo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.148.0/24
84.32.210.0/24
88.216.108.0/24
Signature Algorithm: sha256WithRSAEncryption
54:c6:f6:e7:56:19:c8:3d:b3:b9:cb:b8:81:04:d7:cb:e5:bd:
35:9a:7f:d0:40:d1:ec:48:34:53:9f:72:96:c2:6d:c3:e1:da:
5c:20:98:04:d0:e6:e3:49:53:18:bc:34:f5:d6:43:77:76:76:
75:bd:c8:a6:d6:32:da:6e:51:9a:61:88:11:55:57:90:85:77:
e2:fd:5c:9d:f3:4c:98:eb:c4:e7:34:de:ea:d8:14:8b:a4:7a:
71:f6:ef:3a:c6:76:ee:07:df:f1:cd:3d:83:ae:eb:63:36:0d:
7a:23:2d:dd:8b:ac:e0:ac:cc:5f:f7:6e:54:78:5d:a2:87:6b:
5b:ba:27:c4:88:3f:9a:7b:6d:50:db:43:e6:f7:97:59:38:f2:
36:ad:a2:a7:d9:52:f6:d8:b9:c8:e3:30:81:88:86:a8:29:c6:
69:45:9e:bb:2e:2f:a0:38:f3:89:b8:d5:1e:e5:a4:02:8b:fb:
8a:c7:b7:39:e7:cd:9d:26:01:15:66:c6:a5:49:e8:08:94:49:
98:c9:ad:aa:a8:da:0a:fc:ab:6c:2e:d2:bd:1f:c1:69:06:d2:
44:5d:b8:78:02:7e:c9:68:98:79:f5:b6:c7:aa:57:1d:9c:d0:
5b:01:05:e9:4c:80:81:2f:77:67:99:35:25:0d:5b:75:1e:bf:
b9:ff:e8:0e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY5Xmd4wLnGElqybhml8UJTSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQwMzE5MTY0NDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmZlNWYxOWRhNDlkNDQzMjM4ZjlhMDYyMDdhNGU2ZDA5ZmRiZGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz1S3aBOnIpGz3fAW8G2DaXKrfWH2
YiSEzd9/Uj20XoxoV2xvugpuu6SDza6Jr4j/0/JYYLZsgT6DEnw7QGpH8M48Tdxo
VjtxktArQh0bXeSydtWdYyhUEGxv4emmVBAbUZMt0ifpuk7P5KvZbQTr1uMfBZxx
RsFQc5z02oxdduh677P5lnd7n0k9n4DM0l5esA6SMV07oS4YgFguNgnIJZ60SFdL
gpG4eldOnuk1sMQN34IVzvf6vojnmtgCuDch5pAchoxBZ2r7YEcPw7YThgYZbvZ3
QERR9qQW5Hb6DSbMdv/fdemeomkMqbnf7FmMd9Qizt51Hbu8yJjy1WevqQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDb+XxnaSdRDI4+aBiB6Tm0J/b36MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvTnY1ZkdkcEoxRU1qajVvR0lIcE9iUW45dmZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVCCUAwQA
VCDSAwQAWNhsMA0GCSqGSIb3DQEBCwUAA4IBAQBUxvbnVhnIPbO5y7iBBNfL5b01
mn/QQNHsSDRTn3KWwm3D4dpcIJgE0ObjSVMYvDT11kN3dnZ1vcim1jLablGaYYgR
VVeQhXfi/Vyd80yY68TnNN7q2BSLpHpx9u86xnbuB9/xzT2DrutjNg16Iy3di6zg
rMxf925UeF2ih2tbuifEiD+ae21Q20Pm95dZOPI2raKn2VL22LnI4zCBiIaoKcZp
RZ67Li+gOPOJuNUe5aQCi/uKx7c5582dJgEVZsalSegIlEmYya2qqNoK/KtsLtK9
H8FpBtJEXbh4An7JaJh59bbHqlcdnNBbAQXpTICBL3dnmTUlDVt1Hr+5/+gO
-----END CERTIFICATE-----
Generated at Tue May 7 12:08:43 2024 by rpki-client on console-ams.rpki-client.org