Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/eca327-d58f-491c-94c8-e3d045483412/1/5NCTc8F1zcqDykAZpHf5J5g21kM.roa
File: 5NCTc8F1zcqDykAZpHf5J5g21kM.roa (raw, json)
Hash identifier: nLiUWCZ6VuGEN8QClMqJE8WA8L4v+y/83hmNfzBFzgU=
Subject key identifier: E4:D0:93:73:C1:75:CD:CA:83:CA:40:19:A4:77:F9:27:98:36:D6:43
Certificate issuer: /CN=9e61403ac69e2874f5622d7ee568e8e49f064c2e
Certificate serial: 018CC4247691057A1D2A0DBF6EE5BFD96AA1
Authority key identifier: 9E:61:40:3A:C6:9E:28:74:F5:62:2D:7E:E5:68:E8:E4:9F:06:4C:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nmFAOsaeKHT1Yi1-5Wjo5J8GTC4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/eca327-d58f-491c-94c8-e3d045483412/1/5NCTc8F1zcqDykAZpHf5J5g21kM.roa
Signing time: Mon 01 Jan 2024 08:29:33 +0000
ROA not before: Mon 01 Jan 2024 08:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51038
IP address blocks: 195.254.160.0/23 maxlen: 24
2001:67c:200::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/eca327-d58f-491c-94c8-e3d045483412/1/nmFAOsaeKHT1Yi1-5Wjo5J8GTC4.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/eca327-d58f-491c-94c8-e3d045483412/1/nmFAOsaeKHT1Yi1-5Wjo5J8GTC4.mft
rsync://rpki.ripe.net/repository/DEFAULT/nmFAOsaeKHT1Yi1-5Wjo5J8GTC4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:02:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:76:91:05:7a:1d:2a:0d:bf:6e:e5:bf:d9:6a:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e61403ac69e2874f5622d7ee568e8e49f064c2e
Validity
Not Before: Jan 1 08:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e4d09373c175cdca83ca4019a477f9279836d643
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:d7:39:fb:ca:b8:1f:d8:af:ae:94:95:f0:08:
ad:3b:87:d4:33:df:97:2b:04:4a:5f:b3:8a:d3:f4:
44:41:ca:89:9f:be:3c:31:8f:8f:8c:f5:ef:bd:b6:
2d:db:0d:4e:ed:ff:f3:d6:fc:5e:a4:a0:da:3a:a4:
96:38:98:63:7b:12:a8:34:cc:c9:b8:67:5f:b5:0e:
ee:bf:b1:50:98:a0:65:a4:7f:4a:9b:16:9a:a8:48:
de:fe:ae:47:ca:e1:4d:cb:67:02:46:6c:dc:70:48:
c3:2b:4e:fa:eb:de:44:4c:92:8b:7f:1a:cb:79:6c:
d7:74:85:0e:af:ed:cc:4d:cb:37:7a:ce:10:e8:92:
f3:d6:9e:33:8d:51:11:3f:53:34:dc:ad:7a:99:fe:
08:7a:9a:6b:0b:1f:70:07:ed:7e:9d:14:d4:df:1e:
01:cd:58:dd:23:18:54:7b:1b:84:85:49:6d:bd:f5:
3f:0c:60:4e:c5:30:6e:64:19:3c:14:9b:97:2f:78:
ea:62:46:3c:6d:70:ed:a0:f1:7b:99:1a:97:0f:1e:
1a:2c:e8:ef:3b:bf:76:45:b1:66:16:17:b9:58:b0:
b2:05:4d:e6:7b:3f:98:f9:b7:6d:bc:06:22:94:c4:
ac:b6:a5:4b:7d:77:7e:a7:68:1e:df:c5:65:c8:d0:
59:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:D0:93:73:C1:75:CD:CA:83:CA:40:19:A4:77:F9:27:98:36:D6:43
X509v3 Authority Key Identifier:
keyid:9E:61:40:3A:C6:9E:28:74:F5:62:2D:7E:E5:68:E8:E4:9F:06:4C:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nmFAOsaeKHT1Yi1-5Wjo5J8GTC4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/eca327-d58f-491c-94c8-e3d045483412/1/5NCTc8F1zcqDykAZpHf5J5g21kM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/eca327-d58f-491c-94c8-e3d045483412/1/nmFAOsaeKHT1Yi1-5Wjo5J8GTC4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.254.160.0/23
IPv6:
2001:67c:200::/48
Signature Algorithm: sha256WithRSAEncryption
92:b2:50:d2:a2:02:2f:92:d9:0a:46:91:68:56:22:c3:25:87:
6e:dc:bc:1e:6c:8e:98:8f:61:8c:3d:59:52:b8:dd:33:54:71:
ab:56:48:c6:09:8a:71:57:18:bb:93:22:dd:a7:c7:ba:af:b2:
5d:e9:76:67:92:29:7c:82:9f:6c:1f:9e:0a:ac:dc:a3:b1:81:
a3:1a:13:e0:71:e9:ad:d9:7c:c3:20:66:45:df:51:fc:ea:26:
e1:49:48:52:c3:95:20:05:86:2e:e7:39:d6:99:de:f5:f5:49:
aa:df:65:f6:eb:d9:3d:d8:cf:8b:9a:76:ae:69:ad:ba:a7:ae:
79:fc:28:70:1a:23:86:74:a0:d1:e5:9a:5f:3e:4f:3d:f9:e4:
c0:6b:f0:2f:a5:94:ca:f9:fa:57:0d:f3:f7:37:dd:9b:95:81:
40:9c:20:73:79:16:b9:6f:16:b4:d5:01:c2:72:c1:4a:41:98:
10:3b:7c:ab:85:e8:3a:fb:ba:2c:a7:fa:cf:e7:cc:ec:7b:2f:
a3:2a:fc:f0:bb:d6:e8:ce:ae:c9:b3:06:76:8a:28:c9:4b:65:
d6:60:f3:c6:b5:5d:b1:5b:fc:18:dc:e4:32:d8:4b:87:63:54:
87:f0:d5:44:e0:40:ec:f6:da:c4:63:71:57:f0:a0:02:d5:7b:
69:c5:df:46
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzEJHaRBXodKg2/buW/2WqhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNjE0MDNhYzY5ZTI4NzRmNTYyMmQ3ZWU1NjhlOGU0OWYw
NjRjMmUwHhcNMjQwMTAxMDgyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGQwOTM3M2MxNzVjZGNhODNjYTQwMTlhNDc3ZjkyNzk4MzZkNjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq9c5+8q4H9ivrpSV8AitO4fUM9+X
KwRKX7OK0/REQcqJn748MY+PjPXvvbYt2w1O7f/z1vxepKDaOqSWOJhjexKoNMzJ
uGdftQ7uv7FQmKBlpH9KmxaaqEje/q5HyuFNy2cCRmzccEjDK076695ETJKLfxrL
eWzXdIUOr+3MTcs3es4Q6JLz1p4zjVERP1M03K16mf4IepprCx9wB+1+nRTU3x4B
zVjdIxhUexuEhUltvfU/DGBOxTBuZBk8FJuXL3jqYkY8bXDtoPF7mRqXDx4aLOjv
O792RbFmFhe5WLCyBU3mez+Y+bdtvAYilMSstqVLfXd+p2ge38VlyNBZywIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOTQk3PBdc3Kg8pAGaR3+SeYNtZDMB8GA1UdIwQY
MBaAFJ5hQDrGnih09WItfuVo6OSfBkwuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbm1GQU9zYWVLSFQxWWkxLTVXam81SjhHVEM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9lY2EzMjctZDU4Zi00OTFjLTk0Yzgt
ZTNkMDQ1NDgzNDEyLzEvNU5DVGM4RjF6Y3FEeWtBWnBIZjVKNWcyMWtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy9lY2EzMjctZDU4Zi00OTFjLTk0YzgtZTNkMDQ1NDgzNDEy
LzEvbm1GQU9zYWVLSFQxWWkxLTVXam81SjhHVEM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBw/6gMA8E
AgACMAkDBwAgAQZ8AgAwDQYJKoZIhvcNAQELBQADggEBAJKyUNKiAi+S2QpGkWhW
IsMlh27cvB5sjpiPYYw9WVK43TNUcatWSMYJinFXGLuTIt2nx7qvsl3pdmeSKXyC
n2wfngqs3KOxgaMaE+Bx6a3ZfMMgZkXfUfzqJuFJSFLDlSAFhi7nOdaZ3vX1Sarf
Zfbr2T3Yz4uadq5prbqnrnn8KHAaI4Z0oNHlml8+Tz355MBr8C+llMr5+lcN8/c3
3ZuVgUCcIHN5FrlvFrTVAcJywUpBmBA7fKuF6Dr7uiyn+s/nzOx7L6Mq/PC71ujO
rsmzBnaKKMlLZdZg88a1XbFb/Bjc5DLYS4djVIfw1UTgQOz22sRjcVfwoALVe2nF
30Y=
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:57:30 2024 by rpki-client on console-fra.rpki-client.org