Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/55ea3e-d7e2-430c-af8a-c321840c1faa/1/NTTQXOe-KQNTX8GpVTq9DTybvwY.roa
File: NTTQXOe-KQNTX8GpVTq9DTybvwY.roa (raw, json)
Hash identifier: 7Q/izpjUfuI43NBSW+PFWtuOP1bn244NH82d5+luV8E=
Subject key identifier: 35:34:D0:5C:E7:BE:29:03:53:5F:C1:A9:55:3A:BD:0D:3C:9B:BF:06
Certificate issuer: /CN=388e962840cd3168dd2ea396fe68127628aeac27
Certificate serial: 018F2A5D365FAFD2C3065F64A47FD14FE528
Authority key identifier: 38:8E:96:28:40:CD:31:68:DD:2E:A3:96:FE:68:12:76:28:AE:AC:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OI6WKEDNMWjdLqOW_mgSdiiurCc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/55ea3e-d7e2-430c-af8a-c321840c1faa/1/NTTQXOe-KQNTX8GpVTq9DTybvwY.roa
Signing time: Mon 29 Apr 2024 14:58:22 +0000
ROA not before: Mon 29 Apr 2024 14:58:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 185.144.240.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/55ea3e-d7e2-430c-af8a-c321840c1faa/1/OI6WKEDNMWjdLqOW_mgSdiiurCc.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/55ea3e-d7e2-430c-af8a-c321840c1faa/1/OI6WKEDNMWjdLqOW_mgSdiiurCc.mft
rsync://rpki.ripe.net/repository/DEFAULT/OI6WKEDNMWjdLqOW_mgSdiiurCc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2a:5d:36:5f:af:d2:c3:06:5f:64:a4:7f:d1:4f:e5:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=388e962840cd3168dd2ea396fe68127628aeac27
Validity
Not Before: Apr 29 14:58:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3534d05ce7be2903535fc1a9553abd0d3c9bbf06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:db:11:39:bc:28:10:58:b1:c5:77:03:b1:f1:
7c:f1:25:61:2a:c1:c2:64:98:f9:68:82:70:d7:3e:
ba:58:85:af:3f:e8:46:50:0f:e4:a4:1a:b2:8f:37:
90:1a:0d:20:0e:86:9a:34:46:e7:32:5c:ef:0d:dd:
c5:0c:ea:fc:58:1a:38:03:d6:f9:ff:eb:af:3f:40:
76:de:52:4e:6b:22:c8:54:fb:d1:6e:48:7c:20:04:
f2:bd:05:da:42:9a:fd:c6:f2:2c:63:bc:d7:db:e7:
46:98:fc:a6:ff:2b:df:74:bc:66:33:9e:57:23:96:
be:33:4a:55:da:05:69:ec:d1:4d:16:8c:6a:2e:37:
29:77:c1:a3:c6:88:7c:3a:14:97:ec:75:1a:97:fe:
4f:5d:a9:8b:0e:4f:08:65:b8:56:99:c9:d1:3a:2a:
14:b1:b1:52:1f:f3:a6:8e:b2:c4:d5:6c:74:d8:9d:
23:1d:ce:7c:8b:38:77:f4:74:64:a4:95:84:4c:af:
f2:a5:7a:ac:76:4b:93:98:37:b2:c7:09:7b:84:e1:
41:c2:86:9d:d3:62:b1:b2:71:1f:fa:d7:8f:86:d6:
96:31:46:11:9d:5c:f6:78:96:81:52:23:7e:93:86:
07:81:7c:89:00:cc:c5:39:e1:2c:ed:32:a2:98:ae:
a4:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:34:D0:5C:E7:BE:29:03:53:5F:C1:A9:55:3A:BD:0D:3C:9B:BF:06
X509v3 Authority Key Identifier:
keyid:38:8E:96:28:40:CD:31:68:DD:2E:A3:96:FE:68:12:76:28:AE:AC:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OI6WKEDNMWjdLqOW_mgSdiiurCc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/55ea3e-d7e2-430c-af8a-c321840c1faa/1/NTTQXOe-KQNTX8GpVTq9DTybvwY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/55ea3e-d7e2-430c-af8a-c321840c1faa/1/OI6WKEDNMWjdLqOW_mgSdiiurCc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.144.240.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:bb:2d:0a:4a:ab:95:a2:6f:9e:ec:9c:37:df:b1:cd:b6:85:
fa:02:4c:1b:14:6a:b9:0b:a5:0a:b4:86:f0:aa:4f:70:d5:b9:
6d:05:ec:30:a6:5b:e9:63:9d:e9:ca:b0:98:f3:be:8d:70:ac:
90:c0:a8:4a:de:96:e0:6d:7c:b8:08:46:10:74:22:41:74:94:
fb:d7:99:1c:dd:62:d7:c1:d5:b0:15:0d:ed:47:e6:f1:5b:10:
72:e5:f7:25:62:ab:d5:e5:c1:03:01:f7:bb:7b:c5:c6:1c:50:
01:af:31:63:2b:ba:61:5d:4b:17:7c:94:c8:d0:8e:50:d9:69:
84:fc:d5:40:f7:c6:e8:26:96:d1:cb:6d:9c:4e:5b:c0:6d:38:
19:e0:ff:4d:fc:2f:ab:7b:0d:09:af:91:19:27:4c:d7:3c:0e:
4a:f0:04:ff:43:95:66:94:81:99:1b:ec:94:d6:ff:63:56:de:
3c:a6:bc:53:98:7a:4c:b2:0a:bb:be:27:16:07:0e:1c:a6:64:
a7:2f:0d:dd:e4:4c:84:7e:0c:97:81:ee:57:ca:8c:ae:be:bc:
94:2b:d7:36:07:27:db:a4:ff:c1:03:73:ed:86:67:12:55:a9:
7d:98:01:c9:06:cb:38:f6:14:5b:e4:9e:c4:77:2b:24:b3:40:
12:80:f9:db
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY8qXTZfr9LDBl9kpH/RT+UoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4OGU5NjI4NDBjZDMxNjhkZDJlYTM5NmZlNjgxMjc2Mjhh
ZWFjMjcwHhcNMjQwNDI5MTQ1ODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTM0ZDA1Y2U3YmUyOTAzNTM1ZmMxYTk1NTNhYmQwZDNjOWJiZjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvdsRObwoEFixxXcDsfF88SVhKsHC
ZJj5aIJw1z66WIWvP+hGUA/kpBqyjzeQGg0gDoaaNEbnMlzvDd3FDOr8WBo4A9b5
/+uvP0B23lJOayLIVPvRbkh8IATyvQXaQpr9xvIsY7zX2+dGmPym/yvfdLxmM55X
I5a+M0pV2gVp7NFNFoxqLjcpd8Gjxoh8OhSX7HUal/5PXamLDk8IZbhWmcnROioU
sbFSH/OmjrLE1Wx02J0jHc58izh39HRkpJWETK/ypXqsdkuTmDeyxwl7hOFBwoad
02KxsnEf+tePhtaWMUYRnVz2eJaBUiN+k4YHgXyJAMzFOeEs7TKimK6ktwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDU00FznvikDU1/BqVU6vQ08m78GMB8GA1UdIwQY
MBaAFDiOlihAzTFo3S6jlv5oEnYorqwnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0k2V0tFRE5NV2pkTHFPV19tZ1NkaWl1ckNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC81NWVhM2UtZDdlMi00MzBjLWFmOGEt
YzMyMTg0MGMxZmFhLzEvTlRUUVhPZS1LUU5UWDhHcFZUcTlEVHlidndZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC81NWVhM2UtZDdlMi00MzBjLWFmOGEtYzMyMTg0MGMxZmFh
LzEvT0k2V0tFRE5NV2pkTHFPV19tZ1NkaWl1ckNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZDwMA0G
CSqGSIb3DQEBCwUAA4IBAQBNuy0KSquVom+e7Jw337HNtoX6AkwbFGq5C6UKtIbw
qk9w1bltBewwplvpY53pyrCY876NcKyQwKhK3pbgbXy4CEYQdCJBdJT715kc3WLX
wdWwFQ3tR+bxWxBy5fclYqvV5cEDAfe7e8XGHFABrzFjK7phXUsXfJTI0I5Q2WmE
/NVA98boJpbRy22cTlvAbTgZ4P9N/C+rew0Jr5EZJ0zXPA5K8AT/Q5VmlIGZG+yU
1v9jVt48prxTmHpMsgq7vicWBw4cpmSnLw3d5EyEfgyXge5XyoyuvryUK9c2Byfb
pP/BA3PthmcSVal9mAHJBss49hRb5J7Edysks0ASgPnb
-----END CERTIFICATE-----
Generated at Sun Nov 24 22:23:25 2024 by rpki-client on console-fra.rpki-client.org