Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/nVNz8JqTy2oIDlVRqSTtLKNVX2o.roa
File: nVNz8JqTy2oIDlVRqSTtLKNVX2o.roa (raw, json)
Hash identifier: eXoU3bP7VAVyb0JBiVV0gczNhGMHOUVWGUaj23vrw4o=
Subject key identifier: 9D:53:73:F0:9A:93:CB:6A:08:0E:55:51:A9:24:ED:2C:A3:55:5F:6A
Certificate issuer: /CN=95b30111b0b720a209f788c8b90f60380b465c2e
Certificate serial: 018CC26CF9FF51E6459F35EBC2525EB9DA6A
Authority key identifier: 95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/nVNz8JqTy2oIDlVRqSTtLKNVX2o.roa
Signing time: Mon 01 Jan 2024 00:29:30 +0000
ROA not before: Mon 01 Jan 2024 00:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205262
IP address blocks: 89.40.74.0/24 maxlen: 24
37.122.216.0/22 maxlen: 24
185.205.252.0/22 maxlen: 24
185.84.204.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.mft
rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6c:f9:ff:51:e6:45:9f:35:eb:c2:52:5e:b9:da:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95b30111b0b720a209f788c8b90f60380b465c2e
Validity
Not Before: Jan 1 00:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9d5373f09a93cb6a080e5551a924ed2ca3555f6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:32:05:7e:bc:cb:d2:aa:88:a1:b3:4a:0b:ee:
24:8d:ea:2f:1e:e8:ca:19:a3:8a:a0:27:e5:ca:96:
71:94:8d:f7:f9:01:1f:cc:e9:09:dc:38:e3:b9:06:
80:84:99:35:ee:d4:e1:6c:59:94:73:50:3e:26:9c:
3f:7f:dc:0f:df:71:a6:84:fd:a8:33:87:e6:24:2f:
d1:ea:6b:3a:dc:63:4e:f7:ac:52:87:f3:8d:d0:b6:
91:ed:eb:1c:8b:ce:57:60:d4:55:1a:32:82:8a:73:
d2:69:8a:31:6d:29:92:28:cf:ea:43:be:43:c8:c3:
7e:43:45:f9:af:98:36:fe:96:0e:fe:5f:3d:dc:d2:
98:06:a0:90:de:ca:db:68:ca:9c:b7:ee:2a:d2:49:
80:39:af:c4:4d:79:fa:af:98:db:34:c5:37:a9:bb:
65:44:92:ef:b9:a0:b5:f0:b9:5a:d6:83:d5:23:5b:
e9:e8:6d:e8:8a:20:b7:5e:ec:40:a2:e4:8b:e2:1b:
0a:2c:cf:b0:7a:4b:57:1b:79:0d:95:19:63:c3:91:
7b:85:e3:ee:53:33:f3:5c:78:e8:58:47:2f:cd:36:
ba:aa:78:b1:f3:19:b8:1c:ec:08:af:91:53:b8:51:
91:e0:20:81:bd:0e:2c:b0:37:11:12:f0:b3:18:26:
d1:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:53:73:F0:9A:93:CB:6A:08:0E:55:51:A9:24:ED:2C:A3:55:5F:6A
X509v3 Authority Key Identifier:
keyid:95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/nVNz8JqTy2oIDlVRqSTtLKNVX2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.122.216.0/22
89.40.74.0/24
185.84.204.0/22
185.205.252.0/22
Signature Algorithm: sha256WithRSAEncryption
83:8e:35:e7:71:ee:28:d1:36:33:76:a8:35:37:d2:41:f3:55:
47:ae:22:6d:c5:d5:01:b0:30:e3:8d:90:cf:e9:3a:44:d0:81:
0f:d9:42:0c:e7:45:8c:5e:db:cd:e1:33:b0:2c:33:d8:6d:12:
fa:a5:65:2a:8e:02:22:fa:ab:92:1f:d1:65:35:47:b5:97:71:
2e:52:06:69:49:ad:6a:54:48:8b:87:b5:16:f5:f5:2b:eb:e2:
3a:1a:7c:02:be:3a:0b:59:d0:e7:db:f9:c0:a4:0f:62:c5:b5:
e6:e5:e2:46:5b:06:4c:18:1b:14:5a:31:8f:14:cc:b9:f2:ed:
f1:a3:90:92:c5:17:6e:24:76:d9:8d:41:7b:66:a1:3b:96:6a:
5d:35:b5:a2:d5:29:8a:c0:0c:9f:f2:6c:80:fc:75:83:e9:18:
78:83:1f:2a:ea:e9:f3:bb:92:45:e1:ca:b6:00:c9:66:90:ee:
ee:00:4c:09:f3:6b:ff:a2:0d:84:d4:30:aa:31:d4:78:20:a2:
39:d4:b1:18:27:5e:b2:0d:2c:ee:83:d1:88:7b:e9:28:99:52:
7a:6b:db:5f:d5:59:01:b7:74:f9:dc:77:09:40:ad:8b:c1:58:
30:ef:70:04:04:73:fb:bb:3f:75:59:82:ac:f6:f7:60:85:b0:
e1:49:a3:6b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzCbPn/UeZFnzXrwlJeudpqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YjMwMTExYjBiNzIwYTIwOWY3ODhjOGI5MGY2MDM4MGI0
NjVjMmUwHhcNMjQwMTAxMDAyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDUzNzNmMDlhOTNjYjZhMDgwZTU1NTFhOTI0ZWQyY2EzNTU1ZjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoTIFfrzL0qqIobNKC+4kjeovHujK
GaOKoCflypZxlI33+QEfzOkJ3DjjuQaAhJk17tThbFmUc1A+Jpw/f9wP33GmhP2o
M4fmJC/R6ms63GNO96xSh/ON0LaR7esci85XYNRVGjKCinPSaYoxbSmSKM/qQ75D
yMN+Q0X5r5g2/pYO/l893NKYBqCQ3srbaMqct+4q0kmAOa/ETXn6r5jbNMU3qbtl
RJLvuaC18Lla1oPVI1vp6G3oiiC3XuxAouSL4hsKLM+wektXG3kNlRljw5F7hePu
UzPzXHjoWEcvzTa6qnix8xm4HOwIr5FTuFGR4CCBvQ4ssDcREvCzGCbR5wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJ1Tc/Cak8tqCA5VUakk7SyjVV9qMB8GA1UdIwQY
MBaAFJWzARGwtyCiCfeIyLkPYDgLRlwuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmIt
OTE2NDZiZjAxNTNkLzEvblZOejhKcVR5Mm9JRGxWUnFTVHRMS05WWDJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmItOTE2NDZiZjAxNTNk
LzEvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCJXrYAwQA
WShKAwQCuVTMAwQCuc38MA0GCSqGSIb3DQEBCwUAA4IBAQCDjjXnce4o0TYzdqg1
N9JB81VHriJtxdUBsDDjjZDP6TpE0IEP2UIM50WMXtvN4TOwLDPYbRL6pWUqjgIi
+quSH9FlNUe1l3EuUgZpSa1qVEiLh7UW9fUr6+I6GnwCvjoLWdDn2/nApA9ixbXm
5eJGWwZMGBsUWjGPFMy58u3xo5CSxRduJHbZjUF7ZqE7lmpdNbWi1SmKwAyf8myA
/HWD6Rh4gx8q6unzu5JF4cq2AMlmkO7uAEwJ82v/og2E1DCqMdR4IKI51LEYJ16y
DSzug9GIe+komVJ6a9tf1VkBt3T53HcJQK2LwVgw73AEBHP7uz91WYKs9vdghbDh
SaNr
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:06:58 2024 by rpki-client on console-ams.rpki-client.org