Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/1-nclgvy6NLnMSw7muib2OYMHyb4.roa
File: 1-nclgvy6NLnMSw7muib2OYMHyb4.roa (raw, json)
Hash identifier: MUXK88prvISfNYTigR2gprOvPEgf20CV93fBtHok00k=
Subject key identifier: FA:77:25:82:FC:BA:34:B9:CC:4B:0E:E6:BA:26:F6:39:83:07:C9:BE
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018CCA29EDC57EB8222338E2B95FD00131C0
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/1-nclgvy6NLnMSw7muib2OYMHyb4.roa
Signing time: Tue 02 Jan 2024 12:33:14 +0000
ROA not before: Tue 02 Jan 2024 12:33:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42350
IP address blocks: 93.170.89.0/24 maxlen: 24
95.46.198.0/23 maxlen: 24
146.120.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:ed:c5:7e:b8:22:23:38:e2:b9:5f:d0:01:31:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 12:33:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fa772582fcba34b9cc4b0ee6ba26f6398307c9be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:d2:f1:70:7f:a7:75:9c:41:eb:5c:22:e6:16:
80:53:61:a6:57:50:76:39:b0:ee:4b:04:b3:f4:09:
f1:3d:a6:d8:13:94:d3:b0:9f:07:a0:4d:f8:20:e9:
08:37:02:26:2d:4d:ef:b2:ef:52:ef:56:0c:e5:ee:
bc:96:b3:76:25:51:c0:81:19:c1:6e:6f:9c:2a:34:
c5:89:5b:76:59:1f:ea:7e:d8:1b:7e:79:27:8f:f3:
d4:74:e6:a9:a8:af:43:56:c5:c7:a8:d7:ad:72:ff:
d9:ea:13:5f:9d:f5:53:62:b8:6c:43:88:68:6b:89:
96:22:66:10:45:a6:df:cb:83:c8:f7:25:90:c0:ba:
34:e2:c4:c6:57:b1:fc:03:89:cc:db:a7:06:b9:2f:
cc:04:05:01:54:39:c0:33:ab:36:96:3d:2a:28:f3:
3b:a7:3f:dc:96:87:40:ba:6a:a9:0b:60:04:97:e8:
c6:1a:9b:54:d3:9f:b3:d9:40:0e:73:f1:07:31:5b:
d3:65:bb:23:fb:72:ee:4e:a0:69:97:30:b7:a8:f8:
6f:c5:b8:96:56:5a:42:ca:1e:88:f6:ec:3a:55:a6:
29:25:d8:10:01:03:ac:0e:1d:d4:af:e2:3e:f6:97:
79:bf:5f:95:e4:3f:0c:90:cb:27:1f:1a:e9:f9:7c:
5a:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:77:25:82:FC:BA:34:B9:CC:4B:0E:E6:BA:26:F6:39:83:07:C9:BE
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/1-nclgvy6NLnMSw7muib2OYMHyb4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.170.89.0/24
95.46.198.0/23
146.120.220.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:71:a5:15:4b:72:3d:1a:25:66:a3:93:c9:f0:57:0a:de:c8:
70:fd:75:99:ed:71:6f:58:e5:81:98:78:81:93:1b:85:a1:aa:
b5:f4:0a:39:35:1a:2b:0e:a8:18:22:7f:24:07:5f:8d:b3:b7:
2a:c9:cc:01:d3:7c:92:76:15:91:4a:ec:af:cb:ad:db:d3:1b:
6a:57:f5:fa:71:96:25:5c:d8:1d:ee:e9:b3:49:42:c1:0d:2f:
6a:2e:0b:87:d2:b4:7e:04:a3:ac:ef:cf:d2:70:82:a4:e9:ce:
e5:44:d2:a2:ae:a7:09:cd:2f:be:3d:7c:a5:21:9e:f6:97:ad:
57:1b:51:98:1d:fe:c3:83:20:da:69:eb:e4:06:86:e4:75:16:
1b:be:b5:dd:17:2c:2b:ad:6b:25:1f:dd:54:74:3f:c5:24:0c:
4b:bc:42:a0:c7:ad:cd:f9:ce:d3:7e:d1:aa:bb:47:64:3e:4e:
29:d5:08:d9:40:28:93:ee:09:b9:50:01:16:a1:cc:e9:e9:03:
61:ab:c2:b8:36:7f:7d:60:92:27:75:3e:9d:9f:f5:04:bc:75:
c3:de:21:a2:7d:80:ed:f4:96:7b:a9:ab:5b:b9:a9:73:af:ef:
5d:fa:c9:cc:b1:ba:97:46:9f:00:c2:2e:51:41:a8:58:d4:cc:
d3:14:94:df
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAYzKKe3FfrgiIzjiuV/QATHAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjQwMTAyMTIzMzE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTc3MjU4MmZjYmEzNGI5Y2M0YjBlZTZiYTI2ZjYzOTgzMDdjOWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkdLxcH+ndZxB61wi5haAU2GmV1B2
ObDuSwSz9AnxPabYE5TTsJ8HoE34IOkINwImLU3vsu9S71YM5e68lrN2JVHAgRnB
bm+cKjTFiVt2WR/qftgbfnknj/PUdOapqK9DVsXHqNetcv/Z6hNfnfVTYrhsQ4ho
a4mWImYQRabfy4PI9yWQwLo04sTGV7H8A4nM26cGuS/MBAUBVDnAM6s2lj0qKPM7
pz/clodAumqpC2AEl+jGGptU05+z2UAOc/EHMVvTZbsj+3LuTqBplzC3qPhvxbiW
VlpCyh6I9uw6VaYpJdgQAQOsDh3Ur+I+9pd5v1+V5D8MkMsnHxrp+XxaxwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPp3JYL8ujS5zEsO5rom9jmDB8m+MB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvMS1uY2xndnk2TkxuTVN3N211aWIyT1lNSHliNC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTgvMThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJl
ZC8xL2RKRWl3MVE0cE9zbUl6X2Nia3V4M3kycTcwSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAF2qWQME
AV8uxgMEAJJ43DANBgkqhkiG9w0BAQsFAAOCAQEAP3GlFUtyPRolZqOTyfBXCt7I
cP11me1xb1jlgZh4gZMbhaGqtfQKOTUaKw6oGCJ/JAdfjbO3KsnMAdN8knYVkUrs
r8ut29Mbalf1+nGWJVzYHe7ps0lCwQ0vai4Lh9K0fgSjrO/P0nCCpOnO5UTSoq6n
Cc0vvj18pSGe9petVxtRmB3+w4Mg2mnr5AaG5HUWG7613RcsK61rJR/dVHQ/xSQM
S7xCoMetzfnO037RqrtHZD5OKdUI2UAok+4JuVABFqHM6ekDYavCuDZ/fWCSJ3U+
nZ/1BLx1w94hon2A7fSWe6mrW7mpc6/vXfrJzLG6l0afAMIuUUGoWNTM0xSU3w==
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:13:21 2024 by rpki-client on console-fra.rpki-client.org