Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/NCQ8NJAJ2HPcRVQwKszONICjZQY.roa
File: NCQ8NJAJ2HPcRVQwKszONICjZQY.roa (raw, json)
Hash identifier: fssQ6I/8EwmiGCdjv0VJxMTRPwNwyrZrXe7sZBsWCGc=
Subject key identifier: 34:24:3C:34:90:09:D8:73:DC:45:54:30:2A:CC:CE:34:80:A3:65:06
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018CCA29E75D4E72CBD4BCA486911BF34046
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/NCQ8NJAJ2HPcRVQwKszONICjZQY.roa
Signing time: Tue 02 Jan 2024 12:33:12 +0000
ROA not before: Tue 02 Jan 2024 12:33:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39906
IP address blocks: 93.170.84.0/22 maxlen: 24
95.46.33.0/24 maxlen: 24
95.46.32.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 May 2024 23:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:e7:5d:4e:72:cb:d4:bc:a4:86:91:1b:f3:40:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 12:33:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=34243c349009d873dc4554302accce3480a36506
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:8b:3f:2b:ee:60:28:fd:84:8c:d7:0c:f0:33:
3e:df:fe:bf:e3:42:d3:3f:9e:e3:fc:72:e0:e5:1e:
92:90:ac:82:e3:74:78:61:51:b7:b1:3c:80:d4:69:
bd:36:74:44:0f:22:50:d0:a4:6c:98:72:6d:eb:e1:
60:3c:29:ec:b5:a5:d6:52:82:d8:8c:73:d3:c2:70:
c3:d0:cc:31:91:5d:eb:1f:1b:07:7a:05:df:6b:57:
a5:53:77:dd:d3:1f:fb:49:c8:3c:ff:7b:95:b1:12:
39:b4:1d:90:ea:2a:8e:a5:fe:e0:6e:c5:20:68:46:
8e:61:90:06:e5:8e:ce:14:98:d8:ad:57:5c:a0:f3:
f1:f7:84:53:c9:75:37:02:8c:d0:77:eb:fb:bc:45:
fa:b0:79:9c:4a:f9:09:9c:d9:ad:6c:58:b5:4b:d8:
35:ac:2c:71:e6:fa:f7:b9:b5:c9:78:4d:30:45:ab:
e0:1b:33:7b:71:05:a2:33:91:8c:73:dc:8c:00:2a:
09:6e:34:d2:77:c1:48:17:2b:16:75:7d:6a:b0:c5:
13:ee:ef:42:1c:22:b2:77:df:9c:24:7a:6f:47:99:
f6:c6:f3:be:d7:7a:96:cc:2a:be:cc:63:b4:38:fe:
83:42:27:26:fe:3f:55:6c:91:d0:7d:08:95:c9:72:
9d:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:24:3C:34:90:09:D8:73:DC:45:54:30:2A:CC:CE:34:80:A3:65:06
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/NCQ8NJAJ2HPcRVQwKszONICjZQY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.170.84.0/22
95.46.32.0/23
Signature Algorithm: sha256WithRSAEncryption
73:1a:be:f0:0f:20:25:fa:7a:07:d5:10:12:8d:91:db:75:0f:
10:86:d8:2f:72:f9:c6:d6:de:b0:e5:fa:bf:26:1e:0d:42:d1:
8b:52:64:85:e6:b5:b0:21:0a:02:59:ce:86:de:9c:fd:22:82:
d6:46:06:fa:41:1d:0f:fb:d9:4a:49:da:e4:f8:31:b8:26:f3:
33:88:b7:2c:0b:37:73:2a:9c:b9:2d:eb:2c:be:f5:86:7a:8b:
d6:63:55:66:1a:3f:46:be:6c:c2:49:e7:61:2d:40:f5:0b:66:
08:fd:46:8a:2f:83:8b:f6:e8:5c:44:1b:9c:3e:da:48:be:a0:
5a:56:f7:f7:db:30:33:93:36:18:57:bf:49:3c:0b:0c:b9:a5:
7e:65:0c:fc:41:a6:00:0c:00:97:e1:2f:54:eb:88:4d:89:3a:
c5:a8:39:c4:02:30:dc:33:c2:85:b7:82:f3:66:d7:e0:05:ac:
c7:d9:d2:6c:32:ff:e7:ca:ce:94:a4:34:7a:91:30:4c:d0:08:
c1:e1:df:af:02:2c:2d:67:51:4f:b1:b1:28:49:27:20:db:32:
5e:4e:70:0e:25:37:de:8d:7f:c9:b1:d8:b9:3c:67:fb:ab:5a:
ac:59:f4:2e:ba:96:aa:74:44:d1:74:6c:5b:4d:cf:2b:fb:8a:
9d:c8:32:48
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKKeddTnLL1LykhpEb80BGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjQwMTAyMTIzMzEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDI0M2MzNDkwMDlkODczZGM0NTU0MzAyYWNjY2UzNDgwYTM2NTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh4s/K+5gKP2EjNcM8DM+3/6/40LT
P57j/HLg5R6SkKyC43R4YVG3sTyA1Gm9NnREDyJQ0KRsmHJt6+FgPCnstaXWUoLY
jHPTwnDD0MwxkV3rHxsHegXfa1elU3fd0x/7Scg8/3uVsRI5tB2Q6iqOpf7gbsUg
aEaOYZAG5Y7OFJjYrVdcoPPx94RTyXU3AozQd+v7vEX6sHmcSvkJnNmtbFi1S9g1
rCxx5vr3ubXJeE0wRavgGzN7cQWiM5GMc9yMACoJbjTSd8FIFysWdX1qsMUT7u9C
HCKyd9+cJHpvR5n2xvO+13qWzCq+zGO0OP6DQicm/j9VbJHQfQiVyXKdVwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDQkPDSQCdhz3EVUMCrMzjSAo2UGMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvTkNROE5KQUoySFBjUlZRd0tzek9OSUNqWlFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCXapUAwQB
Xy4gMA0GCSqGSIb3DQEBCwUAA4IBAQBzGr7wDyAl+noH1RASjZHbdQ8QhtgvcvnG
1t6w5fq/Jh4NQtGLUmSF5rWwIQoCWc6G3pz9IoLWRgb6QR0P+9lKSdrk+DG4JvMz
iLcsCzdzKpy5LessvvWGeovWY1VmGj9GvmzCSedhLUD1C2YI/UaKL4OL9uhcRBuc
PtpIvqBaVvf32zAzkzYYV79JPAsMuaV+ZQz8QaYADACX4S9U64hNiTrFqDnEAjDc
M8KFt4LzZtfgBazH2dJsMv/nys6UpDR6kTBM0AjB4d+vAiwtZ1FPsbEoSScg2zJe
TnAOJTfejX/Jsdi5PGf7q1qsWfQuupaqdETRdGxbTc8r+4qdyDJI
-----END CERTIFICATE-----
Generated at Wed May 29 07:59:55 2024 by rpki-client on console-ams.rpki-client.org