Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/aa95e3-5082-4fa7-a7ab-94cf3a35bf8c/1/nlmP7pjabv-6CREPPLzW0oB-JcY.roa
File: nlmP7pjabv-6CREPPLzW0oB-JcY.roa (raw, json)
Hash identifier: aozceqUheL9kWi6RIa8xM4ehcgYsA0Kqs773oBsQu0Y=
Subject key identifier: 9E:59:8F:EE:98:DA:6E:FF:BA:09:11:0F:3C:BC:D6:D2:80:7E:25:C6
Certificate issuer: /CN=08092d27478143c6ae3905c47f5847df9c02f413
Certificate serial: 018CC3495457084ABC5268ECACCBE6F2950C
Authority key identifier: 08:09:2D:27:47:81:43:C6:AE:39:05:C4:7F:58:47:DF:9C:02:F4:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAktJ0eBQ8auOQXEf1hH35wC9BM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/aa95e3-5082-4fa7-a7ab-94cf3a35bf8c/1/nlmP7pjabv-6CREPPLzW0oB-JcY.roa
Signing time: Mon 01 Jan 2024 04:30:12 +0000
ROA not before: Mon 01 Jan 2024 04:30:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199235
IP address blocks: 185.83.224.0/22 maxlen: 22
89.147.124.0/22 maxlen: 22
37.143.72.0/22 maxlen: 22
2a02:6f40::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/aa95e3-5082-4fa7-a7ab-94cf3a35bf8c/1/CAktJ0eBQ8auOQXEf1hH35wC9BM.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/aa95e3-5082-4fa7-a7ab-94cf3a35bf8c/1/CAktJ0eBQ8auOQXEf1hH35wC9BM.mft
rsync://rpki.ripe.net/repository/DEFAULT/CAktJ0eBQ8auOQXEf1hH35wC9BM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 17:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:54:57:08:4a:bc:52:68:ec:ac:cb:e6:f2:95:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08092d27478143c6ae3905c47f5847df9c02f413
Validity
Not Before: Jan 1 04:30:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9e598fee98da6effba09110f3cbcd6d2807e25c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:96:46:8b:02:58:db:32:34:46:b0:7e:8e:ab:
9f:37:cd:73:c9:07:42:2d:cd:e5:69:ef:b2:69:4c:
e1:f2:ac:b9:dd:ad:85:72:c7:32:3c:e2:a1:b4:d6:
ed:a4:92:1a:2a:c1:f8:62:45:c4:d2:4c:8a:24:dc:
9d:5d:5f:98:db:df:e6:2f:f2:69:dd:f6:49:1c:00:
e4:9e:d8:e8:39:f3:52:08:9d:a7:ec:02:00:22:e1:
5c:33:7c:a9:52:a6:08:ef:98:bb:d9:56:75:44:6c:
ff:7d:45:99:f5:82:bd:df:0d:95:a5:3c:af:a6:10:
b9:2d:39:3f:01:c7:7a:b5:53:e4:1d:3d:99:0f:ff:
26:2a:ec:1c:6b:81:bb:56:1e:29:7f:ba:76:f0:82:
89:34:0d:3b:c5:27:0f:7c:9e:df:36:aa:f2:af:64:
04:70:1f:1b:eb:09:82:97:0e:ee:46:72:25:77:60:
86:f1:2c:7c:f5:04:c6:33:5a:80:c1:d0:65:73:d1:
18:cd:ae:63:f3:02:f2:2a:48:cc:ed:bb:15:40:d5:
9d:c8:35:91:a9:e8:1e:48:03:fa:f0:4a:83:a4:30:
1c:d4:ba:38:7c:14:77:93:ff:d4:de:11:b7:4d:b3:
b5:5b:ef:f3:45:30:79:1a:52:e1:c1:80:87:3f:9d:
92:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:59:8F:EE:98:DA:6E:FF:BA:09:11:0F:3C:BC:D6:D2:80:7E:25:C6
X509v3 Authority Key Identifier:
keyid:08:09:2D:27:47:81:43:C6:AE:39:05:C4:7F:58:47:DF:9C:02:F4:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAktJ0eBQ8auOQXEf1hH35wC9BM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/aa95e3-5082-4fa7-a7ab-94cf3a35bf8c/1/nlmP7pjabv-6CREPPLzW0oB-JcY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/aa95e3-5082-4fa7-a7ab-94cf3a35bf8c/1/CAktJ0eBQ8auOQXEf1hH35wC9BM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.143.72.0/22
89.147.124.0/22
185.83.224.0/22
IPv6:
2a02:6f40::/32
Signature Algorithm: sha256WithRSAEncryption
3d:21:15:32:0e:17:13:ce:6e:a1:31:a7:ca:8a:d0:19:bd:15:
44:97:67:b5:f8:fe:eb:13:f9:b0:9b:a3:e2:d9:53:be:40:1f:
7a:63:70:52:1d:a7:06:7f:17:c8:01:11:58:0b:60:52:b2:2e:
99:1b:e7:79:76:cd:c5:67:ca:14:5c:7b:3a:b7:c7:22:cf:93:
1f:12:33:04:a1:31:4c:98:19:84:4d:14:9d:b7:46:ba:38:c1:
d3:e0:5c:c3:fa:99:a6:d5:1d:a0:58:fb:84:82:49:3f:89:e2:
fd:18:61:cb:23:b1:47:a1:be:83:9d:17:c2:39:2d:40:ed:35:
67:ca:73:22:d8:77:8b:95:fc:a7:08:3d:a5:24:9d:da:d0:70:
1c:5d:59:89:96:29:ae:3c:99:1f:79:ee:49:10:7a:e2:77:8f:
9c:68:f6:8e:ec:0e:c6:75:25:18:8e:48:2f:de:b3:42:bd:bd:
5a:aa:70:63:d4:53:f7:ff:34:9d:6f:21:8a:41:9a:16:65:0b:
3d:5e:d4:38:ad:c6:85:a9:b8:74:a5:35:6c:21:ea:4e:a8:aa:
a9:2d:90:4f:40:33:ce:d9:43:60:50:b9:68:03:83:5d:1d:3d:
24:06:5f:37:21:68:2b:8a:24:83:8b:47:91:9b:c1:1e:0a:99:
93:c6:38:36
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzDSVRXCEq8UmjsrMvm8pUMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDkyZDI3NDc4MTQzYzZhZTM5MDVjNDdmNTg0N2RmOWMw
MmY0MTMwHhcNMjQwMTAxMDQzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTU5OGZlZTk4ZGE2ZWZmYmEwOTExMGYzY2JjZDZkMjgwN2UyNWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiZZGiwJY2zI0RrB+jqufN81zyQdC
Lc3lae+yaUzh8qy53a2FcscyPOKhtNbtpJIaKsH4YkXE0kyKJNydXV+Y29/mL/Jp
3fZJHADkntjoOfNSCJ2n7AIAIuFcM3ypUqYI75i72VZ1RGz/fUWZ9YK93w2VpTyv
phC5LTk/Acd6tVPkHT2ZD/8mKuwca4G7Vh4pf7p28IKJNA07xScPfJ7fNqryr2QE
cB8b6wmClw7uRnIld2CG8Sx89QTGM1qAwdBlc9EYza5j8wLyKkjM7bsVQNWdyDWR
qegeSAP68EqDpDAc1Lo4fBR3k//U3hG3TbO1W+/zRTB5GlLhwYCHP52SvQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJ5Zj+6Y2m7/ugkRDzy81tKAfiXGMB8GA1UdIwQY
MBaAFAgJLSdHgUPGrjkFxH9YR9+cAvQTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FrdEowZUJROGF1T1FYRWYxaEgzNXdDOUJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi9hYTk1ZTMtNTA4Mi00ZmE3LWE3YWIt
OTRjZjNhMzViZjhjLzEvbmxtUDdwamFidi02Q1JFUFBMelcwb0ItSmNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi9hYTk1ZTMtNTA4Mi00ZmE3LWE3YWItOTRjZjNhMzViZjhj
LzEvQ0FrdEowZUJROGF1T1FYRWYxaEgzNXdDOUJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCJY9IAwQC
WZN8AwQCuVPgMA0EAgACMAcDBQAqAm9AMA0GCSqGSIb3DQEBCwUAA4IBAQA9IRUy
DhcTzm6hMafKitAZvRVEl2e1+P7rE/mwm6Pi2VO+QB96Y3BSHacGfxfIARFYC2BS
si6ZG+d5ds3FZ8oUXHs6t8ciz5MfEjMEoTFMmBmETRSdt0a6OMHT4FzD+pmm1R2g
WPuEgkk/ieL9GGHLI7FHob6DnRfCOS1A7TVnynMi2HeLlfynCD2lJJ3a0HAcXVmJ
limuPJkfee5JEHrid4+caPaO7A7GdSUYjkgv3rNCvb1aqnBj1FP3/zSdbyGKQZoW
ZQs9XtQ4rcaFqbh0pTVsIepOqKqpLZBPQDPO2UNgULloA4NdHT0kBl83IWgriiSD
i0eRm8EeCpmTxjg2
-----END CERTIFICATE-----
Generated at Sun Jun 16 19:51:39 2024 by rpki-client on console-fra.rpki-client.org