Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/73f1c9-82b0-4ede-b899-f742f395aaf9/1/nVA1lpsZLzCTOSJu1yBy_OVPpp8.roa
File: nVA1lpsZLzCTOSJu1yBy_OVPpp8.roa (raw, json)
Hash identifier: eERDmA1bibMch1tz983bjllVX9LnCw/9lxxwDDzWNSI=
Subject key identifier: 9D:50:35:96:9B:19:2F:30:93:39:22:6E:D7:20:72:FC:E5:4F:A6:9F
Certificate issuer: /CN=23b1943087ce69623e76b2145b3479ac204ba1c9
Certificate serial: 018CC726F32D424449BE786ACDA52752B90A
Authority key identifier: 23:B1:94:30:87:CE:69:62:3E:76:B2:14:5B:34:79:AC:20:4B:A1:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I7GUMIfOaWI-drIUWzR5rCBLock.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/73f1c9-82b0-4ede-b899-f742f395aaf9/1/nVA1lpsZLzCTOSJu1yBy_OVPpp8.roa
Signing time: Mon 01 Jan 2024 22:31:07 +0000
ROA not before: Mon 01 Jan 2024 22:31:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35405
IP address blocks: 87.236.64.0/24 maxlen: 24
87.236.70.0/24 maxlen: 24
87.236.65.0/24 maxlen: 24
87.236.71.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/73f1c9-82b0-4ede-b899-f742f395aaf9/1/I7GUMIfOaWI-drIUWzR5rCBLock.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/73f1c9-82b0-4ede-b899-f742f395aaf9/1/I7GUMIfOaWI-drIUWzR5rCBLock.mft
rsync://rpki.ripe.net/repository/DEFAULT/I7GUMIfOaWI-drIUWzR5rCBLock.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 10:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:f3:2d:42:44:49:be:78:6a:cd:a5:27:52:b9:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23b1943087ce69623e76b2145b3479ac204ba1c9
Validity
Not Before: Jan 1 22:31:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9d5035969b192f309339226ed72072fce54fa69f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:31:fb:56:e2:35:e0:ff:bc:e3:38:6c:04:7e:
d2:4f:d1:7d:da:ff:91:8c:56:ba:ca:36:85:c4:c8:
2c:ce:9a:4f:6a:43:8c:4a:63:9e:8b:4c:6f:35:e5:
2b:6b:12:0b:96:53:65:ad:bb:77:c8:70:a9:6f:8a:
bf:47:86:ac:0b:e4:a0:da:1f:07:86:dd:ba:ab:ac:
c6:d0:62:3b:f3:7e:87:28:05:90:e1:2e:93:47:55:
25:fb:49:7e:cb:57:4a:6b:e4:fc:93:d1:de:96:31:
05:22:97:49:3c:b6:94:fd:d4:04:55:45:18:fa:bc:
eb:71:de:05:45:7a:99:8d:e6:37:e5:04:64:77:24:
82:02:6c:74:7c:a3:9a:56:8d:15:bb:8f:8e:55:4e:
30:2c:2c:48:a0:d3:c5:f4:f8:30:af:8f:f0:ad:e0:
f6:8b:16:5a:71:5f:b6:7b:0c:ca:87:8e:13:0a:82:
99:34:36:67:99:f1:48:ed:6b:4b:d4:d3:87:f4:b8:
20:5a:d9:9c:31:1f:1c:45:02:da:df:fe:83:cc:5c:
b4:e3:a1:a2:8e:5e:83:6c:8e:fb:5f:62:82:13:5b:
4f:46:ef:1b:57:8f:5d:1c:d1:8d:e3:8b:cf:5f:f1:
a2:7b:b6:c4:49:45:b3:d7:a4:fe:21:dd:60:70:91:
cf:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:50:35:96:9B:19:2F:30:93:39:22:6E:D7:20:72:FC:E5:4F:A6:9F
X509v3 Authority Key Identifier:
keyid:23:B1:94:30:87:CE:69:62:3E:76:B2:14:5B:34:79:AC:20:4B:A1:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I7GUMIfOaWI-drIUWzR5rCBLock.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/73f1c9-82b0-4ede-b899-f742f395aaf9/1/nVA1lpsZLzCTOSJu1yBy_OVPpp8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/73f1c9-82b0-4ede-b899-f742f395aaf9/1/I7GUMIfOaWI-drIUWzR5rCBLock.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.236.64.0/23
87.236.70.0/23
Signature Algorithm: sha256WithRSAEncryption
8f:a0:91:b0:cb:12:10:60:60:9a:5a:90:4c:ba:d5:76:be:6f:
8e:cb:ae:35:da:c3:f9:17:81:dc:08:93:34:81:38:1a:58:c5:
78:5a:24:31:3a:db:2a:ba:3d:49:56:83:0a:a2:dd:93:98:86:
40:b4:a9:d0:83:14:50:da:aa:a1:5d:77:04:b5:76:35:8b:75:
88:d5:4b:91:32:88:6b:dc:38:7c:8c:72:69:b7:80:3b:6a:73:
8b:e9:43:76:f3:49:20:5a:e1:7d:ea:ec:41:55:f1:d6:4e:ef:
30:12:33:af:dc:a4:ea:70:d4:ee:71:32:f2:52:1f:97:6d:91:
43:1f:28:b3:01:3f:78:74:fb:31:b8:ef:da:19:40:e3:de:4f:
c7:d6:60:7e:b6:23:d9:d2:78:54:90:b8:a2:7a:e5:65:5d:ab:
fc:d6:f6:92:7c:f3:c8:49:c0:1c:e3:fa:af:d3:0f:30:5b:9d:
88:cf:c0:54:11:92:48:9c:2a:ab:32:36:e4:2f:ae:c4:4c:b0:
ed:f6:d4:1c:0b:7d:09:1e:5f:a4:5d:0b:40:47:97:8e:8a:3e:
76:d2:fd:2b:29:6a:20:62:e3:8c:76:8f:71:27:62:b3:4f:94:
c2:8f:17:49:a7:30:bc:22:bf:9a:65:e2:7a:7f:9c:54:05:25:
ef:e0:f8:6a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzHJvMtQkRJvnhqzaUnUrkKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzYjE5NDMwODdjZTY5NjIzZTc2YjIxNDViMzQ3OWFjMjA0
YmExYzkwHhcNMjQwMTAxMjIzMTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDUwMzU5NjliMTkyZjMwOTMzOTIyNmVkNzIwNzJmY2U1NGZhNjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4zH7VuI14P+84zhsBH7ST9F92v+R
jFa6yjaFxMgszppPakOMSmOei0xvNeUraxILllNlrbt3yHCpb4q/R4asC+Sg2h8H
ht26q6zG0GI7836HKAWQ4S6TR1Ul+0l+y1dKa+T8k9HeljEFIpdJPLaU/dQEVUUY
+rzrcd4FRXqZjeY35QRkdySCAmx0fKOaVo0Vu4+OVU4wLCxIoNPF9Pgwr4/wreD2
ixZacV+2ewzKh44TCoKZNDZnmfFI7WtL1NOH9LggWtmcMR8cRQLa3/6DzFy046Gi
jl6DbI77X2KCE1tPRu8bV49dHNGN44vPX/Gie7bESUWz16T+Id1gcJHPZQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJ1QNZabGS8wkzkibtcgcvzlT6afMB8GA1UdIwQY
MBaAFCOxlDCHzmliPnayFFs0eawgS6HJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTdHVU1JZk9hV0ktZHJJVVd6UjVyQ0JMb2NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC83M2YxYzktODJiMC00ZWRlLWI4OTkt
Zjc0MmYzOTVhYWY5LzEvblZBMWxwc1pMekNUT1NKdTF5QnlfT1ZQcHA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC83M2YxYzktODJiMC00ZWRlLWI4OTktZjc0MmYzOTVhYWY5
LzEvSTdHVU1JZk9hV0ktZHJJVVd6UjVyQ0JMb2NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBV+xAAwQB
V+xGMA0GCSqGSIb3DQEBCwUAA4IBAQCPoJGwyxIQYGCaWpBMutV2vm+Oy6412sP5
F4HcCJM0gTgaWMV4WiQxOtsquj1JVoMKot2TmIZAtKnQgxRQ2qqhXXcEtXY1i3WI
1UuRMohr3Dh8jHJpt4A7anOL6UN280kgWuF96uxBVfHWTu8wEjOv3KTqcNTucTLy
Uh+XbZFDHyizAT94dPsxuO/aGUDj3k/H1mB+tiPZ0nhUkLiieuVlXav81vaSfPPI
ScAc4/qv0w8wW52Iz8BUEZJInCqrMjbkL67ETLDt9tQcC30JHl+kXQtAR5eOij52
0v0rKWogYuOMdo9xJ2KzT5TCjxdJpzC8Ir+aZeJ6f5xUBSXv4Phq
-----END CERTIFICATE-----
Generated at Fri Jun 7 18:07:16 2024 by rpki-client on console-fra.rpki-client.org