Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/N0esUVp68uV9q2BplL9puG23dkE.roa
File: N0esUVp68uV9q2BplL9puG23dkE.roa (raw, json)
Hash identifier: Jtbl74XHS4zTEDiVdUfkMTWia/xaO+ytYkd3wliRZ7s=
Subject key identifier: 37:47:AC:51:5A:7A:F2:E5:7D:AB:60:69:94:BF:69:B8:6D:B7:76:41
Certificate issuer: /CN=5c892aed3833e6100f5e0cf12271fd80b755c361
Certificate serial: 018CC8018C7C735E7AA4DCC8CCC35E0F55CE
Authority key identifier: 5C:89:2A:ED:38:33:E6:10:0F:5E:0C:F1:22:71:FD:80:B7:55:C3:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XIkq7Tgz5hAPXgzxInH9gLdVw2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/N0esUVp68uV9q2BplL9puG23dkE.roa
Signing time: Tue 02 Jan 2024 02:29:53 +0000
ROA not before: Tue 02 Jan 2024 02:29:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203576
IP address blocks: 185.173.145.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/XIkq7Tgz5hAPXgzxInH9gLdVw2E.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/XIkq7Tgz5hAPXgzxInH9gLdVw2E.mft
rsync://rpki.ripe.net/repository/DEFAULT/XIkq7Tgz5hAPXgzxInH9gLdVw2E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:8c:7c:73:5e:7a:a4:dc:c8:cc:c3:5e:0f:55:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c892aed3833e6100f5e0cf12271fd80b755c361
Validity
Not Before: Jan 2 02:29:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3747ac515a7af2e57dab606994bf69b86db77641
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:a4:60:ce:e1:17:c4:7c:35:87:9f:75:da:67:
9c:7e:33:a4:40:df:34:54:4d:da:7a:d2:e1:bb:45:
87:2e:23:59:1d:1b:62:c3:81:40:54:98:e7:fe:47:
03:f3:c1:54:73:91:93:cb:31:a7:72:00:3c:34:d6:
e6:d6:2a:30:b6:ab:47:ee:ad:11:17:e5:10:32:1a:
a5:bb:b8:46:cc:57:8e:41:b0:fd:ee:df:49:45:d2:
85:77:b1:49:5d:36:f8:b0:1b:62:b5:6b:08:27:a2:
02:0f:b0:bf:7c:e8:49:2a:02:f9:9a:0a:eb:27:05:
e8:af:ec:77:8c:24:fa:3d:c2:5a:ef:8b:72:d3:4a:
c2:23:c4:25:27:73:7f:b4:b8:c0:bb:a5:02:b9:02:
9a:6b:02:d1:3a:78:d8:05:eb:b9:88:b6:79:44:f6:
0a:0f:49:5c:78:6a:8e:fe:b9:2f:e0:b7:0a:42:25:
24:1e:dd:23:7c:e0:d6:88:c4:08:c4:26:67:62:4c:
b5:64:70:7d:12:2e:37:35:c2:00:4f:c3:77:2b:c5:
b4:61:0d:27:93:a4:53:56:c2:fc:32:91:b7:44:6e:
f6:03:a4:36:22:ca:f9:6f:5c:de:ce:95:9f:d2:e8:
6d:f8:fe:ea:70:eb:12:16:fc:83:e1:6e:c1:ff:e4:
60:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:47:AC:51:5A:7A:F2:E5:7D:AB:60:69:94:BF:69:B8:6D:B7:76:41
X509v3 Authority Key Identifier:
keyid:5C:89:2A:ED:38:33:E6:10:0F:5E:0C:F1:22:71:FD:80:B7:55:C3:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XIkq7Tgz5hAPXgzxInH9gLdVw2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/N0esUVp68uV9q2BplL9puG23dkE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/XIkq7Tgz5hAPXgzxInH9gLdVw2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.173.145.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:ab:2e:b0:3d:bc:ba:e3:c8:b1:7d:a4:2d:e6:8c:17:7d:2a:
62:7e:4f:76:05:36:20:ae:c2:49:fc:a8:9e:4b:25:c4:ec:04:
a7:6a:23:b3:68:1d:5a:62:85:e7:87:0f:4b:cd:f9:6f:90:3f:
7c:76:58:6f:eb:d9:f3:53:1e:ad:ca:1c:9b:01:3f:06:92:47:
36:ca:db:51:b6:50:7c:93:41:df:49:0c:0d:dc:b5:ac:4a:ec:
8c:eb:cf:33:01:5e:9c:7b:f8:18:01:37:55:1c:a3:1f:fb:f1:
7c:40:b1:74:66:9f:16:d5:c3:42:37:87:5d:77:5d:0b:00:27:
75:4b:ca:2e:46:75:8b:22:9a:b9:e8:69:fa:ac:8a:d7:b5:7f:
60:b2:29:f5:05:f9:de:19:d7:f9:ba:23:69:86:f5:b9:c9:14:
9e:51:5d:0b:20:67:bd:a1:8e:52:d2:29:ee:f1:1f:29:b6:b9:
ec:4b:d2:a2:23:0f:2c:99:14:3a:59:94:b2:14:75:75:0a:06:
0e:a7:f7:5b:09:8d:1c:50:27:cd:c2:98:b6:17:b1:4b:78:49:
8d:0a:f8:02:e9:4b:64:25:49:59:ab:d8:ae:49:d9:42:6e:2b:
8d:9c:c0:f8:b8:af:14:d6:25:21:2b:f0:c1:02:e0:6d:49:0e:
f6:63:c8:fd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAYx8c156pNzIzMNeD1XOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjODkyYWVkMzgzM2U2MTAwZjVlMGNmMTIyNzFmZDgwYjc1
NWMzNjEwHhcNMjQwMTAyMDIyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzQ3YWM1MTVhN2FmMmU1N2RhYjYwNjk5NGJmNjliODZkYjc3NjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKRgzuEXxHw1h5912mecfjOkQN80
VE3aetLhu0WHLiNZHRtiw4FAVJjn/kcD88FUc5GTyzGncgA8NNbm1iowtqtH7q0R
F+UQMhqlu7hGzFeOQbD97t9JRdKFd7FJXTb4sBtitWsIJ6ICD7C/fOhJKgL5mgrr
JwXor+x3jCT6PcJa74ty00rCI8QlJ3N/tLjAu6UCuQKaawLROnjYBeu5iLZ5RPYK
D0lceGqO/rkv4LcKQiUkHt0jfODWiMQIxCZnYky1ZHB9Ei43NcIAT8N3K8W0YQ0n
k6RTVsL8MpG3RG72A6Q2Isr5b1zezpWf0uht+P7qcOsSFvyD4W7B/+RgWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDdHrFFaevLlfatgaZS/abhtt3ZBMB8GA1UdIwQY
MBaAFFyJKu04M+YQD14M8SJx/YC3VcNhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWElrcTdUZ3o1aEFQWGd6eEluSDlnTGRWdzJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi84NmZiNDYtZDcxMi00NjAyLTljY2Ut
M2FhN2RhYTlkM2VjLzEvTjBlc1VWcDY4dVY5cTJCcGxMOXB1RzIzZGtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi84NmZiNDYtZDcxMi00NjAyLTljY2UtM2FhN2RhYTlkM2Vj
LzEvWElrcTdUZ3o1aEFQWGd6eEluSDlnTGRWdzJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAua2RMA0G
CSqGSIb3DQEBCwUAA4IBAQCwqy6wPby648ixfaQt5owXfSpifk92BTYgrsJJ/Kie
SyXE7ASnaiOzaB1aYoXnhw9LzflvkD98dlhv69nzUx6tyhybAT8Gkkc2yttRtlB8
k0HfSQwN3LWsSuyM688zAV6ce/gYATdVHKMf+/F8QLF0Zp8W1cNCN4ddd10LACd1
S8ouRnWLIpq56Gn6rIrXtX9gsin1BfneGdf5uiNphvW5yRSeUV0LIGe9oY5S0inu
8R8ptrnsS9KiIw8smRQ6WZSyFHV1CgYOp/dbCY0cUCfNwpi2F7FLeEmNCvgC6Utk
JUlZq9iuSdlCbiuNnMD4uK8U1iUhK/DBAuBtSQ72Y8j9
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:41:12 2024 by rpki-client on console-ams.rpki-client.org