Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/NX7GEiX7gYOrcEW0HCdvOjdvhXI.roa
File: NX7GEiX7gYOrcEW0HCdvOjdvhXI.roa (raw, json)
Hash identifier: 39uBEqJSC91HppEzGcrpGx2YuuS76Dj8c1fNOeUFkVg=
Subject key identifier: 35:7E:C6:12:25:FB:81:83:AB:70:45:B4:1C:27:6F:3A:37:6F:85:72
Certificate issuer: /CN=67499595a65aab0b53768def08091e31061e9e65
Certificate serial: 01923D4B28C825355744E70FE3089F0E90C3
Authority key identifier: 67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/NX7GEiX7gYOrcEW0HCdvOjdvhXI.roa
Signing time: Sun 29 Sep 2024 10:19:48 +0000
ROA not before: Sun 29 Sep 2024 10:19:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5511
IP address blocks: 185.100.168.0/24 maxlen: 24
185.169.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.mft
rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 05:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:3d:4b:28:c8:25:35:57:44:e7:0f:e3:08:9f:0e:90:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67499595a65aab0b53768def08091e31061e9e65
Validity
Not Before: Sep 29 10:19:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=357ec61225fb8183ab7045b41c276f3a376f8572
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:d8:0c:66:06:37:12:fa:4e:3c:10:41:83:b0:
21:84:10:fd:0d:95:9d:ef:d7:9d:2f:d2:53:dc:6f:
f5:4a:40:9a:9c:7e:53:9b:cf:de:df:95:e1:b8:72:
3e:e1:03:b8:02:8c:2a:94:9e:2d:1c:4f:cb:b5:0d:
13:89:81:dc:2d:c5:c9:53:8e:58:17:cf:d6:30:c0:
7b:bd:fb:a2:d9:64:db:c1:76:7b:55:8f:ff:f1:77:
53:6a:64:ba:76:be:58:01:e6:20:11:cc:9d:e4:dc:
b9:f8:7b:56:c3:86:d6:35:be:9f:ac:a6:b1:76:39:
f9:68:e6:6c:43:2c:0b:11:3f:79:11:b8:29:31:5a:
f8:2e:64:7e:bc:cd:f7:73:c0:db:17:54:ed:45:a3:
a1:03:e9:99:45:ea:00:2b:c1:f4:33:e2:04:f2:ee:
ec:40:57:e9:09:44:cb:ff:33:9a:3f:2a:aa:7c:ae:
72:de:92:e7:e6:e7:2f:0c:da:c4:9b:90:e3:81:98:
70:9f:8b:73:b6:06:98:a7:cb:55:d3:73:53:48:a5:
8a:42:8f:8b:1c:00:1e:e2:97:b5:3d:3d:58:95:f7:
f6:06:cb:ac:1f:38:21:f3:8d:5f:c5:84:7c:25:ac:
1b:c6:6d:ec:77:93:f5:5f:97:1c:00:9d:93:94:af:
9c:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:7E:C6:12:25:FB:81:83:AB:70:45:B4:1C:27:6F:3A:37:6F:85:72
X509v3 Authority Key Identifier:
keyid:67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/NX7GEiX7gYOrcEW0HCdvOjdvhXI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.100.168.0/24
185.169.220.0/24
Signature Algorithm: sha256WithRSAEncryption
76:e7:d2:a0:46:36:f1:73:47:cd:71:06:f3:ef:7f:9d:29:fc:
2a:1c:a6:96:a9:a1:19:d1:a3:c2:3c:19:06:31:1f:9a:20:7d:
a9:e3:cc:0c:32:d6:ba:5e:6a:45:6d:6b:34:cb:a9:9b:b1:1b:
02:a6:11:65:ef:b2:73:c7:85:ed:f1:61:43:c0:96:67:d1:33:
c7:8a:d7:ba:97:2d:0e:da:ee:f2:9e:71:62:e8:ba:91:6b:16:
89:09:e8:74:11:ee:68:28:45:24:98:27:2b:eb:86:56:b3:3c:
72:e1:a0:f7:52:ff:2a:cb:ec:b4:94:60:d0:32:d6:2e:fc:2f:
f3:f2:88:34:84:f7:e8:3a:8e:7f:fc:6b:c8:9d:df:49:c6:39:
78:ba:df:69:e1:77:d6:ea:18:8f:42:7f:b2:bc:1f:39:4d:b8:
95:94:2a:db:a6:3f:ca:61:cb:95:25:09:05:eb:d2:ec:df:fd:
8d:60:1f:f4:bb:98:39:0b:12:98:16:b8:e3:bb:04:28:a8:6c:
80:d0:80:ef:22:67:31:c5:bd:03:90:2f:84:a9:95:0a:b5:3c:
eb:e2:e1:8a:5c:1b:65:48:a2:9b:e0:ba:0a:c8:96:d1:f4:66:
95:cd:23:92:43:5f:8d:c9:63:32:5b:47:17:33:68:23:de:48:
7a:e1:4e:fb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZI9SyjIJTVXROcP4wifDpDDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDk5NTk1YTY1YWFiMGI1Mzc2OGRlZjA4MDkxZTMxMDYx
ZTllNjUwHhcNMjQwOTI5MTAxOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTdlYzYxMjI1ZmI4MTgzYWI3MDQ1YjQxYzI3NmYzYTM3NmY4NTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkNgMZgY3EvpOPBBBg7AhhBD9DZWd
79edL9JT3G/1SkCanH5Tm8/e35XhuHI+4QO4AowqlJ4tHE/LtQ0TiYHcLcXJU45Y
F8/WMMB7vfui2WTbwXZ7VY//8XdTamS6dr5YAeYgEcyd5Ny5+HtWw4bWNb6frKax
djn5aOZsQywLET95EbgpMVr4LmR+vM33c8DbF1TtRaOhA+mZReoAK8H0M+IE8u7s
QFfpCUTL/zOaPyqqfK5y3pLn5ucvDNrEm5DjgZhwn4tztgaYp8tV03NTSKWKQo+L
HAAe4pe1PT1Ylff2BsusHzgh841fxYR8Jawbxm3sd5P1X5ccAJ2TlK+c6QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDV+xhIl+4GDq3BFtBwnbzo3b4VyMB8GA1UdIwQY
MBaAFGdJlZWmWqsLU3aN7wgJHjEGHp5lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTct
MzU1MDgwNDE2NTJkLzEvTlg3R0VpWDdnWU9yY0VXMEhDZHZPamR2aFhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTctMzU1MDgwNDE2NTJk
LzEvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuWSoAwQA
uancMA0GCSqGSIb3DQEBCwUAA4IBAQB259KgRjbxc0fNcQbz73+dKfwqHKaWqaEZ
0aPCPBkGMR+aIH2p48wMMta6XmpFbWs0y6mbsRsCphFl77Jzx4Xt8WFDwJZn0TPH
ite6ly0O2u7ynnFi6LqRaxaJCeh0Ee5oKEUkmCcr64ZWszxy4aD3Uv8qy+y0lGDQ
MtYu/C/z8og0hPfoOo5//GvInd9Jxjl4ut9p4XfW6hiPQn+yvB85TbiVlCrbpj/K
YcuVJQkF69Ls3/2NYB/0u5g5CxKYFrjjuwQoqGyA0IDvImcxxb0DkC+EqZUKtTzr
4uGKXBtlSKKb4LoKyJbR9GaVzSOSQ1+NyWMyW0cXM2gj3kh64U77
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:41:14 2024 by rpki-client on console-ams.rpki-client.org