Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/1d4f36-b97d-4d98-bb2c-b8a27472a896/1/N8fPK32aRod7gly8ddMO7evKo0Y.roa
File: N8fPK32aRod7gly8ddMO7evKo0Y.roa (raw, json)
Hash identifier: iTz9Kj4hrA4nF+xyq9JmwyHfuiHS36cWF8OrHPth0JE=
Subject key identifier: 37:C7:CF:2B:7D:9A:46:87:7B:82:5C:BC:75:D3:0E:ED:EB:CA:A3:46
Certificate issuer: /CN=34418e26b2aeb6eaa8143fd71830f9b354ae7bbc
Certificate serial: 018CC4931F912B39ACF0F40D765CE7522483
Authority key identifier: 34:41:8E:26:B2:AE:B6:EA:A8:14:3F:D7:18:30:F9:B3:54:AE:7B:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NEGOJrKutuqoFD_XGDD5s1Sue7w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/1d4f36-b97d-4d98-bb2c-b8a27472a896/1/N8fPK32aRod7gly8ddMO7evKo0Y.roa
Signing time: Mon 01 Jan 2024 10:30:25 +0000
ROA not before: Mon 01 Jan 2024 10:30:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211572
IP address blocks: 188.95.88.0/24 maxlen: 24
2a10:c140::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/63/1d4f36-b97d-4d98-bb2c-b8a27472a896/1/NEGOJrKutuqoFD_XGDD5s1Sue7w.crl
rsync://rpki.ripe.net/repository/DEFAULT/63/1d4f36-b97d-4d98-bb2c-b8a27472a896/1/NEGOJrKutuqoFD_XGDD5s1Sue7w.mft
rsync://rpki.ripe.net/repository/DEFAULT/NEGOJrKutuqoFD_XGDD5s1Sue7w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:1f:91:2b:39:ac:f0:f4:0d:76:5c:e7:52:24:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34418e26b2aeb6eaa8143fd71830f9b354ae7bbc
Validity
Not Before: Jan 1 10:30:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=37c7cf2b7d9a46877b825cbc75d30eedebcaa346
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:36:92:be:4e:41:62:72:6b:b4:7c:5c:46:2a:
d6:5e:81:c6:f1:06:04:b3:ab:dc:41:db:fd:fe:25:
91:c2:d8:d1:77:0d:fe:85:ee:82:38:9c:a3:b3:c9:
e7:f0:d3:3a:55:59:a8:a9:2f:ae:37:eb:df:b4:20:
e8:40:31:74:92:d7:47:ce:e9:8e:33:5f:a4:19:ea:
11:16:7d:8a:78:b2:28:86:30:bd:86:18:15:cf:06:
bd:4a:0d:85:cb:3f:8b:cc:f0:37:31:48:fc:d2:ec:
60:14:c6:2d:7b:e4:2a:d8:c5:fa:d0:10:5e:57:6d:
67:67:b5:ac:02:c3:22:a6:c2:b4:bd:7e:6f:26:91:
fe:4a:5a:f9:47:88:b7:b2:e8:02:b2:e2:ba:49:d0:
ad:38:13:2b:9d:f3:1a:6d:42:16:bb:0a:cc:4d:7d:
f8:47:e7:9b:ff:91:7b:98:ab:4f:a7:eb:7e:30:fb:
8d:cf:c9:72:28:a4:12:55:d7:89:04:ca:3e:a4:5b:
75:38:ad:ff:d9:ba:93:04:02:9f:91:fa:32:63:65:
ef:c2:96:fa:0e:7b:af:1e:94:52:61:e6:45:0c:61:
1f:51:31:4e:8c:5c:b5:06:26:f7:04:b4:2b:2d:96:
57:18:66:ac:bd:55:b3:11:aa:a6:51:bd:2f:4d:2f:
48:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:C7:CF:2B:7D:9A:46:87:7B:82:5C:BC:75:D3:0E:ED:EB:CA:A3:46
X509v3 Authority Key Identifier:
keyid:34:41:8E:26:B2:AE:B6:EA:A8:14:3F:D7:18:30:F9:B3:54:AE:7B:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NEGOJrKutuqoFD_XGDD5s1Sue7w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/1d4f36-b97d-4d98-bb2c-b8a27472a896/1/N8fPK32aRod7gly8ddMO7evKo0Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/1d4f36-b97d-4d98-bb2c-b8a27472a896/1/NEGOJrKutuqoFD_XGDD5s1Sue7w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.95.88.0/24
IPv6:
2a10:c140::/29
Signature Algorithm: sha256WithRSAEncryption
4f:94:06:a6:a4:07:d2:ef:e4:56:ad:d0:83:4d:81:64:43:0f:
f4:0d:a1:cf:91:21:4a:e1:4f:52:1d:20:89:15:cb:11:79:08:
c8:5c:f4:3e:17:fa:84:18:fb:ce:18:13:7d:6f:a3:93:5d:f3:
0b:58:fa:40:97:6d:0d:6d:66:32:40:f0:33:39:85:6b:2e:92:
b4:c4:15:b8:f5:7b:f4:08:4c:7b:69:67:77:6d:7a:2d:b0:29:
48:fe:c7:7a:a4:bf:96:9b:b8:fb:91:5c:72:84:19:e7:5c:58:
3f:f8:f7:0b:98:25:e2:7c:e7:00:63:1f:b9:d8:03:a3:6c:a0:
86:9d:41:ce:25:d8:ff:c1:41:56:39:b8:cd:3c:a9:5a:65:ea:
7b:13:e2:2c:42:b3:a2:46:c5:dd:db:07:41:a8:37:17:78:c9:
47:cc:cb:83:21:1d:85:c0:f1:1c:1a:e3:b6:79:5c:66:35:5f:
43:ed:3c:e4:44:f5:ea:75:81:dc:4a:1f:91:d5:97:2f:9b:ef:
24:f4:92:01:72:10:c8:be:03:4a:b3:49:8f:61:cb:e5:bc:a4:
74:80:9b:74:70:10:1e:dc:c2:9f:fe:2b:62:83:ab:30:72:ea:
e0:b1:29:d2:4e:08:91:a1:ea:1e:db:c7:9f:90:95:f1:5c:e8:
35:4a:47:6f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEkx+RKzms8PQNdlznUiSDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NDE4ZTI2YjJhZWI2ZWFhODE0M2ZkNzE4MzBmOWIzNTRh
ZTdiYmMwHhcNMjQwMTAxMTAzMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2M3Y2YyYjdkOWE0Njg3N2I4MjVjYmM3NWQzMGVlZGViY2FhMzQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhjaSvk5BYnJrtHxcRirWXoHG8QYE
s6vcQdv9/iWRwtjRdw3+he6COJyjs8nn8NM6VVmoqS+uN+vftCDoQDF0ktdHzumO
M1+kGeoRFn2KeLIohjC9hhgVzwa9Sg2Fyz+LzPA3MUj80uxgFMYte+Qq2MX60BBe
V21nZ7WsAsMipsK0vX5vJpH+Slr5R4i3sugCsuK6SdCtOBMrnfMabUIWuwrMTX34
R+eb/5F7mKtPp+t+MPuNz8lyKKQSVdeJBMo+pFt1OK3/2bqTBAKfkfoyY2Xvwpb6
DnuvHpRSYeZFDGEfUTFOjFy1Bib3BLQrLZZXGGasvVWzEaqmUb0vTS9IkQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDfHzyt9mkaHe4JcvHXTDu3ryqNGMB8GA1UdIwQY
MBaAFDRBjiayrrbqqBQ/1xgw+bNUrnu8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkVHT0pyS3V0dXFvRkRfWEdERDVzMVN1ZTd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8xZDRmMzYtYjk3ZC00ZDk4LWJiMmMt
YjhhMjc0NzJhODk2LzEvTjhmUEszMmFSb2Q3Z2x5OGRkTU83ZXZLbzBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8xZDRmMzYtYjk3ZC00ZDk4LWJiMmMtYjhhMjc0NzJhODk2
LzEvTkVHT0pyS3V0dXFvRkRfWEdERDVzMVN1ZTd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAvF9YMA0E
AgACMAcDBQMqEMFAMA0GCSqGSIb3DQEBCwUAA4IBAQBPlAampAfS7+RWrdCDTYFk
Qw/0DaHPkSFK4U9SHSCJFcsReQjIXPQ+F/qEGPvOGBN9b6OTXfMLWPpAl20NbWYy
QPAzOYVrLpK0xBW49Xv0CEx7aWd3bXotsClI/sd6pL+Wm7j7kVxyhBnnXFg/+PcL
mCXifOcAYx+52AOjbKCGnUHOJdj/wUFWObjNPKlaZep7E+IsQrOiRsXd2wdBqDcX
eMlHzMuDIR2FwPEcGuO2eVxmNV9D7TzkRPXqdYHcSh+R1Zcvm+8k9JIBchDIvgNK
s0mPYcvlvKR0gJt0cBAe3MKf/itig6swcurgsSnSTgiRoeoe28efkJXxXOg1Skdv
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:20:02 2024 by rpki-client on console-ams.rpki-client.org