Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/514cf4-126b-4cc5-b4d5-79ab48d83bab/1/NgIqyBbr9FZQ87TP7arvQKj9pMc.roa
File: NgIqyBbr9FZQ87TP7arvQKj9pMc.roa (raw, json)
Hash identifier: EJaRajFsQL9HVbiGxqudLiOhYfZ72YBjmZRATIp9f64=
Subject key identifier: 36:02:2A:C8:16:EB:F4:56:50:F3:B4:CF:ED:AA:EF:40:A8:FD:A4:C7
Certificate issuer: /CN=3edee0ae8834705088805044be75c7403b1dc7e2
Certificate serial: 018CC795162D67A2A455300EC6C5BA05091B
Authority key identifier: 3E:DE:E0:AE:88:34:70:50:88:80:50:44:BE:75:C7:40:3B:1D:C7:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pt7grog0cFCIgFBEvnXHQDsdx-I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/514cf4-126b-4cc5-b4d5-79ab48d83bab/1/NgIqyBbr9FZQ87TP7arvQKj9pMc.roa
Signing time: Tue 02 Jan 2024 00:31:25 +0000
ROA not before: Tue 02 Jan 2024 00:31:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15404
IP address blocks: 193.26.246.0/24 maxlen: 24
193.26.249.0/24 maxlen: 24
193.26.252.0/24 maxlen: 24
193.26.250.0/24 maxlen: 24
193.26.253.0/24 maxlen: 24
193.26.247.0/24 maxlen: 24
193.26.248.0/24 maxlen: 24
193.26.251.0/24 maxlen: 24
193.26.254.0/24 maxlen: 24
193.26.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/514cf4-126b-4cc5-b4d5-79ab48d83bab/1/Pt7grog0cFCIgFBEvnXHQDsdx-I.crl
rsync://rpki.ripe.net/repository/DEFAULT/67/514cf4-126b-4cc5-b4d5-79ab48d83bab/1/Pt7grog0cFCIgFBEvnXHQDsdx-I.mft
rsync://rpki.ripe.net/repository/DEFAULT/Pt7grog0cFCIgFBEvnXHQDsdx-I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 12:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:16:2d:67:a2:a4:55:30:0e:c6:c5:ba:05:09:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3edee0ae8834705088805044be75c7403b1dc7e2
Validity
Not Before: Jan 2 00:31:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=36022ac816ebf45650f3b4cfedaaef40a8fda4c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:43:4e:52:10:3f:02:ed:4d:a2:ca:56:e0:f2:
d4:ff:10:91:da:93:3f:9c:85:f4:53:d9:c9:c4:82:
94:5b:9a:50:4f:64:8c:6f:68:4d:40:96:62:8e:1d:
2e:2d:6b:74:a1:5d:50:52:27:5b:89:30:3c:41:f0:
5d:7b:59:5e:53:8e:b3:39:9f:d4:33:50:31:6f:97:
f1:68:8e:9c:ed:62:c2:3a:6a:5c:35:37:b4:58:8c:
c3:8a:6b:1f:77:bb:3a:d7:6e:41:6e:1b:5d:fa:16:
57:4c:96:e5:92:2b:17:1f:63:cd:b8:28:ca:4c:c1:
f2:bb:97:2d:b5:19:19:b9:d2:c7:75:f1:67:fc:1f:
04:79:cf:0f:0c:2e:b3:c2:28:e7:c4:92:46:6a:6e:
51:a3:a3:02:02:f7:4f:e2:49:3b:1c:3a:10:4c:e6:
af:7f:94:95:94:7a:b0:58:e0:3e:8f:e6:59:0b:6a:
47:19:c8:f5:5f:64:03:86:9b:ba:e9:d1:99:72:68:
2d:be:8f:df:bf:4f:f5:b5:54:f2:a8:72:db:3c:41:
ec:f0:08:6c:8a:be:d8:56:1c:a8:f4:ed:f7:e3:e3:
df:34:17:1d:81:90:be:c2:f5:b2:b9:73:0a:8d:4e:
06:bf:c3:43:d7:0a:83:34:c0:04:3c:e3:ad:5d:a5:
f6:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:02:2A:C8:16:EB:F4:56:50:F3:B4:CF:ED:AA:EF:40:A8:FD:A4:C7
X509v3 Authority Key Identifier:
keyid:3E:DE:E0:AE:88:34:70:50:88:80:50:44:BE:75:C7:40:3B:1D:C7:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pt7grog0cFCIgFBEvnXHQDsdx-I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/514cf4-126b-4cc5-b4d5-79ab48d83bab/1/NgIqyBbr9FZQ87TP7arvQKj9pMc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/514cf4-126b-4cc5-b4d5-79ab48d83bab/1/Pt7grog0cFCIgFBEvnXHQDsdx-I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.26.246.0-193.26.255.255
Signature Algorithm: sha256WithRSAEncryption
3e:79:79:e9:f1:d0:d9:3b:ac:17:9f:f3:cc:37:37:23:53:f3:
ad:3d:03:26:ad:ce:f8:8d:ba:a3:97:15:b9:22:e4:72:06:30:
a4:f5:6c:9d:62:fc:8a:88:8f:15:91:ad:5c:e6:b5:8d:38:32:
f9:f2:73:47:58:10:64:cd:2c:31:88:a0:1d:53:2f:9d:0e:28:
63:6f:b3:a0:66:ed:37:70:0a:e0:56:f6:cd:93:00:5e:58:2d:
c6:f0:e4:d2:34:24:7e:e6:5d:b0:70:7e:a8:d4:03:19:59:fd:
8d:f0:1c:ae:f2:57:94:43:f3:12:6f:cf:f1:84:fe:f7:3f:57:
e6:6e:e7:d7:63:b8:ea:d3:be:3f:8d:07:57:4d:c9:cf:a7:70:
33:4d:b0:85:6e:e4:c6:9d:93:f4:9d:d0:72:0b:60:96:0e:2b:
2e:24:11:f2:cb:9e:bb:05:0f:47:f5:02:a8:af:81:71:13:19:
cc:84:fa:ba:e5:fd:a5:52:13:d1:d9:db:55:77:f7:5b:bf:e5:
aa:99:2c:c1:7d:a4:0b:d2:8a:38:56:f3:77:96:6f:1e:1a:d6:
f8:85:70:68:35:7a:1f:eb:16:4a:89:e4:7e:58:4a:1c:9e:7b:
b5:b5:5c:11:75:41:0c:52:ee:ca:59:c1:51:d5:51:b4:a9:d4:
1e:81:56:04
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYzHlRYtZ6KkVTAOxsW6BQkbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZGVlMGFlODgzNDcwNTA4ODgwNTA0NGJlNzVjNzQwM2Ix
ZGM3ZTIwHhcNMjQwMTAyMDAzMTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjAyMmFjODE2ZWJmNDU2NTBmM2I0Y2ZlZGFhZWY0MGE4ZmRhNGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh0NOUhA/Au1NospW4PLU/xCR2pM/
nIX0U9nJxIKUW5pQT2SMb2hNQJZijh0uLWt0oV1QUidbiTA8QfBde1leU46zOZ/U
M1Axb5fxaI6c7WLCOmpcNTe0WIzDimsfd7s6125Bbhtd+hZXTJblkisXH2PNuCjK
TMHyu5cttRkZudLHdfFn/B8Eec8PDC6zwijnxJJGam5Ro6MCAvdP4kk7HDoQTOav
f5SVlHqwWOA+j+ZZC2pHGcj1X2QDhpu66dGZcmgtvo/fv0/1tVTyqHLbPEHs8Ahs
ir7YVhyo9O334+PfNBcdgZC+wvWyuXMKjU4Gv8ND1wqDNMAEPOOtXaX2CwIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFDYCKsgW6/RWUPO0z+2q70Co/aTHMB8GA1UdIwQY
MBaAFD7e4K6INHBQiIBQRL51x0A7HcfiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHQ3Z3JvZzBjRkNJZ0ZCRXZuWEhRRHNkeC1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny81MTRjZjQtMTI2Yi00Y2M1LWI0ZDUt
NzlhYjQ4ZDgzYmFiLzEvTmdJcXlCYnI5RlpRODdUUDdhcnZRS2o5cE1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny81MTRjZjQtMTI2Yi00Y2M1LWI0ZDUtNzlhYjQ4ZDgzYmFi
LzEvUHQ3Z3JvZzBjRkNJZ0ZCRXZuWEhRRHNkeC1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCYGCCsGAQUFBwEHAQH/BBcwFTATBAIAATANMAsDBAHBGvYD
AwDBGjANBgkqhkiG9w0BAQsFAAOCAQEAPnl56fHQ2TusF5/zzDc3I1PzrT0DJq3O
+I26o5cVuSLkcgYwpPVsnWL8ioiPFZGtXOa1jTgy+fJzR1gQZM0sMYigHVMvnQ4o
Y2+zoGbtN3AK4Fb2zZMAXlgtxvDk0jQkfuZdsHB+qNQDGVn9jfAcrvJXlEPzEm/P
8YT+9z9X5m7n12O46tO+P40HV03Jz6dwM02whW7kxp2T9J3Qcgtglg4rLiQR8sue
uwUPR/UCqK+BcRMZzIT6uuX9pVIT0dnbVXf3W7/lqpkswX2kC9KKOFbzd5ZvHhrW
+IVwaDV6H+sWSonkflhKHJ57tbVcEXVBDFLuylnBUdVRtKnUHoFWBA==
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:31:33 2024 by rpki-client on console-ams.rpki-client.org