Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/npIhPZa7inawMSP9py64g6GUPw4.roa
File: npIhPZa7inawMSP9py64g6GUPw4.roa (raw, json)
Hash identifier: n/KekCVWCSU0GxCRKr9uag8mytVIwEMC70rGJgEWYFI=
Subject key identifier: 9E:92:21:3D:96:BB:8A:76:B0:31:23:FD:A7:2E:B8:83:A1:94:3F:0E
Certificate issuer: /CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Certificate serial: 018CC2DADFCEC64FA2ABF9298A7A22C3D2DC
Authority key identifier: 54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/npIhPZa7inawMSP9py64g6GUPw4.roa
Signing time: Mon 01 Jan 2024 02:29:33 +0000
ROA not before: Mon 01 Jan 2024 02:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204301
IP address blocks: 81.15.201.0/24 maxlen: 24
88.220.48.0/24 maxlen: 24
88.220.84.0/24 maxlen: 24
81.15.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.mft
rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 01 Jun 2024 16:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:df:ce:c6:4f:a2:ab:f9:29:8a:7a:22:c3:d2:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Validity
Not Before: Jan 1 02:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9e92213d96bb8a76b03123fda72eb883a1943f0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:9a:a9:f8:7f:5e:a0:ed:3e:c3:99:e7:e4:6d:
58:9c:d4:19:af:72:31:33:0e:7f:0b:b2:60:1d:94:
ca:54:4f:77:02:5e:72:80:46:22:2f:b0:5b:40:b0:
7e:e5:53:fc:87:b1:a7:2a:06:82:e4:9e:a5:1a:9a:
3b:ff:73:ee:32:13:db:67:7d:a0:58:3c:e6:d6:d1:
8e:91:27:92:b0:72:da:bf:3b:c4:ff:19:96:7d:09:
94:1d:36:81:de:bb:96:50:82:4b:7b:18:73:f7:7f:
8d:21:1e:95:ca:c7:ff:5f:4d:a9:aa:b0:6e:5d:4c:
36:fd:f5:5e:dc:c7:74:f8:63:cc:1e:18:f7:23:fb:
f1:65:87:f5:0d:2c:13:01:76:23:f6:b1:1b:c7:dd:
86:77:37:ef:8a:a9:d4:25:bf:a6:a8:33:24:40:a6:
03:bb:f9:27:cb:a8:54:02:b7:72:5e:23:75:96:98:
07:c4:b6:85:88:08:e1:21:9d:f8:f3:7b:28:af:48:
dd:16:a8:26:60:33:c5:7f:da:e4:37:76:fc:9d:e6:
6d:af:0e:7a:05:1c:20:f0:51:c1:77:e8:dd:79:74:
24:4d:b8:7a:a3:71:1c:44:f8:ef:e8:d8:51:7a:10:
7c:34:c1:01:3d:0f:62:12:d5:20:8b:4b:18:ae:9a:
23:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:92:21:3D:96:BB:8A:76:B0:31:23:FD:A7:2E:B8:83:A1:94:3F:0E
X509v3 Authority Key Identifier:
keyid:54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/npIhPZa7inawMSP9py64g6GUPw4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.15.191.0/24
81.15.201.0/24
88.220.48.0/24
88.220.84.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:55:68:16:37:b8:68:e9:80:bd:ac:34:d6:27:5f:19:f4:07:
58:83:cd:24:48:2c:bc:3c:87:93:e6:1e:ef:63:54:de:a8:dc:
43:33:d5:5a:31:1c:e8:97:0b:9c:e0:2d:3f:22:89:98:d4:86:
a8:66:d3:b8:ff:64:be:c1:82:22:7d:9f:e9:d5:5c:c5:1b:39:
47:ee:8d:72:d1:e2:06:6d:12:fb:39:a9:2b:32:09:ae:20:38:
37:02:09:73:64:60:ec:fb:1a:0a:29:ed:11:45:ef:24:84:10:
6c:8d:8c:a7:8e:8f:ea:d1:c8:8b:53:65:6a:52:d1:b1:2c:52:
1b:4b:a4:1f:b2:98:07:68:2e:85:46:64:5a:ad:8d:71:4a:8c:
27:4c:f8:ab:1a:73:9d:b9:5a:4b:37:57:b3:b9:57:e5:af:36:
3d:d3:28:98:7d:da:e9:d1:aa:ff:28:de:81:a4:83:ec:16:57:
97:e3:b0:a7:7c:75:f2:02:ef:25:14:7f:db:47:5d:99:77:71:
61:1c:94:1c:e8:f3:52:96:81:2e:22:3b:ef:f2:f2:7a:e6:c0:
ad:da:a8:4c:8c:46:40:45:93:3f:a5:aa:1d:2c:d5:18:1a:d7:
2e:4f:d2:0d:1c:75:e2:1c:70:7e:47:b0:8e:8d:e5:e4:aa:66:
96:75:63:1c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzC2t/Oxk+iq/kpinoiw9LcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NjgzNGU2ODg5MGYzOTg2YTFiMDQ1N2NlMGY1NGFlMDNj
MmQ3NmIwHhcNMjQwMTAxMDIyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTkyMjEzZDk2YmI4YTc2YjAzMTIzZmRhNzJlYjg4M2ExOTQzZjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Jqp+H9eoO0+w5nn5G1YnNQZr3Ix
Mw5/C7JgHZTKVE93Al5ygEYiL7BbQLB+5VP8h7GnKgaC5J6lGpo7/3PuMhPbZ32g
WDzm1tGOkSeSsHLavzvE/xmWfQmUHTaB3ruWUIJLexhz93+NIR6Vysf/X02pqrBu
XUw2/fVe3Md0+GPMHhj3I/vxZYf1DSwTAXYj9rEbx92GdzfviqnUJb+mqDMkQKYD
u/kny6hUArdyXiN1lpgHxLaFiAjhIZ3483sor0jdFqgmYDPFf9rkN3b8neZtrw56
BRwg8FHBd+jdeXQkTbh6o3EcRPjv6NhRehB8NMEBPQ9iEtUgi0sYrpojwwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJ6SIT2Wu4p2sDEj/acuuIOhlD8OMB8GA1UdIwQY
MBaAFFRoNOaIkPOYahsEV84PVK4DwtdrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQt
NTI3NjZiMjRiYWE0LzEvbnBJaFBaYTdpbmF3TVNQOXB5NjRnNkdVUHc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQtNTI3NjZiMjRiYWE0
LzEvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUQ+/AwQA
UQ/JAwQAWNwwAwQAWNxUMA0GCSqGSIb3DQEBCwUAA4IBAQC1VWgWN7ho6YC9rDTW
J18Z9AdYg80kSCy8PIeT5h7vY1TeqNxDM9VaMRzolwuc4C0/IomY1IaoZtO4/2S+
wYIifZ/p1VzFGzlH7o1y0eIGbRL7OakrMgmuIDg3AglzZGDs+xoKKe0RRe8khBBs
jYynjo/q0ciLU2VqUtGxLFIbS6QfspgHaC6FRmRarY1xSownTPirGnOduVpLN1ez
uVflrzY90yiYfdrp0ar/KN6BpIPsFleX47CnfHXyAu8lFH/bR12Zd3FhHJQc6PNS
loEuIjvv8vJ65sCt2qhMjEZARZM/paodLNUYGtcuT9INHHXiHHB+R7COjeXkqmaW
dWMc
-----END CERTIFICATE-----
Generated at Fri May 31 20:33:20 2024 by rpki-client on console-fra.rpki-client.org