Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/NWQgscpz24FvWoaSneyL6CVSSfI.roa
File: NWQgscpz24FvWoaSneyL6CVSSfI.roa (raw, json)
Hash identifier: PXgTn3V1zleT0gGVr2Dc00k++SrzchKu79xwCo2F1M0=
Subject key identifier: 35:64:20:B1:CA:73:DB:81:6F:5A:86:92:9D:EC:8B:E8:25:52:49:F2
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 018CC3B738BA32D891B975E7957348DCF1ED
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/NWQgscpz24FvWoaSneyL6CVSSfI.roa
Signing time: Mon 01 Jan 2024 06:30:13 +0000
ROA not before: Mon 01 Jan 2024 06:30:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39694
IP address blocks: 83.206.141.0/24 maxlen: 24
83.206.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.mft
rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 02:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:38:ba:32:d8:91:b9:75:e7:95:73:48:dc:f1:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 06:30:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=356420b1ca73db816f5a86929dec8be8255249f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:36:9f:e3:66:52:52:eb:35:fc:aa:c1:a5:b6:
01:ed:28:48:cf:69:de:b7:d1:a8:ca:37:93:25:e3:
e0:cf:4e:3a:04:78:11:ce:f0:78:dc:61:29:5c:69:
51:5c:71:e8:56:55:55:94:f8:e2:de:b0:9d:9b:b8:
73:59:6c:4b:b6:ac:93:48:3c:7c:0b:0a:f6:69:f8:
ce:bd:98:8b:d5:13:82:61:0d:b1:10:e3:9f:99:e1:
79:79:74:08:c3:f7:76:c7:a4:b6:55:33:4b:ce:5a:
18:24:64:16:1e:f7:30:52:a2:c0:7d:a7:b8:5e:f1:
6d:8a:18:1a:9c:df:81:ce:12:8d:49:6c:e7:ac:47:
ad:2f:27:2c:c7:12:14:ef:d1:91:3b:0f:3f:33:5b:
41:7b:90:43:0a:2a:d3:5b:db:87:46:0f:84:ae:ca:
8e:d8:51:5f:ac:13:37:59:5d:7a:1c:d1:84:13:81:
0b:a9:11:f5:2c:7f:68:a4:29:c0:a7:f9:f3:53:f7:
cc:90:0c:f5:b4:cd:e2:ba:07:75:60:92:d5:ca:b0:
34:f8:06:6d:f1:d5:c6:b1:4a:84:a3:41:be:bb:15:
e3:3b:ce:92:f1:ae:1b:d0:44:6f:dc:70:03:85:70:
d0:7c:54:dc:40:a0:90:2e:d3:a7:63:35:31:87:f9:
9a:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:64:20:B1:CA:73:DB:81:6F:5A:86:92:9D:EC:8B:E8:25:52:49:F2
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/NWQgscpz24FvWoaSneyL6CVSSfI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.206.141.0/24
83.206.240.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:6d:0e:12:1f:23:2e:af:2d:8e:ad:20:08:0b:7e:78:ca:75:
e6:40:de:a9:f3:2f:21:da:8a:0a:b3:be:e6:7d:eb:32:94:d5:
dc:cf:f5:5e:d8:f6:39:25:a9:1e:67:e8:7e:86:d5:15:d0:51:
30:18:9d:36:4c:cf:08:df:53:14:76:c3:a7:2b:60:be:09:8e:
00:b5:62:0e:26:ce:72:cd:72:19:ca:d6:bd:53:fc:ee:f2:8a:
ff:05:fc:51:d2:6b:cb:d9:92:86:5d:2c:76:06:93:66:05:fc:
75:ec:7b:e1:54:97:ab:83:8b:e6:27:24:f3:98:1a:02:bd:dc:
05:50:79:11:4f:5c:d0:9a:ac:79:b2:27:c6:9f:f5:e9:2b:c1:
1c:55:11:d4:ae:01:82:18:18:8b:3f:0e:35:e0:f8:63:6d:6b:
9f:8b:22:33:e8:5c:8a:f8:1f:cc:73:84:e5:5e:33:71:18:a4:
fd:25:62:82:51:df:35:7f:82:c6:df:8a:80:88:5f:f5:e2:75:
3a:1d:df:97:3d:3f:58:11:51:c5:dc:b0:a2:79:f9:ab:27:1a:
aa:e2:94:61:fc:7e:ab:f7:fc:35:89:f8:38:d8:07:e0:dc:8c:
69:fe:a5:d6:19:c2:92:22:74:c0:01:fb:24:1b:5e:10:20:17:
a4:5b:d9:c6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzDtzi6MtiRuXXnlXNI3PHtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjQwMTAxMDYzMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTY0MjBiMWNhNzNkYjgxNmY1YTg2OTI5ZGVjOGJlODI1NTI0OWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlDaf42ZSUus1/KrBpbYB7ShIz2ne
t9GoyjeTJePgz046BHgRzvB43GEpXGlRXHHoVlVVlPji3rCdm7hzWWxLtqyTSDx8
Cwr2afjOvZiL1ROCYQ2xEOOfmeF5eXQIw/d2x6S2VTNLzloYJGQWHvcwUqLAfae4
XvFtihganN+BzhKNSWznrEetLycsxxIU79GROw8/M1tBe5BDCirTW9uHRg+ErsqO
2FFfrBM3WV16HNGEE4ELqRH1LH9opCnAp/nzU/fMkAz1tM3iugd1YJLVyrA0+AZt
8dXGsUqEo0G+uxXjO86S8a4b0ERv3HADhXDQfFTcQKCQLtOnYzUxh/maFwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDVkILHKc9uBb1qGkp3si+glUknyMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvTldRZ3NjcHoyNEZ2V29hU25leUw2Q1ZTU2ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAU86NAwQA
U87wMA0GCSqGSIb3DQEBCwUAA4IBAQAPbQ4SHyMury2OrSAIC354ynXmQN6p8y8h
2ooKs77mfesylNXcz/Ve2PY5JakeZ+h+htUV0FEwGJ02TM8I31MUdsOnK2C+CY4A
tWIOJs5yzXIZyta9U/zu8or/BfxR0mvL2ZKGXSx2BpNmBfx17HvhVJerg4vmJyTz
mBoCvdwFUHkRT1zQmqx5sifGn/XpK8EcVRHUrgGCGBiLPw414PhjbWufiyIz6FyK
+B/Mc4TlXjNxGKT9JWKCUd81f4LG34qAiF/14nU6Hd+XPT9YEVHF3LCiefmrJxqq
4pRh/H6r9/w1ifg42Afg3Ixp/qXWGcKSInTAAfskG14QIBekW9nG
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:27:39 2024 by rpki-client on console-ams.rpki-client.org