Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/c171ca-4b1b-4187-ba46-a4fc9e2458ec/1/NXfguCPsR4Ys9eL2Cn6r0TFJK88.roa
File: NXfguCPsR4Ys9eL2Cn6r0TFJK88.roa (raw, json)
Hash identifier: fa0B2cj1SwTB78R0DHIPgEgMgxcpVoaPJYTaBQxZva4=
Subject key identifier: 35:77:E0:B8:23:EC:47:86:2C:F5:E2:F6:0A:7E:AB:D1:31:49:2B:CF
Certificate issuer: /CN=77b8cf454b0962d16a4855808fd3abc15852bbd8
Certificate serial: 018CCA2902865E84668FE75A28DCD3FEC895
Authority key identifier: 77:B8:CF:45:4B:09:62:D1:6A:48:55:80:8F:D3:AB:C1:58:52:BB:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d7jPRUsJYtFqSFWAj9OrwVhSu9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/c171ca-4b1b-4187-ba46-a4fc9e2458ec/1/NXfguCPsR4Ys9eL2Cn6r0TFJK88.roa
Signing time: Tue 02 Jan 2024 12:32:14 +0000
ROA not before: Tue 02 Jan 2024 12:32:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24976
IP address blocks: 185.39.232.0/23 maxlen: 23
194.88.132.0/24 maxlen: 24
194.88.133.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/c171ca-4b1b-4187-ba46-a4fc9e2458ec/1/d7jPRUsJYtFqSFWAj9OrwVhSu9g.crl
rsync://rpki.ripe.net/repository/DEFAULT/6b/c171ca-4b1b-4187-ba46-a4fc9e2458ec/1/d7jPRUsJYtFqSFWAj9OrwVhSu9g.mft
rsync://rpki.ripe.net/repository/DEFAULT/d7jPRUsJYtFqSFWAj9OrwVhSu9g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:02:86:5e:84:66:8f:e7:5a:28:dc:d3:fe:c8:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77b8cf454b0962d16a4855808fd3abc15852bbd8
Validity
Not Before: Jan 2 12:32:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3577e0b823ec47862cf5e2f60a7eabd131492bcf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:86:50:fc:e6:5b:53:84:38:13:9b:7f:ec:f1:
af:d8:a7:fe:6b:f6:2b:e7:1c:ca:f5:aa:32:89:89:
8c:bc:c9:4d:7a:30:e3:62:55:e8:64:3c:33:2b:20:
4b:a8:03:ee:78:d1:c7:d7:4d:6a:38:18:ff:bd:f0:
e1:2a:ed:ea:0d:bc:66:66:87:49:5d:29:2f:94:99:
fc:d0:d5:fd:14:03:d0:0a:a7:69:6f:57:29:ce:91:
1b:48:7a:4b:2b:e2:f9:ae:ec:3d:07:b9:31:a3:c7:
e3:b5:62:e2:92:30:88:13:b4:99:14:0b:a7:00:fc:
65:68:8f:14:d3:1b:b7:f3:4b:ab:9f:0b:98:86:49:
10:50:0f:c6:95:54:c9:62:76:59:db:4b:1b:26:79:
aa:5c:65:2c:cf:8e:e3:90:02:85:13:a8:52:99:e6:
cd:9f:47:b9:0e:6b:25:b4:78:16:c2:a0:07:0a:8b:
b8:b1:01:43:c6:24:d3:6e:07:d4:dd:0a:ad:0b:9f:
50:4f:b6:51:92:b0:a2:62:8d:75:bb:04:a7:b7:f7:
fc:a0:88:9d:2e:08:34:47:9c:15:be:4f:ac:f5:90:
20:af:f5:7b:bb:0f:1b:7a:bf:ba:87:d7:51:33:0e:
b5:36:d6:4a:5c:a9:ed:a3:eb:15:f2:20:67:9c:d3:
8d:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:77:E0:B8:23:EC:47:86:2C:F5:E2:F6:0A:7E:AB:D1:31:49:2B:CF
X509v3 Authority Key Identifier:
keyid:77:B8:CF:45:4B:09:62:D1:6A:48:55:80:8F:D3:AB:C1:58:52:BB:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7jPRUsJYtFqSFWAj9OrwVhSu9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/c171ca-4b1b-4187-ba46-a4fc9e2458ec/1/NXfguCPsR4Ys9eL2Cn6r0TFJK88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/c171ca-4b1b-4187-ba46-a4fc9e2458ec/1/d7jPRUsJYtFqSFWAj9OrwVhSu9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.39.232.0/23
194.88.132.0/23
Signature Algorithm: sha256WithRSAEncryption
5c:15:95:db:1b:32:45:8c:7f:8c:6f:24:60:c6:4d:6d:59:92:
33:ba:14:79:0f:d8:bd:aa:e6:5c:a0:97:11:36:8e:97:9f:a8:
8a:4f:ad:f3:0e:c9:db:d6:d5:2f:d9:e6:59:3b:d7:c9:dd:47:
80:a5:36:ff:a0:81:f6:ba:a3:78:4f:6b:f8:e7:81:cb:c3:05:
02:de:ca:5f:9f:4f:ed:c8:00:19:02:95:d3:fd:48:ed:16:96:
03:1e:16:8d:74:1b:96:2f:cf:18:4d:27:ce:66:8d:f4:e7:38:
76:45:81:e2:a3:13:35:71:37:1f:97:d5:1c:a2:7f:18:22:2d:
fa:83:89:60:ab:73:b3:54:f9:1e:ed:db:33:73:2b:50:98:64:
fa:19:05:55:f3:81:8c:de:3c:1d:d5:b5:f8:dc:79:7b:b9:68:
36:54:6e:8a:7a:7a:e5:eb:ac:51:06:b9:c4:c7:21:5a:4d:c0:
c8:9e:c8:b2:1e:12:15:7f:63:f3:bd:38:20:2a:66:94:ce:14:
14:9c:57:fa:bc:c8:3b:b5:fa:18:1f:7d:53:18:a4:87:46:35:
06:00:e9:55:ae:6f:22:73:ac:4a:87:25:13:df:e0:56:10:16:
6e:b8:cc:c1:eb:09:b5:48:c3:2a:62:00:ea:22:81:02:70:22:
a3:84:b9:53
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKKQKGXoRmj+daKNzT/siVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3YjhjZjQ1NGIwOTYyZDE2YTQ4NTU4MDhmZDNhYmMxNTg1
MmJiZDgwHhcNMjQwMTAyMTIzMjE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTc3ZTBiODIzZWM0Nzg2MmNmNWUyZjYwYTdlYWJkMTMxNDkyYmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3oZQ/OZbU4Q4E5t/7PGv2Kf+a/Yr
5xzK9aoyiYmMvMlNejDjYlXoZDwzKyBLqAPueNHH101qOBj/vfDhKu3qDbxmZodJ
XSkvlJn80NX9FAPQCqdpb1cpzpEbSHpLK+L5ruw9B7kxo8fjtWLikjCIE7SZFAun
APxlaI8U0xu380urnwuYhkkQUA/GlVTJYnZZ20sbJnmqXGUsz47jkAKFE6hSmebN
n0e5DmsltHgWwqAHCou4sQFDxiTTbgfU3QqtC59QT7ZRkrCiYo11uwSnt/f8oIid
Lgg0R5wVvk+s9ZAgr/V7uw8ber+6h9dRMw61NtZKXKnto+sV8iBnnNONlQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDV34Lgj7EeGLPXi9gp+q9ExSSvPMB8GA1UdIwQY
MBaAFHe4z0VLCWLRakhVgI/Tq8FYUrvYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDdqUFJVc0pZdEZxU0ZXQWo5T3J3VmhTdTlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi9jMTcxY2EtNGIxYi00MTg3LWJhNDYt
YTRmYzllMjQ1OGVjLzEvTlhmZ3VDUHNSNFlzOWVMMkNuNnIwVEZKSzg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi9jMTcxY2EtNGIxYi00MTg3LWJhNDYtYTRmYzllMjQ1OGVj
LzEvZDdqUFJVc0pZdEZxU0ZXQWo5T3J3VmhTdTlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuSfoAwQB
wliEMA0GCSqGSIb3DQEBCwUAA4IBAQBcFZXbGzJFjH+MbyRgxk1tWZIzuhR5D9i9
quZcoJcRNo6Xn6iKT63zDsnb1tUv2eZZO9fJ3UeApTb/oIH2uqN4T2v454HLwwUC
3spfn0/tyAAZApXT/UjtFpYDHhaNdBuWL88YTSfOZo305zh2RYHioxM1cTcfl9Uc
on8YIi36g4lgq3OzVPke7dszcytQmGT6GQVV84GM3jwd1bX43Hl7uWg2VG6Kenrl
66xRBrnExyFaTcDInsiyHhIVf2PzvTggKmaUzhQUnFf6vMg7tfoYH31TGKSHRjUG
AOlVrm8ic6xKhyUT3+BWEBZuuMzB6wm1SMMqYgDqIoECcCKjhLlT
-----END CERTIFICATE-----
Generated at Sat Jun 1 11:59:05 2024 by rpki-client on console-fra.rpki-client.org