Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/157c8b-8f27-47dd-995e-b436d76dad65/1/nWj4PfN2M8BUxW5Ml0967E-27Ec.roa
File: nWj4PfN2M8BUxW5Ml0967E-27Ec.roa (raw, json)
Hash identifier: qTXFNk3hX8blYVqEV5OYWZApboMzx0f/Hd4KICNgc3I=
Subject key identifier: 9D:68:F8:3D:F3:76:33:C0:54:C5:6E:4C:97:4F:7A:EC:4F:B6:EC:47
Certificate issuer: /CN=7ec5f1896e9a44357c9d78acf37d48f4780520d9
Certificate serial: 018CC26D5FE0BFC03981001429EBE9CCDE4D
Authority key identifier: 7E:C5:F1:89:6E:9A:44:35:7C:9D:78:AC:F3:7D:48:F4:78:05:20:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fsXxiW6aRDV8nXis831I9HgFINk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/157c8b-8f27-47dd-995e-b436d76dad65/1/nWj4PfN2M8BUxW5Ml0967E-27Ec.roa
Signing time: Mon 01 Jan 2024 00:29:56 +0000
ROA not before: Mon 01 Jan 2024 00:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205728
IP address blocks: 185.208.132.0/22 maxlen: 24
2a0b:37c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/157c8b-8f27-47dd-995e-b436d76dad65/1/fsXxiW6aRDV8nXis831I9HgFINk.crl
rsync://rpki.ripe.net/repository/DEFAULT/6d/157c8b-8f27-47dd-995e-b436d76dad65/1/fsXxiW6aRDV8nXis831I9HgFINk.mft
rsync://rpki.ripe.net/repository/DEFAULT/fsXxiW6aRDV8nXis831I9HgFINk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:5f:e0:bf:c0:39:81:00:14:29:eb:e9:cc:de:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ec5f1896e9a44357c9d78acf37d48f4780520d9
Validity
Not Before: Jan 1 00:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9d68f83df37633c054c56e4c974f7aec4fb6ec47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:b1:4d:54:68:1e:a8:fc:a9:0c:ac:ad:50:5f:
d6:f1:3e:9d:7a:8e:2f:e8:0e:87:5e:e6:5d:b3:57:
da:7d:db:d3:1e:a2:96:09:ec:ed:48:1e:2e:87:09:
6d:c7:1a:54:58:84:0b:96:7a:9a:ca:8e:88:86:72:
92:f7:56:71:00:45:16:58:19:aa:52:5b:05:cf:be:
ec:59:70:85:f8:c1:df:5d:eb:fd:73:5b:45:6e:ce:
54:77:5e:38:a1:2c:d2:c9:75:f1:66:7d:c0:48:95:
d4:60:f3:62:7d:a3:8e:3f:cf:87:4c:2e:23:17:fe:
3e:b9:45:56:54:27:51:3b:4f:f6:a4:74:e0:78:7a:
b1:29:c5:94:71:cc:e3:9e:d3:01:7a:45:40:53:f5:
9b:10:f7:11:60:54:e9:76:44:1b:4f:4a:21:de:63:
37:3f:df:bc:e4:90:f8:a5:74:0a:ff:ed:a4:52:95:
59:63:97:b0:52:30:1e:00:01:7d:09:e8:2b:13:21:
99:fc:e5:87:1c:26:cd:85:36:a8:0e:69:2c:23:cb:
59:e5:16:71:65:82:4b:27:9a:6e:17:6e:98:0c:db:
ea:e9:fd:ae:3e:75:8f:d1:ba:c5:c4:16:7c:db:c0:
e7:8c:71:c5:23:2c:dc:d2:f9:44:5b:bf:0a:03:8a:
e4:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:68:F8:3D:F3:76:33:C0:54:C5:6E:4C:97:4F:7A:EC:4F:B6:EC:47
X509v3 Authority Key Identifier:
keyid:7E:C5:F1:89:6E:9A:44:35:7C:9D:78:AC:F3:7D:48:F4:78:05:20:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fsXxiW6aRDV8nXis831I9HgFINk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/157c8b-8f27-47dd-995e-b436d76dad65/1/nWj4PfN2M8BUxW5Ml0967E-27Ec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/157c8b-8f27-47dd-995e-b436d76dad65/1/fsXxiW6aRDV8nXis831I9HgFINk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.208.132.0/22
IPv6:
2a0b:37c0::/29
Signature Algorithm: sha256WithRSAEncryption
5c:76:16:b7:5e:ee:7b:07:1f:45:b2:58:9d:92:34:89:d9:3e:
b1:e9:92:69:4b:80:c4:40:a5:6f:8d:87:ef:87:70:99:0f:86:
54:6b:ac:4c:fd:8a:f9:e9:13:0b:1d:d6:9c:5b:86:cb:e6:b7:
42:ba:89:40:fc:7a:f6:b2:19:fd:dc:82:81:9c:b1:84:f1:cc:
41:dd:e8:98:eb:81:d3:fd:0c:07:52:e8:6b:d8:28:d2:f8:82:
8a:8e:db:ea:0a:40:1b:c6:4a:5c:93:0d:0e:40:6b:2b:6c:7e:
11:15:00:3a:93:c9:42:c8:8e:4e:55:b1:68:5d:45:5f:84:4f:
12:85:6b:fc:60:b4:3b:4a:6a:d7:09:5e:ce:2a:a9:6f:5b:62:
b3:1d:93:5f:6c:81:d7:ae:95:06:f3:c8:02:84:66:4b:39:40:
10:47:58:6a:4e:47:29:40:81:da:55:3c:f5:8a:90:cf:25:37:
82:28:80:28:66:3e:f6:8a:97:bc:9f:8d:22:f3:4f:7e:ad:17:
d6:ae:57:fb:40:b5:8d:c2:6c:30:fb:5b:55:27:ce:cc:83:fe:
84:43:48:90:a8:2e:6a:7c:33:e2:bb:4d:70:14:52:59:35:42:
b1:6a:9f:d9:72:a8:8e:f0:20:45:ec:e3:2c:50:4b:b2:83:06:
66:ca:b1:bb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzCbV/gv8A5gQAUKevpzN5NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlYzVmMTg5NmU5YTQ0MzU3YzlkNzhhY2YzN2Q0OGY0Nzgw
NTIwZDkwHhcNMjQwMTAxMDAyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDY4ZjgzZGYzNzYzM2MwNTRjNTZlNGM5NzRmN2FlYzRmYjZlYzQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtbFNVGgeqPypDKytUF/W8T6deo4v
6A6HXuZds1fafdvTHqKWCeztSB4uhwltxxpUWIQLlnqayo6IhnKS91ZxAEUWWBmq
UlsFz77sWXCF+MHfXev9c1tFbs5Ud144oSzSyXXxZn3ASJXUYPNifaOOP8+HTC4j
F/4+uUVWVCdRO0/2pHTgeHqxKcWUcczjntMBekVAU/WbEPcRYFTpdkQbT0oh3mM3
P9+85JD4pXQK/+2kUpVZY5ewUjAeAAF9CegrEyGZ/OWHHCbNhTaoDmksI8tZ5RZx
ZYJLJ5puF26YDNvq6f2uPnWP0brFxBZ828DnjHHFIyzc0vlEW78KA4rk6wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJ1o+D3zdjPAVMVuTJdPeuxPtuxHMB8GA1UdIwQY
MBaAFH7F8YlumkQ1fJ14rPN9SPR4BSDZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZnNYeGlXNmFSRFY4blhpczgzMUk5SGdGSU5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC8xNTdjOGItOGYyNy00N2RkLTk5NWUt
YjQzNmQ3NmRhZDY1LzEvbldqNFBmTjJNOEJVeFc1TWwwOTY3RS0yN0VjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC8xNTdjOGItOGYyNy00N2RkLTk5NWUtYjQzNmQ3NmRhZDY1
LzEvZnNYeGlXNmFSRFY4blhpczgzMUk5SGdGSU5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudCEMA0E
AgACMAcDBQMqCzfAMA0GCSqGSIb3DQEBCwUAA4IBAQBcdha3Xu57Bx9FslidkjSJ
2T6x6ZJpS4DEQKVvjYfvh3CZD4ZUa6xM/Yr56RMLHdacW4bL5rdCuolA/Hr2shn9
3IKBnLGE8cxB3eiY64HT/QwHUuhr2CjS+IKKjtvqCkAbxkpckw0OQGsrbH4RFQA6
k8lCyI5OVbFoXUVfhE8ShWv8YLQ7SmrXCV7OKqlvW2KzHZNfbIHXrpUG88gChGZL
OUAQR1hqTkcpQIHaVTz1ipDPJTeCKIAoZj72ipe8n40i809+rRfWrlf7QLWNwmww
+1tVJ87Mg/6EQ0iQqC5qfDPiu01wFFJZNUKxap/ZcqiO8CBF7OMsUEuygwZmyrG7
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:44:26 2024 by rpki-client on console-fra.rpki-client.org