Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/46dec5-c38d-4c1d-9cec-9ead81da2e44/1/nLKEj2NBO0ql24EsQgowDXx7ZGE.roa
File: nLKEj2NBO0ql24EsQgowDXx7ZGE.roa (raw, json)
Hash identifier: fPc24kaUR6P3byX5lNTMIi5F3qnUn9LFMwObstSvywQ=
Subject key identifier: 9C:B2:84:8F:63:41:3B:4A:A5:DB:81:2C:42:0A:30:0D:7C:7B:64:61
Certificate issuer: /CN=ab7aaabb23cd245bfa828fb02521d644c6d5b566
Certificate serial: 01926B385CBEB5C67477B43C0E8B46287338
Authority key identifier: AB:7A:AA:BB:23:CD:24:5B:FA:82:8F:B0:25:21:D6:44:C6:D5:B5:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q3qquyPNJFv6go-wJSHWRMbVtWY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/46dec5-c38d-4c1d-9cec-9ead81da2e44/1/nLKEj2NBO0ql24EsQgowDXx7ZGE.roa
Signing time: Tue 08 Oct 2024 08:21:48 +0000
ROA not before: Tue 08 Oct 2024 08:21:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200476
IP address blocks: 178.57.68.0/24 maxlen: 24
185.217.37.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6e/46dec5-c38d-4c1d-9cec-9ead81da2e44/1/q3qquyPNJFv6go-wJSHWRMbVtWY.crl
rsync://rpki.ripe.net/repository/DEFAULT/6e/46dec5-c38d-4c1d-9cec-9ead81da2e44/1/q3qquyPNJFv6go-wJSHWRMbVtWY.mft
rsync://rpki.ripe.net/repository/DEFAULT/q3qquyPNJFv6go-wJSHWRMbVtWY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:6b:38:5c:be:b5:c6:74:77:b4:3c:0e:8b:46:28:73:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab7aaabb23cd245bfa828fb02521d644c6d5b566
Validity
Not Before: Oct 8 08:21:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9cb2848f63413b4aa5db812c420a300d7c7b6461
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:9d:ed:b1:ec:bf:c6:3c:bc:1c:89:62:7a:1c:
c9:68:e6:bc:15:d4:19:b0:24:09:16:12:47:31:46:
45:e5:05:d2:c4:e0:2f:d1:41:bd:ad:1e:b3:e5:ee:
d9:70:2e:98:32:26:58:ff:6a:d0:a0:58:59:10:8c:
0d:39:21:e3:58:b9:b8:e1:8e:53:92:33:84:e8:51:
76:41:d4:88:24:e5:bc:69:14:be:53:2b:6f:23:de:
20:46:fd:60:05:be:b6:fb:05:84:82:7f:d2:4c:49:
0d:1c:d3:ba:ea:d2:91:d4:6e:bd:d1:a7:ad:18:14:
2a:fc:21:d5:d1:13:d9:59:d7:6f:e5:ef:a2:ee:98:
11:e3:a4:ad:42:4f:00:16:e8:0e:48:2c:f0:f1:e8:
2e:3c:75:d1:24:bd:24:8e:4e:14:c0:fc:29:1e:be:
f6:99:98:20:cb:c9:31:bb:18:68:92:01:60:0b:49:
ec:f8:0e:80:3c:46:0b:b2:af:32:c6:b8:8a:e5:45:
1a:39:94:8f:f0:8a:f9:12:d0:3f:91:ab:1b:64:c7:
b6:de:f9:9e:cd:99:47:6e:bd:ac:ba:d2:06:61:7d:
3e:f4:8c:22:d5:56:df:ce:61:62:19:61:7b:ec:5a:
a1:96:a5:43:f4:8a:3b:b3:08:4b:4d:e7:91:9f:57:
fb:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:B2:84:8F:63:41:3B:4A:A5:DB:81:2C:42:0A:30:0D:7C:7B:64:61
X509v3 Authority Key Identifier:
keyid:AB:7A:AA:BB:23:CD:24:5B:FA:82:8F:B0:25:21:D6:44:C6:D5:B5:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3qquyPNJFv6go-wJSHWRMbVtWY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/46dec5-c38d-4c1d-9cec-9ead81da2e44/1/nLKEj2NBO0ql24EsQgowDXx7ZGE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/46dec5-c38d-4c1d-9cec-9ead81da2e44/1/q3qquyPNJFv6go-wJSHWRMbVtWY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.57.68.0/24
185.217.37.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:c5:9d:83:d7:4e:52:3e:71:39:42:55:4a:ca:5c:02:53:ad:
80:12:62:da:aa:99:06:5e:34:ec:8e:0a:b3:c2:7e:8c:b0:77:
0a:95:12:df:6d:af:9e:87:1f:25:d1:56:eb:e9:bc:0a:71:40:
01:34:29:c1:01:fc:1e:6a:a0:f8:aa:22:32:42:01:96:ed:f8:
8c:f7:41:9e:19:5a:7a:19:61:06:b8:43:28:14:c3:fd:fb:08:
7d:96:95:b5:1e:41:18:ff:ec:bf:06:b3:1a:90:cd:7a:cb:d1:
31:9b:04:58:4a:ca:c9:d6:4e:a4:59:e8:14:c2:9a:5a:b8:d1:
58:12:ad:e8:a6:e8:74:1e:44:41:5f:b4:35:31:87:63:70:78:
f9:b7:db:45:6a:20:8f:50:2c:2b:9a:a6:42:d3:7e:6e:1f:61:
e8:07:52:19:5e:ba:eb:11:ff:28:09:00:5e:2f:84:8f:e9:aa:
00:c9:27:63:3f:72:3d:c5:78:40:9b:9e:be:51:ea:06:65:33:
9a:55:d8:1e:8c:0e:50:7e:9a:73:58:0c:09:55:b4:c5:2b:3b:
bb:a8:ab:4f:d4:40:a6:2f:3b:49:87:5b:bc:d1:62:99:fa:07:
29:0d:54:ea:59:e1:9d:3a:68:47:85:96:82:23:eb:b7:1a:9e:
ce:e3:fe:4f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZJrOFy+tcZ0d7Q8DotGKHM4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiN2FhYWJiMjNjZDI0NWJmYTgyOGZiMDI1MjFkNjQ0YzZk
NWI1NjYwHhcNMjQxMDA4MDgyMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2IyODQ4ZjYzNDEzYjRhYTVkYjgxMmM0MjBhMzAwZDdjN2I2NDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZ3tsey/xjy8HIliehzJaOa8FdQZ
sCQJFhJHMUZF5QXSxOAv0UG9rR6z5e7ZcC6YMiZY/2rQoFhZEIwNOSHjWLm44Y5T
kjOE6FF2QdSIJOW8aRS+UytvI94gRv1gBb62+wWEgn/STEkNHNO66tKR1G690aet
GBQq/CHV0RPZWddv5e+i7pgR46StQk8AFugOSCzw8eguPHXRJL0kjk4UwPwpHr72
mZggy8kxuxhokgFgC0ns+A6APEYLsq8yxriK5UUaOZSP8Ir5EtA/kasbZMe23vme
zZlHbr2sutIGYX0+9Iwi1VbfzmFiGWF77FqhlqVD9Io7swhLTeeRn1f73wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJyyhI9jQTtKpduBLEIKMA18e2RhMB8GA1UdIwQY
MBaAFKt6qrsjzSRb+oKPsCUh1kTG1bVmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTNxcXV5UE5KRnY2Z28td0pTSFdSTWJWdFdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS80NmRlYzUtYzM4ZC00YzFkLTljZWMt
OWVhZDgxZGEyZTQ0LzEvbkxLRWoyTkJPMHFsMjRFc1Fnb3dEWHg3WkdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS80NmRlYzUtYzM4ZC00YzFkLTljZWMtOWVhZDgxZGEyZTQ0
LzEvcTNxcXV5UE5KRnY2Z28td0pTSFdSTWJWdFdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAsjlEAwQA
udklMA0GCSqGSIb3DQEBCwUAA4IBAQB7xZ2D105SPnE5QlVKylwCU62AEmLaqpkG
XjTsjgqzwn6MsHcKlRLfba+ehx8l0Vbr6bwKcUABNCnBAfweaqD4qiIyQgGW7fiM
90GeGVp6GWEGuEMoFMP9+wh9lpW1HkEY/+y/BrMakM16y9ExmwRYSsrJ1k6kWegU
wppauNFYEq3opuh0HkRBX7Q1MYdjcHj5t9tFaiCPUCwrmqZC035uH2HoB1IZXrrr
Ef8oCQBeL4SP6aoAySdjP3I9xXhAm56+UeoGZTOaVdgejA5QfppzWAwJVbTFKzu7
qKtP1ECmLztJh1u80WKZ+gcpDVTqWeGdOmhHhZaCI+u3Gp7O4/5P
-----END CERTIFICATE-----
Generated at Sat Nov 23 21:59:42 2024 by rpki-client on console-fra.rpki-client.org