Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/e9d9cc-2668-42fc-8315-7525d4d408b5/1/NQcaGI1YZRUqe-u7C_Rbf0CBpgQ.roa
File: NQcaGI1YZRUqe-u7C_Rbf0CBpgQ.roa (raw, json)
Hash identifier: TZetmW2lntstjhhQJvya0L1hkK4a5eNnCElI0dnkFWg=
Subject key identifier: 35:07:1A:18:8D:58:65:15:2A:7B:EB:BB:0B:F4:5B:7F:40:81:A6:04
Certificate issuer: /CN=1ada225cb7f29416e7534695fbfb21762fee93c8
Certificate serial: 01910DF0B65F0691F81A7F0D68BFD9A4E308
Authority key identifier: 1A:DA:22:5C:B7:F2:94:16:E7:53:46:95:FB:FB:21:76:2F:EE:93:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GtoiXLfylBbnU0aV-_shdi_uk8g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/e9d9cc-2668-42fc-8315-7525d4d408b5/1/NQcaGI1YZRUqe-u7C_Rbf0CBpgQ.roa
Signing time: Thu 01 Aug 2024 12:36:04 +0000
ROA not before: Thu 01 Aug 2024 12:36:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25310
IP address blocks: 83.146.0.0/18 maxlen: 18
84.9.0.0/16 maxlen: 16
87.74.0.0/15 maxlen: 15
212.158.192.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/e9d9cc-2668-42fc-8315-7525d4d408b5/1/GtoiXLfylBbnU0aV-_shdi_uk8g.crl
rsync://rpki.ripe.net/repository/DEFAULT/74/e9d9cc-2668-42fc-8315-7525d4d408b5/1/GtoiXLfylBbnU0aV-_shdi_uk8g.mft
rsync://rpki.ripe.net/repository/DEFAULT/GtoiXLfylBbnU0aV-_shdi_uk8g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:0d:f0:b6:5f:06:91:f8:1a:7f:0d:68:bf:d9:a4:e3:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ada225cb7f29416e7534695fbfb21762fee93c8
Validity
Not Before: Aug 1 12:36:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=35071a188d5865152a7bebbb0bf45b7f4081a604
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:c6:13:73:49:7b:0f:b9:47:7a:68:a2:cf:89:
f5:50:1d:e4:98:95:c1:4f:81:4c:76:8c:e9:50:3a:
c9:1b:65:49:b5:5c:19:31:a9:a8:a4:85:45:c6:65:
10:c1:6c:f6:90:61:06:b2:a7:64:b0:42:c4:d3:a5:
dc:8a:72:0b:90:91:50:1f:99:1f:86:56:1f:ad:7c:
59:3b:2c:b0:c4:d5:80:75:60:47:ca:4d:09:b2:6a:
88:ae:f8:3f:37:c4:ab:7a:52:be:4e:23:37:78:41:
91:f5:4e:9e:94:b2:99:05:cf:c7:8e:9a:57:95:8f:
fd:fa:d3:1d:2b:83:4a:0f:82:9f:3f:8a:82:f1:6f:
58:76:d9:41:84:48:7f:17:75:90:f0:b0:59:97:e4:
b8:d1:bf:e8:23:0c:7a:16:97:da:a4:3e:89:28:96:
2f:96:8b:84:ee:1d:7f:ae:43:38:a3:a9:84:d6:e6:
89:fd:ae:da:78:9e:eb:a2:fa:91:d9:45:5f:0a:93:
28:b9:40:a0:be:75:78:c5:91:c0:ee:3f:15:27:e9:
fe:e1:e3:a0:67:fa:9b:2b:e9:c7:e7:07:b1:67:00:
18:92:06:d5:0b:b7:f2:a4:4b:2d:fb:b1:e0:d1:95:
86:d5:c1:df:7b:fd:89:83:4f:cb:d8:41:29:90:df:
9c:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:07:1A:18:8D:58:65:15:2A:7B:EB:BB:0B:F4:5B:7F:40:81:A6:04
X509v3 Authority Key Identifier:
keyid:1A:DA:22:5C:B7:F2:94:16:E7:53:46:95:FB:FB:21:76:2F:EE:93:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GtoiXLfylBbnU0aV-_shdi_uk8g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/e9d9cc-2668-42fc-8315-7525d4d408b5/1/NQcaGI1YZRUqe-u7C_Rbf0CBpgQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/e9d9cc-2668-42fc-8315-7525d4d408b5/1/GtoiXLfylBbnU0aV-_shdi_uk8g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.146.0.0/18
84.9.0.0/16
87.74.0.0/15
212.158.192.0/18
Signature Algorithm: sha256WithRSAEncryption
08:50:60:0e:05:a5:44:e9:e4:42:51:76:69:90:1d:ec:62:42:
5b:99:a9:63:51:c2:34:56:c9:32:52:fc:96:76:a1:c1:04:db:
09:74:c4:5d:9b:ad:93:83:83:45:bf:50:e3:7f:a7:d7:35:5a:
8b:96:46:08:83:d4:bf:c8:e2:92:8c:36:52:f5:f4:32:b8:a8:
5b:5e:a8:5e:66:db:f1:40:17:ee:69:1f:f0:8b:47:4a:6d:04:
ff:fe:f2:a9:45:34:5c:e1:1e:3b:d9:84:18:a5:e0:cd:35:4b:
26:d9:ab:29:80:3d:ec:0c:5c:df:60:d9:0d:4c:f2:22:17:9e:
c2:cf:35:df:aa:a8:eb:87:18:e4:9c:83:cb:a1:53:e6:e0:0d:
5b:79:90:00:14:90:bb:1c:fc:cb:a9:ba:c0:b5:0b:5e:71:df:
dc:8e:89:9e:b6:cf:95:38:38:d2:c9:a1:a7:b2:9d:bc:20:f1:
d0:a7:eb:5f:67:08:1d:90:3f:eb:c5:dd:a5:73:77:d7:06:87:
bc:30:90:96:33:b8:65:95:59:77:0d:ec:96:91:03:df:00:8a:
03:9a:b9:7b:31:41:ad:dc:3a:2a:43:e4:83:f7:e0:90:ed:17:
9d:39:4a:a2:b1:d1:51:3b:d2:af:e9:51:ef:1a:1b:44:fb:b2:
82:45:c3:14
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZEN8LZfBpH4Gn8NaL/ZpOMIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhZGEyMjVjYjdmMjk0MTZlNzUzNDY5NWZiZmIyMTc2MmZl
ZTkzYzgwHhcNMjQwODAxMTIzNjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTA3MWExODhkNTg2NTE1MmE3YmViYmIwYmY0NWI3ZjQwODFhNjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAocYTc0l7D7lHemiiz4n1UB3kmJXB
T4FMdozpUDrJG2VJtVwZMamopIVFxmUQwWz2kGEGsqdksELE06XcinILkJFQH5kf
hlYfrXxZOyywxNWAdWBHyk0JsmqIrvg/N8SrelK+TiM3eEGR9U6elLKZBc/HjppX
lY/9+tMdK4NKD4KfP4qC8W9YdtlBhEh/F3WQ8LBZl+S40b/oIwx6FpfapD6JKJYv
louE7h1/rkM4o6mE1uaJ/a7aeJ7rovqR2UVfCpMouUCgvnV4xZHA7j8VJ+n+4eOg
Z/qbK+nH5wexZwAYkgbVC7fypEst+7Hg0ZWG1cHfe/2Jg0/L2EEpkN+cKQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFDUHGhiNWGUVKnvruwv0W39AgaYEMB8GA1UdIwQY
MBaAFBraIly38pQW51NGlfv7IXYv7pPIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3RvaVhMZnlsQmJuVTBhVi1fc2hkaV91azhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9lOWQ5Y2MtMjY2OC00MmZjLTgzMTUt
NzUyNWQ0ZDQwOGI1LzEvTlFjYUdJMVlaUlVxZS11N0NfUmJmMENCcGdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC9lOWQ5Y2MtMjY2OC00MmZjLTgzMTUtNzUyNWQ0ZDQwOGI1
LzEvR3RvaVhMZnlsQmJuVTBhVi1fc2hkaV91azhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAcBAIAATAWAwQGU5IAAwMA
VAkDAwFXSgMEBtSewDANBgkqhkiG9w0BAQsFAAOCAQEACFBgDgWlROnkQlF2aZAd
7GJCW5mpY1HCNFbJMlL8lnahwQTbCXTEXZutk4ODRb9Q43+n1zVai5ZGCIPUv8ji
kow2UvX0MrioW16oXmbb8UAX7mkf8ItHSm0E//7yqUU0XOEeO9mEGKXgzTVLJtmr
KYA97Axc32DZDUzyIheews8136qo64cY5JyDy6FT5uANW3mQABSQuxz8y6m6wLUL
XnHf3I6JnrbPlTg40smhp7KdvCDx0KfrX2cIHZA/68XdpXN31waHvDCQljO4ZZVZ
dw3slpED3wCKA5q5ezFBrdw6KkPkg/fgkO0XnTlKorHRUTvSr+lR7xobRPuygkXD
FA==
-----END CERTIFICATE-----
Generated at Tue Nov 26 00:39:42 2024 by rpki-client on console-ams.rpki-client.org