Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/cNHFwsOoDikZt5uSPJXZXaEBTeY.roa
File: cNHFwsOoDikZt5uSPJXZXaEBTeY.roa (raw, json)
Hash identifier: nHj4U3SdIUDhEPCxLvSlZncwpuKRzhfARJGc5ZH9Hug=
Subject key identifier: 70:D1:C5:C2:C3:A8:0E:29:19:B7:9B:92:3C:95:D9:5D:A1:01:4D:E6
Certificate issuer: /CN=8fc69646457a8bf8ef9569b9b427e9f2c462e56e
Certificate serial: 01931A0367526B4C650CF3A448B6327EFD19
Authority key identifier: 8F:C6:96:46:45:7A:8B:F8:EF:95:69:B9:B4:27:E9:F2:C4:62:E5:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j8aWRkV6i_jvlWm5tCfp8sRi5W4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/cNHFwsOoDikZt5uSPJXZXaEBTeY.roa
Signing time: Mon 11 Nov 2024 06:57:30 +0000
ROA not before: Mon 11 Nov 2024 06:57:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212477
IP address blocks: 79.110.236.0/24 maxlen: 24
146.19.160.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/j8aWRkV6i_jvlWm5tCfp8sRi5W4.crl
rsync://rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/j8aWRkV6i_jvlWm5tCfp8sRi5W4.mft
rsync://rpki.ripe.net/repository/DEFAULT/j8aWRkV6i_jvlWm5tCfp8sRi5W4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:1a:03:67:52:6b:4c:65:0c:f3:a4:48:b6:32:7e:fd:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8fc69646457a8bf8ef9569b9b427e9f2c462e56e
Validity
Not Before: Nov 11 06:57:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=70d1c5c2c3a80e2919b79b923c95d95da1014de6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:03:bb:a2:e7:ce:7f:a2:ff:89:90:2c:a2:39:
a3:49:83:01:d1:39:62:48:7c:6c:3e:23:b3:f0:6e:
b0:98:c7:41:fa:e5:b5:26:57:f3:12:bb:71:95:4c:
32:55:2f:59:95:c4:84:35:72:9b:f1:9a:96:d9:7d:
5c:7c:f0:3b:21:4e:f6:25:b5:de:78:4b:1c:62:8f:
1f:58:25:bf:02:5a:c3:60:a8:81:5a:d4:0b:a9:d6:
64:d1:04:fd:d1:21:c8:50:ea:18:ed:cd:04:57:fe:
18:74:11:7d:d1:c7:f7:87:d5:fe:4d:ed:42:0e:28:
83:58:db:9c:cd:5d:d5:5c:5b:59:49:68:47:36:20:
15:3c:f3:ec:0d:6c:2b:49:cc:5c:ec:f3:f0:c5:69:
08:55:03:73:65:8d:5e:ae:32:0c:70:a0:1e:10:c4:
5d:30:69:61:d9:91:a6:98:a8:33:f6:aa:d9:0d:a1:
ca:c5:a4:00:08:14:e8:6b:3d:14:a6:51:0a:87:13:
08:a6:15:cc:a9:61:c4:60:f0:a5:7c:99:01:47:ea:
fe:9d:2d:42:bc:b2:7a:13:49:1c:aa:e0:82:16:0f:
79:15:71:a2:7f:5e:28:58:72:a6:fb:36:59:68:ce:
3d:11:81:b3:b0:d6:ff:dd:47:aa:42:75:8b:dd:74:
fb:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:D1:C5:C2:C3:A8:0E:29:19:B7:9B:92:3C:95:D9:5D:A1:01:4D:E6
X509v3 Authority Key Identifier:
keyid:8F:C6:96:46:45:7A:8B:F8:EF:95:69:B9:B4:27:E9:F2:C4:62:E5:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j8aWRkV6i_jvlWm5tCfp8sRi5W4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/cNHFwsOoDikZt5uSPJXZXaEBTeY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/j8aWRkV6i_jvlWm5tCfp8sRi5W4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.110.236.0/24
146.19.160.0/24
Signature Algorithm: sha256WithRSAEncryption
66:53:13:04:fa:68:ce:c5:45:1b:49:57:77:33:24:e6:21:09:
6a:e3:94:db:2d:70:6a:94:8c:18:36:cc:ee:c6:9e:6c:db:ba:
04:09:67:26:2a:69:d5:bf:80:34:0f:64:d8:b9:be:f1:19:fc:
f7:40:26:5e:4f:a6:78:bb:0f:d9:1c:84:7c:33:cc:41:19:34:
54:dc:5f:67:17:f9:82:06:ee:8f:10:d7:ac:cd:bd:24:3f:cd:
3b:22:f5:7e:8d:83:64:35:e3:28:39:72:56:3c:d5:e1:2e:d5:
e6:dc:13:85:e6:43:a5:c5:10:0c:88:a9:a0:2a:5a:f1:6c:21:
84:f7:cd:ad:ff:e1:fc:66:b2:90:15:14:d2:01:2e:70:6a:8f:
ce:fb:7d:32:89:bd:b1:0b:06:d9:cc:f9:6b:3a:30:5b:54:98:
c9:e4:28:a9:35:ad:2c:7d:aa:01:c9:7b:45:52:ea:8f:f0:85:
99:6e:ba:f4:51:08:dd:03:9e:08:33:38:a3:f1:d6:d0:ab:89:
f7:44:7a:47:ec:7c:62:1e:a6:59:cf:f4:61:fa:a4:31:0c:95:
1b:ec:15:9d:78:e8:36:e8:fe:67:c6:f2:0c:ac:eb:8d:8f:1e:
23:20:4f:b4:88:78:5f:0f:71:80:20:53:ef:e8:58:c8:75:7f:
42:e3:29:dd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZMaA2dSa0xlDPOkSLYyfv0ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmYzY5NjQ2NDU3YThiZjhlZjk1NjliOWI0MjdlOWYyYzQ2
MmU1NmUwHhcNMjQxMTExMDY1NzMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGQxYzVjMmMzYTgwZTI5MTliNzliOTIzYzk1ZDk1ZGExMDE0ZGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7AO7oufOf6L/iZAsojmjSYMB0Tli
SHxsPiOz8G6wmMdB+uW1JlfzErtxlUwyVS9ZlcSENXKb8ZqW2X1cfPA7IU72JbXe
eEscYo8fWCW/AlrDYKiBWtQLqdZk0QT90SHIUOoY7c0EV/4YdBF90cf3h9X+Te1C
DiiDWNuczV3VXFtZSWhHNiAVPPPsDWwrScxc7PPwxWkIVQNzZY1erjIMcKAeEMRd
MGlh2ZGmmKgz9qrZDaHKxaQACBToaz0UplEKhxMIphXMqWHEYPClfJkBR+r+nS1C
vLJ6E0kcquCCFg95FXGif14oWHKm+zZZaM49EYGzsNb/3UeqQnWL3XT7rwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHDRxcLDqA4pGbebkjyV2V2hAU3mMB8GA1UdIwQY
MBaAFI/GlkZFeov475VpubQn6fLEYuVuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajhhV1JrVjZpX2p2bFdtNXRDZnA4c1JpNVc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny85ZmFiNWMtZTEzOC00ZWY2LTg3OTkt
YjBiMzVhMzRlMzg4LzEvY05IRndzT29EaWtadDV1U1BKWFpYYUVCVGVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny85ZmFiNWMtZTEzOC00ZWY2LTg3OTktYjBiMzVhMzRlMzg4
LzEvajhhV1JrVjZpX2p2bFdtNXRDZnA4c1JpNVc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAT27sAwQA
khOgMA0GCSqGSIb3DQEBCwUAA4IBAQBmUxME+mjOxUUbSVd3MyTmIQlq45TbLXBq
lIwYNszuxp5s27oECWcmKmnVv4A0D2TYub7xGfz3QCZeT6Z4uw/ZHIR8M8xBGTRU
3F9nF/mCBu6PENeszb0kP807IvV+jYNkNeMoOXJWPNXhLtXm3BOF5kOlxRAMiKmg
KlrxbCGE982t/+H8ZrKQFRTSAS5wao/O+30yib2xCwbZzPlrOjBbVJjJ5CipNa0s
faoByXtFUuqP8IWZbrr0UQjdA54IMzij8dbQq4n3RHpH7HxiHqZZz/Rh+qQxDJUb
7BWdeOg26P5nxvIMrOuNjx4jIE+0iHhfD3GAIFPv6FjIdX9C4ynd
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:52:28 2024 by rpki-client on console-ams.rpki-client.org