Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/eb877c-929e-41b6-b9cb-fc64bfc3d2f9/1/nFVbRZ2KPbpA-SGN6Czb1PtlGeo.roa
File: nFVbRZ2KPbpA-SGN6Czb1PtlGeo.roa (raw, json)
Hash identifier: kIup5CK1ywjRmemwzBqc2bdIEHBwVqA4RNHA25TDBL0=
Subject key identifier: 9C:55:5B:45:9D:8A:3D:BA:40:F9:21:8D:E8:2C:DB:D4:FB:65:19:EA
Certificate issuer: /CN=02339402c42b3f84995c4d58ef670e8d16c2afe2
Certificate serial: 018CC94E4ECABC0E1D09BC8B4BEA9F8730B3
Authority key identifier: 02:33:94:02:C4:2B:3F:84:99:5C:4D:58:EF:67:0E:8D:16:C2:AF:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AjOUAsQrP4SZXE1Y72cOjRbCr-I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/eb877c-929e-41b6-b9cb-fc64bfc3d2f9/1/nFVbRZ2KPbpA-SGN6Czb1PtlGeo.roa
Signing time: Tue 02 Jan 2024 08:33:21 +0000
ROA not before: Tue 02 Jan 2024 08:33:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5406
IP address blocks: 194.53.172.0/24 maxlen: 24
2001:7f8:26::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/77/eb877c-929e-41b6-b9cb-fc64bfc3d2f9/1/AjOUAsQrP4SZXE1Y72cOjRbCr-I.crl
rsync://rpki.ripe.net/repository/DEFAULT/77/eb877c-929e-41b6-b9cb-fc64bfc3d2f9/1/AjOUAsQrP4SZXE1Y72cOjRbCr-I.mft
rsync://rpki.ripe.net/repository/DEFAULT/AjOUAsQrP4SZXE1Y72cOjRbCr-I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 May 2024 23:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:4e:ca:bc:0e:1d:09:bc:8b:4b:ea:9f:87:30:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02339402c42b3f84995c4d58ef670e8d16c2afe2
Validity
Not Before: Jan 2 08:33:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c555b459d8a3dba40f9218de82cdbd4fb6519ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:15:66:73:1c:10:2e:fe:70:95:cc:5c:0b:0c:
56:a1:6a:26:7a:33:50:54:e7:dc:1b:71:2d:07:fe:
89:91:dd:42:74:94:7b:ee:92:80:8c:10:97:96:f5:
1f:57:31:68:63:7b:76:69:28:23:41:6f:34:62:0e:
28:1d:b7:2d:13:9a:57:0a:0e:42:28:b1:20:3d:ee:
27:bf:0e:e9:ec:47:4a:28:61:5c:84:cb:fb:d5:95:
89:bd:bd:1c:7f:d4:9e:9a:45:44:33:ea:cc:7d:bc:
dc:5a:e3:81:ed:7c:71:a3:29:16:bd:d1:00:31:d0:
f8:27:9e:19:34:b2:82:77:16:4b:a9:ec:9a:13:d9:
03:cb:35:dd:66:f1:03:07:ed:ca:c7:af:15:cb:ea:
d8:06:9c:5d:ce:8c:68:6a:92:77:fe:a0:57:24:d5:
d9:75:af:6d:e8:59:4b:0d:10:1d:f6:f6:65:12:22:
89:76:7f:57:2f:46:be:04:65:49:9e:ea:81:97:89:
90:29:ae:9b:de:49:cb:f6:0d:23:94:f3:66:d7:25:
fd:f8:d6:51:26:49:c8:06:57:02:a0:be:54:22:6e:
df:3e:d9:77:32:45:fd:98:85:89:9d:1d:fb:14:2c:
40:78:90:72:b1:c1:96:14:b0:3c:9a:18:9a:c0:4a:
01:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:55:5B:45:9D:8A:3D:BA:40:F9:21:8D:E8:2C:DB:D4:FB:65:19:EA
X509v3 Authority Key Identifier:
keyid:02:33:94:02:C4:2B:3F:84:99:5C:4D:58:EF:67:0E:8D:16:C2:AF:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AjOUAsQrP4SZXE1Y72cOjRbCr-I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/eb877c-929e-41b6-b9cb-fc64bfc3d2f9/1/nFVbRZ2KPbpA-SGN6Czb1PtlGeo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/eb877c-929e-41b6-b9cb-fc64bfc3d2f9/1/AjOUAsQrP4SZXE1Y72cOjRbCr-I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.53.172.0/24
IPv6:
2001:7f8:26::/48
Signature Algorithm: sha256WithRSAEncryption
1f:dc:87:02:75:fb:cd:52:e4:96:df:ce:86:54:c6:38:b3:bd:
a0:8e:43:1e:b8:7a:8f:28:c2:01:77:9e:2d:71:04:84:81:90:
f3:39:ec:be:16:68:96:e1:a6:65:f0:7e:af:bd:51:0c:a6:d8:
12:d8:9f:58:8a:43:d0:49:71:a3:50:ac:cf:c9:cb:08:c0:ec:
df:a2:6a:45:18:3d:dd:87:8b:25:86:50:1a:3f:d7:72:6a:ef:
f5:d8:de:9a:1c:08:a2:03:e3:ca:f4:a3:63:28:8e:98:ad:d2:
a4:db:39:f0:f6:19:73:05:c2:e6:41:f1:27:94:a8:79:c5:5e:
28:17:d5:aa:9a:35:2e:e8:bd:56:17:14:ea:c1:2d:84:1f:09:
a0:c1:b0:32:2c:5b:80:03:d0:c9:76:7b:b8:e3:79:7d:fa:ba:
15:2d:b9:00:0c:9e:95:a5:99:14:67:a6:08:ec:6c:3a:f1:c9:
63:54:d2:38:3e:5e:f1:cf:7a:e9:7b:a8:b4:e7:7b:ee:d8:5b:
97:c9:4e:b0:64:55:29:93:cf:3b:0e:24:d1:c6:08:58:94:c9:
5c:74:c6:ac:4e:55:a2:18:bc:c7:33:71:2c:06:15:5a:6c:5c:
26:02:42:a4:35:6a:40:82:bd:62:62:c6:db:38:7d:62:ab:af:
19:82:ec:78
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzJTk7KvA4dCbyLS+qfhzCzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyMzM5NDAyYzQyYjNmODQ5OTVjNGQ1OGVmNjcwZThkMTZj
MmFmZTIwHhcNMjQwMTAyMDgzMzIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzU1NWI0NTlkOGEzZGJhNDBmOTIxOGRlODJjZGJkNGZiNjUxOWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArRVmcxwQLv5wlcxcCwxWoWomejNQ
VOfcG3EtB/6Jkd1CdJR77pKAjBCXlvUfVzFoY3t2aSgjQW80Yg4oHbctE5pXCg5C
KLEgPe4nvw7p7EdKKGFchMv71ZWJvb0cf9SemkVEM+rMfbzcWuOB7XxxoykWvdEA
MdD4J54ZNLKCdxZLqeyaE9kDyzXdZvEDB+3Kx68Vy+rYBpxdzoxoapJ3/qBXJNXZ
da9t6FlLDRAd9vZlEiKJdn9XL0a+BGVJnuqBl4mQKa6b3knL9g0jlPNm1yX9+NZR
JknIBlcCoL5UIm7fPtl3MkX9mIWJnR37FCxAeJByscGWFLA8mhiawEoB4QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJxVW0Wdij26QPkhjegs29T7ZRnqMB8GA1UdIwQY
MBaAFAIzlALEKz+EmVxNWO9nDo0Wwq/iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWpPVUFzUXJQNFNaWEUxWTcyY09qUmJDci1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9lYjg3N2MtOTI5ZS00MWI2LWI5Y2It
ZmM2NGJmYzNkMmY5LzEvbkZWYlJaMktQYnBBLVNHTjZDemIxUHRsR2VvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny9lYjg3N2MtOTI5ZS00MWI2LWI5Y2ItZmM2NGJmYzNkMmY5
LzEvQWpPVUFzUXJQNFNaWEUxWTcyY09qUmJDci1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwjWsMA8E
AgACMAkDBwAgAQf4ACYwDQYJKoZIhvcNAQELBQADggEBAB/chwJ1+81S5JbfzoZU
xjizvaCOQx64eo8owgF3ni1xBISBkPM57L4WaJbhpmXwfq+9UQym2BLYn1iKQ9BJ
caNQrM/JywjA7N+iakUYPd2HiyWGUBo/13Jq7/XY3pocCKID48r0o2Mojpit0qTb
OfD2GXMFwuZB8SeUqHnFXigX1aqaNS7ovVYXFOrBLYQfCaDBsDIsW4AD0Ml2e7jj
eX36uhUtuQAMnpWlmRRnpgjsbDrxyWNU0jg+XvHPeul7qLTne+7YW5fJTrBkVSmT
zzsOJNHGCFiUyVx0xqxOVaIYvMczcSwGFVpsXCYCQqQ1akCCvWJixts4fWKrrxmC
7Hg=
-----END CERTIFICATE-----
Generated at Fri May 17 07:14:03 2024 by rpki-client on console-ams.rpki-client.org