Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/nvgJ_RzjOcnu2bx3BEegNwq1YNA.roa
File: nvgJ_RzjOcnu2bx3BEegNwq1YNA.roa (raw, json)
Hash identifier: BaaxOK8QFHhBroYUjNFklyUkzBSI82HW1MpcAyxPe7I=
Subject key identifier: 9E:F8:09:FD:1C:E3:39:C9:EE:D9:BC:77:04:47:A0:37:0A:B5:60:D0
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018D87BB4518529DBC62E589FC9628EC03F6
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/nvgJ_RzjOcnu2bx3BEegNwq1YNA.roa
Signing time: Thu 08 Feb 2024 08:00:13 +0000
ROA not before: Thu 08 Feb 2024 08:00:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 5.102.108.0/22 maxlen: 22
5.102.124.0/22 maxlen: 22
46.20.212.0/22 maxlen: 23
92.114.40.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 16:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:87:bb:45:18:52:9d:bc:62:e5:89:fc:96:28:ec:03:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Feb 8 08:00:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9ef809fd1ce339c9eed9bc770447a0370ab560d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:d8:e2:ce:3a:24:17:1f:69:3e:17:45:e0:76:
70:05:00:84:45:b1:2a:05:5d:69:2f:83:78:60:1b:
47:57:45:51:49:ab:30:30:6f:57:a7:33:ac:fb:ab:
0f:81:df:12:6a:26:94:ba:33:4e:ed:c1:2b:11:79:
fd:e9:99:50:1a:39:66:7b:e7:b9:71:ec:45:7f:f1:
6b:0e:78:2a:ed:03:c8:02:01:67:95:69:2c:e9:84:
b3:c2:3c:be:1a:bc:39:6b:c9:89:cb:09:13:27:16:
38:b0:9c:e7:f2:92:9e:72:59:b5:5b:c3:f8:2e:eb:
dc:10:ec:6a:56:99:2d:02:23:d3:d1:47:f8:14:5a:
c0:b8:08:18:64:cb:eb:b7:13:ee:c9:14:31:6a:68:
2d:11:0d:ed:2c:7d:fd:d3:01:8f:22:84:f7:84:ee:
86:01:65:69:44:b9:86:2b:87:4b:e1:98:51:0e:67:
93:d6:de:3f:07:a9:f8:ec:65:3b:eb:04:a7:4e:1e:
16:26:df:7e:02:11:da:8f:96:85:56:36:52:72:85:
a4:64:1c:d9:0e:95:2e:0b:0d:02:7f:63:70:55:19:
96:ff:90:b3:3b:a9:c0:21:fe:42:04:08:5a:f6:26:
8a:4e:5d:a3:d9:ef:43:9b:bc:c2:77:c5:fb:c2:97:
db:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:F8:09:FD:1C:E3:39:C9:EE:D9:BC:77:04:47:A0:37:0A:B5:60:D0
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/nvgJ_RzjOcnu2bx3BEegNwq1YNA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.108.0/22
5.102.124.0/22
46.20.212.0/22
92.114.40.0/22
Signature Algorithm: sha256WithRSAEncryption
43:a2:f1:69:c2:bb:9f:02:e4:b0:1a:0c:c0:9e:0f:8c:9a:8f:
aa:c0:a7:ef:64:67:0a:57:a2:f1:49:74:fa:5a:d1:b3:18:d2:
37:5e:65:70:99:0d:67:6b:64:4c:02:ed:2d:20:20:0f:1a:a0:
f6:8c:48:e6:0d:a1:a8:88:bd:56:8a:6e:d8:28:ed:5d:1c:c2:
dc:b1:06:4f:b1:1d:d4:ec:a4:e4:88:8e:43:b4:a2:1e:5a:32:
e0:e2:31:63:4d:bc:cd:10:ad:cc:b9:91:19:d7:16:31:c3:c7:
8a:20:56:4c:97:a6:1b:56:9a:e9:39:aa:1f:b7:93:a5:0c:fb:
28:49:a1:46:cb:30:f0:1b:d8:f2:7f:5a:ab:71:b3:78:6d:62:
8f:93:16:8d:12:4c:95:d7:36:60:2a:a5:63:94:b9:76:7f:69:
14:72:98:36:b8:13:6d:44:aa:65:01:92:e0:a2:3d:94:59:29:
ac:7d:d9:12:90:03:0d:8e:90:60:84:8f:24:35:37:ae:45:c6:
01:97:0f:f7:03:72:b1:20:01:64:8e:96:e2:d5:54:f8:96:70:
13:2b:36:ca:fe:3a:2b:62:2b:20:25:03:dc:30:d9:ba:44:01:
c7:cc:af:0a:0f:ca:42:15:4d:fd:93:bb:37:ce:4f:be:54:52:
1c:01:cc:a6
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY2Hu0UYUp28YuWJ/JYo7AP2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwMjA4MDgwMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWY4MDlmZDFjZTMzOWM5ZWVkOWJjNzcwNDQ3YTAzNzBhYjU2MGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk9jizjokFx9pPhdF4HZwBQCERbEq
BV1pL4N4YBtHV0VRSaswMG9XpzOs+6sPgd8SaiaUujNO7cErEXn96ZlQGjlme+e5
cexFf/FrDngq7QPIAgFnlWks6YSzwjy+Grw5a8mJywkTJxY4sJzn8pKeclm1W8P4
LuvcEOxqVpktAiPT0Uf4FFrAuAgYZMvrtxPuyRQxamgtEQ3tLH390wGPIoT3hO6G
AWVpRLmGK4dL4ZhRDmeT1t4/B6n47GU76wSnTh4WJt9+AhHaj5aFVjZScoWkZBzZ
DpUuCw0Cf2NwVRmW/5CzO6nAIf5CBAha9iaKTl2j2e9Dm7zCd8X7wpfbpwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJ74Cf0c4znJ7tm8dwRHoDcKtWDQMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvbnZnSl9SempPY251MmJ4M0JFZWdOd3ExWU5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCBWZsAwQC
BWZ8AwQCLhTUAwQCXHIoMA0GCSqGSIb3DQEBCwUAA4IBAQBDovFpwrufAuSwGgzA
ng+Mmo+qwKfvZGcKV6LxSXT6WtGzGNI3XmVwmQ1na2RMAu0tICAPGqD2jEjmDaGo
iL1Wim7YKO1dHMLcsQZPsR3U7KTkiI5DtKIeWjLg4jFjTbzNEK3MuZEZ1xYxw8eK
IFZMl6YbVprpOaoft5OlDPsoSaFGyzDwG9jyf1qrcbN4bWKPkxaNEkyV1zZgKqVj
lLl2f2kUcpg2uBNtRKplAZLgoj2UWSmsfdkSkAMNjpBghI8kNTeuRcYBlw/3A3Kx
IAFkjpbi1VT4lnATKzbK/jorYisgJQPcMNm6RAHHzK8KD8pCFU39k7s3zk++VFIc
Acym
-----END CERTIFICATE-----
Generated at Fri May 3 01:26:58 2024 by rpki-client on console-ams.rpki-client.org