Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/1be7bc-b642-4a0d-8e6b-f7e0c5e2702e/1/nmZ4J_s7_VifTjLBUbr2LeCgHJc.roa
File: nmZ4J_s7_VifTjLBUbr2LeCgHJc.roa (raw, json)
Hash identifier: yvovLEVPrxwtQ4bnRFx8EfDKI/g4lHIFbZx6dqianVk=
Subject key identifier: 9E:66:78:27:FB:3B:FD:58:9F:4E:32:C1:51:BA:F6:2D:E0:A0:1C:97
Certificate issuer: /CN=10543a5197eb2544447e9d36b3ebf14452c777eb
Certificate serial: 018CC501326605D27F9D4F07598DA6425AF7
Authority key identifier: 10:54:3A:51:97:EB:25:44:44:7E:9D:36:B3:EB:F1:44:52:C7:77:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EFQ6UZfrJUREfp02s-vxRFLHd-s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/1be7bc-b642-4a0d-8e6b-f7e0c5e2702e/1/nmZ4J_s7_VifTjLBUbr2LeCgHJc.roa
Signing time: Mon 01 Jan 2024 12:30:39 +0000
ROA not before: Mon 01 Jan 2024 12:30:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199256
IP address blocks: 193.120.55.0/24 maxlen: 24
193.120.164.0/23 maxlen: 23
194.125.118.0/24 maxlen: 24
193.120.22.0/24 maxlen: 24
193.120.40.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/1be7bc-b642-4a0d-8e6b-f7e0c5e2702e/1/EFQ6UZfrJUREfp02s-vxRFLHd-s.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/1be7bc-b642-4a0d-8e6b-f7e0c5e2702e/1/EFQ6UZfrJUREfp02s-vxRFLHd-s.mft
rsync://rpki.ripe.net/repository/DEFAULT/EFQ6UZfrJUREfp02s-vxRFLHd-s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:32:66:05:d2:7f:9d:4f:07:59:8d:a6:42:5a:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=10543a5197eb2544447e9d36b3ebf14452c777eb
Validity
Not Before: Jan 1 12:30:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9e667827fb3bfd589f4e32c151baf62de0a01c97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:b8:12:ed:e3:0f:fb:97:36:d9:72:b5:b7:b3:
3c:71:40:4a:c0:2e:ad:a5:2d:9d:95:3a:13:03:e4:
37:1e:60:3d:bd:e2:04:e0:69:49:27:e2:a4:33:74:
50:1d:15:7b:48:bc:77:cd:42:44:f9:f8:c6:bb:38:
12:16:c8:f5:af:4c:e7:93:19:fc:b5:e0:51:ee:ed:
0c:93:34:b9:30:47:2e:cd:c5:3a:43:87:8b:12:35:
7d:5a:80:b3:45:99:13:c5:d6:ae:6c:98:eb:1e:e5:
5d:bc:41:4f:c1:2d:6a:5b:c0:dc:93:1a:b6:d7:34:
54:b3:48:c7:4e:8f:2f:b4:0f:ee:3d:3d:66:37:9b:
02:ee:31:8b:5f:92:50:3a:03:58:6e:21:eb:c4:cf:
f8:80:a2:8c:a8:ff:66:34:8e:b1:3d:f1:0b:1f:85:
e1:bb:7b:d1:dc:fc:a3:72:99:d1:49:47:00:14:a6:
38:86:41:ca:31:62:1a:78:80:ea:67:40:c1:a4:d9:
0b:11:5d:5c:48:14:5c:89:e5:a6:5e:36:57:14:c2:
d2:60:08:71:b8:9c:48:d3:94:da:36:88:d1:f7:39:
ae:a4:9f:90:10:5d:c9:0f:86:00:22:f8:e3:dd:27:
7d:2e:99:8d:62:d0:11:a2:1f:38:3c:cc:d4:16:cd:
2c:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:66:78:27:FB:3B:FD:58:9F:4E:32:C1:51:BA:F6:2D:E0:A0:1C:97
X509v3 Authority Key Identifier:
keyid:10:54:3A:51:97:EB:25:44:44:7E:9D:36:B3:EB:F1:44:52:C7:77:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EFQ6UZfrJUREfp02s-vxRFLHd-s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/1be7bc-b642-4a0d-8e6b-f7e0c5e2702e/1/nmZ4J_s7_VifTjLBUbr2LeCgHJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/1be7bc-b642-4a0d-8e6b-f7e0c5e2702e/1/EFQ6UZfrJUREfp02s-vxRFLHd-s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.120.22.0/24
193.120.40.0/23
193.120.55.0/24
193.120.164.0/23
194.125.118.0/24
Signature Algorithm: sha256WithRSAEncryption
68:da:78:6a:e6:f5:b9:b8:25:21:4e:d3:9c:ba:10:26:4f:e1:
51:68:0f:4a:93:24:51:c9:16:f8:cc:e6:e2:c5:e0:84:f8:b6:
82:e3:a8:cc:66:6c:eb:e2:eb:64:b1:40:38:b3:e5:3e:97:ad:
29:b9:28:b7:7f:aa:c9:66:23:0e:08:0b:0e:81:d0:00:c7:62:
f3:7b:e4:6f:df:6f:dc:dd:16:2b:06:b0:bd:b1:7d:af:10:9a:
3f:be:3d:66:ed:78:fc:4f:ad:fc:8d:b1:49:2f:cb:d2:88:4c:
07:22:ef:2e:cb:0c:36:8b:8f:14:af:dc:0f:81:6a:49:38:04:
3c:85:d2:7e:93:f7:78:d4:f5:92:47:f8:28:8f:21:0d:40:aa:
00:2f:36:ff:4f:1c:4a:85:48:04:11:d8:fc:c2:9b:25:49:62:
45:20:65:69:10:a8:ce:41:30:54:33:bb:78:7a:e6:c8:e1:26:
b4:d9:85:7a:80:00:f2:cc:6a:fa:22:dd:40:19:d9:89:3c:df:
cd:93:70:cd:90:29:06:dc:3c:d3:93:0e:fa:c8:ee:0b:6c:c1:
62:f0:73:cd:cb:46:7a:ec:ff:04:26:c0:1f:8b:c2:9e:82:1d:
71:fe:60:b1:79:5b:f0:b9:b4:e9:2b:79:ca:20:64:30:e5:a1:
f9:99:a5:65
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzFATJmBdJ/nU8HWY2mQlr3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNTQzYTUxOTdlYjI1NDQ0NDdlOWQzNmIzZWJmMTQ0NTJj
Nzc3ZWIwHhcNMjQwMTAxMTIzMDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTY2NzgyN2ZiM2JmZDU4OWY0ZTMyYzE1MWJhZjYyZGUwYTAxYzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjLgS7eMP+5c22XK1t7M8cUBKwC6t
pS2dlToTA+Q3HmA9veIE4GlJJ+KkM3RQHRV7SLx3zUJE+fjGuzgSFsj1r0znkxn8
teBR7u0MkzS5MEcuzcU6Q4eLEjV9WoCzRZkTxdaubJjrHuVdvEFPwS1qW8Dckxq2
1zRUs0jHTo8vtA/uPT1mN5sC7jGLX5JQOgNYbiHrxM/4gKKMqP9mNI6xPfELH4Xh
u3vR3PyjcpnRSUcAFKY4hkHKMWIaeIDqZ0DBpNkLEV1cSBRcieWmXjZXFMLSYAhx
uJxI05TaNojR9zmupJ+QEF3JD4YAIvjj3Sd9LpmNYtARoh84PMzUFs0sUQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJ5meCf7O/1Yn04ywVG69i3goByXMB8GA1UdIwQY
MBaAFBBUOlGX6yVERH6dNrPr8URSx3frMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUZRNlVaZnJKVVJFZnAwMnMtdnhSRkxIZC1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8xYmU3YmMtYjY0Mi00YTBkLThlNmIt
ZjdlMGM1ZTI3MDJlLzEvbm1aNEpfczdfVmlmVGpMQlVicjJMZUNnSEpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8xYmU3YmMtYjY0Mi00YTBkLThlNmItZjdlMGM1ZTI3MDJl
LzEvRUZRNlVaZnJKVVJFZnAwMnMtdnhSRkxIZC1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwXgWAwQB
wXgoAwQAwXg3AwQBwXikAwQAwn12MA0GCSqGSIb3DQEBCwUAA4IBAQBo2nhq5vW5
uCUhTtOcuhAmT+FRaA9KkyRRyRb4zObixeCE+LaC46jMZmzr4utksUA4s+U+l60p
uSi3f6rJZiMOCAsOgdAAx2Lze+Rv32/c3RYrBrC9sX2vEJo/vj1m7Xj8T638jbFJ
L8vSiEwHIu8uyww2i48Ur9wPgWpJOAQ8hdJ+k/d41PWSR/gojyENQKoALzb/TxxK
hUgEEdj8wpslSWJFIGVpEKjOQTBUM7t4eubI4Sa02YV6gADyzGr6It1AGdmJPN/N
k3DNkCkG3DzTkw76yO4LbMFi8HPNy0Z67P8EJsAfi8Kegh1x/mCxeVvwubTpK3nK
IGQw5aH5maVl
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:12:28 2024 by rpki-client on console-fra.rpki-client.org