Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/D-Nnpai_CFHv_n5ALvvuq0tW_RE.roa
File: D-Nnpai_CFHv_n5ALvvuq0tW_RE.roa (raw, json)
Hash identifier: 9l/Vsk2V0XWMdAILLoXd2gFb/H41u3V7R4sx8+sfi7o=
Subject key identifier: 0F:E3:67:A5:A8:BF:08:51:EF:FE:7E:40:2E:FB:EE:AB:4B:56:FD:11
Certificate issuer: /CN=7d149f62447853689c12fb288afeb6b681cfebc1
Certificate serial: 018CC56E3BFAA4D035D6B116C8DFDDDCAB8E
Authority key identifier: 7D:14:9F:62:44:78:53:68:9C:12:FB:28:8A:FE:B6:B6:81:CF:EB:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fRSfYkR4U2icEvsoiv62toHP68E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/D-Nnpai_CFHv_n5ALvvuq0tW_RE.roa
Signing time: Mon 01 Jan 2024 14:29:45 +0000
ROA not before: Mon 01 Jan 2024 14:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50593
IP address blocks: 178.172.214.0/24 maxlen: 24
178.172.228.0/24 maxlen: 24
178.172.234.0/24 maxlen: 24
213.184.234.0/24 maxlen: 24
93.125.50.0/24 maxlen: 24
178.172.204.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/fRSfYkR4U2icEvsoiv62toHP68E.crl
rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/fRSfYkR4U2icEvsoiv62toHP68E.mft
rsync://rpki.ripe.net/repository/DEFAULT/fRSfYkR4U2icEvsoiv62toHP68E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:3b:fa:a4:d0:35:d6:b1:16:c8:df:dd:dc:ab:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d149f62447853689c12fb288afeb6b681cfebc1
Validity
Not Before: Jan 1 14:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0fe367a5a8bf0851effe7e402efbeeab4b56fd11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:c3:5b:ec:0d:f3:97:25:cd:af:a0:f5:68:5c:
dd:ec:4c:32:36:f9:57:ee:f5:90:40:98:7a:24:73:
b1:43:55:eb:1e:5b:dc:36:00:d5:5b:50:43:b5:78:
5b:c1:ed:a4:f8:25:3c:45:2a:07:ca:37:36:11:46:
b1:51:d1:68:00:b1:d0:47:c7:32:12:e9:9c:6f:74:
26:02:01:99:a4:16:5e:9d:fd:f5:bf:19:fc:15:f4:
30:bb:ac:1f:70:5c:9a:44:e2:0b:b7:73:89:c5:49:
ed:2a:42:c9:91:41:76:76:7b:79:63:bb:4b:b6:ad:
11:d3:0f:69:19:6a:35:a9:9d:6f:fd:74:ec:1c:69:
44:fe:19:a5:2a:18:d4:28:e1:ab:18:c8:e6:7d:7e:
fe:c2:38:44:76:ed:47:27:3e:2f:36:77:e0:c3:18:
c8:0c:61:59:9d:ff:db:5d:f7:41:2f:5b:99:7b:a9:
d4:24:a9:30:02:d4:59:34:3d:d6:45:f3:36:3e:20:
10:6d:b6:48:49:8d:20:81:3d:08:49:3b:09:de:25:
c9:17:8c:62:89:a4:ed:77:de:89:85:d6:e6:24:a6:
b2:af:5b:b6:62:19:9e:5f:d3:d2:c2:40:12:2b:0d:
1a:fc:68:1f:6b:e8:af:a3:99:d5:91:a9:99:40:a0:
a1:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:E3:67:A5:A8:BF:08:51:EF:FE:7E:40:2E:FB:EE:AB:4B:56:FD:11
X509v3 Authority Key Identifier:
keyid:7D:14:9F:62:44:78:53:68:9C:12:FB:28:8A:FE:B6:B6:81:CF:EB:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fRSfYkR4U2icEvsoiv62toHP68E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/D-Nnpai_CFHv_n5ALvvuq0tW_RE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/fRSfYkR4U2icEvsoiv62toHP68E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.125.50.0/24
178.172.204.0/24
178.172.214.0/24
178.172.228.0/24
178.172.234.0/24
213.184.234.0/24
Signature Algorithm: sha256WithRSAEncryption
13:23:b4:de:73:80:c3:cb:ce:57:57:a1:21:0c:94:74:e3:d9:
05:d2:2a:b8:11:d5:76:ce:59:2d:15:1e:b8:d5:bc:81:2f:f1:
8f:23:4e:67:2c:57:a2:c5:40:d6:18:3c:59:55:56:04:0c:3f:
2c:e9:a4:d5:75:ae:9c:91:64:64:ba:92:24:39:15:b9:27:75:
09:bb:bb:d5:88:c3:14:a9:c5:ad:d4:3a:d6:65:b3:9d:3a:18:
46:84:19:c3:0f:8a:3c:2a:e4:2f:71:59:a5:ee:84:52:69:7c:
76:4b:c7:bc:30:d0:c3:33:b0:ca:ca:4e:5f:c8:ba:f2:a3:66:
9b:96:c1:9a:2b:70:b9:4b:e7:93:99:bc:9b:64:76:72:58:1f:
0e:76:ba:1d:f3:ca:2c:4f:3c:d8:15:83:31:1a:32:b4:65:63:
93:f2:ff:fb:9b:0e:fb:17:20:b7:e6:58:81:47:81:53:8a:82:
1d:98:6c:03:70:3a:ef:c5:35:09:cc:12:98:60:1d:3e:9c:ea:
d9:21:12:df:2b:6d:91:b4:3a:8f:db:80:6c:56:29:1d:2b:ad:
e9:d3:24:79:1c:8a:38:c3:9d:3a:4c:32:5c:72:75:ab:9f:6d:
05:23:11:c5:ec:52:d1:f7:1d:a8:a5:91:dd:be:b9:69:f1:19:
12:ed:f6:61
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzFbjv6pNA11rEWyN/d3KuOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMTQ5ZjYyNDQ3ODUzNjg5YzEyZmIyODhhZmViNmI2ODFj
ZmViYzEwHhcNMjQwMTAxMTQyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmUzNjdhNWE4YmYwODUxZWZmZTdlNDAyZWZiZWVhYjRiNTZmZDExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgsNb7A3zlyXNr6D1aFzd7EwyNvlX
7vWQQJh6JHOxQ1XrHlvcNgDVW1BDtXhbwe2k+CU8RSoHyjc2EUaxUdFoALHQR8cy
Eumcb3QmAgGZpBZenf31vxn8FfQwu6wfcFyaROILt3OJxUntKkLJkUF2dnt5Y7tL
tq0R0w9pGWo1qZ1v/XTsHGlE/hmlKhjUKOGrGMjmfX7+wjhEdu1HJz4vNnfgwxjI
DGFZnf/bXfdBL1uZe6nUJKkwAtRZND3WRfM2PiAQbbZISY0ggT0ISTsJ3iXJF4xi
iaTtd96JhdbmJKayr1u2YhmeX9PSwkASKw0a/Ggfa+ivo5nVkamZQKChiwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFA/jZ6WovwhR7/5+QC777qtLVv0RMB8GA1UdIwQY
MBaAFH0Un2JEeFNonBL7KIr+traBz+vBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlJTZllrUjRVMmljRXZzb2l2NjJ0b0hQNjhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC82YTU0YmYtZjAwZi00NjdhLWJmNTct
YWFiMGU0MTRjYzYzLzEvRC1ObnBhaV9DRkh2X241QUx2dnVxMHRXX1JFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC82YTU0YmYtZjAwZi00NjdhLWJmNTctYWFiMGU0MTRjYzYz
LzEvZlJTZllrUjRVMmljRXZzb2l2NjJ0b0hQNjhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAXX0yAwQA
sqzMAwQAsqzWAwQAsqzkAwQAsqzqAwQA1bjqMA0GCSqGSIb3DQEBCwUAA4IBAQAT
I7Tec4DDy85XV6EhDJR049kF0iq4EdV2zlktFR641byBL/GPI05nLFeixUDWGDxZ
VVYEDD8s6aTVda6ckWRkupIkORW5J3UJu7vViMMUqcWt1DrWZbOdOhhGhBnDD4o8
KuQvcVml7oRSaXx2S8e8MNDDM7DKyk5fyLryo2ablsGaK3C5S+eTmbybZHZyWB8O
drod88osTzzYFYMxGjK0ZWOT8v/7mw77FyC35liBR4FTioIdmGwDcDrvxTUJzBKY
YB0+nOrZIRLfK22RtDqP24BsVikdK63p0yR5HIo4w506TDJccnWrn20FIxHF7FLR
9x2opZHdvrlp8RkS7fZh
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:43:33 2024 by rpki-client on console-ams.rpki-client.org