Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/44dd9f-4891-45ae-9030-8da8317de3f6/1/njmdu_4smylLxVn5QGUmEUZNcOo.roa
File: njmdu_4smylLxVn5QGUmEUZNcOo.roa (raw, json)
Hash identifier: rA6csdgXi2Bw1ZAj3s6rsIC5DHRH/iOqnWqTE+SZgCI=
Subject key identifier: 9E:39:9D:BB:FE:2C:9B:29:4B:C5:59:F9:40:65:26:11:46:4D:70:EA
Certificate issuer: /CN=5dc87309876cec404f007bf6da0434c0bdc62d8b
Certificate serial: 018CC8DECF485F01A2DA373636131E2935D6
Authority key identifier: 5D:C8:73:09:87:6C:EC:40:4F:00:7B:F6:DA:04:34:C0:BD:C6:2D:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XchzCYds7EBPAHv22gQ0wL3GLYs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/44dd9f-4891-45ae-9030-8da8317de3f6/1/njmdu_4smylLxVn5QGUmEUZNcOo.roa
Signing time: Tue 02 Jan 2024 06:31:34 +0000
ROA not before: Tue 02 Jan 2024 06:31:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41821
IP address blocks: 185.210.80.0/22 maxlen: 24
2a0b:6040::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/44dd9f-4891-45ae-9030-8da8317de3f6/1/XchzCYds7EBPAHv22gQ0wL3GLYs.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/44dd9f-4891-45ae-9030-8da8317de3f6/1/XchzCYds7EBPAHv22gQ0wL3GLYs.mft
rsync://rpki.ripe.net/repository/DEFAULT/XchzCYds7EBPAHv22gQ0wL3GLYs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:cf:48:5f:01:a2:da:37:36:36:13:1e:29:35:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dc87309876cec404f007bf6da0434c0bdc62d8b
Validity
Not Before: Jan 2 06:31:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9e399dbbfe2c9b294bc559f940652611464d70ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:22:8d:b4:f5:b9:6d:b1:99:4e:3a:b9:be:f1:
88:a4:b4:71:3f:d2:f8:db:54:df:4a:d3:6b:fc:4e:
a8:00:7f:7c:59:02:9c:76:1e:e9:4e:6c:ca:9e:a5:
07:d2:a3:5c:cd:f0:c5:75:c5:05:ce:34:e3:32:a1:
69:ca:a1:82:9f:1a:e4:a3:07:5a:32:aa:e6:21:a3:
83:76:15:e5:71:7a:fa:77:3e:87:a8:3d:b3:e3:6e:
1a:63:59:aa:4d:13:aa:03:6a:0c:37:bb:02:7c:23:
64:91:dd:15:d8:24:92:48:8c:35:37:ca:bf:59:9c:
c7:62:ab:f6:e3:44:fb:c8:13:a9:79:be:f2:ed:83:
b8:d0:60:a7:09:c2:35:c9:cc:42:b6:63:f9:57:a2:
f6:87:46:42:86:7c:98:14:54:c0:03:9c:74:07:95:
3b:ea:1a:96:b0:22:cd:be:46:d6:f7:ed:00:ce:b9:
f2:d9:52:ab:53:6a:bb:c6:dc:69:3f:40:8f:90:54:
21:5c:3d:65:77:06:07:78:8c:06:05:d9:ce:3f:8b:
07:6a:0e:16:65:26:e7:91:42:62:fa:57:26:1f:a2:
b8:34:31:90:85:33:e9:13:b1:d9:fa:44:1b:c6:d5:
4c:bc:13:00:f0:84:2b:7c:c4:31:8f:09:d7:85:2b:
15:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:39:9D:BB:FE:2C:9B:29:4B:C5:59:F9:40:65:26:11:46:4D:70:EA
X509v3 Authority Key Identifier:
keyid:5D:C8:73:09:87:6C:EC:40:4F:00:7B:F6:DA:04:34:C0:BD:C6:2D:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XchzCYds7EBPAHv22gQ0wL3GLYs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/44dd9f-4891-45ae-9030-8da8317de3f6/1/njmdu_4smylLxVn5QGUmEUZNcOo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/44dd9f-4891-45ae-9030-8da8317de3f6/1/XchzCYds7EBPAHv22gQ0wL3GLYs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.210.80.0/22
IPv6:
2a0b:6040::/32
Signature Algorithm: sha256WithRSAEncryption
b5:b2:ef:3b:8d:83:9e:e7:4c:2a:c9:d4:ca:5d:e0:7e:c4:1e:
24:42:75:33:10:06:85:ca:5c:26:f7:09:7c:2b:d6:91:cb:17:
6e:9e:41:80:5d:4a:92:00:8c:94:3f:81:7e:e4:0d:df:5c:26:
0b:42:43:f8:90:d7:a0:95:89:99:de:dc:83:1e:f2:64:32:c0:
cf:f7:2c:22:05:8c:84:85:09:24:54:64:97:05:26:d9:09:d3:
77:5c:a3:b1:ff:07:dd:64:40:f4:0b:aa:3f:b1:68:18:da:26:
a8:85:42:20:32:e1:ff:55:b6:97:5f:00:33:12:68:fc:f4:66:
c7:3f:f7:37:c9:e3:91:ad:08:f1:4a:d7:07:56:5c:0d:f4:db:
9e:de:4a:01:de:23:ab:54:9c:d1:eb:9a:28:4d:fa:ef:ad:bc:
81:66:cb:d6:a7:59:35:f2:9c:a1:73:cd:e7:3a:fe:ab:21:e4:
4f:95:3a:35:6b:43:9e:8b:56:ce:76:28:bf:c7:ed:ee:af:f6:
62:86:b2:ac:37:30:f1:37:c4:a1:57:54:62:df:25:54:23:9a:
74:05:34:5f:7b:67:e8:3b:b0:4c:89:d5:97:da:a3:94:b7:fb:
43:80:9e:35:15:78:00:da:c5:72:f3:6f:77:f6:e5:8c:46:92:
ca:39:b2:04
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzI3s9IXwGi2jc2NhMeKTXWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYzg3MzA5ODc2Y2VjNDA0ZjAwN2JmNmRhMDQzNGMwYmRj
NjJkOGIwHhcNMjQwMTAyMDYzMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTM5OWRiYmZlMmM5YjI5NGJjNTU5Zjk0MDY1MjYxMTQ2NGQ3MGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoiKNtPW5bbGZTjq5vvGIpLRxP9L4
21TfStNr/E6oAH98WQKcdh7pTmzKnqUH0qNczfDFdcUFzjTjMqFpyqGCnxrkowda
MqrmIaODdhXlcXr6dz6HqD2z424aY1mqTROqA2oMN7sCfCNkkd0V2CSSSIw1N8q/
WZzHYqv240T7yBOpeb7y7YO40GCnCcI1ycxCtmP5V6L2h0ZChnyYFFTAA5x0B5U7
6hqWsCLNvkbW9+0Azrny2VKrU2q7xtxpP0CPkFQhXD1ldwYHeIwGBdnOP4sHag4W
ZSbnkUJi+lcmH6K4NDGQhTPpE7HZ+kQbxtVMvBMA8IQrfMQxjwnXhSsVaQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJ45nbv+LJspS8VZ+UBlJhFGTXDqMB8GA1UdIwQY
MBaAFF3IcwmHbOxATwB79toENMC9xi2LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGNoekNZZHM3RUJQQUh2MjJnUTB3TDNHTFlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi80NGRkOWYtNDg5MS00NWFlLTkwMzAt
OGRhODMxN2RlM2Y2LzEvbmptZHVfNHNteWxMeFZuNVFHVW1FVVpOY09vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi80NGRkOWYtNDg5MS00NWFlLTkwMzAtOGRhODMxN2RlM2Y2
LzEvWGNoekNZZHM3RUJQQUh2MjJnUTB3TDNHTFlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudJQMA0E
AgACMAcDBQAqC2BAMA0GCSqGSIb3DQEBCwUAA4IBAQC1su87jYOe50wqydTKXeB+
xB4kQnUzEAaFylwm9wl8K9aRyxdunkGAXUqSAIyUP4F+5A3fXCYLQkP4kNeglYmZ
3tyDHvJkMsDP9ywiBYyEhQkkVGSXBSbZCdN3XKOx/wfdZED0C6o/sWgY2iaohUIg
MuH/VbaXXwAzEmj89GbHP/c3yeORrQjxStcHVlwN9Nue3koB3iOrVJzR65ooTfrv
rbyBZsvWp1k18pyhc83nOv6rIeRPlTo1a0Oei1bOdii/x+3ur/ZihrKsNzDxN8Sh
V1Ri3yVUI5p0BTRfe2foO7BMidWX2qOUt/tDgJ41FXgA2sVy82939uWMRpLKObIE
-----END CERTIFICATE-----
Generated at Tue Nov 26 19:21:54 2024 by rpki-client on console-fra.rpki-client.org