Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/09aa61-87d7-4f53-9818-dec21eefa38b/1/NPqz0fxLVwTS9D96UoTfD6ULPT8.roa
File: NPqz0fxLVwTS9D96UoTfD6ULPT8.roa (raw, json)
Hash identifier: 5aQjr42BhDnB1aD5rCnz26FQBz5yvdYFyfMN7WtJKko=
Subject key identifier: 34:FA:B3:D1:FC:4B:57:04:D2:F4:3F:7A:52:84:DF:0F:A5:0B:3D:3F
Certificate issuer: /CN=d73492e4d25c3bbd0c5e20c5a85ecb22ec97360a
Certificate serial: 0191EBAA3F74E5BA2E322230FF4A06336BCE
Authority key identifier: D7:34:92:E4:D2:5C:3B:BD:0C:5E:20:C5:A8:5E:CB:22:EC:97:36:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1zSS5NJcO70MXiDFqF7LIuyXNgo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/09aa61-87d7-4f53-9818-dec21eefa38b/1/NPqz0fxLVwTS9D96UoTfD6ULPT8.roa
Signing time: Fri 13 Sep 2024 13:54:48 +0000
ROA not before: Fri 13 Sep 2024 13:54:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200023
IP address blocks: 37.140.252.0/24 maxlen: 24
185.200.132.0/22 maxlen: 22
194.61.128.0/22 maxlen: 22
194.61.128.0/24 maxlen: 24
194.61.129.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/09aa61-87d7-4f53-9818-dec21eefa38b/1/1zSS5NJcO70MXiDFqF7LIuyXNgo.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/09aa61-87d7-4f53-9818-dec21eefa38b/1/1zSS5NJcO70MXiDFqF7LIuyXNgo.mft
rsync://rpki.ripe.net/repository/DEFAULT/1zSS5NJcO70MXiDFqF7LIuyXNgo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:eb:aa:3f:74:e5:ba:2e:32:22:30:ff:4a:06:33:6b:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d73492e4d25c3bbd0c5e20c5a85ecb22ec97360a
Validity
Not Before: Sep 13 13:54:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=34fab3d1fc4b5704d2f43f7a5284df0fa50b3d3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:f6:f2:7b:25:aa:15:65:d8:dc:8d:60:61:c4:
ca:b3:cc:09:fe:67:13:c4:b3:1f:90:92:48:03:71:
43:e3:c0:4d:a7:a1:60:ca:ab:f5:3b:7f:90:ae:42:
8e:f0:1f:1c:dc:96:c9:00:cd:53:b9:2a:74:91:fc:
2c:dd:32:49:32:90:87:39:d4:9f:68:d3:b6:19:29:
b5:83:27:72:c0:32:2c:91:84:d8:69:89:10:30:5c:
0b:b1:ef:8a:fb:35:53:21:b0:f8:ef:e0:e6:21:7a:
f6:2b:37:3f:9f:b7:b9:b0:8d:71:09:8f:a3:84:2c:
32:d8:71:d3:1a:c7:9f:1f:f3:3c:d6:3c:3e:14:7c:
3e:3b:b4:26:aa:bb:6b:2f:f3:b0:61:ed:97:c3:73:
a5:1d:df:87:b4:00:25:28:14:4d:06:fa:1e:bc:cd:
ff:cd:81:93:95:c7:fe:6c:67:35:a2:5b:c2:3e:0e:
07:aa:18:a7:d7:30:27:55:13:88:4e:d1:4f:4a:02:
ee:3a:fc:81:23:b6:f5:c4:47:f4:ea:08:a1:41:64:
3b:e1:50:20:c6:2f:f4:32:96:19:57:43:8d:77:02:
e1:cd:b7:2d:43:b8:89:7c:50:fe:91:ac:25:a3:be:
42:09:82:fc:c3:40:dc:3a:a9:ab:f5:f1:c8:c0:77:
6e:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:FA:B3:D1:FC:4B:57:04:D2:F4:3F:7A:52:84:DF:0F:A5:0B:3D:3F
X509v3 Authority Key Identifier:
keyid:D7:34:92:E4:D2:5C:3B:BD:0C:5E:20:C5:A8:5E:CB:22:EC:97:36:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1zSS5NJcO70MXiDFqF7LIuyXNgo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/09aa61-87d7-4f53-9818-dec21eefa38b/1/NPqz0fxLVwTS9D96UoTfD6ULPT8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/09aa61-87d7-4f53-9818-dec21eefa38b/1/1zSS5NJcO70MXiDFqF7LIuyXNgo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.140.252.0/24
185.200.132.0/22
194.61.128.0/22
Signature Algorithm: sha256WithRSAEncryption
23:a9:27:76:91:4b:36:de:5c:d5:00:10:99:9d:94:ca:97:23:
9f:0f:5e:9c:6e:75:01:e6:93:de:0a:4a:ff:a7:1f:7d:6b:fa:
ed:ae:e4:68:42:9e:d4:fb:4c:a9:b2:7a:05:da:b2:b6:94:4f:
88:e7:2e:d1:21:3c:ba:dc:03:8e:99:b9:4d:6f:20:e2:71:95:
7d:5d:8a:1f:07:e0:e7:4c:a3:3e:51:ea:ca:17:f5:70:19:03:
92:38:f0:fe:f9:14:30:2c:8e:8d:15:1d:ae:aa:09:40:ca:f7:
90:dd:1a:5d:b0:d7:33:8c:f0:85:be:0f:86:90:6a:59:9c:f4:
ff:5b:eb:49:f0:1d:3f:69:12:72:cc:fa:c2:2e:bb:b1:93:5a:
78:8a:85:18:51:21:3c:a6:56:0f:cc:6b:8d:42:1b:47:57:0d:
28:67:53:01:b5:04:d8:b6:61:1d:bc:05:5f:a0:45:0f:f6:55:
8c:6e:19:b8:11:59:76:66:aa:1a:b4:68:a4:ae:cd:87:ff:d1:
51:ca:b7:1c:eb:ef:c4:a2:a3:ea:81:32:b2:34:5c:47:cc:bb:
fa:c0:19:d7:a3:39:bd:63:71:c0:19:4f:cd:4c:10:21:66:a8:
7d:5a:22:ca:36:df:2b:cc:ed:45:51:f2:cd:91:51:2e:6a:56:
f2:89:bc:6f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZHrqj905bouMiIw/0oGM2vOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3MzQ5MmU0ZDI1YzNiYmQwYzVlMjBjNWE4NWVjYjIyZWM5
NzM2MGEwHhcNMjQwOTEzMTM1NDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGZhYjNkMWZjNGI1NzA0ZDJmNDNmN2E1Mjg0ZGYwZmE1MGIzZDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/byeyWqFWXY3I1gYcTKs8wJ/mcT
xLMfkJJIA3FD48BNp6Fgyqv1O3+QrkKO8B8c3JbJAM1TuSp0kfws3TJJMpCHOdSf
aNO2GSm1gydywDIskYTYaYkQMFwLse+K+zVTIbD47+DmIXr2Kzc/n7e5sI1xCY+j
hCwy2HHTGsefH/M81jw+FHw+O7QmqrtrL/OwYe2Xw3OlHd+HtAAlKBRNBvoevM3/
zYGTlcf+bGc1olvCPg4Hqhin1zAnVROITtFPSgLuOvyBI7b1xEf06gihQWQ74VAg
xi/0MpYZV0ONdwLhzbctQ7iJfFD+kawlo75CCYL8w0DcOqmr9fHIwHdulwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDT6s9H8S1cE0vQ/elKE3w+lCz0/MB8GA1UdIwQY
MBaAFNc0kuTSXDu9DF4gxaheyyLslzYKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXpTUzVOSmNPNzBNWGlERnFGN0xJdXlYTmdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8wOWFhNjEtODdkNy00ZjUzLTk4MTgt
ZGVjMjFlZWZhMzhiLzEvTlBxejBmeExWd1RTOUQ5NlVvVGZENlVMUFQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8wOWFhNjEtODdkNy00ZjUzLTk4MTgtZGVjMjFlZWZhMzhi
LzEvMXpTUzVOSmNPNzBNWGlERnFGN0xJdXlYTmdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAJYz8AwQC
uciEAwQCwj2AMA0GCSqGSIb3DQEBCwUAA4IBAQAjqSd2kUs23lzVABCZnZTKlyOf
D16cbnUB5pPeCkr/px99a/rtruRoQp7U+0ypsnoF2rK2lE+I5y7RITy63AOOmblN
byDicZV9XYofB+DnTKM+UerKF/VwGQOSOPD++RQwLI6NFR2uqglAyveQ3RpdsNcz
jPCFvg+GkGpZnPT/W+tJ8B0/aRJyzPrCLruxk1p4ioUYUSE8plYPzGuNQhtHVw0o
Z1MBtQTYtmEdvAVfoEUP9lWMbhm4EVl2ZqoatGikrs2H/9FRyrcc6+/EoqPqgTKy
NFxHzLv6wBnXozm9Y3HAGU/NTBAhZqh9WiLKNt8rzO1FUfLNkVEualbyibxv
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:12:12 2024 by rpki-client on console-ams.rpki-client.org