Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/NkT_LpSqylyi9x26uRYAF3SOG4Q.roa
File: NkT_LpSqylyi9x26uRYAF3SOG4Q.roa (raw, json)
Hash identifier: sXK+hLPI04Gf+aGr0W15jxrK4ylvszDLkgGrNlocao4=
Subject key identifier: 36:44:FF:2E:94:AA:CA:5C:A2:F7:1D:BA:B9:16:00:17:74:8E:1B:84
Certificate issuer: /CN=dfd524a05d477b82fbca93e7a504aa31a3ad6863
Certificate serial: 018CC9BBF022AC5B7834BBE347A0AECFF067
Authority key identifier: DF:D5:24:A0:5D:47:7B:82:FB:CA:93:E7:A5:04:AA:31:A3:AD:68:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/39UkoF1He4L7ypPnpQSqMaOtaGM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/NkT_LpSqylyi9x26uRYAF3SOG4Q.roa
Signing time: Tue 02 Jan 2024 10:33:06 +0000
ROA not before: Tue 02 Jan 2024 10:33:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205192
IP address blocks: 185.106.22.0/24 maxlen: 24
185.106.21.0/24 maxlen: 24
185.106.23.0/24 maxlen: 24
185.106.20.0/24 maxlen: 24
185.28.60.0/24 maxlen: 24
185.103.198.0/24 maxlen: 24
185.103.197.0/24 maxlen: 24
185.103.196.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/39UkoF1He4L7ypPnpQSqMaOtaGM.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/39UkoF1He4L7ypPnpQSqMaOtaGM.mft
rsync://rpki.ripe.net/repository/DEFAULT/39UkoF1He4L7ypPnpQSqMaOtaGM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:f0:22:ac:5b:78:34:bb:e3:47:a0:ae:cf:f0:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfd524a05d477b82fbca93e7a504aa31a3ad6863
Validity
Not Before: Jan 2 10:33:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3644ff2e94aaca5ca2f71dbab9160017748e1b84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:f2:d1:27:ca:49:2a:39:e0:53:bb:5a:33:b9:
d1:22:ca:49:ef:1f:0b:5a:18:33:b8:af:92:53:fa:
eb:47:da:44:2b:39:e4:9b:9b:b3:9d:e4:fe:f1:fb:
de:9d:b5:97:07:7e:b4:cc:64:b0:98:c2:e0:cb:8e:
02:ae:da:b1:df:0e:d7:e6:29:91:be:68:3b:aa:d7:
8c:65:e4:8b:1c:b4:93:b9:c3:86:72:65:0f:00:a5:
92:80:de:8c:83:af:f7:9c:de:66:24:6b:06:1b:0b:
74:5d:16:50:af:01:c4:50:45:e0:a2:a2:59:11:3f:
12:5d:be:33:4c:f6:d4:c7:69:4f:c4:80:fe:82:23:
3a:6a:df:05:d4:74:15:f9:5c:49:9a:e1:04:27:3e:
40:12:6a:7f:85:b0:7c:48:9e:55:34:2e:ff:be:fe:
dd:84:8e:fc:07:92:da:a7:f9:69:c9:dd:fa:b9:44:
32:10:a2:f6:32:f8:50:0e:0b:3a:f8:d6:e5:9b:1f:
f1:e4:1e:fa:ec:7e:76:4f:37:bc:91:85:b7:32:fb:
1e:26:40:7f:d6:f6:5f:60:52:10:99:dc:9e:c9:64:
82:1f:1e:fa:58:60:0b:f5:64:7e:db:10:62:4d:fd:
b2:96:dd:79:34:7b:2d:8c:90:3b:ed:e8:31:71:f5:
67:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:44:FF:2E:94:AA:CA:5C:A2:F7:1D:BA:B9:16:00:17:74:8E:1B:84
X509v3 Authority Key Identifier:
keyid:DF:D5:24:A0:5D:47:7B:82:FB:CA:93:E7:A5:04:AA:31:A3:AD:68:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/39UkoF1He4L7ypPnpQSqMaOtaGM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/NkT_LpSqylyi9x26uRYAF3SOG4Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/39UkoF1He4L7ypPnpQSqMaOtaGM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.28.60.0/24
185.103.196.0-185.103.198.255
185.106.20.0/22
Signature Algorithm: sha256WithRSAEncryption
18:57:fa:1e:79:2f:92:a8:3e:d5:0e:3a:2b:3b:2f:0c:26:8e:
69:4c:c4:7f:71:ba:eb:87:cf:9b:a8:c8:0a:b6:da:ba:c8:76:
02:66:8a:8e:7a:b4:fd:eb:34:e9:bf:76:98:94:ed:d1:03:93:
e4:06:ec:64:fc:1d:b4:65:8d:26:9c:ab:52:27:47:e6:9d:ca:
bd:d3:a8:29:80:c1:4d:b7:c2:f8:12:8f:60:cf:4c:16:88:28:
82:55:19:db:79:f0:c4:c3:37:b6:59:1e:84:2b:90:b8:b5:48:
d5:ff:06:af:24:8c:3e:16:ed:27:8d:cb:6c:87:25:b0:ec:1f:
26:0d:ae:27:51:4a:99:e9:b8:ff:93:5b:00:ee:9d:61:1d:32:
00:29:ad:4f:a8:94:0c:80:5c:fd:cf:90:d2:53:ab:f0:a2:0d:
fd:47:d6:d5:b5:0a:35:02:c0:f8:fa:7a:67:ae:3c:e5:d4:86:
6b:a3:6f:26:de:71:6e:f0:e5:e6:6a:2e:94:21:fc:b4:91:c4:
5e:44:a4:09:f5:ed:c6:55:20:20:2c:99:6e:f1:82:c5:db:ce:
19:99:08:89:b0:55:19:5b:be:30:78:55:57:78:75:c0:6b:a6:
4d:78:a8:46:7c:33:60:27:f1:9c:44:77:8a:be:be:03:26:ad:
2c:61:ff:af
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzJu/AirFt4NLvjR6Cuz/BnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmZDUyNGEwNWQ0NzdiODJmYmNhOTNlN2E1MDRhYTMxYTNh
ZDY4NjMwHhcNMjQwMTAyMTAzMzA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjQ0ZmYyZTk0YWFjYTVjYTJmNzFkYmFiOTE2MDAxNzc0OGUxYjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmfLRJ8pJKjngU7taM7nRIspJ7x8L
WhgzuK+SU/rrR9pEKznkm5uzneT+8fvenbWXB360zGSwmMLgy44Crtqx3w7X5imR
vmg7qteMZeSLHLSTucOGcmUPAKWSgN6Mg6/3nN5mJGsGGwt0XRZQrwHEUEXgoqJZ
ET8SXb4zTPbUx2lPxID+giM6at8F1HQV+VxJmuEEJz5AEmp/hbB8SJ5VNC7/vv7d
hI78B5Lap/lpyd36uUQyEKL2MvhQDgs6+Nblmx/x5B767H52Tze8kYW3MvseJkB/
1vZfYFIQmdyeyWSCHx76WGAL9WR+2xBiTf2ylt15NHstjJA77egxcfVnhQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFDZE/y6UqspcovcdurkWABd0jhuEMB8GA1UdIwQY
MBaAFN/VJKBdR3uC+8qT56UEqjGjrWhjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzlVa29GMUhlNEw3eXBQbnBRU3FNYU90YUdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8yMGMxODctMDBmZC00NTllLWFhZTQt
NDY3ZjRmN2Y1ZGVkLzEvTmtUX0xwU3F5bHlpOXgyNnVSWUFGM1NPRzRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8yMGMxODctMDBmZC00NTllLWFhZTQtNDY3ZjRmN2Y1ZGVk
LzEvMzlVa29GMUhlNEw3eXBQbnBRU3FNYU90YUdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAuRw8MAwD
BAK5Z8QDBAC5Z8YDBAK5ahQwDQYJKoZIhvcNAQELBQADggEBABhX+h55L5KoPtUO
Ois7LwwmjmlMxH9xuuuHz5uoyAq22rrIdgJmio56tP3rNOm/dpiU7dEDk+QG7GT8
HbRljSacq1InR+adyr3TqCmAwU23wvgSj2DPTBaIKIJVGdt58MTDN7ZZHoQrkLi1
SNX/Bq8kjD4W7SeNy2yHJbDsHyYNridRSpnpuP+TWwDunWEdMgAprU+olAyAXP3P
kNJTq/CiDf1H1tW1CjUCwPj6emeuPOXUhmujbybecW7w5eZqLpQh/LSRxF5EpAn1
7cZVICAsmW7xgsXbzhmZCImwVRlbvjB4VVd4dcBrpk14qEZ8M2An8ZxEd4q+vgMm
rSxh/68=
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:43:44 2024 by rpki-client on console-ams.rpki-client.org