Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/Nw6Ynoxi4SUJEijhLAS6dnz-9F0.roa
File: Nw6Ynoxi4SUJEijhLAS6dnz-9F0.roa (raw, json)
Hash identifier: LBtL3gfUYYY1KNSn6cGCQg+uAz+SksfSu6YHNklmnjA=
Subject key identifier: 37:0E:98:9E:8C:62:E1:25:09:12:28:E1:2C:04:BA:76:7C:FE:F4:5D
Certificate issuer: /CN=826605b4d27f13968e8794e6ef091223748817d8
Certificate serial: 018CC7946E39F2BC50417029E4619F531B71
Authority key identifier: 82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/Nw6Ynoxi4SUJEijhLAS6dnz-9F0.roa
Signing time: Tue 02 Jan 2024 00:30:42 +0000
ROA not before: Tue 02 Jan 2024 00:30:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 396356
IP address blocks: 168.199.204.0/24 maxlen: 24
168.199.205.0/24 maxlen: 24
168.199.206.0/24 maxlen: 24
168.199.211.0/24 maxlen: 24
168.199.208.0/24 maxlen: 24
168.199.209.0/24 maxlen: 24
168.199.210.0/24 maxlen: 24
168.199.207.0/24 maxlen: 24
168.199.216.0/24 maxlen: 24
168.199.217.0/24 maxlen: 24
168.199.218.0/24 maxlen: 24
168.199.219.0/24 maxlen: 24
168.199.225.0/24 maxlen: 24
168.199.226.0/24 maxlen: 24
168.199.222.0/24 maxlen: 24
168.199.223.0/24 maxlen: 24
168.199.224.0/24 maxlen: 24
168.199.220.0/24 maxlen: 24
168.199.221.0/24 maxlen: 24
168.199.229.0/24 maxlen: 24
168.199.230.0/24 maxlen: 24
168.199.231.0/24 maxlen: 24
168.199.227.0/24 maxlen: 24
168.199.228.0/24 maxlen: 24
168.199.232.0/24 maxlen: 24
168.199.233.0/24 maxlen: 24
168.199.239.0/24 maxlen: 24
168.199.236.0/24 maxlen: 24
168.199.237.0/24 maxlen: 24
168.199.238.0/24 maxlen: 24
168.199.234.0/24 maxlen: 24
168.199.235.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.mft
rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:6e:39:f2:bc:50:41:70:29:e4:61:9f:53:1b:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=826605b4d27f13968e8794e6ef091223748817d8
Validity
Not Before: Jan 2 00:30:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=370e989e8c62e125091228e12c04ba767cfef45d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:92:db:ff:f5:04:62:c2:eb:f2:90:0e:a7:b2:
02:92:bc:f3:da:e2:4d:3e:a2:ab:8a:5c:cc:e9:49:
74:db:35:01:3d:26:87:05:e8:cd:07:47:25:f9:83:
ef:7c:c3:22:47:7c:13:e0:2a:04:7e:a2:45:1a:ca:
41:cb:64:b7:61:eb:97:7e:10:fb:7a:47:7b:bc:0c:
c1:0f:3f:73:e0:7d:18:21:ae:e2:f0:d5:37:58:e3:
2a:8c:ee:13:95:8f:d2:f7:c9:7c:29:6c:54:ab:94:
0e:b1:3c:7a:58:46:c3:54:30:86:f9:a3:27:97:9b:
13:29:60:cc:99:a0:a4:35:ee:87:ff:39:39:12:a9:
96:85:fa:c1:55:ca:3a:67:53:ac:a3:f3:0a:a7:fb:
36:9f:f1:c5:97:53:92:44:b7:33:e2:ae:60:09:d7:
2d:f4:f1:49:3b:d9:e0:f6:53:6c:72:fe:d1:07:ba:
a5:72:8a:04:95:32:88:6d:0b:ce:87:de:e7:51:f3:
1b:ed:68:2f:08:96:5c:4c:22:25:ec:af:ce:d8:a8:
e6:4d:f0:5a:0b:a8:55:64:db:97:7e:d1:41:b2:88:
e5:c0:3d:82:d8:3e:3b:e9:c2:46:f5:a9:79:41:c8:
18:3a:80:25:ff:bb:78:74:08:43:10:01:9e:c4:d4:
75:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:0E:98:9E:8C:62:E1:25:09:12:28:E1:2C:04:BA:76:7C:FE:F4:5D
X509v3 Authority Key Identifier:
keyid:82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/Nw6Ynoxi4SUJEijhLAS6dnz-9F0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
168.199.204.0-168.199.211.255
168.199.216.0-168.199.239.255
Signature Algorithm: sha256WithRSAEncryption
a8:71:c0:a7:a7:30:23:ad:c3:16:eb:36:ed:b1:6c:40:fa:3a:
77:3e:de:e6:d7:04:45:a2:99:fa:65:a6:21:7f:c4:08:b2:01:
c8:9c:d4:7e:af:f8:99:32:00:5f:43:58:9a:97:9f:23:4e:49:
e7:9b:96:17:d4:da:9c:a6:91:4e:f2:aa:05:25:b5:f7:bc:ad:
ce:e0:d9:4f:48:e0:e3:63:3c:08:1c:5f:f8:51:70:db:cd:a4:
05:ae:2d:1f:e3:75:d2:bd:47:ad:23:f4:12:e6:69:ec:e1:fa:
e3:3b:8a:ab:2a:f9:6c:df:0c:61:26:75:7c:28:b3:2a:f2:e2:
86:00:bc:4d:a8:94:87:ca:af:39:56:74:5f:a9:f9:9a:74:56:
c9:a8:1a:33:22:fb:e6:53:66:a8:e8:57:bc:e0:dc:8b:7c:05:
f6:27:97:c2:e7:7c:db:42:7d:2a:c0:9e:2d:99:06:b7:45:71:
53:09:39:5e:10:ba:04:a3:d4:d8:26:de:33:c0:28:a9:ac:0b:
c6:6d:34:97:f9:4b:7f:ae:35:d5:fe:60:aa:19:3c:62:e8:5a:
94:69:ff:03:d0:58:87:07:12:bf:9c:1d:88:1f:cc:6d:ed:e6:
6c:3f:1a:36:17:6c:70:d0:36:fd:b4:a2:40:8f:e9:82:ce:b0:
52:eb:58:40
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYzHlG458rxQQXAp5GGfUxtxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNjYwNWI0ZDI3ZjEzOTY4ZTg3OTRlNmVmMDkxMjIzNzQ4
ODE3ZDgwHhcNMjQwMTAyMDAzMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzBlOTg5ZThjNjJlMTI1MDkxMjI4ZTEyYzA0YmE3NjdjZmVmNDVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhJLb//UEYsLr8pAOp7ICkrzz2uJN
PqKrilzM6Ul02zUBPSaHBejNB0cl+YPvfMMiR3wT4CoEfqJFGspBy2S3YeuXfhD7
ekd7vAzBDz9z4H0YIa7i8NU3WOMqjO4TlY/S98l8KWxUq5QOsTx6WEbDVDCG+aMn
l5sTKWDMmaCkNe6H/zk5EqmWhfrBVco6Z1Oso/MKp/s2n/HFl1OSRLcz4q5gCdct
9PFJO9ng9lNscv7RB7qlcooElTKIbQvOh97nUfMb7WgvCJZcTCIl7K/O2KjmTfBa
C6hVZNuXftFBsojlwD2C2D476cJG9al5QcgYOoAl/7t4dAhDEAGexNR1iwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFDcOmJ6MYuElCRIo4SwEunZ8/vRdMB8GA1UdIwQY
MBaAFIJmBbTSfxOWjoeU5u8JEiN0iBfYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEt
MmQxOTE4YmExYzBlLzEvTnc2WW5veGk0U1VKRWlqaExBUzZkbnotOUYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEtMmQxOTE4YmExYzBl
LzEvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBAKox8wD
BAKox9AwDAMEA6jH2AMEBKjH4DANBgkqhkiG9w0BAQsFAAOCAQEAqHHAp6cwI63D
Fus27bFsQPo6dz7e5tcERaKZ+mWmIX/ECLIByJzUfq/4mTIAX0NYmpefI05J55uW
F9TanKaRTvKqBSW197ytzuDZT0jg42M8CBxf+FFw282kBa4tH+N10r1HrSP0EuZp
7OH64zuKqyr5bN8MYSZ1fCizKvLihgC8TaiUh8qvOVZ0X6n5mnRWyagaMyL75lNm
qOhXvODci3wF9ieXwud820J9KsCeLZkGt0VxUwk5XhC6BKPU2CbeM8AoqawLxm00
l/lLf6411f5gqhk8YuhalGn/A9BYhwcSv5wdiB/Mbe3mbD8aNhdscNA2/bSiQI/p
gs6wUutYQA==
-----END CERTIFICATE-----
Generated at Sat May 4 13:52:42 2024 by rpki-client on console-fra.rpki-client.org