Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/6f598d-a5c5-4c99-a1f0-548263eb6fb4/1/1-NtcpV8bvLpVNoX6nr9bMiISHN0.roa
File: 1-NtcpV8bvLpVNoX6nr9bMiISHN0.roa (raw, json)
Hash identifier: keOXL2kAPWFvilzJGwcelBgkLyCRqfJ+gBZOwFZACMc=
Subject key identifier: F8:DB:5C:A5:5F:1B:BC:BA:55:36:85:FA:9E:BF:5B:32:22:12:1C:DD
Certificate issuer: /CN=7a0a06564d3c717d2d6daa1e833c495976b0bada
Certificate serial: 018CC56E4E6264A3E35D1B447F512D7F5B32
Authority key identifier: 7A:0A:06:56:4D:3C:71:7D:2D:6D:AA:1E:83:3C:49:59:76:B0:BA:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/egoGVk08cX0tbaoegzxJWXawuto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/6f598d-a5c5-4c99-a1f0-548263eb6fb4/1/1-NtcpV8bvLpVNoX6nr9bMiISHN0.roa
Signing time: Mon 01 Jan 2024 14:29:49 +0000
ROA not before: Mon 01 Jan 2024 14:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198949
IP address blocks: 149.249.2.0/24 maxlen: 24
149.249.1.0/24 maxlen: 24
149.249.3.0/24 maxlen: 24
149.249.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/6f598d-a5c5-4c99-a1f0-548263eb6fb4/1/egoGVk08cX0tbaoegzxJWXawuto.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/6f598d-a5c5-4c99-a1f0-548263eb6fb4/1/egoGVk08cX0tbaoegzxJWXawuto.mft
rsync://rpki.ripe.net/repository/DEFAULT/egoGVk08cX0tbaoegzxJWXawuto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:4e:62:64:a3:e3:5d:1b:44:7f:51:2d:7f:5b:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a0a06564d3c717d2d6daa1e833c495976b0bada
Validity
Not Before: Jan 1 14:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f8db5ca55f1bbcba553685fa9ebf5b3222121cdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:2d:aa:ba:cf:0f:84:f3:bf:0a:77:28:85:e3:
16:36:17:5a:d7:03:40:66:4f:1d:cd:98:3d:c7:5a:
09:56:a4:77:81:dd:0c:9e:42:d9:5d:9e:5f:1d:23:
49:70:c8:21:95:7c:1d:29:6c:e4:72:c4:16:d5:8f:
b7:3a:cd:c8:4d:67:09:e1:57:16:e6:f5:ec:41:af:
e7:f5:be:e6:41:3c:c8:8d:47:4c:d6:d2:d8:1c:1a:
6e:66:b9:48:a5:fd:50:2b:71:02:d2:87:d4:89:66:
67:32:d7:47:5f:19:10:6d:b1:e9:d1:2c:b7:ab:49:
f6:a4:27:17:0a:7c:c0:f9:05:0d:b9:e6:d0:88:75:
be:c3:dc:be:7e:30:a5:f8:e2:e9:b4:7e:dd:a0:0f:
bc:eb:42:43:a9:3b:5d:09:32:b3:93:9b:e7:0e:69:
13:43:8d:21:18:50:b4:92:b4:63:14:83:5f:80:0f:
ac:0b:b3:05:35:20:19:5c:60:6e:db:0b:c2:6f:e1:
1a:00:06:6f:d5:68:32:fa:d8:5c:2b:fc:de:71:c6:
fc:6e:f5:62:7f:c0:81:75:51:ca:93:8d:b6:2b:ad:
99:6d:53:69:ab:0f:38:d0:41:55:89:00:66:b9:a9:
7a:94:1c:c7:bb:51:87:37:a9:60:9f:3c:2f:b1:c0:
e7:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:DB:5C:A5:5F:1B:BC:BA:55:36:85:FA:9E:BF:5B:32:22:12:1C:DD
X509v3 Authority Key Identifier:
keyid:7A:0A:06:56:4D:3C:71:7D:2D:6D:AA:1E:83:3C:49:59:76:B0:BA:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/egoGVk08cX0tbaoegzxJWXawuto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/6f598d-a5c5-4c99-a1f0-548263eb6fb4/1/1-NtcpV8bvLpVNoX6nr9bMiISHN0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/6f598d-a5c5-4c99-a1f0-548263eb6fb4/1/egoGVk08cX0tbaoegzxJWXawuto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.249.0.0/22
Signature Algorithm: sha256WithRSAEncryption
af:3b:85:00:82:5e:00:a4:fe:b6:9b:73:11:62:6b:30:1d:c4:
8c:34:60:a4:55:bd:fb:f5:43:df:8f:09:9b:5e:ca:4f:92:ec:
fd:53:4f:0b:39:97:8e:67:72:c1:69:88:1c:15:ef:52:29:3f:
87:ad:e5:27:e1:4c:c2:79:52:1c:6b:18:ce:c9:05:b3:e3:7a:
e6:40:c0:65:50:71:6c:7f:34:7e:ad:ad:b2:91:20:77:ad:9c:
d3:94:ba:fa:00:8e:79:d2:08:8f:21:d7:fc:78:36:c8:20:07:
bf:1c:bc:a0:a1:22:42:5c:a3:55:1b:51:fe:d9:7c:32:8c:31:
23:26:cf:2d:b3:92:14:3d:e4:99:f7:3a:ca:cd:45:47:77:5b:
1c:da:1e:28:3d:9b:9e:5e:65:a1:2e:8e:b3:da:a4:5d:95:7c:
f1:f4:ed:f3:67:77:30:b9:c9:cf:57:89:c4:5a:bf:db:7d:dd:
3c:54:1f:04:86:ae:a5:31:22:0e:52:3b:f8:3e:18:2f:1a:ca:
3c:3b:cd:81:10:87:2a:d5:41:32:81:9c:22:fb:25:f2:99:f0:
45:73:c0:4d:b6:bf:5c:ba:2d:c6:67:db:cb:05:73:9f:8e:61:
03:1c:a7:2f:c0:38:d5:72:fc:9c:17:e3:ec:ce:7d:d9:e0:b0:
66:7e:eb:44
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzFbk5iZKPjXRtEf1Etf1syMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhMGEwNjU2NGQzYzcxN2QyZDZkYWExZTgzM2M0OTU5NzZi
MGJhZGEwHhcNMjQwMTAxMTQyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGRiNWNhNTVmMWJiY2JhNTUzNjg1ZmE5ZWJmNWIzMjIyMTIxY2RkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoC2qus8PhPO/CncoheMWNhda1wNA
Zk8dzZg9x1oJVqR3gd0MnkLZXZ5fHSNJcMghlXwdKWzkcsQW1Y+3Os3ITWcJ4VcW
5vXsQa/n9b7mQTzIjUdM1tLYHBpuZrlIpf1QK3EC0ofUiWZnMtdHXxkQbbHp0Sy3
q0n2pCcXCnzA+QUNuebQiHW+w9y+fjCl+OLptH7doA+860JDqTtdCTKzk5vnDmkT
Q40hGFC0krRjFINfgA+sC7MFNSAZXGBu2wvCb+EaAAZv1Wgy+thcK/zeccb8bvVi
f8CBdVHKk422K62ZbVNpqw840EFViQBmual6lBzHu1GHN6lgnzwvscDn5QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPjbXKVfG7y6VTaF+p6/WzIiEhzdMB8GA1UdIwQY
MBaAFHoKBlZNPHF9LW2qHoM8SVl2sLraMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWdvR1ZrMDhjWDB0YmFvZWd6eEpXWGF3dXRvLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi82ZjU5OGQtYTVjNS00Yzk5LWExZjAt
NTQ4MjYzZWI2ZmI0LzEvMS1OdGNwVjhidkxwVk5vWDZucjliTWlJU0hOMC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGIvNmY1OThkLWE1YzUtNGM5OS1hMWYwLTU0ODI2M2ViNmZi
NC8xL2Vnb0dWazA4Y1gwdGJhb2VnenhKV1hhd3V0by5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEApX5ADAN
BgkqhkiG9w0BAQsFAAOCAQEArzuFAIJeAKT+tptzEWJrMB3EjDRgpFW9+/VD348J
m17KT5Ls/VNPCzmXjmdywWmIHBXvUik/h63lJ+FMwnlSHGsYzskFs+N65kDAZVBx
bH80fq2tspEgd62c05S6+gCOedIIjyHX/Hg2yCAHvxy8oKEiQlyjVRtR/tl8Mowx
IybPLbOSFD3kmfc6ys1FR3dbHNoeKD2bnl5loS6Os9qkXZV88fTt82d3MLnJz1eJ
xFq/233dPFQfBIaupTEiDlI7+D4YLxrKPDvNgRCHKtVBMoGcIvsl8pnwRXPATba/
XLotxmfbywVzn45hAxynL8A41XL8nBfj7M592eCwZn7rRA==
-----END CERTIFICATE-----
Generated at Sun May 5 21:20:58 2024 by rpki-client on console-fra.rpki-client.org