Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/1825d1-7c01-4915-a444-2eb51261ddba/1/NkesC1O1X58aN3Q08Bk3Vir53vY.roa
File: NkesC1O1X58aN3Q08Bk3Vir53vY.roa (raw, json)
Hash identifier: +Fu4hmCCF23TVq8nPR7W9xkukm0bntFTgUyGcWSuzQk=
Subject key identifier: 36:47:AC:0B:53:B5:5F:9F:1A:37:74:34:F0:19:37:56:2A:F9:DE:F6
Certificate issuer: /CN=c88623876dd1ad8e624a23dd528b2c64c80a8521
Certificate serial: 018E64965C5B5DED7DE47AAA19B6A73BB859
Authority key identifier: C8:86:23:87:6D:D1:AD:8E:62:4A:23:DD:52:8B:2C:64:C8:0A:85:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yIYjh23RrY5iSiPdUossZMgKhSE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/1825d1-7c01-4915-a444-2eb51261ddba/1/NkesC1O1X58aN3Q08Bk3Vir53vY.roa
Signing time: Fri 22 Mar 2024 05:15:59 +0000
ROA not before: Fri 22 Mar 2024 05:15:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9294
IP address blocks: 193.107.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8f/1825d1-7c01-4915-a444-2eb51261ddba/1/yIYjh23RrY5iSiPdUossZMgKhSE.crl
rsync://rpki.ripe.net/repository/DEFAULT/8f/1825d1-7c01-4915-a444-2eb51261ddba/1/yIYjh23RrY5iSiPdUossZMgKhSE.mft
rsync://rpki.ripe.net/repository/DEFAULT/yIYjh23RrY5iSiPdUossZMgKhSE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:64:96:5c:5b:5d:ed:7d:e4:7a:aa:19:b6:a7:3b:b8:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c88623876dd1ad8e624a23dd528b2c64c80a8521
Validity
Not Before: Mar 22 05:15:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3647ac0b53b55f9f1a377434f01937562af9def6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:d7:ae:a1:5a:29:24:df:01:97:ee:61:d5:7e:
58:68:3b:aa:75:1e:75:d9:3f:b2:1d:3f:34:38:85:
db:7b:f2:93:85:85:5f:60:46:71:4e:8d:7b:92:66:
57:44:25:48:1a:1f:10:c3:97:77:23:8b:41:59:fd:
96:97:de:59:49:a7:73:95:93:4e:19:43:cd:63:29:
0f:ef:14:7c:d0:f4:9e:7b:b2:4f:06:45:92:30:82:
e1:9d:c6:05:7c:11:c0:ff:21:91:37:0b:8c:47:a8:
0e:d6:b8:7d:52:86:ee:ce:da:77:3d:19:af:f0:9a:
d5:60:ea:3d:bd:e5:86:c1:93:26:d2:c8:b4:c8:53:
92:21:9e:4a:7e:50:98:d7:e6:4d:11:35:c8:44:6e:
83:72:cc:10:12:ff:3b:8e:c6:7a:7b:1d:f3:b9:e5:
2c:79:ba:ec:ed:63:54:6b:90:e6:f2:f8:0a:8b:67:
d0:3a:f4:ea:a1:b7:72:05:cf:9b:ca:90:f6:28:40:
7e:9e:66:d2:38:8d:ab:a8:80:bd:f7:1d:86:05:78:
30:46:77:bb:e1:28:e1:81:6b:5e:ea:8e:85:06:bd:
30:d6:4a:26:53:02:b6:89:4e:fc:b7:22:7a:45:2d:
c1:58:87:df:4b:80:ce:0b:53:5e:3c:da:7d:28:74:
37:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:47:AC:0B:53:B5:5F:9F:1A:37:74:34:F0:19:37:56:2A:F9:DE:F6
X509v3 Authority Key Identifier:
keyid:C8:86:23:87:6D:D1:AD:8E:62:4A:23:DD:52:8B:2C:64:C8:0A:85:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yIYjh23RrY5iSiPdUossZMgKhSE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/1825d1-7c01-4915-a444-2eb51261ddba/1/NkesC1O1X58aN3Q08Bk3Vir53vY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/1825d1-7c01-4915-a444-2eb51261ddba/1/yIYjh23RrY5iSiPdUossZMgKhSE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.107.23.0/24
Signature Algorithm: sha256WithRSAEncryption
55:79:82:bc:e0:63:ba:00:66:cf:86:13:6f:a9:1c:f1:27:88:
c2:ef:be:64:2c:0d:1b:24:9b:6e:00:a6:ae:d0:99:6a:35:a0:
7e:b3:97:d1:71:57:a2:93:7f:68:dc:22:b4:e6:f9:3d:b0:5c:
4c:0e:03:c9:56:c5:80:a3:e7:ea:28:d2:ae:dc:a3:db:57:09:
74:49:28:47:30:ce:2f:40:de:26:e1:28:f4:ef:51:44:c9:44:
50:3e:d5:ee:1c:eb:dd:71:91:b7:e3:34:e6:43:7c:0a:62:cd:
48:15:5d:e5:91:e2:e5:cb:c5:62:5b:f4:62:6f:db:c7:19:7a:
2b:4e:0e:fb:30:94:56:91:56:67:f3:cb:a8:cd:71:2c:30:2d:
38:d7:9c:90:1e:62:75:2c:3b:3d:87:25:b2:6d:47:2a:7a:8a:
1d:0b:2d:8b:85:8c:df:35:66:0c:77:a5:10:d7:e3:86:8d:7e:
ef:f7:3e:6f:b1:61:61:89:a8:be:ac:b0:9b:c1:2b:29:68:19:
9c:73:40:d4:f5:31:55:5e:95:06:cc:80:0b:73:45:5c:f4:62:
c1:fd:47:54:32:87:40:d5:8f:b6:82:e9:09:06:17:01:c9:28:
9f:b9:14:11:47:5f:ea:99:2a:5a:76:98:f4:42:6f:01:a4:c5:
d5:84:a8:b0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY5kllxbXe195HqqGbanO7hZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ODYyMzg3NmRkMWFkOGU2MjRhMjNkZDUyOGIyYzY0Yzgw
YTg1MjEwHhcNMjQwMzIyMDUxNTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjQ3YWMwYjUzYjU1ZjlmMWEzNzc0MzRmMDE5Mzc1NjJhZjlkZWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoteuoVopJN8Bl+5h1X5YaDuqdR51
2T+yHT80OIXbe/KThYVfYEZxTo17kmZXRCVIGh8Qw5d3I4tBWf2Wl95ZSadzlZNO
GUPNYykP7xR80PSee7JPBkWSMILhncYFfBHA/yGRNwuMR6gO1rh9Uobuztp3PRmv
8JrVYOo9veWGwZMm0si0yFOSIZ5KflCY1+ZNETXIRG6DcswQEv87jsZ6ex3zueUs
ebrs7WNUa5Dm8vgKi2fQOvTqobdyBc+bypD2KEB+nmbSOI2rqIC99x2GBXgwRne7
4SjhgWte6o6FBr0w1komUwK2iU78tyJ6RS3BWIffS4DOC1NePNp9KHQ3FQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDZHrAtTtV+fGjd0NPAZN1Yq+d72MB8GA1UdIwQY
MBaAFMiGI4dt0a2OYkoj3VKLLGTICoUhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUlZamgyM1JyWTVpU2lQZFVvc3NaTWdLaFNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi8xODI1ZDEtN2MwMS00OTE1LWE0NDQt
MmViNTEyNjFkZGJhLzEvTmtlc0MxTzFYNThhTjNRMDhCazNWaXI1M3ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi8xODI1ZDEtN2MwMS00OTE1LWE0NDQtMmViNTEyNjFkZGJh
LzEveUlZamgyM1JyWTVpU2lQZFVvc3NaTWdLaFNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwWsXMA0G
CSqGSIb3DQEBCwUAA4IBAQBVeYK84GO6AGbPhhNvqRzxJ4jC775kLA0bJJtuAKau
0JlqNaB+s5fRcVeik39o3CK05vk9sFxMDgPJVsWAo+fqKNKu3KPbVwl0SShHMM4v
QN4m4Sj071FEyURQPtXuHOvdcZG34zTmQ3wKYs1IFV3lkeLly8ViW/Rib9vHGXor
Tg77MJRWkVZn88uozXEsMC0415yQHmJ1LDs9hyWybUcqeoodCy2LhYzfNWYMd6UQ
1+OGjX7v9z5vsWFhiai+rLCbwSspaBmcc0DU9TFVXpUGzIALc0Vc9GLB/UdUModA
1Y+2gukJBhcBySifuRQRR1/qmSpadpj0Qm8BpMXVhKiw
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:50:29 2024 by rpki-client on console-fra.rpki-client.org