Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/cf6e2f-58ff-41e0-8d0c-9d5e34b02e5b/1/9goORqPiku-njPG8BO885-KbOco.roa
File: 9goORqPiku-njPG8BO885-KbOco.roa (raw, json)
Hash identifier: g2Vpbqgc/gt0i0LDBE9y7pYxp9JS3zkfqmIjR7k6qsM=
Subject key identifier: F6:0A:0E:46:A3:E2:92:EF:A7:8C:F1:BC:04:EF:3C:E7:E2:9B:39:CA
Certificate issuer: /CN=356e0101181aca4251e9f24a8f63735e2f5ebdcd
Certificate serial: 01926AE6E12CD3628CDF3FA8FF6D45B93688
Authority key identifier: 35:6E:01:01:18:1A:CA:42:51:E9:F2:4A:8F:63:73:5E:2F:5E:BD:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NW4BARgaykJR6fJKj2NzXi9evc0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/cf6e2f-58ff-41e0-8d0c-9d5e34b02e5b/1/9goORqPiku-njPG8BO885-KbOco.roa
Signing time: Tue 08 Oct 2024 06:52:48 +0000
ROA not before: Tue 08 Oct 2024 06:52:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199306
IP address blocks: 185.160.76.0/24 maxlen: 24
185.160.77.0/24 maxlen: 24
2a01:fa80::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8f/cf6e2f-58ff-41e0-8d0c-9d5e34b02e5b/1/NW4BARgaykJR6fJKj2NzXi9evc0.crl
rsync://rpki.ripe.net/repository/DEFAULT/8f/cf6e2f-58ff-41e0-8d0c-9d5e34b02e5b/1/NW4BARgaykJR6fJKj2NzXi9evc0.mft
rsync://rpki.ripe.net/repository/DEFAULT/NW4BARgaykJR6fJKj2NzXi9evc0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:6a:e6:e1:2c:d3:62:8c:df:3f:a8:ff:6d:45:b9:36:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=356e0101181aca4251e9f24a8f63735e2f5ebdcd
Validity
Not Before: Oct 8 06:52:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f60a0e46a3e292efa78cf1bc04ef3ce7e29b39ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:5b:62:10:5c:57:c1:97:e1:a7:93:97:f7:33:
c2:75:7c:2b:16:08:22:ee:dd:c7:8b:6e:6b:6a:63:
a3:32:df:e8:e8:77:48:4c:34:f4:88:6c:89:8c:96:
10:84:a5:f7:c4:7f:fb:52:7d:37:31:9d:a1:f6:06:
07:40:80:68:fc:69:30:9c:ce:19:dd:61:05:c8:6e:
4c:df:5a:e1:20:72:2c:01:73:77:2c:cb:07:57:01:
51:77:53:b3:67:7d:de:4b:d5:1c:78:0a:95:6c:8f:
e2:e9:ab:ab:1c:c2:0e:64:c9:01:02:e6:20:25:a5:
5b:e8:4a:93:55:e0:0d:c6:7a:7a:bf:da:a0:b3:52:
0c:10:fa:ee:1c:c0:c0:31:c6:dc:c1:07:9d:ac:67:
14:13:6f:9c:18:cc:f3:a7:26:7c:e9:2d:fe:cf:22:
7a:63:5b:cd:1a:73:ee:c8:50:ba:c3:c9:41:12:c2:
8f:8c:d0:1e:85:2b:aa:56:44:ba:7e:9f:9e:0a:d0:
53:06:9a:d3:da:a0:dd:c0:b8:d6:c8:b5:fd:00:d3:
56:2e:80:da:72:4a:79:71:bf:2b:83:67:29:6e:bf:
1d:af:af:4d:4b:15:da:bb:4d:ca:cf:b3:4e:aa:e2:
6e:03:1b:fc:7e:6e:f9:92:d1:83:d6:47:75:a2:15:
ed:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:0A:0E:46:A3:E2:92:EF:A7:8C:F1:BC:04:EF:3C:E7:E2:9B:39:CA
X509v3 Authority Key Identifier:
keyid:35:6E:01:01:18:1A:CA:42:51:E9:F2:4A:8F:63:73:5E:2F:5E:BD:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NW4BARgaykJR6fJKj2NzXi9evc0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/cf6e2f-58ff-41e0-8d0c-9d5e34b02e5b/1/9goORqPiku-njPG8BO885-KbOco.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/cf6e2f-58ff-41e0-8d0c-9d5e34b02e5b/1/NW4BARgaykJR6fJKj2NzXi9evc0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.160.76.0/23
IPv6:
2a01:fa80::/30
Signature Algorithm: sha256WithRSAEncryption
a8:2c:c3:fd:1a:95:de:c8:cc:83:77:2e:4e:76:e6:a5:f8:cf:
ba:af:af:1f:a5:6a:46:13:c6:11:bb:a7:31:65:c6:4c:91:0a:
4b:31:0e:40:23:70:f1:76:a8:65:4d:67:2b:06:71:25:87:d9:
8d:27:a0:3c:c6:6e:31:97:0f:f8:f0:6c:e4:04:cf:0c:82:d5:
42:1c:04:6c:cb:63:d5:80:08:2d:8c:5c:59:98:46:3a:60:e0:
70:07:b4:02:8d:c9:98:aa:2f:76:b8:eb:68:91:0f:44:a4:23:
b2:3f:49:65:c3:a0:19:d2:7b:7c:0e:1f:3f:b9:f8:c4:a9:49:
35:f7:a5:17:db:03:63:0e:07:06:7e:ba:0f:10:df:dd:7c:07:
f0:0e:5a:1e:52:e8:b4:74:04:bd:4d:95:df:41:b4:b9:ee:70:
ad:62:e0:1f:f6:e6:bc:2e:30:14:06:8e:16:52:19:79:c9:4d:
3e:67:27:75:d5:d6:f0:df:77:fb:1a:5a:f6:67:15:63:6a:bd:
38:40:e0:62:86:86:2d:08:b5:b4:b7:68:5b:d8:ae:4f:08:98:
f3:8e:80:3b:ee:23:35:8b:c7:27:fc:12:8d:34:14:51:f1:2e:
77:81:2d:a0:d1:66:74:30:27:62:51:b2:a9:34:65:3b:a9:b2:
aa:e7:c6:32
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZJq5uEs02KM3z+o/21FuTaIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NmUwMTAxMTgxYWNhNDI1MWU5ZjI0YThmNjM3MzVlMmY1
ZWJkY2QwHhcNMjQxMDA4MDY1MjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjBhMGU0NmEzZTI5MmVmYTc4Y2YxYmMwNGVmM2NlN2UyOWIzOWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxVtiEFxXwZfhp5OX9zPCdXwrFggi
7t3Hi25ramOjMt/o6HdITDT0iGyJjJYQhKX3xH/7Un03MZ2h9gYHQIBo/GkwnM4Z
3WEFyG5M31rhIHIsAXN3LMsHVwFRd1OzZ33eS9UceAqVbI/i6aurHMIOZMkBAuYg
JaVb6EqTVeANxnp6v9qgs1IMEPruHMDAMcbcwQedrGcUE2+cGMzzpyZ86S3+zyJ6
Y1vNGnPuyFC6w8lBEsKPjNAehSuqVkS6fp+eCtBTBprT2qDdwLjWyLX9ANNWLoDa
ckp5cb8rg2cpbr8dr69NSxXau03Kz7NOquJuAxv8fm75ktGD1kd1ohXtdQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPYKDkaj4pLvp4zxvATvPOfimznKMB8GA1UdIwQY
MBaAFDVuAQEYGspCUenySo9jc14vXr3NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlc0QkFSZ2F5a0pSNmZKS2oyTnpYaTlldmMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9jZjZlMmYtNThmZi00MWUwLThkMGMt
OWQ1ZTM0YjAyZTViLzEvOWdvT1JxUGlrdS1ualBHOEJPODg1LUtiT2NvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9jZjZlMmYtNThmZi00MWUwLThkMGMtOWQ1ZTM0YjAyZTVi
LzEvTlc0QkFSZ2F5a0pSNmZKS2oyTnpYaTlldmMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuaBMMA0E
AgACMAcDBQIqAfqAMA0GCSqGSIb3DQEBCwUAA4IBAQCoLMP9GpXeyMyDdy5Odual
+M+6r68fpWpGE8YRu6cxZcZMkQpLMQ5AI3DxdqhlTWcrBnElh9mNJ6A8xm4xlw/4
8GzkBM8MgtVCHARsy2PVgAgtjFxZmEY6YOBwB7QCjcmYqi92uOtokQ9EpCOyP0ll
w6AZ0nt8Dh8/ufjEqUk196UX2wNjDgcGfroPEN/dfAfwDloeUui0dAS9TZXfQbS5
7nCtYuAf9ua8LjAUBo4WUhl5yU0+Zyd11dbw33f7Glr2ZxVjar04QOBihoYtCLW0
t2hb2K5PCJjzjoA77iM1i8cn/BKNNBRR8S53gS2g0WZ0MCdiUbKpNGU7qbKq58Yy
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:45:27 2024 by rpki-client on console-fra.rpki-client.org