Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/nAhlQGDCg73twYkDSR6TjKNltIk.roa
File: nAhlQGDCg73twYkDSR6TjKNltIk.roa (raw, json)
Hash identifier: 1BJ4EotGGfc0sJNtHnCAXiRbJLfjSV68VHjIRxCwZxA=
Subject key identifier: 9C:08:65:40:60:C2:83:BD:ED:C1:89:03:49:1E:93:8C:A3:65:B4:89
Certificate issuer: /CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Certificate serial: 018CC50071119EFE98609EE62AF39CE83507
Authority key identifier: 35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/nAhlQGDCg73twYkDSR6TjKNltIk.roa
Signing time: Mon 01 Jan 2024 12:29:49 +0000
ROA not before: Mon 01 Jan 2024 12:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200848
IP address blocks: 185.94.4.0/22 maxlen: 22
213.109.172.0/22 maxlen: 22
2a09:fc00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.crl
rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.mft
rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:71:11:9e:fe:98:60:9e:e6:2a:f3:9c:e8:35:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Validity
Not Before: Jan 1 12:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c08654060c283bdedc18903491e938ca365b489
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:72:83:28:03:e6:be:b4:7a:7c:72:95:4a:e7:
ab:12:83:08:d2:a1:12:81:4b:12:22:23:dc:92:e5:
39:2c:6d:69:6d:9e:61:9a:a2:8f:00:41:0d:a5:0b:
94:94:e6:71:58:d3:8f:98:e2:7f:fd:4f:33:8a:05:
00:cb:31:32:e0:1b:f5:23:e8:9c:06:fb:ce:86:49:
a8:66:ae:6a:97:5b:dc:12:b5:fb:45:9e:55:27:fe:
51:db:96:91:34:22:ad:79:c1:4a:c1:3e:e5:b3:60:
02:61:16:b9:05:a4:e5:8c:3e:d5:e7:02:5d:d7:39:
6b:18:96:c1:89:a3:cb:8c:38:bd:eb:71:80:6f:35:
db:d4:ac:81:fe:97:aa:62:fb:b0:33:6b:7c:38:97:
94:f6:a7:1d:38:e5:99:74:fd:49:5f:56:63:5a:ed:
58:b7:ef:d4:68:71:0d:21:e5:f3:45:bc:52:a9:47:
e0:45:3b:1c:02:4d:94:02:5c:4d:72:20:e0:fa:0c:
89:cd:ae:16:72:72:98:da:89:d1:f4:fa:ad:dd:d3:
8d:1f:0d:b3:17:a9:a3:61:ca:d5:57:79:82:b7:78:
2d:da:77:f3:17:49:e3:9d:34:2b:36:89:a1:ab:5b:
32:1e:58:b3:71:72:fb:58:6d:fc:55:0a:3a:b9:f5:
f1:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:08:65:40:60:C2:83:BD:ED:C1:89:03:49:1E:93:8C:A3:65:B4:89
X509v3 Authority Key Identifier:
keyid:35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/nAhlQGDCg73twYkDSR6TjKNltIk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.94.4.0/22
213.109.172.0/22
IPv6:
2a09:fc00::/29
Signature Algorithm: sha256WithRSAEncryption
71:2f:c7:04:f0:73:05:e8:45:60:2e:6c:1e:b3:2c:cb:c2:42:
30:e9:7e:4b:4a:22:58:ce:a8:46:d7:70:20:45:51:a9:f8:0a:
2d:51:45:a7:01:ca:94:52:c6:9b:4d:4d:24:9e:98:4f:84:6d:
48:74:f0:70:0d:68:43:2b:1d:61:64:2f:cc:d1:12:33:2a:f6:
ab:d2:62:2e:d2:f2:a3:d7:1b:91:bd:eb:02:92:4a:7c:87:57:
4c:ba:32:29:e6:0a:48:98:c5:c5:13:5f:d8:b6:ae:e4:06:02:
9a:b5:8b:5e:47:b3:07:42:34:e9:7b:ca:a2:26:7e:e4:97:e8:
46:dd:e4:e9:74:3f:37:66:a3:14:d4:7d:ec:83:ea:31:24:4c:
29:33:98:66:d9:de:8d:2d:b6:87:90:4b:fe:d8:ea:39:70:a8:
d1:02:bc:f1:ee:c4:08:09:36:24:5e:16:41:9f:b4:db:2d:69:
f1:9f:e5:27:2a:e9:7e:4f:c9:ab:1f:19:36:5e:54:41:11:e2:
f5:01:fe:d2:7c:15:9c:79:bc:74:7b:28:fc:f2:15:89:67:f4:
38:d3:33:12:d3:00:84:78:f5:b9:b1:eb:68:77:17:25:32:ee:
9a:ab:68:78:77:18:9b:fa:39:68:2d:07:3e:71:f0:b8:48:29:
04:ed:dd:e9
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzFAHERnv6YYJ7mKvOc6DUHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYwZjVmZjYyMGUwZGI1MzExZjY0NzM2OTA5OTczYWM2
MGY2ZjMwHhcNMjQwMTAxMTIyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzA4NjU0MDYwYzI4M2JkZWRjMTg5MDM0OTFlOTM4Y2EzNjViNDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3nKDKAPmvrR6fHKVSuerEoMI0qES
gUsSIiPckuU5LG1pbZ5hmqKPAEENpQuUlOZxWNOPmOJ//U8zigUAyzEy4Bv1I+ic
BvvOhkmoZq5ql1vcErX7RZ5VJ/5R25aRNCKtecFKwT7ls2ACYRa5BaTljD7V5wJd
1zlrGJbBiaPLjDi963GAbzXb1KyB/peqYvuwM2t8OJeU9qcdOOWZdP1JX1ZjWu1Y
t+/UaHENIeXzRbxSqUfgRTscAk2UAlxNciDg+gyJza4WcnKY2onR9Pqt3dONHw2z
F6mjYcrVV3mCt3gt2nfzF0njnTQrNomhq1syHlizcXL7WG38VQo6ufXxaQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJwIZUBgwoO97cGJA0kek4yjZbSJMB8GA1UdIwQY
MBaAFDWfD1/2IODbUxH2RzaQmXOsYPbzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2It
ZDFhYmY0ZWUzMmNiLzEvbkFobFFHRENnNzN0d1lrRFNSNlRqS05sdElrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2ItZDFhYmY0ZWUzMmNi
LzEvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuV4EAwQC
1W2sMA0EAgACMAcDBQMqCfwAMA0GCSqGSIb3DQEBCwUAA4IBAQBxL8cE8HMF6EVg
LmwesyzLwkIw6X5LSiJYzqhG13AgRVGp+AotUUWnAcqUUsabTU0knphPhG1IdPBw
DWhDKx1hZC/M0RIzKvar0mIu0vKj1xuRvesCkkp8h1dMujIp5gpImMXFE1/Ytq7k
BgKatYteR7MHQjTpe8qiJn7kl+hG3eTpdD83ZqMU1H3sg+oxJEwpM5hm2d6NLbaH
kEv+2Oo5cKjRArzx7sQICTYkXhZBn7TbLWnxn+UnKul+T8mrHxk2XlRBEeL1Af7S
fBWcebx0eyj88hWJZ/Q40zMS0wCEePW5setodxclMu6aq2h4dxib+jloLQc+cfC4
SCkE7d3p
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:45:40 2024 by rpki-client on console-ams.rpki-client.org