Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/b79a00-ade4-4776-a334-29da87323a2d/1/m_nVT_XFUTDjONOqRwWt55Na218.roa
File: m_nVT_XFUTDjONOqRwWt55Na218.roa (raw, json)
Hash identifier: apjyqzLLgN8ZgdKV886kZTBobOkmZ8IhdrjD9J7g6yE=
Subject key identifier: 9B:F9:D5:4F:F5:C5:51:30:E3:38:D3:AA:47:05:AD:E7:93:5A:DB:5F
Certificate issuer: /CN=faa067162e2209dc6c216ba6cfcd8be6d7386179
Certificate serial: 018CC2DABC61EC63438319782D618DA2F44F
Authority key identifier: FA:A0:67:16:2E:22:09:DC:6C:21:6B:A6:CF:CD:8B:E6:D7:38:61:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-qBnFi4iCdxsIWumz82L5tc4YXk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/b79a00-ade4-4776-a334-29da87323a2d/1/m_nVT_XFUTDjONOqRwWt55Na218.roa
Signing time: Mon 01 Jan 2024 02:29:24 +0000
ROA not before: Mon 01 Jan 2024 02:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21221
IP address blocks: 185.70.208.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/b79a00-ade4-4776-a334-29da87323a2d/1/1-qBnFi4iCdxsIWumz82L5tc4YXk.crl
rsync://rpki.ripe.net/repository/DEFAULT/9a/b79a00-ade4-4776-a334-29da87323a2d/1/1-qBnFi4iCdxsIWumz82L5tc4YXk.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-qBnFi4iCdxsIWumz82L5tc4YXk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 14 May 2024 04:04:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:bc:61:ec:63:43:83:19:78:2d:61:8d:a2:f4:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=faa067162e2209dc6c216ba6cfcd8be6d7386179
Validity
Not Before: Jan 1 02:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9bf9d54ff5c55130e338d3aa4705ade7935adb5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:da:79:47:5f:cf:d2:bc:6c:3c:39:c5:76:a9:
d6:bf:51:68:84:90:93:67:b0:05:aa:58:df:9c:df:
c1:c5:10:00:cc:4d:0e:03:dc:a7:b9:4a:fc:20:3d:
7b:48:90:9c:6d:d5:c5:3a:a5:4d:c5:ca:f5:cf:65:
85:d9:ba:b1:74:de:dc:6d:54:1b:96:db:9e:02:c8:
1c:56:ba:87:71:4f:c2:f4:7d:f3:ca:61:1b:f7:91:
6c:f4:7f:b4:75:82:38:0b:d4:ba:d4:8c:95:cb:a0:
7e:86:c4:9f:58:68:57:e2:62:61:4e:52:f6:40:22:
9c:ad:7a:c1:82:a6:20:da:f9:63:10:8f:28:16:71:
c8:d6:0e:2b:54:d6:71:69:a1:0c:68:aa:2a:9f:98:
33:0b:c2:d0:cd:6f:26:fa:33:30:98:73:0a:eb:d2:
ad:4b:93:e8:27:39:92:e6:32:da:a8:62:e1:48:13:
de:44:2e:31:21:1a:73:9a:29:03:9b:4c:bf:21:c5:
15:54:f1:67:c5:3f:86:82:1e:94:35:fb:81:cc:bb:
1a:10:a4:05:09:80:2c:38:40:22:75:35:bb:f3:b4:
24:47:ef:0f:e5:a5:8d:5e:85:c2:06:28:09:87:cf:
f0:13:dd:19:a5:68:20:e6:31:74:c9:7f:bf:5f:bc:
14:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:F9:D5:4F:F5:C5:51:30:E3:38:D3:AA:47:05:AD:E7:93:5A:DB:5F
X509v3 Authority Key Identifier:
keyid:FA:A0:67:16:2E:22:09:DC:6C:21:6B:A6:CF:CD:8B:E6:D7:38:61:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-qBnFi4iCdxsIWumz82L5tc4YXk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/b79a00-ade4-4776-a334-29da87323a2d/1/m_nVT_XFUTDjONOqRwWt55Na218.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/b79a00-ade4-4776-a334-29da87323a2d/1/1-qBnFi4iCdxsIWumz82L5tc4YXk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.70.208.0/22
Signature Algorithm: sha256WithRSAEncryption
55:f5:23:f3:3c:df:99:46:8b:f5:26:c0:c3:bf:77:80:8f:e7:
dd:9b:dd:8c:fa:3c:bb:16:8f:49:c1:0a:59:10:5d:6f:d0:43:
cc:fd:fd:31:33:0d:3b:2c:90:77:1a:87:2e:6a:99:58:9a:86:
83:07:1c:0b:27:83:26:38:0f:4d:5b:41:3a:e6:e8:fd:df:9e:
7f:c3:08:92:bb:72:cb:b3:28:81:d1:a7:c7:cc:67:7c:99:d8:
2c:d2:70:ee:b3:de:97:73:2f:6a:53:23:fa:52:d7:92:fe:44:
b4:99:e1:1e:a0:f3:50:20:34:c6:a7:9e:02:73:27:f3:45:20:
2d:c7:52:bb:17:53:cb:29:24:87:f8:08:5a:ee:2f:46:4a:5e:
91:45:24:8d:0f:ba:4d:ea:48:ac:b1:98:a0:87:af:74:f6:b4:
f1:47:7d:77:cf:e5:bd:57:7a:3d:69:a3:48:c2:74:95:6d:7b:
be:41:20:ac:a8:52:d1:77:ff:8c:8b:ea:76:96:b3:62:70:6c:
05:c5:1a:ff:81:5b:ca:a0:fc:d6:66:01:27:41:a0:cb:cc:b7:
6e:3f:ee:4a:67:52:0a:d9:a7:30:73:03:72:7e:17:d7:81:6f:
91:47:f8:3b:11:a2:61:37:4e:1c:ad:8c:f5:b1:44:7c:a4:54:
b4:4d:76:6b
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzC2rxh7GNDgxl4LWGNovRPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhYTA2NzE2MmUyMjA5ZGM2YzIxNmJhNmNmY2Q4YmU2ZDcz
ODYxNzkwHhcNMjQwMTAxMDIyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmY5ZDU0ZmY1YzU1MTMwZTMzOGQzYWE0NzA1YWRlNzkzNWFkYjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstp5R1/P0rxsPDnFdqnWv1FohJCT
Z7AFqljfnN/BxRAAzE0OA9ynuUr8ID17SJCcbdXFOqVNxcr1z2WF2bqxdN7cbVQb
ltueAsgcVrqHcU/C9H3zymEb95Fs9H+0dYI4C9S61IyVy6B+hsSfWGhX4mJhTlL2
QCKcrXrBgqYg2vljEI8oFnHI1g4rVNZxaaEMaKoqn5gzC8LQzW8m+jMwmHMK69Kt
S5PoJzmS5jLaqGLhSBPeRC4xIRpzmikDm0y/IcUVVPFnxT+Ggh6UNfuBzLsaEKQF
CYAsOEAidTW787QkR+8P5aWNXoXCBigJh8/wE90ZpWgg5jF0yX+/X7wUGQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFJv51U/1xVEw4zjTqkcFreeTWttfMB8GA1UdIwQY
MBaAFPqgZxYuIgncbCFrps/Ni+bXOGF5MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1xQm5GaTRpQ2R4c0lXdW16ODJMNXRjNFlYay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWEvYjc5YTAwLWFkZTQtNDc3Ni1hMzM0
LTI5ZGE4NzMyM2EyZC8xL21fblZUX1hGVVREak9OT3FSd1d0NTVOYTIxOC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOWEvYjc5YTAwLWFkZTQtNDc3Ni1hMzM0LTI5ZGE4NzMyM2Ey
ZC8xLzEtcUJuRmk0aUNkeHNJV3VtejgyTDV0YzRZWGsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAK5RtAw
DQYJKoZIhvcNAQELBQADggEBAFX1I/M835lGi/UmwMO/d4CP592b3Yz6PLsWj0nB
ClkQXW/QQ8z9/TEzDTsskHcahy5qmViahoMHHAsngyY4D01bQTrm6P3fnn/DCJK7
csuzKIHRp8fMZ3yZ2CzScO6z3pdzL2pTI/pS15L+RLSZ4R6g81AgNManngJzJ/NF
IC3HUrsXU8spJIf4CFruL0ZKXpFFJI0Puk3qSKyxmKCHr3T2tPFHfXfP5b1Xej1p
o0jCdJVte75BIKyoUtF3/4yL6naWs2JwbAXFGv+BW8qg/NZmASdBoMvMt24/7kpn
UgrZpzBzA3J+F9eBb5FH+DsRomE3ThytjPWxRHykVLRNdms=
-----END CERTIFICATE-----
Generated at Mon May 13 10:22:14 2024 by rpki-client on console-ams.rpki-client.org