Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/cf2f87-8197-4600-a3ab-576ce4101483/1/naYRlZIiAOGM-DWJlM-pghAVVpg.roa
File: naYRlZIiAOGM-DWJlM-pghAVVpg.roa (raw, json)
Hash identifier: qkgog4E6Sh9rIYNGP2fYFG2RtlTYhdHdUwoQ/0bF5qg=
Subject key identifier: 9D:A6:11:95:92:22:00:E1:8C:F8:35:89:94:CF:A9:82:10:15:56:98
Certificate issuer: /CN=95ed1b93d3bce6b6afcde9020b80167b85c68f5b
Certificate serial: 018CC79514CC2E321FCB212E83D9163BEF73
Authority key identifier: 95:ED:1B:93:D3:BC:E6:B6:AF:CD:E9:02:0B:80:16:7B:85:C6:8F:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/le0bk9O85ravzekCC4AWe4XGj1s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/cf2f87-8197-4600-a3ab-576ce4101483/1/naYRlZIiAOGM-DWJlM-pghAVVpg.roa
Signing time: Tue 02 Jan 2024 00:31:25 +0000
ROA not before: Tue 02 Jan 2024 00:31:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41634
IP address blocks: 193.239.232.0/24 maxlen: 24
195.96.151.0/24 maxlen: 24
2001:678:b30::/48 maxlen: 48
2a12:1e01::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/cf2f87-8197-4600-a3ab-576ce4101483/1/le0bk9O85ravzekCC4AWe4XGj1s.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/cf2f87-8197-4600-a3ab-576ce4101483/1/le0bk9O85ravzekCC4AWe4XGj1s.mft
rsync://rpki.ripe.net/repository/DEFAULT/le0bk9O85ravzekCC4AWe4XGj1s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 03:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:14:cc:2e:32:1f:cb:21:2e:83:d9:16:3b:ef:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95ed1b93d3bce6b6afcde9020b80167b85c68f5b
Validity
Not Before: Jan 2 00:31:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9da61195922200e18cf8358994cfa98210155698
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:72:f4:c5:8a:12:38:66:da:c7:d6:d6:62:85:
ae:32:b3:27:e3:25:90:14:06:00:60:79:8b:27:89:
9d:9e:70:18:9d:d8:0c:c8:59:e3:8b:96:0b:98:86:
55:d6:44:01:8e:9e:27:47:61:f1:5c:a3:07:aa:d7:
99:78:ae:9f:b6:b1:9c:cf:e9:3a:66:e5:6b:0e:37:
2f:b9:5e:e1:ca:d7:ba:57:26:c4:b0:a3:9b:84:1d:
de:b3:5e:9f:31:d5:80:85:bb:56:42:82:5e:1e:2c:
18:0c:e2:97:6e:55:f0:59:d7:11:8d:17:f0:50:7f:
6b:f7:81:d5:26:1b:a5:68:c1:3a:d4:e1:a2:86:ed:
c8:08:08:e0:b2:78:0f:69:8c:23:8f:bb:bc:86:af:
9e:91:71:4a:6e:51:06:bc:f9:27:73:d6:fc:af:1a:
95:f5:77:2e:46:4c:a4:d1:98:1e:3c:d3:e4:51:a6:
ba:a8:ff:c9:d2:4e:9e:33:a6:e9:23:f5:c4:c6:e7:
dc:46:8f:44:d5:f9:ed:be:5d:5c:a9:18:a2:ef:a9:
7a:f2:14:90:18:23:6a:d9:bd:d4:68:fd:6b:82:bd:
c2:86:f3:72:2f:c3:36:2b:ff:df:60:8c:48:c1:4c:
e4:57:4a:d9:85:48:06:69:74:46:5f:22:7c:46:eb:
cf:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:A6:11:95:92:22:00:E1:8C:F8:35:89:94:CF:A9:82:10:15:56:98
X509v3 Authority Key Identifier:
keyid:95:ED:1B:93:D3:BC:E6:B6:AF:CD:E9:02:0B:80:16:7B:85:C6:8F:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/le0bk9O85ravzekCC4AWe4XGj1s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/cf2f87-8197-4600-a3ab-576ce4101483/1/naYRlZIiAOGM-DWJlM-pghAVVpg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/cf2f87-8197-4600-a3ab-576ce4101483/1/le0bk9O85ravzekCC4AWe4XGj1s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.239.232.0/24
195.96.151.0/24
IPv6:
2001:678:b30::/48
2a12:1e01::/32
Signature Algorithm: sha256WithRSAEncryption
94:33:ac:49:09:48:16:b0:a1:53:73:60:f3:77:39:a7:3b:f2:
a7:75:e4:6f:a2:86:30:2d:9e:85:05:b1:6e:c9:34:e4:7e:d6:
62:c5:a8:a3:79:a5:3f:c8:b7:49:97:ab:f4:22:27:52:db:e8:
ad:87:e9:5a:93:3e:b3:ba:6a:e8:ea:90:5d:27:b9:12:5c:70:
89:05:5e:b0:70:8f:46:d8:f1:83:f2:88:5a:c1:5b:2f:48:67:
2e:13:f5:93:b5:d7:cd:2c:91:98:ed:b5:14:cb:e7:3e:5e:f3:
c4:a0:8b:94:9c:c7:f4:85:19:c9:be:f2:b3:8e:e4:6f:2e:55:
16:f1:45:68:6e:94:9b:d2:7f:e5:b5:4d:be:64:e4:2c:34:d2:
5c:94:d7:ef:23:2c:18:61:68:4b:43:2a:69:65:57:b2:8f:87:
3e:c5:5a:24:5b:d5:fe:c1:c5:71:3a:19:26:ce:b3:a5:80:36:
18:a5:9c:dd:9b:d1:cb:98:cc:89:77:71:01:cf:9d:d8:b3:2d:
3d:00:e3:d8:11:1e:97:ff:a8:ad:22:71:54:c1:d6:b5:7a:13:
0f:4e:60:ec:4b:88:ca:1c:a4:7d:70:0d:7d:03:fe:90:aa:c8:
9a:df:e7:d9:a6:4c:c8:9c:9a:e9:16:1b:43:48:e1:ae:06:77:
87:3e:66:69
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzHlRTMLjIfyyEug9kWO+9zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1ZWQxYjkzZDNiY2U2YjZhZmNkZTkwMjBiODAxNjdiODVj
NjhmNWIwHhcNMjQwMTAyMDAzMTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGE2MTE5NTkyMjIwMGUxOGNmODM1ODk5NGNmYTk4MjEwMTU1Njk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsnL0xYoSOGbax9bWYoWuMrMn4yWQ
FAYAYHmLJ4mdnnAYndgMyFnji5YLmIZV1kQBjp4nR2HxXKMHqteZeK6ftrGcz+k6
ZuVrDjcvuV7hyte6VybEsKObhB3es16fMdWAhbtWQoJeHiwYDOKXblXwWdcRjRfw
UH9r94HVJhulaME61OGihu3ICAjgsngPaYwjj7u8hq+ekXFKblEGvPknc9b8rxqV
9XcuRkyk0ZgePNPkUaa6qP/J0k6eM6bpI/XExufcRo9E1fntvl1cqRii76l68hSQ
GCNq2b3UaP1rgr3ChvNyL8M2K//fYIxIwUzkV0rZhUgGaXRGXyJ8RuvPEQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJ2mEZWSIgDhjPg1iZTPqYIQFVaYMB8GA1UdIwQY
MBaAFJXtG5PTvOa2r83pAguAFnuFxo9bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGUwYms5Tzg1cmF2emVrQ0M0QVdlNFhHajFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9jZjJmODctODE5Ny00NjAwLWEzYWIt
NTc2Y2U0MTAxNDgzLzEvbmFZUmxaSWlBT0dNLURXSmxNLXBnaEFWVnBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy9jZjJmODctODE5Ny00NjAwLWEzYWItNTc2Y2U0MTAxNDgz
LzEvbGUwYms5Tzg1cmF2emVrQ0M0QVdlNFhHajFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQAwe/oAwQA
w2CXMBYEAgACMBADBwAgAQZ4CzADBQAqEh4BMA0GCSqGSIb3DQEBCwUAA4IBAQCU
M6xJCUgWsKFTc2DzdzmnO/KndeRvooYwLZ6FBbFuyTTkftZixaijeaU/yLdJl6v0
IidS2+ith+lakz6zumro6pBdJ7kSXHCJBV6wcI9G2PGD8ohawVsvSGcuE/WTtdfN
LJGY7bUUy+c+XvPEoIuUnMf0hRnJvvKzjuRvLlUW8UVobpSb0n/ltU2+ZOQsNNJc
lNfvIywYYWhLQyppZVeyj4c+xVokW9X+wcVxOhkmzrOlgDYYpZzdm9HLmMyJd3EB
z53Ysy09AOPYER6X/6itInFUwda1ehMPTmDsS4jKHKR9cA19A/6Qqsia3+fZpkzI
nJrpFhtDSOGuBneHPmZp
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:13:27 2024 by rpki-client on console-ams.rpki-client.org