Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/ecd1bb-fbda-4dd9-9ef9-3ac7d9623291/1/NwA0Nosa9lNmCX-X_b5qL2ZmrfI.roa
File: NwA0Nosa9lNmCX-X_b5qL2ZmrfI.roa (raw, json)
Hash identifier: 1rRl/Wk6zLqvTrkOSX9LymRL6cWQt1K5O51lASwnnZM=
Subject key identifier: 37:00:34:36:8B:1A:F6:53:66:09:7F:97:FD:BE:6A:2F:66:66:AD:F2
Certificate issuer: /CN=ee4c3fc0122d831fbea8abb20a4e9b65c54039b2
Certificate serial: 018CC5008237CBBEA5B89B4A8B97367FA396
Authority key identifier: EE:4C:3F:C0:12:2D:83:1F:BE:A8:AB:B2:0A:4E:9B:65:C5:40:39:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7kw_wBItgx--qKuyCk6bZcVAObI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/ecd1bb-fbda-4dd9-9ef9-3ac7d9623291/1/NwA0Nosa9lNmCX-X_b5qL2ZmrfI.roa
Signing time: Mon 01 Jan 2024 12:29:54 +0000
ROA not before: Mon 01 Jan 2024 12:29:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197425
IP address blocks: 139.58.0.0/16 maxlen: 24
148.2.0.0/16 maxlen: 24
147.13.0.0/16 maxlen: 24
136.163.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9d/ecd1bb-fbda-4dd9-9ef9-3ac7d9623291/1/7kw_wBItgx--qKuyCk6bZcVAObI.crl
rsync://rpki.ripe.net/repository/DEFAULT/9d/ecd1bb-fbda-4dd9-9ef9-3ac7d9623291/1/7kw_wBItgx--qKuyCk6bZcVAObI.mft
rsync://rpki.ripe.net/repository/DEFAULT/7kw_wBItgx--qKuyCk6bZcVAObI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:82:37:cb:be:a5:b8:9b:4a:8b:97:36:7f:a3:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee4c3fc0122d831fbea8abb20a4e9b65c54039b2
Validity
Not Before: Jan 1 12:29:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=370034368b1af65366097f97fdbe6a2f6666adf2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:95:78:b4:12:5a:04:bd:53:98:b2:9f:52:e6:
f7:10:8b:6d:70:5a:c6:8b:33:66:e6:8b:82:07:1b:
d2:96:75:8f:3b:24:80:ff:eb:67:34:32:7b:9f:9e:
0e:27:2b:b3:db:44:32:84:9b:4f:e0:de:d8:23:d6:
03:43:a5:69:40:e1:90:44:94:8b:f9:77:0f:3d:ee:
c3:4a:9c:4d:fd:2c:19:44:ad:0c:0a:33:d8:d7:c1:
43:5d:db:0c:5e:ed:65:92:fc:62:4d:bc:b9:c7:aa:
87:80:50:5a:d8:77:f1:f2:92:b1:bc:5c:8a:17:1e:
ba:0f:fd:a7:41:1d:b0:9f:2b:57:65:5f:89:2b:e6:
df:f9:22:52:32:36:ac:85:27:68:3a:f4:fd:ea:5b:
d1:0d:a3:c8:54:c7:bd:ec:b2:22:f3:28:c9:da:6c:
65:b7:ec:be:b8:85:44:3e:a3:9f:3f:1a:1a:c6:36:
eb:48:cb:04:a1:59:d0:15:32:e1:be:07:e1:14:07:
b0:e1:21:0a:8a:b2:a3:f7:5b:ee:42:b8:60:3e:35:
20:2b:bf:70:5c:94:cb:74:06:64:68:4e:27:24:ef:
71:1d:e4:76:9e:af:5b:41:76:62:01:6a:30:7a:0c:
32:9a:4f:81:e7:9f:a4:2d:c6:df:6f:da:6e:5a:0c:
63:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:00:34:36:8B:1A:F6:53:66:09:7F:97:FD:BE:6A:2F:66:66:AD:F2
X509v3 Authority Key Identifier:
keyid:EE:4C:3F:C0:12:2D:83:1F:BE:A8:AB:B2:0A:4E:9B:65:C5:40:39:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7kw_wBItgx--qKuyCk6bZcVAObI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/ecd1bb-fbda-4dd9-9ef9-3ac7d9623291/1/NwA0Nosa9lNmCX-X_b5qL2ZmrfI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/ecd1bb-fbda-4dd9-9ef9-3ac7d9623291/1/7kw_wBItgx--qKuyCk6bZcVAObI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
136.163.0.0/16
139.58.0.0/16
147.13.0.0/16
148.2.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0e:8a:6e:eb:d0:6e:9b:74:74:7a:4b:58:4e:32:7f:3b:21:43:
bc:2f:f4:f9:69:3c:23:d8:23:e7:fa:ea:03:f5:51:af:a5:81:
6d:e6:d9:76:75:cc:26:1b:0c:4b:e1:60:16:b1:98:03:ac:73:
b1:1d:ae:fc:8c:a1:f6:a7:63:3d:4a:ab:45:2e:34:dd:9e:4c:
e9:d9:6e:5b:8c:ad:0b:70:fc:2a:55:09:32:27:1d:25:29:f6:
1b:33:7e:1f:fc:ae:83:00:75:47:9b:ed:05:f1:ad:66:c5:b9:
37:b7:4c:02:0a:e6:47:70:60:36:d2:1c:d6:26:0a:7b:93:63:
60:29:47:6a:93:a8:56:2b:98:8d:f8:f2:f5:db:e6:3f:bb:f4:
33:cd:6b:b4:85:98:1c:e0:84:aa:e6:a7:16:d8:02:a8:13:8f:
d1:78:cf:ce:ff:c3:11:5e:d9:69:2e:06:88:7f:bf:94:d4:37:
dd:eb:fd:e5:ff:82:c4:43:82:2f:c6:8e:09:cf:f2:4b:d6:96:
64:36:46:71:a7:e8:cf:81:95:40:cb:4e:dc:b3:b4:a6:c7:c9:
99:71:cf:0e:55:48:d5:4e:b2:fe:d0:ca:ce:8d:02:25:81:83:
9e:f2:7e:94:20:e2:64:b1:81:3a:8b:a9:4b:26:a9:00:a0:47:
c8:de:97:24
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzFAII3y76luJtKi5c2f6OWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlNGMzZmMwMTIyZDgzMWZiZWE4YWJiMjBhNGU5YjY1YzU0
MDM5YjIwHhcNMjQwMTAxMTIyOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzAwMzQzNjhiMWFmNjUzNjYwOTdmOTdmZGJlNmEyZjY2NjZhZGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJV4tBJaBL1TmLKfUub3EIttcFrG
izNm5ouCBxvSlnWPOySA/+tnNDJ7n54OJyuz20QyhJtP4N7YI9YDQ6VpQOGQRJSL
+XcPPe7DSpxN/SwZRK0MCjPY18FDXdsMXu1lkvxiTby5x6qHgFBa2Hfx8pKxvFyK
Fx66D/2nQR2wnytXZV+JK+bf+SJSMjashSdoOvT96lvRDaPIVMe97LIi8yjJ2mxl
t+y+uIVEPqOfPxoaxjbrSMsEoVnQFTLhvgfhFAew4SEKirKj91vuQrhgPjUgK79w
XJTLdAZkaE4nJO9xHeR2nq9bQXZiAWowegwymk+B55+kLcbfb9puWgxjCQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFDcANDaLGvZTZgl/l/2+ai9mZq3yMB8GA1UdIwQY
MBaAFO5MP8ASLYMfvqirsgpOm2XFQDmyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2t3X3dCSXRneC0tcUt1eUNrNmJaY1ZBT2JJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC9lY2QxYmItZmJkYS00ZGQ5LTllZjkt
M2FjN2Q5NjIzMjkxLzEvTndBME5vc2E5bE5tQ1gtWF9iNXFMMlptcmZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC9lY2QxYmItZmJkYS00ZGQ5LTllZjktM2FjN2Q5NjIzMjkx
LzEvN2t3X3dCSXRneC0tcUt1eUNrNmJaY1ZBT2JJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwMAiKMDAwCL
OgMDAJMNAwMAlAIwDQYJKoZIhvcNAQELBQADggEBAA6KbuvQbpt0dHpLWE4yfzsh
Q7wv9PlpPCPYI+f66gP1Ua+lgW3m2XZ1zCYbDEvhYBaxmAOsc7EdrvyMofanYz1K
q0UuNN2eTOnZbluMrQtw/CpVCTInHSUp9hszfh/8roMAdUeb7QXxrWbFuTe3TAIK
5kdwYDbSHNYmCnuTY2ApR2qTqFYrmI348vXb5j+79DPNa7SFmBzghKrmpxbYAqgT
j9F4z87/wxFe2WkuBoh/v5TUN93r/eX/gsRDgi/GjgnP8kvWlmQ2RnGn6M+BlUDL
TtyztKbHyZlxzw5VSNVOsv7Qys6NAiWBg57yfpQg4mSxgTqLqUsmqQCgR8jelyQ=
-----END CERTIFICATE-----
Generated at Sat Jun 1 17:16:48 2024 by rpki-client on console-fra.rpki-client.org