Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/4611ff-40b2-4c0a-a7f8-404dfdb46477/1/NzgX5FxQVTKyP0RkOGA8ki3UZSI.roa
File: NzgX5FxQVTKyP0RkOGA8ki3UZSI.roa (raw, json)
Hash identifier: oE8elrF3lo1hobttvaz8QfoYxakKNg29DssnKS4YlK8=
Subject key identifier: 37:38:17:E4:5C:50:55:32:B2:3F:44:64:38:60:3C:92:2D:D4:65:22
Certificate issuer: /CN=8498f3fefce2fa0120336264df15010461082e8a
Certificate serial: 018CC9BB941395A333B5666BC5A94EA1B579
Authority key identifier: 84:98:F3:FE:FC:E2:FA:01:20:33:62:64:DF:15:01:04:61:08:2E:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hJjz_vzi-gEgM2Jk3xUBBGEILoo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/4611ff-40b2-4c0a-a7f8-404dfdb46477/1/NzgX5FxQVTKyP0RkOGA8ki3UZSI.roa
Signing time: Tue 02 Jan 2024 10:32:42 +0000
ROA not before: Tue 02 Jan 2024 10:32:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199993
IP address blocks: 185.39.210.0/24 maxlen: 24
185.39.208.0/24 maxlen: 24
185.39.209.0/24 maxlen: 24
2a04:6d81::/32 maxlen: 32
2a04:6d82::/32 maxlen: 32
2a04:6d80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/4611ff-40b2-4c0a-a7f8-404dfdb46477/1/hJjz_vzi-gEgM2Jk3xUBBGEILoo.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/4611ff-40b2-4c0a-a7f8-404dfdb46477/1/hJjz_vzi-gEgM2Jk3xUBBGEILoo.mft
rsync://rpki.ripe.net/repository/DEFAULT/hJjz_vzi-gEgM2Jk3xUBBGEILoo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 22:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:94:13:95:a3:33:b5:66:6b:c5:a9:4e:a1:b5:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8498f3fefce2fa0120336264df15010461082e8a
Validity
Not Before: Jan 2 10:32:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=373817e45c505532b23f446438603c922dd46522
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:3b:bb:c8:20:52:b0:1f:ef:18:58:27:f2:1d:
d3:48:59:51:47:cf:3d:85:69:3b:5a:0f:13:77:2f:
61:7b:35:73:f2:c3:0b:55:48:20:5e:6e:fb:a0:61:
58:75:c1:d1:8c:58:e2:14:d9:15:8f:83:42:78:08:
81:bc:56:77:1a:44:a1:97:de:b4:a9:ed:49:ba:9f:
90:78:8f:20:5d:47:de:7f:37:09:a6:81:f6:f3:46:
ed:6a:6f:75:4b:1e:13:d3:17:66:2d:6b:11:2a:98:
bb:9a:a3:39:99:0c:9a:5f:6b:97:e6:ca:b2:48:9f:
f2:5b:f9:d7:2f:47:31:0b:b0:96:46:f3:04:cd:13:
b3:84:63:7c:31:df:7a:ea:36:5e:ea:b4:e1:85:00:
d4:83:d8:1d:6b:56:be:b2:f9:e5:02:c3:87:b3:df:
a4:95:73:35:b4:fb:d3:4f:4a:e1:0a:96:12:d1:78:
8c:0f:35:7e:24:84:80:16:8d:91:e5:a4:ed:68:2e:
d0:2e:a8:7b:e7:77:1f:bb:e9:6e:0a:c2:f8:e9:93:
b0:6b:86:ea:a6:b5:b5:b0:1e:bd:99:fc:86:1e:6e:
97:b9:97:c9:eb:eb:e2:ca:74:6c:8d:7f:9d:61:b0:
17:91:3c:8a:12:35:cb:ed:d3:da:d8:a0:39:34:62:
7e:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:38:17:E4:5C:50:55:32:B2:3F:44:64:38:60:3C:92:2D:D4:65:22
X509v3 Authority Key Identifier:
keyid:84:98:F3:FE:FC:E2:FA:01:20:33:62:64:DF:15:01:04:61:08:2E:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hJjz_vzi-gEgM2Jk3xUBBGEILoo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/4611ff-40b2-4c0a-a7f8-404dfdb46477/1/NzgX5FxQVTKyP0RkOGA8ki3UZSI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/4611ff-40b2-4c0a-a7f8-404dfdb46477/1/hJjz_vzi-gEgM2Jk3xUBBGEILoo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.39.208.0-185.39.210.255
IPv6:
2a04:6d80::-2a04:6d82:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
2e:3f:1b:b0:4c:c1:c3:b2:16:c1:93:94:49:87:37:29:a6:e0:
08:aa:db:66:49:8d:de:5a:45:ba:cd:39:c6:6d:70:42:9d:14:
1a:6f:b3:93:13:28:08:2a:bf:b8:2a:84:51:53:35:d9:74:75:
1a:5f:28:8a:e7:0e:0d:77:c3:b3:fb:7a:bb:e2:9d:9f:0d:24:
1e:92:70:36:b1:b6:fd:44:f9:7f:10:b6:bd:1c:6a:4c:32:bf:
1d:ed:f5:40:c4:e5:1c:bd:78:f3:92:37:f0:11:9c:91:a4:a1:
81:53:fd:cc:8c:ed:86:bd:f6:6f:23:84:7b:ff:1a:67:fb:e2:
a5:b2:3a:b1:ee:c9:3d:0d:46:94:8b:d5:e3:16:15:18:09:50:
38:47:c7:9c:1a:8e:7a:4c:45:6e:df:b0:08:c1:cc:6d:21:91:
30:8e:c1:a0:00:6a:80:54:20:e4:b8:e0:d7:dd:7b:08:4d:ea:
81:14:d5:0a:f4:05:58:a4:b0:cd:e4:54:63:89:8f:8f:dd:e9:
ea:f0:73:ef:eb:0e:e4:c5:87:2f:e9:f2:70:32:ff:bb:8f:fa:
53:78:e5:0f:2e:5c:93:e8:0b:0b:00:a1:c6:91:25:36:ce:bb:
17:4e:07:9f:a1:85:0c:d3:d4:76:4e:59:12:92:3a:46:13:1a:
64:09:f9:26
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzJu5QTlaMztWZrxalOobV5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0OThmM2ZlZmNlMmZhMDEyMDMzNjI2NGRmMTUwMTA0NjEw
ODJlOGEwHhcNMjQwMTAyMTAzMjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzM4MTdlNDVjNTA1NTMyYjIzZjQ0NjQzODYwM2M5MjJkZDQ2NTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgTu7yCBSsB/vGFgn8h3TSFlRR889
hWk7Wg8Tdy9hezVz8sMLVUggXm77oGFYdcHRjFjiFNkVj4NCeAiBvFZ3GkShl960
qe1Jup+QeI8gXUfefzcJpoH280btam91Sx4T0xdmLWsRKpi7mqM5mQyaX2uX5sqy
SJ/yW/nXL0cxC7CWRvMEzROzhGN8Md966jZe6rThhQDUg9gda1a+svnlAsOHs9+k
lXM1tPvTT0rhCpYS0XiMDzV+JISAFo2R5aTtaC7QLqh753cfu+luCsL46ZOwa4bq
prW1sB69mfyGHm6XuZfJ6+viynRsjX+dYbAXkTyKEjXL7dPa2KA5NGJ+cwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFDc4F+RcUFUysj9EZDhgPJIt1GUiMB8GA1UdIwQY
MBaAFISY8/784voBIDNiZN8VAQRhCC6KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEpqel92emktZ0VnTTJKazN4VUJCR0VJTG9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy80NjExZmYtNDBiMi00YzBhLWE3Zjgt
NDA0ZGZkYjQ2NDc3LzEvTnpnWDVGeFFWVEt5UDBSa09HQThraTNVWlNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy80NjExZmYtNDBiMi00YzBhLWE3ZjgtNDA0ZGZkYjQ2NDc3
LzEvaEpqel92emktZ0VnTTJKazN4VUJCR0VJTG9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAUBAIAATAOMAwDBAS5J9AD
BAC5J9IwFgQCAAIwEDAOAwUHKgRtgAMFACoEbYIwDQYJKoZIhvcNAQELBQADggEB
AC4/G7BMwcOyFsGTlEmHNymm4Aiq22ZJjd5aRbrNOcZtcEKdFBpvs5MTKAgqv7gq
hFFTNdl0dRpfKIrnDg13w7P7ervinZ8NJB6ScDaxtv1E+X8Qtr0cakwyvx3t9UDE
5Ry9ePOSN/ARnJGkoYFT/cyM7Ya99m8jhHv/Gmf74qWyOrHuyT0NRpSL1eMWFRgJ
UDhHx5wajnpMRW7fsAjBzG0hkTCOwaAAaoBUIOS44NfdewhN6oEU1Qr0BViksM3k
VGOJj4/d6erwc+/rDuTFhy/p8nAy/7uP+lN45Q8uXJPoCwsAocaRJTbOuxdOB5+h
hQzT1HZOWRKSOkYTGmQJ+SY=
-----END CERTIFICATE-----
Generated at Sat Jun 8 03:44:29 2024 by rpki-client on console-fra.rpki-client.org