Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/1c718d-e7a0-40ac-a181-cbaa42a62727/1/nj-KYHgk-BCweKny_1XDjWvbM_Q.roa
File: nj-KYHgk-BCweKny_1XDjWvbM_Q.roa (raw, json)
Hash identifier: gX8WL540uksZhkT6OTgt15hq9BVQhctJqr1MNoOdv08=
Subject key identifier: 9E:3F:8A:60:78:24:F8:10:B0:78:A9:F2:FF:55:C3:8D:6B:DB:33:F4
Certificate issuer: /CN=d07dc35ebcd88dd0e2a8db3a5a08654bc3be0262
Certificate serial: 018CC64B11093F1691AA06E7BD3E801BB632
Authority key identifier: D0:7D:C3:5E:BC:D8:8D:D0:E2:A8:DB:3A:5A:08:65:4B:C3:BE:02:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0H3DXrzYjdDiqNs6WghlS8O-AmI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/1c718d-e7a0-40ac-a181-cbaa42a62727/1/nj-KYHgk-BCweKny_1XDjWvbM_Q.roa
Signing time: Mon 01 Jan 2024 18:30:57 +0000
ROA not before: Mon 01 Jan 2024 18:30:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51088
IP address blocks: 5.44.72.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/1c718d-e7a0-40ac-a181-cbaa42a62727/1/0H3DXrzYjdDiqNs6WghlS8O-AmI.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/1c718d-e7a0-40ac-a181-cbaa42a62727/1/0H3DXrzYjdDiqNs6WghlS8O-AmI.mft
rsync://rpki.ripe.net/repository/DEFAULT/0H3DXrzYjdDiqNs6WghlS8O-AmI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:11:09:3f:16:91:aa:06:e7:bd:3e:80:1b:b6:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d07dc35ebcd88dd0e2a8db3a5a08654bc3be0262
Validity
Not Before: Jan 1 18:30:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9e3f8a607824f810b078a9f2ff55c38d6bdb33f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:29:b3:24:c4:6b:d0:27:bd:07:c0:48:c5:2e:
a0:8d:51:79:a0:1b:1c:0b:f3:5f:d6:dd:1e:46:ec:
3f:33:f9:88:7e:82:f6:96:4d:a7:a2:01:7b:52:4e:
22:03:29:a1:c8:3f:29:a4:a6:a7:c1:ea:c6:fb:20:
f2:86:56:e1:50:40:be:4c:d5:e4:a2:72:bf:75:97:
ed:61:27:20:9a:ee:43:2c:d9:05:3a:6f:36:f2:e7:
57:d0:5c:88:0a:ad:34:63:1d:3b:db:67:f7:d8:57:
28:05:79:de:d8:f1:62:8e:af:40:8c:1e:0a:db:ee:
aa:c1:4c:2d:eb:10:9a:eb:35:7e:a2:e2:80:73:f9:
e6:8f:77:14:31:2d:b9:98:58:43:b9:01:8d:9c:cb:
a7:0a:e7:1e:30:fa:37:ea:c4:a3:bf:5b:e3:9c:41:
51:96:c0:fd:60:1f:46:c3:8d:eb:10:b7:5a:08:de:
1b:6b:74:7d:3c:9e:56:64:23:2a:cd:e0:1b:2c:b9:
a5:16:c3:26:0d:ca:ac:75:02:b0:df:8b:06:ce:6f:
3b:6c:10:14:f4:08:a6:04:1e:77:a5:39:21:7b:5a:
fd:49:05:21:6f:39:18:ee:77:a7:a5:83:66:3f:50:
86:55:e6:62:96:96:8f:a1:ec:b7:88:38:59:9a:54:
93:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:3F:8A:60:78:24:F8:10:B0:78:A9:F2:FF:55:C3:8D:6B:DB:33:F4
X509v3 Authority Key Identifier:
keyid:D0:7D:C3:5E:BC:D8:8D:D0:E2:A8:DB:3A:5A:08:65:4B:C3:BE:02:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0H3DXrzYjdDiqNs6WghlS8O-AmI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/1c718d-e7a0-40ac-a181-cbaa42a62727/1/nj-KYHgk-BCweKny_1XDjWvbM_Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/1c718d-e7a0-40ac-a181-cbaa42a62727/1/0H3DXrzYjdDiqNs6WghlS8O-AmI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.72.0/21
Signature Algorithm: sha256WithRSAEncryption
ad:43:cc:d8:8f:28:32:d2:94:8f:71:65:47:34:7e:98:aa:ac:
11:d5:aa:b8:10:05:40:a6:92:a7:fe:d7:20:8b:09:9c:f3:14:
8a:95:f8:5b:3b:d9:a9:40:c1:4d:37:c7:bd:fa:d3:f5:b0:8e:
7d:78:9d:a6:47:9c:2e:20:aa:87:90:7d:1d:62:65:98:7d:ab:
b7:b9:88:53:cc:65:7b:fd:47:59:4e:17:7f:c9:de:47:d8:b8:
8a:c4:5c:c1:cd:47:fa:4d:0f:be:22:91:58:5d:58:4b:09:21:
74:0e:19:9d:01:21:98:ec:8a:b7:66:f1:db:44:f4:43:50:4b:
b3:0c:c4:48:fc:bf:04:9e:21:5b:12:ef:0a:47:00:71:76:3e:
74:b1:e7:61:3a:be:f5:ab:bc:96:77:43:bc:47:74:cc:43:04:
5d:f8:c4:76:85:01:49:d5:c7:a2:00:4b:6b:b5:95:09:8d:20:
73:ac:21:b0:83:4e:3a:1b:ad:00:b3:89:a6:e8:77:55:5f:a7:
77:95:f8:11:15:31:7f:06:24:19:a4:b7:d7:9f:4f:da:6d:f5:
91:a7:73:ba:a5:28:9d:48:92:65:c7:13:0f:88:a8:7d:e9:d1:
b2:e8:20:42:cd:4e:1c:27:72:83:69:7d:b1:4a:63:6a:94:ba:
cb:cb:8e:8e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSxEJPxaRqgbnvT6AG7YyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwN2RjMzVlYmNkODhkZDBlMmE4ZGIzYTVhMDg2NTRiYzNi
ZTAyNjIwHhcNMjQwMTAxMTgzMDU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTNmOGE2MDc4MjRmODEwYjA3OGE5ZjJmZjU1YzM4ZDZiZGIzM2Y0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjymzJMRr0Ce9B8BIxS6gjVF5oBsc
C/Nf1t0eRuw/M/mIfoL2lk2nogF7Uk4iAymhyD8ppKanwerG+yDyhlbhUEC+TNXk
onK/dZftYScgmu5DLNkFOm828udX0FyICq00Yx0722f32FcoBXne2PFijq9AjB4K
2+6qwUwt6xCa6zV+ouKAc/nmj3cUMS25mFhDuQGNnMunCuceMPo36sSjv1vjnEFR
lsD9YB9Gw43rELdaCN4ba3R9PJ5WZCMqzeAbLLmlFsMmDcqsdQKw34sGzm87bBAU
9AimBB53pTkhe1r9SQUhbzkY7nenpYNmP1CGVeZilpaPoey3iDhZmlSTVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ4/imB4JPgQsHip8v9Vw41r2zP0MB8GA1UdIwQY
MBaAFNB9w1682I3Q4qjbOloIZUvDvgJiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEgzRFhyellqZERpcU5zNldnaGxTOE8tQW1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8xYzcxOGQtZTdhMC00MGFjLWExODEt
Y2JhYTQyYTYyNzI3LzEvbmotS1lIZ2stQkN3ZUtueV8xWERqV3ZiTV9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8xYzcxOGQtZTdhMC00MGFjLWExODEtY2JhYTQyYTYyNzI3
LzEvMEgzRFhyellqZERpcU5zNldnaGxTOE8tQW1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDBSxIMA0G
CSqGSIb3DQEBCwUAA4IBAQCtQ8zYjygy0pSPcWVHNH6YqqwR1aq4EAVAppKn/tcg
iwmc8xSKlfhbO9mpQMFNN8e9+tP1sI59eJ2mR5wuIKqHkH0dYmWYfau3uYhTzGV7
/UdZThd/yd5H2LiKxFzBzUf6TQ++IpFYXVhLCSF0DhmdASGY7Iq3ZvHbRPRDUEuz
DMRI/L8EniFbEu8KRwBxdj50sedhOr71q7yWd0O8R3TMQwRd+MR2hQFJ1ceiAEtr
tZUJjSBzrCGwg046G60As4mm6HdVX6d3lfgRFTF/BiQZpLfXn0/abfWRp3O6pSid
SJJlxxMPiKh96dGy6CBCzU4cJ3KDaX2xSmNqlLrLy46O
-----END CERTIFICATE-----
Generated at Sun May 19 23:02:20 2024 by rpki-client on console-fra.rpki-client.org