Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/087f99-cb9d-40a8-9830-1e695ef49c10/1/nwQd1j547HwLMat13ou9O2sdrPs.roa
File: nwQd1j547HwLMat13ou9O2sdrPs.roa (raw, json)
Hash identifier: TFm8OjwPRMjk0C5WKMI1z0PkklN+uObYZ23J+bKd3mY=
Subject key identifier: 9F:04:1D:D6:3E:78:EC:7C:0B:31:AB:75:DE:8B:BD:3B:6B:1D:AC:FB
Certificate issuer: /CN=470be1865f5079e24b1a7adfdca27ee2fe5d1f89
Certificate serial: 018CC726EF08CF8176683C4DCC8F12DBFECA
Authority key identifier: 47:0B:E1:86:5F:50:79:E2:4B:1A:7A:DF:DC:A2:7E:E2:FE:5D:1F:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rwvhhl9QeeJLGnrf3KJ-4v5dH4k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/087f99-cb9d-40a8-9830-1e695ef49c10/1/nwQd1j547HwLMat13ou9O2sdrPs.roa
Signing time: Mon 01 Jan 2024 22:31:06 +0000
ROA not before: Mon 01 Jan 2024 22:31:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34427
IP address blocks: 193.84.9.0/24 maxlen: 24
195.80.226.0/24 maxlen: 24
77.87.164.0/23 maxlen: 23
77.87.160.0/21 maxlen: 21
185.38.232.0/22 maxlen: 22
2a02:720:200::/40 maxlen: 40
2a02:720::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/087f99-cb9d-40a8-9830-1e695ef49c10/1/Rwvhhl9QeeJLGnrf3KJ-4v5dH4k.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/087f99-cb9d-40a8-9830-1e695ef49c10/1/Rwvhhl9QeeJLGnrf3KJ-4v5dH4k.mft
rsync://rpki.ripe.net/repository/DEFAULT/Rwvhhl9QeeJLGnrf3KJ-4v5dH4k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:ef:08:cf:81:76:68:3c:4d:cc:8f:12:db:fe:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=470be1865f5079e24b1a7adfdca27ee2fe5d1f89
Validity
Not Before: Jan 1 22:31:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9f041dd63e78ec7c0b31ab75de8bbd3b6b1dacfb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:c1:a0:8b:f5:98:24:cd:b2:e0:a5:48:42:83:
fd:51:68:36:bf:e6:47:48:54:de:ed:08:ca:cb:eb:
2c:34:63:3e:51:a6:a3:28:eb:b5:71:a4:0b:b0:04:
91:86:48:91:c4:67:26:42:a6:89:b3:7f:2f:2a:af:
d4:93:a8:12:b7:18:53:da:8b:c8:b1:77:63:cc:96:
70:95:c6:2e:08:a3:42:f7:77:06:06:a8:d2:fa:13:
86:53:fb:3c:a1:5a:0a:9d:b5:d8:57:ef:e4:3f:e7:
95:67:fc:aa:18:2e:60:9b:58:a9:39:a6:5b:ef:aa:
69:12:14:6c:9d:2b:22:50:b6:55:a3:21:88:3d:5f:
9d:df:13:eb:70:63:ff:0e:78:c5:6c:d7:49:10:74:
7d:75:65:58:b7:3c:a7:98:f0:27:0e:44:81:85:58:
46:4e:bf:e1:55:4f:55:de:d3:08:af:b3:f5:6f:eb:
54:3f:01:88:38:89:de:8c:77:53:6a:ef:0a:50:c8:
0d:bc:30:58:7c:cd:80:a6:07:5f:29:20:06:47:4d:
e0:1e:6f:cf:90:8e:19:b2:37:2b:0e:40:89:23:34:
c9:44:02:fb:1f:75:f3:49:f0:8a:cc:35:31:26:4f:
96:f4:2e:35:0c:bc:46:c8:2e:8c:37:ae:66:50:01:
3b:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:04:1D:D6:3E:78:EC:7C:0B:31:AB:75:DE:8B:BD:3B:6B:1D:AC:FB
X509v3 Authority Key Identifier:
keyid:47:0B:E1:86:5F:50:79:E2:4B:1A:7A:DF:DC:A2:7E:E2:FE:5D:1F:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rwvhhl9QeeJLGnrf3KJ-4v5dH4k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/087f99-cb9d-40a8-9830-1e695ef49c10/1/nwQd1j547HwLMat13ou9O2sdrPs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/087f99-cb9d-40a8-9830-1e695ef49c10/1/Rwvhhl9QeeJLGnrf3KJ-4v5dH4k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.87.160.0/21
185.38.232.0/22
193.84.9.0/24
195.80.226.0/24
IPv6:
2a02:720::/32
Signature Algorithm: sha256WithRSAEncryption
2a:c0:d0:7d:66:04:b8:a9:dd:1d:b8:3a:fd:4c:19:9e:5e:7e:
98:ed:53:da:f2:b2:3c:aa:2c:79:e0:85:64:25:d3:7c:f8:c9:
b1:cc:98:89:4b:2b:eb:a9:40:b2:c6:f4:10:1c:0e:ff:4c:19:
d3:9e:b8:a0:c1:96:72:59:3f:2a:bb:f7:73:d3:45:d8:76:17:
8c:6f:6d:55:55:44:5a:d0:71:49:9a:ac:10:e2:fc:cf:48:8b:
45:0b:bd:b2:4d:3a:79:b6:92:74:92:a4:e1:43:e7:6f:e9:37:
93:52:85:a3:19:8d:03:49:76:bb:6f:52:78:db:5e:53:90:06:
3f:12:91:95:19:d1:e7:3b:bc:77:fb:be:55:59:d3:f5:c0:90:
ef:a2:83:c8:d5:3c:be:09:33:e7:80:1d:6e:f1:56:9c:35:0c:
a2:11:38:83:6b:10:54:4d:64:a4:33:78:14:45:d1:e2:0a:44:
b4:44:d7:fa:10:71:09:33:71:60:5a:64:64:c9:43:a2:06:76:
a9:b7:31:fc:2f:24:41:1d:5a:f5:99:4e:6e:c3:36:d1:b3:28:
ff:71:e0:2c:bd:62:c6:0c:9b:17:01:5c:82:58:18:92:51:45:
a9:32:92:aa:e7:a3:22:7d:be:b6:5e:0b:5a:bf:5d:0a:85:7c:
df:90:39:15
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzHJu8Iz4F2aDxNzI8S2/7KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3MGJlMTg2NWY1MDc5ZTI0YjFhN2FkZmRjYTI3ZWUyZmU1
ZDFmODkwHhcNMjQwMTAxMjIzMTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjA0MWRkNjNlNzhlYzdjMGIzMWFiNzVkZThiYmQzYjZiMWRhY2ZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzsGgi/WYJM2y4KVIQoP9UWg2v+ZH
SFTe7QjKy+ssNGM+UaajKOu1caQLsASRhkiRxGcmQqaJs38vKq/Uk6gStxhT2ovI
sXdjzJZwlcYuCKNC93cGBqjS+hOGU/s8oVoKnbXYV+/kP+eVZ/yqGC5gm1ipOaZb
76ppEhRsnSsiULZVoyGIPV+d3xPrcGP/DnjFbNdJEHR9dWVYtzynmPAnDkSBhVhG
Tr/hVU9V3tMIr7P1b+tUPwGIOInejHdTau8KUMgNvDBYfM2ApgdfKSAGR03gHm/P
kI4ZsjcrDkCJIzTJRAL7H3XzSfCKzDUxJk+W9C41DLxGyC6MN65mUAE7kwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFJ8EHdY+eOx8CzGrdd6LvTtrHaz7MB8GA1UdIwQY
MBaAFEcL4YZfUHniSxp639yifuL+XR+JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnd2aGhsOVFlZUpMR25yZjNLSi00djVkSDRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi8wODdmOTktY2I5ZC00MGE4LTk4MzAt
MWU2OTVlZjQ5YzEwLzEvbndRZDFqNTQ3SHdMTWF0MTNvdTlPMnNkclBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi8wODdmOTktY2I5ZC00MGE4LTk4MzAtMWU2OTVlZjQ5YzEw
LzEvUnd2aGhsOVFlZUpMR25yZjNLSi00djVkSDRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDTVegAwQC
uSboAwQAwVQJAwQAw1DiMA0EAgACMAcDBQAqAgcgMA0GCSqGSIb3DQEBCwUAA4IB
AQAqwNB9ZgS4qd0duDr9TBmeXn6Y7VPa8rI8qix54IVkJdN8+MmxzJiJSyvrqUCy
xvQQHA7/TBnTnrigwZZyWT8qu/dz00XYdheMb21VVURa0HFJmqwQ4vzPSItFC72y
TTp5tpJ0kqThQ+dv6TeTUoWjGY0DSXa7b1J4215TkAY/EpGVGdHnO7x3+75VWdP1
wJDvooPI1Ty+CTPngB1u8VacNQyiETiDaxBUTWSkM3gURdHiCkS0RNf6EHEJM3Fg
WmRkyUOiBnaptzH8LyRBHVr1mU5uwzbRsyj/ceAsvWLGDJsXAVyCWBiSUUWpMpKq
56Mifb62Xgtav10KhXzfkDkV
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:43:16 2024 by rpki-client on console-ams.rpki-client.org