Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/ncwptn4sVcS_MwtKwRqGZTzNuwA.roa
File: ncwptn4sVcS_MwtKwRqGZTzNuwA.roa (raw, json)
Hash identifier: wSj6/Tfx8toc7js8uKC9PT6t3Ey2WGezS4MWWJJK3VE=
Subject key identifier: 9D:CC:29:B6:7E:2C:55:C4:BF:33:0B:4A:C1:1A:86:65:3C:CD:BB:00
Certificate issuer: /CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Certificate serial: 018CC5DC19D9096A86A38CC6648B1C25EAAB
Authority key identifier: 87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/ncwptn4sVcS_MwtKwRqGZTzNuwA.roa
Signing time: Mon 01 Jan 2024 16:29:45 +0000
ROA not before: Mon 01 Jan 2024 16:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29085
IP address blocks: 212.183.88.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.mft
rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:19:d9:09:6a:86:a3:8c:c6:64:8b:1c:25:ea:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Validity
Not Before: Jan 1 16:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9dcc29b67e2c55c4bf330b4ac11a86653ccdbb00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:b8:95:ba:19:37:1b:ab:f3:2e:20:37:bb:44:
82:56:a7:d4:30:94:ef:45:19:f7:39:86:1c:fc:bf:
78:f4:73:bb:76:58:4c:f6:c1:5e:54:67:e6:a8:dd:
84:17:8e:34:58:c4:c3:29:4e:5b:75:12:b7:72:0b:
3e:70:61:9a:3b:d1:23:4b:fe:2d:f7:2f:34:8e:42:
5a:42:56:3e:44:3f:93:53:24:25:94:91:4d:85:cd:
d9:80:65:2e:ef:28:ee:3c:66:de:8e:95:55:a0:1a:
b1:0c:52:e1:ca:92:f7:e8:00:b8:58:bb:88:e4:c4:
34:be:38:e3:c3:e2:65:43:f3:e6:d8:06:f1:51:31:
8f:53:a6:e1:58:b6:59:c4:b7:fb:ae:0b:48:05:26:
8e:0a:cc:d0:2e:b3:60:bd:f3:62:ff:48:c3:95:d8:
03:29:8a:70:ed:e2:55:bf:af:28:89:88:67:da:52:
fe:a7:08:0b:38:f7:23:56:b2:af:31:d9:8e:4a:91:
f8:15:37:83:38:46:e2:1a:0e:15:6d:90:42:a8:d8:
bd:7e:42:3f:43:30:33:d1:c4:91:d3:09:c1:fd:4f:
34:51:93:bf:d4:84:e3:37:8d:81:05:08:b9:28:b6:
ec:78:2d:d8:f9:84:dc:cd:18:3a:9d:2c:7c:9a:76:
cf:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:CC:29:B6:7E:2C:55:C4:BF:33:0B:4A:C1:1A:86:65:3C:CD:BB:00
X509v3 Authority Key Identifier:
keyid:87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/ncwptn4sVcS_MwtKwRqGZTzNuwA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.183.88.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:24:48:77:54:17:43:64:e4:6b:e9:42:c4:c7:91:34:7e:d3:
01:8f:8b:56:f2:b2:f2:7d:46:2a:d2:e1:ca:38:f5:9f:1e:76:
0f:5a:be:3f:57:7c:d2:c4:95:6a:06:26:88:69:27:09:66:10:
8d:0e:7a:5c:01:dc:9c:c4:d4:0f:ba:91:63:4e:19:c6:bb:70:
d8:63:5a:14:b8:18:36:68:3b:de:19:95:18:6c:3c:18:d9:80:
2c:88:ee:00:eb:75:e7:33:17:ca:2a:4d:57:7a:15:75:e1:5b:
1d:db:61:dc:a4:ef:31:5c:9a:c2:09:11:6d:3a:05:34:ee:8a:
73:85:47:18:2e:ce:38:8b:b5:93:c2:07:98:25:af:de:93:bd:
0b:8e:a2:4a:25:86:c8:a2:14:d9:5d:f1:b0:b0:d1:40:17:d6:
3b:17:23:76:c1:55:63:38:2c:1e:5e:93:f3:31:d0:68:13:c8:
c1:3e:3b:b7:60:2a:20:55:f9:b0:ee:5e:c6:98:16:b2:15:95:
12:f7:3e:c9:5e:87:4a:55:a0:51:77:14:66:9e:88:21:5d:5a:
70:9b:2b:aa:25:4f:57:c3:06:7b:27:0d:b3:f1:06:d0:c2:dc:
b7:de:5d:15:c4:97:95:d3:e4:de:33:66:19:22:69:70:9a:c3:
6b:af:c4:41
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3BnZCWqGo4zGZIscJeqrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MGM1ODlhNGYyMmE5Y2EyZmY5OWI0YzQ4ZjhiZGY0OTI4
NzE3MjUwHhcNMjQwMTAxMTYyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGNjMjliNjdlMmM1NWM0YmYzMzBiNGFjMTFhODY2NTNjY2RiYjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7iVuhk3G6vzLiA3u0SCVqfUMJTv
RRn3OYYc/L949HO7dlhM9sFeVGfmqN2EF440WMTDKU5bdRK3cgs+cGGaO9EjS/4t
9y80jkJaQlY+RD+TUyQllJFNhc3ZgGUu7yjuPGbejpVVoBqxDFLhypL36AC4WLuI
5MQ0vjjjw+JlQ/Pm2AbxUTGPU6bhWLZZxLf7rgtIBSaOCszQLrNgvfNi/0jDldgD
KYpw7eJVv68oiYhn2lL+pwgLOPcjVrKvMdmOSpH4FTeDOEbiGg4VbZBCqNi9fkI/
QzAz0cSR0wnB/U80UZO/1ITjN42BBQi5KLbseC3Y+YTczRg6nSx8mnbPawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ3MKbZ+LFXEvzMLSsEahmU8zbsAMB8GA1UdIwQY
MBaAFIcMWJpPIqnKL/mbTEj4vfSShxclMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWIt
ODQ5ZDNhNmI5YzJkLzEvbmN3cHRuNHNWY1NfTXd0S3dScUdaVHpOdXdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWItODQ5ZDNhNmI5YzJk
LzEvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1LdYMA0G
CSqGSIb3DQEBCwUAA4IBAQC6JEh3VBdDZORr6ULEx5E0ftMBj4tW8rLyfUYq0uHK
OPWfHnYPWr4/V3zSxJVqBiaIaScJZhCNDnpcAdycxNQPupFjThnGu3DYY1oUuBg2
aDveGZUYbDwY2YAsiO4A63XnMxfKKk1XehV14Vsd22HcpO8xXJrCCRFtOgU07opz
hUcYLs44i7WTwgeYJa/ek70LjqJKJYbIohTZXfGwsNFAF9Y7FyN2wVVjOCweXpPz
MdBoE8jBPju3YCogVfmw7l7GmBayFZUS9z7JXodKVaBRdxRmnoghXVpwmyuqJU9X
wwZ7Jw2z8QbQwty33l0VxJeV0+TeM2YZImlwmsNrr8RB
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:23:41 2024 by rpki-client on console-ams.rpki-client.org