Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/07cc25-8597-430b-bc52-448b9b95b09e/1/nrIl73PfEghQ1YxoxZUx-7n4Gho.roa
File: nrIl73PfEghQ1YxoxZUx-7n4Gho.roa (raw, json)
Hash identifier: kCFXXxsaXFTD8bGhLlypuQ9KULLqcYP5xVOqqViebCQ=
Subject key identifier: 9E:B2:25:EF:73:DF:12:08:50:D5:8C:68:C5:95:31:FB:B9:F8:1A:1A
Certificate issuer: /CN=26d38293f669db48b6d0bd1036adfdef6bd3d375
Certificate serial: 018CF360DE30BCF8B8D7895C0CE6285EA8D4
Authority key identifier: 26:D3:82:93:F6:69:DB:48:B6:D0:BD:10:36:AD:FD:EF:6B:D3:D3:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JtOCk_Zp20i20L0QNq3972vT03U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/07cc25-8597-430b-bc52-448b9b95b09e/1/nrIl73PfEghQ1YxoxZUx-7n4Gho.roa
Signing time: Wed 10 Jan 2024 12:37:40 +0000
ROA not before: Wed 10 Jan 2024 12:37:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49956
IP address blocks: 185.52.120.0/22 maxlen: 22
185.114.220.0/22 maxlen: 22
194.54.76.0/22 maxlen: 22
185.163.8.0/22 maxlen: 22
185.114.168.0/22 maxlen: 22
185.166.10.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/07cc25-8597-430b-bc52-448b9b95b09e/1/JtOCk_Zp20i20L0QNq3972vT03U.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/07cc25-8597-430b-bc52-448b9b95b09e/1/JtOCk_Zp20i20L0QNq3972vT03U.mft
rsync://rpki.ripe.net/repository/DEFAULT/JtOCk_Zp20i20L0QNq3972vT03U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f3:60:de:30:bc:f8:b8:d7:89:5c:0c:e6:28:5e:a8:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26d38293f669db48b6d0bd1036adfdef6bd3d375
Validity
Not Before: Jan 10 12:37:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9eb225ef73df120850d58c68c59531fbb9f81a1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:f2:73:30:4a:90:e5:03:2e:48:e8:c2:ab:57:
fe:01:55:7b:db:ec:f3:fd:54:b7:59:13:98:d3:84:
37:0e:47:2d:90:9b:82:d4:79:2a:8f:b7:8d:a3:5b:
0a:8b:6f:f1:78:0f:0d:c8:4c:48:85:64:0b:eb:31:
ec:f0:1e:38:80:4c:fd:58:1b:d4:24:b4:23:a7:3d:
69:20:fb:91:a8:b0:29:dc:84:b0:22:1d:94:74:a1:
77:ba:ba:f6:98:4c:0d:15:0b:ed:9d:00:a4:49:93:
be:0e:c5:86:ab:8e:13:28:18:fa:22:82:cf:e7:a9:
80:0a:d9:57:c0:db:0c:5c:f8:20:2d:14:1d:eb:11:
e8:5b:1e:0d:7c:11:5d:5e:2f:97:b1:1d:e6:b8:62:
a7:56:08:bc:9b:2a:fd:05:1b:18:7b:83:07:9e:9e:
0a:c9:d8:a5:e5:ad:27:87:0a:ff:dc:60:1a:ef:58:
a2:ed:f6:e6:0a:a5:4b:a7:61:d0:7c:fa:5d:87:00:
0e:cd:4c:3c:c6:39:fc:ba:b8:51:92:d9:4a:3a:ff:
97:fc:e2:fc:dd:93:f1:fd:fb:49:a5:7c:91:25:d3:
ad:15:31:e9:f6:f7:33:8c:d3:9c:9b:31:6c:9e:fc:
fe:1d:ad:03:34:49:04:60:fe:d1:69:c3:8b:c0:b3:
dc:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:B2:25:EF:73:DF:12:08:50:D5:8C:68:C5:95:31:FB:B9:F8:1A:1A
X509v3 Authority Key Identifier:
keyid:26:D3:82:93:F6:69:DB:48:B6:D0:BD:10:36:AD:FD:EF:6B:D3:D3:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JtOCk_Zp20i20L0QNq3972vT03U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/07cc25-8597-430b-bc52-448b9b95b09e/1/nrIl73PfEghQ1YxoxZUx-7n4Gho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/07cc25-8597-430b-bc52-448b9b95b09e/1/JtOCk_Zp20i20L0QNq3972vT03U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.52.120.0/22
185.114.168.0/22
185.114.220.0/22
185.163.8.0/22
185.166.10.0/24
194.54.76.0/22
Signature Algorithm: sha256WithRSAEncryption
83:4e:9d:66:2a:b4:af:01:0a:dc:e6:d9:b3:75:69:62:57:ae:
87:c8:f6:25:63:9d:c8:23:cc:01:bd:d0:44:ec:34:03:f6:7c:
c8:0e:5f:40:85:2c:82:68:48:82:06:9c:39:29:73:52:61:07:
a5:d8:a9:60:d0:93:2f:b8:6e:16:b0:aa:e0:f5:24:9f:cd:44:
29:8e:3c:6a:6c:0f:7c:b3:39:02:cb:56:98:a6:19:b4:2a:c6:
54:b9:3c:1f:b9:60:f2:4e:59:c9:b0:e0:9c:fb:8d:4a:43:bb:
0b:a2:d8:ef:ff:01:60:a8:db:e3:6f:f7:1f:64:b1:cf:36:04:
7a:85:b8:a7:e0:40:0f:7b:ec:d5:78:7f:cb:fa:b3:45:e6:e6:
9e:5c:14:17:61:c9:79:58:55:9d:b8:5d:50:7d:a8:fd:a3:a1:
cc:00:26:9f:de:ed:68:31:35:4c:9a:d5:4a:7d:84:10:73:45:
ee:11:f4:3a:14:52:bf:54:e5:d4:ba:24:52:72:37:81:2d:32:
6e:57:05:7b:bc:f3:3e:26:0e:d0:2f:19:e0:8b:0e:74:91:f2:
df:39:c4:25:fa:32:e0:9f:cb:97:a9:cb:f9:80:1c:81:12:01:
5d:c0:76:be:0c:2a:22:34:00:f3:6a:8d:da:c7:f7:2c:7f:90:
d8:ba:04:9b
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzzYN4wvPi414lcDOYoXqjUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2ZDM4MjkzZjY2OWRiNDhiNmQwYmQxMDM2YWRmZGVmNmJk
M2QzNzUwHhcNMjQwMTEwMTIzNzQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWIyMjVlZjczZGYxMjA4NTBkNThjNjhjNTk1MzFmYmI5ZjgxYTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgPJzMEqQ5QMuSOjCq1f+AVV72+zz
/VS3WROY04Q3DkctkJuC1Hkqj7eNo1sKi2/xeA8NyExIhWQL6zHs8B44gEz9WBvU
JLQjpz1pIPuRqLAp3ISwIh2UdKF3urr2mEwNFQvtnQCkSZO+DsWGq44TKBj6IoLP
56mACtlXwNsMXPggLRQd6xHoWx4NfBFdXi+XsR3muGKnVgi8myr9BRsYe4MHnp4K
ydil5a0nhwr/3GAa71ii7fbmCqVLp2HQfPpdhwAOzUw8xjn8urhRktlKOv+X/OL8
3ZPx/ftJpXyRJdOtFTHp9vczjNOcmzFsnvz+Ha0DNEkEYP7RacOLwLPcPQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJ6yJe9z3xIIUNWMaMWVMfu5+BoaMB8GA1UdIwQY
MBaAFCbTgpP2adtIttC9EDat/e9r09N1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnRPQ2tfWnAyMGkyMEwwUU5xMzk3MnZUMDNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8wN2NjMjUtODU5Ny00MzBiLWJjNTIt
NDQ4YjliOTViMDllLzEvbnJJbDczUGZFZ2hRMVl4b3haVXgtN240R2hvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8wN2NjMjUtODU5Ny00MzBiLWJjNTItNDQ4YjliOTViMDll
LzEvSnRPQ2tfWnAyMGkyMEwwUU5xMzk3MnZUMDNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCuTR4AwQC
uXKoAwQCuXLcAwQCuaMIAwQAuaYKAwQCwjZMMA0GCSqGSIb3DQEBCwUAA4IBAQCD
Tp1mKrSvAQrc5tmzdWliV66HyPYlY53II8wBvdBE7DQD9nzIDl9AhSyCaEiCBpw5
KXNSYQel2Klg0JMvuG4WsKrg9SSfzUQpjjxqbA98szkCy1aYphm0KsZUuTwfuWDy
TlnJsOCc+41KQ7sLotjv/wFgqNvjb/cfZLHPNgR6hbin4EAPe+zVeH/L+rNF5uae
XBQXYcl5WFWduF1Qfaj9o6HMACaf3u1oMTVMmtVKfYQQc0XuEfQ6FFK/VOXUuiRS
cjeBLTJuVwV7vPM+Jg7QLxngiw50kfLfOcQl+jLgn8uXqcv5gByBEgFdwHa+DCoi
NADzao3ax/csf5DYugSb
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:32:31 2024 by rpki-client on console-ams.rpki-client.org