Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/NHFXVWEbtC-Av7EPRM3Jh2Is1tw.roa
File: NHFXVWEbtC-Av7EPRM3Jh2Is1tw.roa (raw, json)
Hash identifier: 5TYfL6YiLOWxoCy2Q96uYslo35ToQxoH+1J+VSc/9qk=
Subject key identifier: 34:71:57:55:61:1B:B4:2F:80:BF:B1:0F:44:CD:C9:87:62:2C:D6:DC
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 018DFA82BD2D081F8DDC3364E6C5A48E6AF0
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/NHFXVWEbtC-Av7EPRM3Jh2Is1tw.roa
Signing time: Fri 01 Mar 2024 14:54:48 +0000
ROA not before: Fri 01 Mar 2024 14:54:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34295
IP address blocks: 46.10.217.0/24 maxlen: 24
62.176.118.0/24 maxlen: 24
87.126.120.0/22 maxlen: 24
90.154.144.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:02:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:fa:82:bd:2d:08:1f:8d:dc:33:64:e6:c5:a4:8e:6a:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Mar 1 14:54:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=34715755611bb42f80bfb10f44cdc987622cd6dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:00:30:01:f3:09:61:46:66:fa:80:a2:5c:de:
6b:06:03:29:2f:3d:14:d5:a5:7b:fa:78:25:6f:20:
b6:4e:b1:8a:a4:8e:fe:31:42:85:67:91:ea:03:db:
df:a7:7f:20:95:2f:4c:3e:e6:17:cb:a6:70:70:80:
ba:3f:fe:8b:34:46:b4:0f:d9:11:76:eb:28:d4:a8:
9f:eb:46:db:cb:71:a4:de:16:47:16:98:2f:61:0f:
4c:72:46:dd:7a:43:99:69:ba:3e:30:89:d3:4f:ac:
f5:f9:bf:d4:31:74:6c:8f:83:9c:7a:d9:48:55:13:
9b:a0:06:31:c2:43:ed:ac:67:49:7c:aa:24:be:95:
7d:ea:d5:62:ea:34:70:dd:d7:98:25:f7:a4:fb:85:
9e:bd:06:2b:1d:09:35:eb:23:49:3d:4a:17:41:70:
4e:1c:6d:0e:f1:1e:08:f6:28:0d:d0:65:1e:f7:df:
8b:39:a1:07:5e:af:59:d7:68:67:23:af:61:4f:4c:
e3:c7:c7:0f:a3:9f:b4:d8:d7:65:27:e5:b4:6d:62:
79:1b:28:bb:dc:99:b9:09:37:52:75:ff:a0:9f:aa:
09:48:9e:9c:9c:a1:95:98:96:19:7b:d6:87:c2:87:
3b:5f:c7:80:99:39:6f:f5:19:e6:7b:3a:dd:22:4e:
ca:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:71:57:55:61:1B:B4:2F:80:BF:B1:0F:44:CD:C9:87:62:2C:D6:DC
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/NHFXVWEbtC-Av7EPRM3Jh2Is1tw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.10.217.0/24
62.176.118.0/24
87.126.120.0/22
90.154.144.0/21
Signature Algorithm: sha256WithRSAEncryption
3f:c3:79:d4:09:c4:8f:d2:50:cb:13:32:e3:98:26:67:c7:35:
90:e2:e1:c2:39:fb:0f:3e:fb:ec:e7:42:e7:a7:7b:b4:f7:b7:
c7:62:14:53:e8:a2:81:b9:ef:44:c1:e9:1b:b0:30:0f:b3:a0:
f4:cd:a4:79:89:3c:e4:60:3b:2d:51:89:b4:40:3e:4d:0e:23:
b0:78:3a:7d:09:7f:e6:12:72:f5:7b:b0:00:97:22:bc:a4:ef:
94:88:0f:91:7f:2a:e4:e9:e3:ff:92:bc:02:9a:cd:f7:2c:8b:
78:38:9e:32:50:0e:af:04:f0:c5:c6:b2:10:37:ac:4c:10:72:
cf:b7:50:99:7a:bd:c3:f8:51:43:d0:a3:ea:d9:b6:e4:8d:d1:
1c:35:fc:3b:85:69:ae:c9:70:ae:1a:aa:ab:61:7e:19:4a:f0:
ed:4f:7d:43:fe:95:23:5c:fa:2a:b5:bb:70:d1:bd:e5:3d:2d:
36:54:69:9b:ba:3c:01:35:2c:83:a4:44:c1:bf:22:38:03:4e:
22:18:5c:c2:58:b6:04:83:72:aa:36:46:e9:7d:20:98:b7:c2:
5b:20:34:8c:94:a4:9e:b9:65:6d:dd:c2:25:d3:d5:e4:1e:65:
be:97:b2:38:e2:46:61:4d:66:62:35:56:2d:42:f6:a1:0e:4e:
e0:29:9e:e6
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY36gr0tCB+N3DNk5sWkjmrwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjQwMzAxMTQ1NDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDcxNTc1NTYxMWJiNDJmODBiZmIxMGY0NGNkYzk4NzYyMmNkNmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQAwAfMJYUZm+oCiXN5rBgMpLz0U
1aV7+nglbyC2TrGKpI7+MUKFZ5HqA9vfp38glS9MPuYXy6ZwcIC6P/6LNEa0D9kR
duso1Kif60bby3Gk3hZHFpgvYQ9MckbdekOZabo+MInTT6z1+b/UMXRsj4OcetlI
VROboAYxwkPtrGdJfKokvpV96tVi6jRw3deYJfek+4WevQYrHQk16yNJPUoXQXBO
HG0O8R4I9igN0GUe99+LOaEHXq9Z12hnI69hT0zjx8cPo5+02NdlJ+W0bWJ5Gyi7
3Jm5CTdSdf+gn6oJSJ6cnKGVmJYZe9aHwoc7X8eAmTlv9RnmezrdIk7KfQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDRxV1VhG7QvgL+xD0TNyYdiLNbcMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvTkhGWFZXRWJ0Qy1BdjdFUFJNM0poMklzMXR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALgrZAwQA
PrB2AwQCV354AwQDWpqQMA0GCSqGSIb3DQEBCwUAA4IBAQA/w3nUCcSP0lDLEzLj
mCZnxzWQ4uHCOfsPPvvs50Lnp3u097fHYhRT6KKBue9EwekbsDAPs6D0zaR5iTzk
YDstUYm0QD5NDiOweDp9CX/mEnL1e7AAlyK8pO+UiA+Rfyrk6eP/krwCms33LIt4
OJ4yUA6vBPDFxrIQN6xMEHLPt1CZer3D+FFD0KPq2bbkjdEcNfw7hWmuyXCuGqqr
YX4ZSvDtT31D/pUjXPoqtbtw0b3lPS02VGmbujwBNSyDpETBvyI4A04iGFzCWLYE
g3KqNkbpfSCYt8JbIDSMlKSeuWVt3cIl09XkHmW+l7I44kZhTWZiNVYtQvahDk7g
KZ7m
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:54:14 2024 by rpki-client on console-ams.rpki-client.org