Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/NTQOLfapDCZrN25QI32TWv-ibaM.roa
File: NTQOLfapDCZrN25QI32TWv-ibaM.roa (raw, json)
Hash identifier: 5tB5/cjMgNL3dJzczTjQc/xNF7CtwKkN8Y5xvquk0Sw=
Subject key identifier: 35:34:0E:2D:F6:A9:0C:26:6B:37:6E:50:23:7D:93:5A:FF:A2:6D:A3
Certificate issuer: /CN=ae7f747df5f24353154dc4d4bf70d2ddcb53e900
Certificate serial: 018CC9BCDB918D510442198F848FDF1B3C7E
Authority key identifier: AE:7F:74:7D:F5:F2:43:53:15:4D:C4:D4:BF:70:D2:DD:CB:53:E9:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rn90ffXyQ1MVTcTUv3DS3ctT6QA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/NTQOLfapDCZrN25QI32TWv-ibaM.roa
Signing time: Tue 02 Jan 2024 10:34:06 +0000
ROA not before: Tue 02 Jan 2024 10:34:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50427
IP address blocks: 109.226.248.0/24 maxlen: 24
185.84.175.0/24 maxlen: 24
185.84.174.0/24 maxlen: 24
185.84.174.0/23 maxlen: 23
193.106.170.0/24 maxlen: 24
193.106.171.0/24 maxlen: 24
193.106.168.0/22 maxlen: 22
193.106.168.0/24 maxlen: 24
193.106.169.0/24 maxlen: 24
2a05:7401::/34 maxlen: 34
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/rn90ffXyQ1MVTcTUv3DS3ctT6QA.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/rn90ffXyQ1MVTcTUv3DS3ctT6QA.mft
rsync://rpki.ripe.net/repository/DEFAULT/rn90ffXyQ1MVTcTUv3DS3ctT6QA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Jun 2024 03:05:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:db:91:8d:51:04:42:19:8f:84:8f:df:1b:3c:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae7f747df5f24353154dc4d4bf70d2ddcb53e900
Validity
Not Before: Jan 2 10:34:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=35340e2df6a90c266b376e50237d935affa26da3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ab:b4:6e:39:56:0b:71:b6:62:fb:fb:49:bf:
d4:d5:ac:50:3c:f2:f8:7c:76:e2:b0:15:19:c8:8b:
6e:5d:72:4e:82:1a:ae:10:95:c4:b0:87:54:a8:d9:
cc:72:10:b2:05:ae:ee:3b:b3:f4:48:0e:cf:19:32:
7d:e6:b3:c2:bb:75:e3:78:51:0a:5e:d1:27:a8:24:
61:42:b2:67:c0:b4:24:71:db:9e:22:c2:d7:81:91:
a7:45:38:6a:eb:90:b3:1d:9f:27:0c:4e:6b:a9:ab:
40:7a:79:47:0f:77:c5:3a:93:ab:b6:df:dc:50:34:
84:b5:a9:4c:ac:63:f1:1d:74:cd:17:d9:50:a9:23:
c0:66:9b:d5:88:6c:77:44:54:ee:70:f7:66:3e:0f:
f3:f9:12:d4:da:a8:ba:af:9a:9e:f4:b3:42:4e:9b:
ee:55:6c:ad:e2:32:52:a2:52:90:83:c0:a5:76:f1:
7d:81:69:2c:89:81:93:23:87:83:04:88:63:1d:76:
26:a5:2d:37:2a:d8:7b:3a:48:e8:93:68:96:dd:f1:
b0:5e:0c:21:a2:1a:32:7d:c7:92:cd:be:24:e7:bb:
f2:ad:5f:15:b6:82:c6:4b:ea:df:74:8f:2b:9c:46:
6c:5e:09:e7:33:8c:ad:67:d9:f9:eb:92:ef:8f:87:
51:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:34:0E:2D:F6:A9:0C:26:6B:37:6E:50:23:7D:93:5A:FF:A2:6D:A3
X509v3 Authority Key Identifier:
keyid:AE:7F:74:7D:F5:F2:43:53:15:4D:C4:D4:BF:70:D2:DD:CB:53:E9:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rn90ffXyQ1MVTcTUv3DS3ctT6QA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/NTQOLfapDCZrN25QI32TWv-ibaM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/rn90ffXyQ1MVTcTUv3DS3ctT6QA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.226.248.0/24
185.84.174.0/23
193.106.168.0/22
IPv6:
2a05:7401::/34
Signature Algorithm: sha256WithRSAEncryption
8d:30:9b:86:97:05:1c:59:b9:79:64:67:03:36:5b:de:da:c9:
ac:e3:25:49:da:83:54:a7:8b:14:27:9a:fd:9c:47:df:c8:ca:
56:10:f3:36:01:d8:26:4f:3c:22:be:aa:72:1e:4d:99:64:e2:
93:3a:34:9a:49:a0:ec:16:99:b7:a9:f2:a5:4d:ed:b4:5f:37:
79:2d:c9:67:46:d9:5a:cd:de:c8:91:e0:3e:fe:ad:d4:fe:14:
2a:35:ad:77:b8:44:ea:5f:75:9c:cb:a0:54:40:22:92:4d:92:
3f:ea:8d:0c:6f:ec:76:32:7c:40:00:a0:75:0b:a7:1b:d7:60:
e1:cd:8d:de:87:b4:2d:60:7e:b2:a3:0a:84:b0:e3:9d:4b:0d:
c2:91:a8:76:a3:bd:c4:d2:74:6a:e6:30:1b:89:6a:02:ea:71:
30:d7:a4:7c:ba:02:f4:92:60:31:51:db:49:cb:89:08:25:dd:
22:c0:ea:4c:c9:28:fa:34:69:d4:0c:d4:69:0d:54:f7:9e:ee:
ef:42:87:bd:d6:d5:18:c8:99:93:32:bf:18:7a:30:47:e6:8d:
72:9c:86:79:07:71:ed:8a:3c:83:db:92:bf:87:60:a9:b8:8b:
60:bc:40:1a:dc:95:f2:24:9c:c9:d5:f4:e5:3f:55:cf:2f:26:
7a:01:d3:83
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzJvNuRjVEEQhmPhI/fGzx+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlN2Y3NDdkZjVmMjQzNTMxNTRkYzRkNGJmNzBkMmRkY2I1
M2U5MDAwHhcNMjQwMTAyMTAzNDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTM0MGUyZGY2YTkwYzI2NmIzNzZlNTAyMzdkOTM1YWZmYTI2ZGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6u0bjlWC3G2Yvv7Sb/U1axQPPL4
fHbisBUZyItuXXJOghquEJXEsIdUqNnMchCyBa7uO7P0SA7PGTJ95rPCu3XjeFEK
XtEnqCRhQrJnwLQkcdueIsLXgZGnRThq65CzHZ8nDE5rqatAenlHD3fFOpOrtt/c
UDSEtalMrGPxHXTNF9lQqSPAZpvViGx3RFTucPdmPg/z+RLU2qi6r5qe9LNCTpvu
VWyt4jJSolKQg8CldvF9gWksiYGTI4eDBIhjHXYmpS03Kth7Okjok2iW3fGwXgwh
ohoyfceSzb4k57vyrV8VtoLGS+rfdI8rnEZsXgnnM4ytZ9n565Lvj4dRxQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFDU0Di32qQwmazduUCN9k1r/om2jMB8GA1UdIwQY
MBaAFK5/dH318kNTFU3E1L9w0t3LU+kAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm45MGZmWHlRMU1WVGNUVXYzRFMzY3RUNlFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi81OGFmMjQtYzQ1NC00NGIwLWE3Y2Et
YzZmMWU2YWM5YmE5LzEvTlRRT0xmYXBEQ1pyTjI1UUkzMlRXdi1pYmFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi81OGFmMjQtYzQ1NC00NGIwLWE3Y2EtYzZmMWU2YWM5YmE5
LzEvcm45MGZmWHlRMU1WVGNUVXYzRFMzY3RUNlFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAYBAIAATASAwQAbeL4AwQB
uVSuAwQCwWqoMA4EAgACMAgDBgYqBXQBADANBgkqhkiG9w0BAQsFAAOCAQEAjTCb
hpcFHFm5eWRnAzZb3trJrOMlSdqDVKeLFCea/ZxH38jKVhDzNgHYJk88Ir6qch5N
mWTikzo0mkmg7BaZt6nypU3ttF83eS3JZ0bZWs3eyJHgPv6t1P4UKjWtd7hE6l91
nMugVEAikk2SP+qNDG/sdjJ8QACgdQunG9dg4c2N3oe0LWB+sqMKhLDjnUsNwpGo
dqO9xNJ0auYwG4lqAupxMNekfLoC9JJgMVHbScuJCCXdIsDqTMko+jRp1AzUaQ1U
957u70KHvdbVGMiZkzK/GHowR+aNcpyGeQdx7Yo8g9uSv4dgqbiLYLxAGtyV8iSc
ydX05T9Vzy8megHTgw==
-----END CERTIFICATE-----
Generated at Sat Jun 8 08:59:26 2024 by rpki-client on console-ams.rpki-client.org