Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/NvKx2hIgSmh9gLGM4nHggeqjumM.roa
File: NvKx2hIgSmh9gLGM4nHggeqjumM.roa (raw, json)
Hash identifier: +ZtgXR2QUsGS9jb8eCQAaJVRSSOr70lpSBfJJ8Nc+vY=
Subject key identifier: 36:F2:B1:DA:12:20:4A:68:7D:80:B1:8C:E2:71:E0:81:EA:A3:BA:63
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 018E6BDB699E4C660096D5394FD6905DF59F
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/NvKx2hIgSmh9gLGM4nHggeqjumM.roa
Signing time: Sat 23 Mar 2024 15:08:45 +0000
ROA not before: Sat 23 Mar 2024 15:08:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 400909
IP address blocks: 94.241.162.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.mft
rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 20:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:6b:db:69:9e:4c:66:00:96:d5:39:4f:d6:90:5d:f5:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Mar 23 15:08:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=36f2b1da12204a687d80b18ce271e081eaa3ba63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:aa:fc:4e:14:c6:1e:70:d3:cd:f2:0a:c0:54:
29:26:ca:aa:08:e8:50:fa:9a:25:ad:fc:56:86:1f:
48:9c:ec:43:6b:25:67:a2:f3:4c:0c:9a:7f:e2:ef:
e7:af:d5:3c:44:ca:f7:f2:1b:e2:a4:6e:75:2a:c4:
1a:80:34:66:0c:f1:17:39:1e:b4:33:ba:4e:0b:c6:
69:5c:3d:6c:12:80:59:d5:d9:96:6f:c2:4c:b9:82:
e6:91:e4:56:3e:d2:31:de:db:6d:86:db:83:37:db:
16:ca:0b:56:09:1c:95:51:a8:81:70:07:e4:03:7a:
47:09:79:b6:40:99:ad:1c:97:10:0e:05:63:e8:54:
8c:7a:a1:44:6b:9d:57:79:76:8c:53:7d:49:fe:46:
03:15:8d:2a:42:47:9a:0b:c4:bf:f3:dd:eb:6b:ee:
8d:72:53:f6:bb:01:c1:9a:9d:2a:d0:ff:b1:1c:e2:
4e:ca:09:98:19:e5:b8:35:54:4d:27:d2:85:96:c5:
2c:b2:09:c3:7e:c2:b3:3c:59:66:53:4f:c5:37:b2:
c3:95:c4:5a:55:37:80:63:2f:8a:f8:c5:bc:cf:c9:
88:1e:15:fe:aa:c7:a5:19:86:2b:5c:13:a6:24:4a:
25:c0:80:3c:8e:bc:49:d4:20:31:9d:59:0b:be:0e:
87:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:F2:B1:DA:12:20:4A:68:7D:80:B1:8C:E2:71:E0:81:EA:A3:BA:63
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/NvKx2hIgSmh9gLGM4nHggeqjumM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.241.162.0/23
Signature Algorithm: sha256WithRSAEncryption
2f:b7:65:b7:96:02:0a:d7:5c:e2:e6:21:62:e2:0f:d5:d7:90:
1f:ec:b6:71:f1:1a:3a:db:1e:fb:fc:dc:04:d7:b6:76:e8:f8:
95:1b:dd:d3:a6:e1:60:04:bb:08:8e:4c:11:09:b2:66:12:38:
f9:57:63:a9:6b:a6:e4:81:5a:9d:c5:f9:ba:d8:40:6b:59:05:
bf:61:4d:e7:81:30:35:68:00:f6:f1:84:0c:ca:ef:ed:bb:ad:
97:f0:9b:5d:f9:f0:ec:85:24:74:c4:89:4a:b1:4b:7b:ca:7a:
43:28:be:9f:1d:67:b4:57:32:e7:61:69:f6:a4:5c:be:24:39:
b8:1d:af:a9:28:72:0e:f4:92:21:db:36:d4:7b:b4:d7:86:ec:
32:07:7c:02:a3:60:5e:c1:17:fd:35:cf:62:48:2e:a5:54:92:
58:40:37:7b:e7:ed:d7:4c:e2:a4:0e:e3:e5:d1:4d:ab:4f:ac:
85:ec:62:50:89:cd:c2:09:5c:a3:d7:e4:42:2d:cd:0a:e3:d2:
09:10:03:15:72:cd:73:1c:01:4d:92:7c:3f:f6:22:9f:97:3d:
98:08:eb:4e:31:c1:c7:bb:71:ba:b4:9b:c2:b0:27:08:7e:2f:
56:68:50:ae:4c:82:60:19:57:63:0f:b9:3c:f1:32:61:8b:5c:
68:63:44:3a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY5r22meTGYAltU5T9aQXfWfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjQwMzIzMTUwODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmYyYjFkYTEyMjA0YTY4N2Q4MGIxOGNlMjcxZTA4MWVhYTNiYTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzar8ThTGHnDTzfIKwFQpJsqqCOhQ
+polrfxWhh9InOxDayVnovNMDJp/4u/nr9U8RMr38hvipG51KsQagDRmDPEXOR60
M7pOC8ZpXD1sEoBZ1dmWb8JMuYLmkeRWPtIx3ttthtuDN9sWygtWCRyVUaiBcAfk
A3pHCXm2QJmtHJcQDgVj6FSMeqFEa51XeXaMU31J/kYDFY0qQkeaC8S/893ra+6N
clP2uwHBmp0q0P+xHOJOygmYGeW4NVRNJ9KFlsUssgnDfsKzPFlmU0/FN7LDlcRa
VTeAYy+K+MW8z8mIHhX+qselGYYrXBOmJEolwIA8jrxJ1CAxnVkLvg6HiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDbysdoSIEpofYCxjOJx4IHqo7pjMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvTnZLeDJoSWdTbWg5Z0xHTTRuSGdnZXFqdW1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBXvGiMA0G
CSqGSIb3DQEBCwUAA4IBAQAvt2W3lgIK11zi5iFi4g/V15Af7LZx8Ro62x77/NwE
17Z26PiVG93TpuFgBLsIjkwRCbJmEjj5V2Opa6bkgVqdxfm62EBrWQW/YU3ngTA1
aAD28YQMyu/tu62X8Jtd+fDshSR0xIlKsUt7ynpDKL6fHWe0VzLnYWn2pFy+JDm4
Ha+pKHIO9JIh2zbUe7TXhuwyB3wCo2BewRf9Nc9iSC6lVJJYQDd75+3XTOKkDuPl
0U2rT6yF7GJQic3CCVyj1+RCLc0K49IJEAMVcs1zHAFNknw/9iKflz2YCOtOMcHH
u3G6tJvCsCcIfi9WaFCuTIJgGVdjD7k88TJhi1xoY0Q6
-----END CERTIFICATE-----
Generated at Sun Apr 28 04:18:21 2024 by rpki-client on console-ams.rpki-client.org