Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/e74b81-5ff7-4823-9267-0d3e662b0ee0/1/NflXcBP_JyHm50Wk22EJ3Ma8vQ4.roa
File: NflXcBP_JyHm50Wk22EJ3Ma8vQ4.roa (raw, json)
Hash identifier: Uch3ooVUkPKaKcusHxzorzOJZOAAuNPQmj+/SK98K/Q=
Subject key identifier: 35:F9:57:70:13:FF:27:21:E6:E7:45:A4:DB:61:09:DC:C6:BC:BD:0E
Certificate issuer: /CN=3092b117062f6065faa1cdfd38915e4bb9c924bb
Certificate serial: 018CC7936FE94C37B313B287D6E2601CD9FA
Authority key identifier: 30:92:B1:17:06:2F:60:65:FA:A1:CD:FD:38:91:5E:4B:B9:C9:24:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MJKxFwYvYGX6oc39OJFeS7nJJLs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/e74b81-5ff7-4823-9267-0d3e662b0ee0/1/NflXcBP_JyHm50Wk22EJ3Ma8vQ4.roa
Signing time: Tue 02 Jan 2024 00:29:37 +0000
ROA not before: Tue 02 Jan 2024 00:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 185.121.142.0/24 maxlen: 24
185.121.143.0/24 maxlen: 24
185.121.140.0/24 maxlen: 24
185.121.141.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/e74b81-5ff7-4823-9267-0d3e662b0ee0/1/MJKxFwYvYGX6oc39OJFeS7nJJLs.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/e74b81-5ff7-4823-9267-0d3e662b0ee0/1/MJKxFwYvYGX6oc39OJFeS7nJJLs.mft
rsync://rpki.ripe.net/repository/DEFAULT/MJKxFwYvYGX6oc39OJFeS7nJJLs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 18:01:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:6f:e9:4c:37:b3:13:b2:87:d6:e2:60:1c:d9:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3092b117062f6065faa1cdfd38915e4bb9c924bb
Validity
Not Before: Jan 2 00:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=35f9577013ff2721e6e745a4db6109dcc6bcbd0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:58:b3:65:a9:8c:ff:f8:60:44:2a:0c:c0:79:
6a:69:c4:21:c1:3b:ea:80:0f:1b:58:f8:ce:7b:c6:
eb:64:13:c7:ec:0e:3f:c2:16:07:eb:ea:e9:00:46:
27:da:7a:67:c4:f1:a6:9f:b1:ec:06:d2:31:62:72:
e5:74:9e:f0:a2:c9:b8:32:2f:65:95:ec:74:49:96:
ae:d1:e7:2a:9c:7b:c2:e8:83:81:e4:ab:90:94:52:
8b:1d:d0:2b:63:18:54:24:41:67:f8:4d:9b:87:4a:
fa:dc:56:8d:ad:cd:77:24:87:aa:3b:dd:47:9c:f2:
f5:d0:54:df:4c:22:e9:db:15:d5:95:75:8c:4f:be:
21:61:19:71:d3:6b:d8:24:33:94:46:90:00:b5:6e:
23:8e:53:17:22:78:bf:13:2b:2d:d2:be:d2:94:03:
01:c9:77:a8:c0:41:3f:37:97:54:37:5d:ae:4d:c6:
86:a9:6c:81:ae:e2:76:2b:37:4d:e6:c7:b9:a8:67:
fc:a4:91:d7:16:73:57:3b:76:93:2f:19:3b:e1:72:
54:38:39:d4:02:27:3b:30:bf:0e:aa:2d:cf:d5:c4:
d0:09:6d:11:7a:90:b2:55:02:cf:d5:ee:6a:9b:ef:
3c:df:d9:a2:ac:11:a7:74:81:d3:9a:c7:1f:a9:cd:
7b:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:F9:57:70:13:FF:27:21:E6:E7:45:A4:DB:61:09:DC:C6:BC:BD:0E
X509v3 Authority Key Identifier:
keyid:30:92:B1:17:06:2F:60:65:FA:A1:CD:FD:38:91:5E:4B:B9:C9:24:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MJKxFwYvYGX6oc39OJFeS7nJJLs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/e74b81-5ff7-4823-9267-0d3e662b0ee0/1/NflXcBP_JyHm50Wk22EJ3Ma8vQ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/e74b81-5ff7-4823-9267-0d3e662b0ee0/1/MJKxFwYvYGX6oc39OJFeS7nJJLs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.121.140.0/22
Signature Algorithm: sha256WithRSAEncryption
d8:01:b7:17:57:46:47:23:26:0c:81:86:c6:f0:f8:7e:86:8a:
94:d6:d6:0a:93:46:13:ec:cd:ca:fb:32:ae:59:ab:1b:71:5e:
7e:7d:5b:e8:4b:13:fa:01:68:64:ac:b6:64:e1:45:fd:c4:e3:
a4:a9:95:0e:f5:25:bd:39:77:6e:c0:13:af:bc:8f:c6:9b:9b:
64:86:92:72:da:fd:4f:56:42:f5:ec:8d:d2:a7:00:c5:4d:a4:
ff:8f:b1:2c:68:92:c5:aa:62:6c:73:9b:72:fc:89:fb:b2:16:
9c:7d:15:1e:ef:e4:f6:62:62:42:2f:73:20:e8:ae:20:99:ec:
21:3e:86:5e:68:51:a2:e0:20:10:2e:dc:90:02:14:bb:7a:37:
f9:2f:7f:4f:00:61:29:d6:cf:6f:58:72:14:9f:fa:86:98:fe:
4b:b7:d3:c9:00:6f:c1:de:c4:09:92:fb:d0:94:10:c9:25:70:
68:74:d9:05:cd:b7:95:92:42:b1:bc:15:e9:9f:46:92:c4:cd:
46:2f:98:24:a5:43:f9:3e:72:3d:ae:e8:4d:7f:2a:62:ef:10:
e0:25:7f:8a:6e:ef:7e:13:ef:3f:89:6c:2c:e8:b2:80:63:72:
cc:3b:83:1b:3b:76:b0:b1:66:45:63:73:3e:3e:c7:db:66:ba:
64:54:ab:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHk2/pTDezE7KH1uJgHNn6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwOTJiMTE3MDYyZjYwNjVmYWExY2RmZDM4OTE1ZTRiYjlj
OTI0YmIwHhcNMjQwMTAyMDAyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWY5NTc3MDEzZmYyNzIxZTZlNzQ1YTRkYjYxMDlkY2M2YmNiZDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA21izZamM//hgRCoMwHlqacQhwTvq
gA8bWPjOe8brZBPH7A4/whYH6+rpAEYn2npnxPGmn7HsBtIxYnLldJ7wosm4Mi9l
lex0SZau0ecqnHvC6IOB5KuQlFKLHdArYxhUJEFn+E2bh0r63FaNrc13JIeqO91H
nPL10FTfTCLp2xXVlXWMT74hYRlx02vYJDOURpAAtW4jjlMXIni/Eyst0r7SlAMB
yXeowEE/N5dUN12uTcaGqWyBruJ2KzdN5se5qGf8pJHXFnNXO3aTLxk74XJUODnU
Aic7ML8Oqi3P1cTQCW0RepCyVQLP1e5qm+8839mirBGndIHTmscfqc17cQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDX5V3AT/ych5udFpNthCdzGvL0OMB8GA1UdIwQY
MBaAFDCSsRcGL2Bl+qHN/TiRXku5ySS7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUpLeEZ3WXZZR1g2b2MzOU9KRmVTN25KSkxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9lNzRiODEtNWZmNy00ODIzLTkyNjct
MGQzZTY2MmIwZWUwLzEvTmZsWGNCUF9KeUhtNTBXazIyRUozTWE4dlE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9lNzRiODEtNWZmNy00ODIzLTkyNjctMGQzZTY2MmIwZWUw
LzEvTUpLeEZ3WXZZR1g2b2MzOU9KRmVTN25KSkxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXmMMA0G
CSqGSIb3DQEBCwUAA4IBAQDYAbcXV0ZHIyYMgYbG8Ph+hoqU1tYKk0YT7M3K+zKu
WasbcV5+fVvoSxP6AWhkrLZk4UX9xOOkqZUO9SW9OXduwBOvvI/Gm5tkhpJy2v1P
VkL17I3SpwDFTaT/j7EsaJLFqmJsc5ty/In7shacfRUe7+T2YmJCL3Mg6K4gmewh
PoZeaFGi4CAQLtyQAhS7ejf5L39PAGEp1s9vWHIUn/qGmP5Lt9PJAG/B3sQJkvvQ
lBDJJXBodNkFzbeVkkKxvBXpn0aSxM1GL5gkpUP5PnI9ruhNfypi7xDgJX+Kbu9+
E+8/iWws6LKAY3LMO4MbO3awsWZFY3M+PsfbZrpkVKtb
-----END CERTIFICATE-----
Generated at Thu May 2 02:00:33 2024 by rpki-client on console-ams.rpki-client.org