Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/eecf8b-3d63-4c9c-bd84-cd0d9e5742cb/1/Ng5OoG_L-vRMnuVok-i9zTLmbcY.roa
File: Ng5OoG_L-vRMnuVok-i9zTLmbcY.roa (raw, json)
Hash identifier: RMjayqIOBaHDibiGNIdzwysyMVXIkvgejBtFgtffAos=
Subject key identifier: 36:0E:4E:A0:6F:CB:FA:F4:4C:9E:E5:68:93:E8:BD:CD:32:E6:6D:C6
Certificate issuer: /CN=04a9cff24981d7263d1b7d63779f5d673de2bdbc
Certificate serial: 018CC4935C6745E710F405A3648E827175BE
Authority key identifier: 04:A9:CF:F2:49:81:D7:26:3D:1B:7D:63:77:9F:5D:67:3D:E2:BD:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BKnP8kmB1yY9G31jd59dZz3ivbw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/eecf8b-3d63-4c9c-bd84-cd0d9e5742cb/1/Ng5OoG_L-vRMnuVok-i9zTLmbcY.roa
Signing time: Mon 01 Jan 2024 10:30:40 +0000
ROA not before: Mon 01 Jan 2024 10:30:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205495
IP address blocks: 185.136.184.0/22 maxlen: 24
45.153.44.0/22 maxlen: 24
185.216.80.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/eecf8b-3d63-4c9c-bd84-cd0d9e5742cb/1/BKnP8kmB1yY9G31jd59dZz3ivbw.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/eecf8b-3d63-4c9c-bd84-cd0d9e5742cb/1/BKnP8kmB1yY9G31jd59dZz3ivbw.mft
rsync://rpki.ripe.net/repository/DEFAULT/BKnP8kmB1yY9G31jd59dZz3ivbw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:5c:67:45:e7:10:f4:05:a3:64:8e:82:71:75:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04a9cff24981d7263d1b7d63779f5d673de2bdbc
Validity
Not Before: Jan 1 10:30:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=360e4ea06fcbfaf44c9ee56893e8bdcd32e66dc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:d5:46:3e:76:b9:5a:bd:9c:d3:44:85:c3:bb:
b5:b9:c6:42:1c:cf:43:69:e3:66:13:73:6c:af:fb:
9f:28:bb:56:6a:75:14:82:fc:9c:f4:5d:d6:df:01:
30:5d:28:6a:93:4a:a5:dc:d0:08:a5:5e:ac:5f:eb:
02:0e:70:e1:66:ca:79:dc:20:bc:66:c7:26:13:25:
ab:d1:ef:5e:6d:35:29:ca:95:88:d6:a1:04:2b:0f:
58:f2:46:7c:83:10:28:b7:8f:d2:e8:b9:a9:1e:d1:
5b:cc:ef:8a:14:dc:39:09:ac:3a:b6:d7:4f:37:16:
06:58:2b:d9:54:c1:4b:51:de:36:20:a3:0b:be:4f:
ae:74:43:27:27:ce:e3:99:b3:8f:2a:17:4c:cf:30:
ea:de:a0:48:55:35:38:0d:52:87:52:7b:c4:85:08:
79:03:16:84:d1:b6:a8:73:b2:df:42:55:c2:5f:1e:
64:a7:95:86:0f:b7:37:d4:89:bf:89:98:53:d8:b3:
fd:b6:03:21:33:f3:55:1a:53:3c:89:5b:e1:93:a2:
ba:10:2b:45:1e:f9:db:67:31:1d:ef:67:2c:b6:69:
00:fd:3f:d1:e7:3a:4f:1b:63:01:06:ec:cc:8f:ba:
8d:de:55:8d:38:75:a7:59:a7:57:af:26:a7:61:5c:
f6:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:0E:4E:A0:6F:CB:FA:F4:4C:9E:E5:68:93:E8:BD:CD:32:E6:6D:C6
X509v3 Authority Key Identifier:
keyid:04:A9:CF:F2:49:81:D7:26:3D:1B:7D:63:77:9F:5D:67:3D:E2:BD:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BKnP8kmB1yY9G31jd59dZz3ivbw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/eecf8b-3d63-4c9c-bd84-cd0d9e5742cb/1/Ng5OoG_L-vRMnuVok-i9zTLmbcY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/eecf8b-3d63-4c9c-bd84-cd0d9e5742cb/1/BKnP8kmB1yY9G31jd59dZz3ivbw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.44.0/22
185.136.184.0/22
185.216.80.0/23
Signature Algorithm: sha256WithRSAEncryption
5c:41:4a:1b:21:40:f0:ed:9d:fe:ee:0e:26:f4:67:a5:63:22:
1a:98:eb:37:0f:e9:5e:e9:ef:42:f8:aa:36:4e:05:e1:6a:ce:
8b:b4:71:f4:fe:f1:60:55:04:35:ad:bf:7f:b9:c0:96:0a:31:
d2:3b:31:f6:c8:1b:39:5f:2e:fc:96:e2:7d:33:62:3a:ee:0d:
6c:bd:6a:41:e6:aa:bd:7c:17:14:84:bc:7f:ef:48:51:b2:ce:
85:ac:0c:d2:9d:9a:68:fd:9e:17:1d:4f:5d:97:e4:59:88:4a:
83:82:9b:a8:31:e5:2e:ed:47:c2:c3:1d:ea:c7:d3:b3:29:a9:
24:be:ea:ec:6a:1c:ef:22:f3:a5:83:6a:77:26:d9:55:68:85:
6f:64:a3:f4:69:89:5d:d6:54:37:9a:0e:1a:cc:72:2c:40:69:
5a:db:d0:75:61:9b:c8:25:c3:66:05:e1:13:db:5d:03:99:da:
ea:37:78:26:cc:03:d7:4c:84:e7:72:c3:bf:93:0e:fc:9e:53:
da:39:73:d1:26:18:2d:82:ef:ef:52:9b:f0:36:bf:5e:46:c3:
9b:8f:f8:b8:07:58:74:30:52:45:2a:92:00:79:fa:3e:cc:f2:
c8:85:50:d1:be:6f:f4:be:f1:b2:9f:ea:25:44:b1:9c:aa:37:
00:3d:e8:16
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzEk1xnRecQ9AWjZI6CcXW+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0YTljZmYyNDk4MWQ3MjYzZDFiN2Q2Mzc3OWY1ZDY3M2Rl
MmJkYmMwHhcNMjQwMTAxMTAzMDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjBlNGVhMDZmY2JmYWY0NGM5ZWU1Njg5M2U4YmRjZDMyZTY2ZGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotVGPna5Wr2c00SFw7u1ucZCHM9D
aeNmE3Nsr/ufKLtWanUUgvyc9F3W3wEwXShqk0ql3NAIpV6sX+sCDnDhZsp53CC8
ZscmEyWr0e9ebTUpypWI1qEEKw9Y8kZ8gxAot4/S6LmpHtFbzO+KFNw5Caw6ttdP
NxYGWCvZVMFLUd42IKMLvk+udEMnJ87jmbOPKhdMzzDq3qBIVTU4DVKHUnvEhQh5
AxaE0baoc7LfQlXCXx5kp5WGD7c31Im/iZhT2LP9tgMhM/NVGlM8iVvhk6K6ECtF
HvnbZzEd72cstmkA/T/R5zpPG2MBBuzMj7qN3lWNOHWnWadXryanYVz2ewIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDYOTqBvy/r0TJ7laJPovc0y5m3GMB8GA1UdIwQY
MBaAFASpz/JJgdcmPRt9Y3efXWc94r28MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQktuUDhrbUIxeVk5RzMxamQ1OWRaejNpdmJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS9lZWNmOGItM2Q2My00YzljLWJkODQt
Y2QwZDllNTc0MmNiLzEvTmc1T29HX0wtdlJNbnVWb2staTl6VExtYmNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS9lZWNmOGItM2Q2My00YzljLWJkODQtY2QwZDllNTc0MmNi
LzEvQktuUDhrbUIxeVk5RzMxamQ1OWRaejNpdmJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLZksAwQC
uYi4AwQBudhQMA0GCSqGSIb3DQEBCwUAA4IBAQBcQUobIUDw7Z3+7g4m9GelYyIa
mOs3D+le6e9C+Ko2TgXhas6LtHH0/vFgVQQ1rb9/ucCWCjHSOzH2yBs5Xy78luJ9
M2I67g1svWpB5qq9fBcUhLx/70hRss6FrAzSnZpo/Z4XHU9dl+RZiEqDgpuoMeUu
7UfCwx3qx9OzKakkvursahzvIvOlg2p3JtlVaIVvZKP0aYld1lQ3mg4azHIsQGla
29B1YZvIJcNmBeET210DmdrqN3gmzAPXTITncsO/kw78nlPaOXPRJhgtgu/vUpvw
Nr9eRsObj/i4B1h0MFJFKpIAefo+zPLIhVDRvm/0vvGyn+olRLGcqjcAPegW
-----END CERTIFICATE-----
Generated at Sat Nov 23 13:12:35 2024 by rpki-client on console-ams.rpki-client.org