Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/N-FqPZFzlSaTuPyeJwfGcHpC1Bk.roa
File: N-FqPZFzlSaTuPyeJwfGcHpC1Bk.roa (raw, json)
Hash identifier: XbIrvjDVVAEJB8bfvYYNfhqLmi6XuLv0uSRHMfrp3WY=
Subject key identifier: 37:E1:6A:3D:91:73:95:26:93:B8:FC:9E:27:07:C6:70:7A:42:D4:19
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018CC5010F840144F1838B1CDBA76DD6C19D
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/N-FqPZFzlSaTuPyeJwfGcHpC1Bk.roa
Signing time: Mon 01 Jan 2024 12:30:30 +0000
ROA not before: Mon 01 Jan 2024 12:30:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42708
IP address blocks: 45.8.71.0/24 maxlen: 24
2a0b:64c2::/32 maxlen: 32
2a0b:64c3::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 16:03:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:0f:84:01:44:f1:83:8b:1c:db:a7:6d:d6:c1:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 1 12:30:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=37e16a3d9173952693b8fc9e2707c6707a42d419
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:40:d8:aa:df:54:47:59:28:ee:eb:81:7a:4a:
12:00:b9:71:2b:8f:96:f0:46:2d:15:f0:b8:7b:80:
5c:39:fa:59:51:ab:46:6e:c7:89:59:28:12:9b:ee:
33:15:d9:9a:af:c1:59:03:f5:f0:36:cc:e7:b2:df:
96:15:ee:10:1b:58:c0:27:91:34:fc:b5:de:71:12:
a0:6f:9c:61:45:19:c6:1f:2b:d0:68:b1:83:1c:53:
fe:39:29:b6:68:c2:5c:c1:a1:47:1d:2c:b3:fa:70:
b1:9c:fd:0d:5d:97:b3:08:8c:b8:c3:84:fb:9a:03:
a7:42:c3:c6:d7:f8:22:e2:6f:98:5f:d7:7d:3a:dd:
bd:5f:52:8a:91:19:8d:3d:47:a8:2e:d0:1d:c1:a8:
a9:fa:55:b7:f7:eb:ee:31:be:f8:6b:34:71:70:a9:
f2:ca:ad:b9:53:60:69:12:fd:14:90:64:5d:0e:4c:
b7:a2:af:95:d6:f7:75:98:ea:6c:ff:9f:5a:0e:31:
87:37:98:42:ab:fa:39:75:18:d8:a0:9e:3e:f8:7e:
1f:0a:8f:5f:97:cf:07:9f:3e:e8:e4:eb:0a:54:67:
4b:46:f1:28:eb:12:d3:af:0d:f6:76:66:9d:f3:2e:
e1:8b:4c:35:f6:e3:ba:35:2f:c2:c2:4c:89:60:29:
e9:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:E1:6A:3D:91:73:95:26:93:B8:FC:9E:27:07:C6:70:7A:42:D4:19
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/N-FqPZFzlSaTuPyeJwfGcHpC1Bk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.71.0/24
IPv6:
2a0b:64c2::/31
Signature Algorithm: sha256WithRSAEncryption
36:0f:4f:cd:79:6d:f8:f1:29:be:e8:46:3e:f8:e3:29:86:c9:
53:37:4a:1e:47:d4:ee:76:29:cb:3e:a6:e1:d3:45:a6:34:b1:
01:17:34:f8:3c:9f:d1:ba:19:6f:58:f1:77:7e:28:aa:e5:6a:
54:b5:ce:43:fc:19:9e:4b:55:cb:ee:22:67:50:89:82:44:d2:
94:55:e5:43:f9:c3:5b:a9:94:44:97:66:aa:1b:30:52:99:0e:
e2:7a:53:5a:d3:c7:92:3e:6f:7d:e1:db:b6:a8:39:be:e4:2d:
ea:42:bc:41:de:14:5a:50:08:f5:c6:f0:a5:e0:ef:d4:cb:96:
ee:9e:b2:d4:ed:6b:1f:51:47:57:86:35:1f:c8:06:25:61:59:
5b:37:a4:66:d7:f3:9e:46:33:48:7d:71:8a:d6:ff:86:54:7f:
2a:e7:47:80:df:42:d3:83:27:31:aa:cc:d2:a6:79:23:44:e6:
4f:70:ee:cf:04:0f:d1:ca:e6:9c:ce:66:0b:5b:26:cb:8d:74:
28:10:bf:51:b8:9f:35:92:70:34:98:45:bc:7d:26:b3:cc:e4:
3d:18:3a:71:7d:11:3e:44:ca:ba:da:c3:c9:aa:31:4c:ac:c6:
9a:5f:a9:f0:4c:19:66:da:01:95:87:ec:fe:1e:08:7c:48:a8:
c4:d6:ec:a9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFAQ+EAUTxg4sc26dt1sGdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwMTAxMTIzMDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2UxNmEzZDkxNzM5NTI2OTNiOGZjOWUyNzA3YzY3MDdhNDJkNDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhUDYqt9UR1ko7uuBekoSALlxK4+W
8EYtFfC4e4BcOfpZUatGbseJWSgSm+4zFdmar8FZA/XwNsznst+WFe4QG1jAJ5E0
/LXecRKgb5xhRRnGHyvQaLGDHFP+OSm2aMJcwaFHHSyz+nCxnP0NXZezCIy4w4T7
mgOnQsPG1/gi4m+YX9d9Ot29X1KKkRmNPUeoLtAdwaip+lW39+vuMb74azRxcKny
yq25U2BpEv0UkGRdDky3oq+V1vd1mOps/59aDjGHN5hCq/o5dRjYoJ4++H4fCo9f
l88Hnz7o5OsKVGdLRvEo6xLTrw32dmad8y7hi0w19uO6NS/CwkyJYCnp6wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDfhaj2Rc5Umk7j8nicHxnB6QtQZMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvTi1GcVBaRnpsU2FUdVB5ZUp3ZkdjSHBDMUJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALQhHMA0E
AgACMAcDBQEqC2TCMA0GCSqGSIb3DQEBCwUAA4IBAQA2D0/NeW348Sm+6EY++OMp
hslTN0oeR9TudinLPqbh00WmNLEBFzT4PJ/RuhlvWPF3fiiq5WpUtc5D/BmeS1XL
7iJnUImCRNKUVeVD+cNbqZREl2aqGzBSmQ7ielNa08eSPm994du2qDm+5C3qQrxB
3hRaUAj1xvCl4O/Uy5bunrLU7WsfUUdXhjUfyAYlYVlbN6Rm1/OeRjNIfXGK1v+G
VH8q50eA30LTgycxqszSpnkjROZPcO7PBA/RyuaczmYLWybLjXQoEL9RuJ81knA0
mEW8fSazzOQ9GDpxfRE+RMq62sPJqjFMrMaaX6nwTBlm2gGVh+z+Hgh8SKjE1uyp
-----END CERTIFICATE-----
Generated at Sun May 5 20:04:47 2024 by rpki-client on console-ams.rpki-client.org