Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ms52eM3HP51dsUNf3jElZ6L5O7A.roa
File: ms52eM3HP51dsUNf3jElZ6L5O7A.roa (raw, json)
Hash identifier: ZEZ+ohOp5EmOps7ORLrsGyToy3XZAq3RZfzw1EZLHV8=
Subject key identifier: 9A:CE:76:78:CD:C7:3F:9D:5D:B1:43:5F:DE:31:25:67:A2:F9:3B:B0
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0193539E671AF2A6488CB9014D05EEE4DBCF
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ms52eM3HP51dsUNf3jElZ6L5O7A.roa
Signing time: Fri 22 Nov 2024 11:25:10 +0000
ROA not before: Fri 22 Nov 2024 11:25:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 45.83.28.0/24 maxlen: 24
84.54.33.0/24 maxlen: 24
193.218.34.0/24 maxlen: 24
2a0b:64c4::/32 maxlen: 48
2a0b:64c5::/32 maxlen: 48
2a0b:64c7::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 12:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:53:9e:67:1a:f2:a6:48:8c:b9:01:4d:05:ee:e4:db:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Nov 22 11:25:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9ace7678cdc73f9d5db1435fde312567a2f93bb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:ae:a0:9f:7b:46:74:31:11:0e:21:03:03:e7:
20:e2:46:16:c2:b7:4d:27:7c:d3:a7:9e:41:e3:4b:
a4:68:8b:0f:2b:cd:6e:65:0e:ca:c4:ff:ba:80:be:
31:aa:68:af:6e:11:62:d2:9f:ce:68:0f:50:74:ab:
f7:5d:c2:c1:f3:67:ed:79:a3:e3:3f:a7:68:c8:6c:
a1:5b:35:f9:1e:3e:27:6d:a1:ff:f6:da:d0:2c:74:
f2:54:7a:ba:e1:d3:c0:70:40:a0:8b:d4:91:73:3a:
0e:5e:de:c1:50:27:3e:b9:74:11:61:d6:27:10:1f:
e7:20:f3:81:06:98:ba:35:f2:a1:0d:e1:e5:dd:25:
33:eb:54:25:8c:da:e3:07:fa:20:14:9f:a9:7e:38:
1a:01:c3:b2:27:8b:c9:97:6b:69:05:f4:58:52:6c:
cb:3d:e1:87:6d:74:d0:4a:07:7c:ff:8a:48:0b:3a:
ab:4b:42:8a:06:18:0d:8a:7c:2e:56:33:3b:94:67:
39:9a:03:59:f4:12:1d:dc:00:54:e3:e1:95:d2:30:
ce:66:dc:c2:49:a9:5f:de:6e:36:59:ea:82:fe:aa:
77:05:2d:b5:8d:8f:6d:8a:90:82:98:ba:81:ab:85:
20:4a:95:48:e9:92:2a:0a:5b:04:a6:75:0e:87:36:
ff:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:CE:76:78:CD:C7:3F:9D:5D:B1:43:5F:DE:31:25:67:A2:F9:3B:B0
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ms52eM3HP51dsUNf3jElZ6L5O7A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.28.0/24
84.54.33.0/24
193.218.34.0/24
IPv6:
2a0b:64c4::/31
2a0b:64c7::/32
Signature Algorithm: sha256WithRSAEncryption
21:32:f9:2c:7e:72:0e:c5:be:6d:ae:46:3f:c5:10:89:71:e2:
4c:f2:02:83:4c:86:69:58:d2:b3:d9:86:c1:49:65:2d:5a:ed:
f1:0f:76:b3:30:da:4d:86:ee:d9:1b:2c:be:a7:47:54:0b:7a:
bb:7f:a1:e5:7b:aa:61:05:f1:a2:37:fe:86:46:10:af:ed:44:
94:41:61:a9:20:ae:d0:1f:05:8b:d0:cf:3d:ba:58:70:dc:ee:
8a:3e:ec:bd:9c:c7:06:41:0e:cd:d0:29:28:46:80:36:36:fc:
97:b0:cb:b7:e8:f5:15:c6:56:1f:06:d9:81:8e:75:7f:81:1c:
2d:55:6e:80:51:f6:4d:52:3e:3e:37:99:01:a3:fe:c2:a4:cf:
2f:bd:2a:73:28:cd:72:57:6a:d7:d4:ec:69:8d:bc:2a:9f:a1:
a9:89:74:bd:2f:9a:c6:da:1c:7a:c2:7b:ce:0b:ec:14:b9:40:
93:ef:73:06:5f:03:80:ed:65:07:04:cf:35:d7:8c:c3:8b:55:
ed:9e:c0:96:7e:9b:b0:7d:42:03:97:0a:68:5d:81:51:35:54:
b8:8f:60:0f:83:b1:b6:ba:a2:79:4a:0f:8d:1f:db:c7:77:77:
a5:aa:00:56:b5:cb:17:9a:b0:52:76:0a:85:0e:8d:80:99:be:
61:35:fc:d4
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZNTnmca8qZIjLkBTQXu5NvPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQxMTIyMTEyNTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWNlNzY3OGNkYzczZjlkNWRiMTQzNWZkZTMxMjU2N2EyZjkzYmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2a6gn3tGdDERDiEDA+cg4kYWwrdN
J3zTp55B40ukaIsPK81uZQ7KxP+6gL4xqmivbhFi0p/OaA9QdKv3XcLB82fteaPj
P6doyGyhWzX5Hj4nbaH/9trQLHTyVHq64dPAcECgi9SRczoOXt7BUCc+uXQRYdYn
EB/nIPOBBpi6NfKhDeHl3SUz61QljNrjB/ogFJ+pfjgaAcOyJ4vJl2tpBfRYUmzL
PeGHbXTQSgd8/4pICzqrS0KKBhgNinwuVjM7lGc5mgNZ9BId3ABU4+GV0jDOZtzC
Salf3m42WeqC/qp3BS21jY9tipCCmLqBq4UgSpVI6ZIqClsEpnUOhzb/TwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFJrOdnjNxz+dXbFDX94xJWei+TuwMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvbXM1MmVNM0hQNTFkc1VOZjNqRWxaNkw1TzdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQALVMcAwQA
VDYhAwQAwdoiMBQEAgACMA4DBQEqC2TEAwUAKgtkxzANBgkqhkiG9w0BAQsFAAOC
AQEAITL5LH5yDsW+ba5GP8UQiXHiTPICg0yGaVjSs9mGwUllLVrt8Q92szDaTYbu
2RssvqdHVAt6u3+h5XuqYQXxojf+hkYQr+1ElEFhqSCu0B8Fi9DPPbpYcNzuij7s
vZzHBkEOzdApKEaANjb8l7DLt+j1FcZWHwbZgY51f4EcLVVugFH2TVI+PjeZAaP+
wqTPL70qcyjNcldq19TsaY28Kp+hqYl0vS+axtocesJ7zgvsFLlAk+9zBl8DgO1l
BwTPNdeMw4tV7Z7Aln6bsH1CA5cKaF2BUTVUuI9gD4OxtrqieUoPjR/bx3d3paoA
VrXLF5qwUnYKhQ6NgJm+YTX81A==
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:48:00 2024 by rpki-client on console-ams.rpki-client.org