Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/nav9JRraCb8iwztqS6EXw10HVPQ.roa
File: nav9JRraCb8iwztqS6EXw10HVPQ.roa (raw, json)
Hash identifier: Gluqch7b3Ml+yDAxPBME4aFop1ZgqQSUfadYYFKMpho=
Subject key identifier: 9D:AB:FD:25:1A:DA:09:BF:22:C3:3B:6A:4B:A1:17:C3:5D:07:54:F4
Certificate issuer: /CN=ca290db2f72905f0db626b005bacf08878d17bac
Certificate serial: 018CC801B656198E78BA991B13676269E564
Authority key identifier: CA:29:0D:B2:F7:29:05:F0:DB:62:6B:00:5B:AC:F0:88:78:D1:7B:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yikNsvcpBfDbYmsAW6zwiHjRe6w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/nav9JRraCb8iwztqS6EXw10HVPQ.roa
Signing time: Tue 02 Jan 2024 02:30:04 +0000
ROA not before: Tue 02 Jan 2024 02:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35916
IP address blocks: 188.208.142.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/yikNsvcpBfDbYmsAW6zwiHjRe6w.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/yikNsvcpBfDbYmsAW6zwiHjRe6w.mft
rsync://rpki.ripe.net/repository/DEFAULT/yikNsvcpBfDbYmsAW6zwiHjRe6w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:b6:56:19:8e:78:ba:99:1b:13:67:62:69:e5:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca290db2f72905f0db626b005bacf08878d17bac
Validity
Not Before: Jan 2 02:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9dabfd251ada09bf22c33b6a4ba117c35d0754f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:be:55:7d:47:21:63:bc:9c:9f:94:0c:75:66:
18:5a:74:cf:28:0b:42:0b:28:df:b6:bf:3f:fe:b9:
79:a2:c4:f4:79:52:cf:60:ba:87:e0:82:b6:ca:f6:
7d:18:55:3c:d3:15:51:a7:09:87:14:02:a9:0d:98:
26:24:07:40:0a:8d:75:5a:19:bc:8b:62:70:2d:58:
11:3c:1c:dc:33:48:d0:ac:52:be:3e:24:a0:2b:0e:
61:ec:9d:1d:ff:89:6e:be:65:31:d5:9d:a0:2d:fa:
a0:cd:d3:74:f5:4c:5d:1e:8d:b8:b2:16:55:2f:c8:
e0:1c:9d:d3:85:df:3c:86:8f:a6:f8:4e:db:93:f2:
6e:b1:58:c8:d2:9e:88:79:35:90:84:8c:b6:6d:de:
e7:6a:a0:48:cf:04:3c:09:93:26:b6:67:47:98:56:
57:a1:1f:82:a3:58:d5:66:2c:61:2e:25:04:76:c6:
64:c1:7b:df:64:98:54:6b:4f:8f:e6:b9:92:18:26:
a0:77:07:7d:bf:ba:2b:3b:ba:80:79:10:6e:5c:a1:
7b:f6:cf:95:81:5f:0f:be:1d:bf:4e:da:cf:e4:36:
df:6f:49:51:91:95:70:ac:be:c1:a8:7d:2b:68:a2:
dc:ae:7b:f4:83:e6:d7:0c:e9:e2:64:ba:ad:8c:ed:
34:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:AB:FD:25:1A:DA:09:BF:22:C3:3B:6A:4B:A1:17:C3:5D:07:54:F4
X509v3 Authority Key Identifier:
keyid:CA:29:0D:B2:F7:29:05:F0:DB:62:6B:00:5B:AC:F0:88:78:D1:7B:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yikNsvcpBfDbYmsAW6zwiHjRe6w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/nav9JRraCb8iwztqS6EXw10HVPQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/yikNsvcpBfDbYmsAW6zwiHjRe6w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.208.142.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:6b:4d:55:53:95:4a:1c:54:c3:3b:2b:30:f2:92:dc:8d:38:
1c:08:9e:8e:2d:97:25:a9:08:f7:66:e4:64:9e:ac:1a:56:15:
6d:d8:1e:a3:3a:dc:ae:6b:af:ec:f2:93:52:4c:27:dc:e5:53:
43:2e:43:8e:fe:4f:9b:30:6e:a1:11:9f:0a:c0:91:91:6f:73:
37:ed:1d:b3:a0:37:81:e1:53:c0:79:fb:bb:20:52:54:1f:a6:
5a:93:e4:08:38:63:6e:c3:1a:e1:89:7a:03:96:5a:81:ae:cc:
5d:02:c1:c2:44:bd:a7:8c:7d:5f:50:48:ef:76:5b:58:5f:82:
62:60:6f:aa:00:19:f5:b2:72:b8:5a:a6:fa:ad:01:58:0e:07:
d1:69:43:e9:d7:bd:8e:0d:e2:f9:09:72:67:a8:8c:d8:f4:e2:
01:d0:b4:2a:cb:fd:3b:20:1d:4b:a5:b9:39:f7:b6:c5:58:1e:
34:31:85:5d:37:28:09:f0:42:1c:05:91:eb:9b:e9:26:85:7d:
6f:31:ef:6b:24:f0:14:28:06:dd:56:53:f0:22:84:91:c9:6f:
03:76:7b:c8:f8:b5:d0:e7:99:bf:ca:e9:44:6e:8c:d8:9b:2f:
2c:a2:fa:85:5b:85:f3:21:d6:16:f1:64:07:2e:b0:b4:50:e5:
c8:ce:2e:f2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAbZWGY54upkbE2diaeVkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMjkwZGIyZjcyOTA1ZjBkYjYyNmIwMDViYWNmMDg4Nzhk
MTdiYWMwHhcNMjQwMTAyMDIzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGFiZmQyNTFhZGEwOWJmMjJjMzNiNmE0YmExMTdjMzVkMDc1NGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgL5VfUchY7ycn5QMdWYYWnTPKAtC
Cyjftr8//rl5osT0eVLPYLqH4IK2yvZ9GFU80xVRpwmHFAKpDZgmJAdACo11Whm8
i2JwLVgRPBzcM0jQrFK+PiSgKw5h7J0d/4luvmUx1Z2gLfqgzdN09UxdHo24shZV
L8jgHJ3Thd88ho+m+E7bk/JusVjI0p6IeTWQhIy2bd7naqBIzwQ8CZMmtmdHmFZX
oR+Co1jVZixhLiUEdsZkwXvfZJhUa0+P5rmSGCagdwd9v7orO7qAeRBuXKF79s+V
gV8Pvh2/TtrP5Dbfb0lRkZVwrL7BqH0raKLcrnv0g+bXDOniZLqtjO00CQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ2r/SUa2gm/IsM7akuhF8NdB1T0MB8GA1UdIwQY
MBaAFMopDbL3KQXw22JrAFus8Ih40XusMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWlrTnN2Y3BCZkRiWW1zQVc2endpSGpSZTZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8yMTY5NzMtNTE2Zi00NTAxLTkxNjQt
N2Y0MzViZjU1MDFjLzEvbmF2OUpScmFDYjhpd3p0cVM2RVh3MTBIVlBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8yMTY5NzMtNTE2Zi00NTAxLTkxNjQtN2Y0MzViZjU1MDFj
LzEveWlrTnN2Y3BCZkRiWW1zQVc2endpSGpSZTZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvNCOMA0G
CSqGSIb3DQEBCwUAA4IBAQCfa01VU5VKHFTDOysw8pLcjTgcCJ6OLZclqQj3ZuRk
nqwaVhVt2B6jOtyua6/s8pNSTCfc5VNDLkOO/k+bMG6hEZ8KwJGRb3M37R2zoDeB
4VPAefu7IFJUH6Zak+QIOGNuwxrhiXoDllqBrsxdAsHCRL2njH1fUEjvdltYX4Ji
YG+qABn1snK4Wqb6rQFYDgfRaUPp172ODeL5CXJnqIzY9OIB0LQqy/07IB1Lpbk5
97bFWB40MYVdNygJ8EIcBZHrm+kmhX1vMe9rJPAUKAbdVlPwIoSRyW8DdnvI+LXQ
55m/yulEbozYmy8sovqFW4XzIdYW8WQHLrC0UOXIzi7y
-----END CERTIFICATE-----
Generated at Fri Nov 22 08:12:04 2024 by rpki-client on console-ams.rpki-client.org