Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/3362c6-a03a-4f9f-a091-b762c0175f27/1/nz3fe1im_iQU_4hnip7QQQaurKA.roa
File: nz3fe1im_iQU_4hnip7QQQaurKA.roa (raw, json)
Hash identifier: yvoCAzR3FUQzEYnAjLDKA0g5Kg+TP7ef73tjmki6/JE=
Subject key identifier: 9F:3D:DF:7B:58:A6:FE:24:14:FF:88:67:8A:9E:D0:41:06:AE:AC:A0
Certificate issuer: /CN=ca1c7571596e444aa32371cbab724d46d3c3c52c
Certificate serial: 0193207EEF7E15D952AA82F6FDFA62DFB65C
Authority key identifier: CA:1C:75:71:59:6E:44:4A:A3:23:71:CB:AB:72:4D:46:D3:C3:C5:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yhx1cVluREqjI3HLq3JNRtPDxSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/3362c6-a03a-4f9f-a091-b762c0175f27/1/nz3fe1im_iQU_4hnip7QQQaurKA.roa
Signing time: Tue 12 Nov 2024 13:10:10 +0000
ROA not before: Tue 12 Nov 2024 13:10:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216246
IP address blocks: 79.137.192.0/24 maxlen: 24
85.192.30.0/24 maxlen: 24
85.192.56.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/3362c6-a03a-4f9f-a091-b762c0175f27/1/yhx1cVluREqjI3HLq3JNRtPDxSw.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/3362c6-a03a-4f9f-a091-b762c0175f27/1/yhx1cVluREqjI3HLq3JNRtPDxSw.mft
rsync://rpki.ripe.net/repository/DEFAULT/yhx1cVluREqjI3HLq3JNRtPDxSw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 07:02:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:20:7e:ef:7e:15:d9:52:aa:82:f6:fd:fa:62:df:b6:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca1c7571596e444aa32371cbab724d46d3c3c52c
Validity
Not Before: Nov 12 13:10:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9f3ddf7b58a6fe2414ff88678a9ed04106aeaca0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:3a:b9:d0:86:b4:91:09:01:70:12:dc:bd:62:
e6:2a:02:df:74:52:ad:a1:59:12:1c:83:1a:c1:b6:
70:57:b8:9c:97:0b:3e:3b:25:18:14:38:2b:98:4b:
3f:89:79:91:1d:af:9d:3e:8c:79:52:31:a1:65:3e:
5e:6f:87:76:33:be:41:d1:d6:85:3e:6c:42:eb:76:
f9:5d:f4:16:f7:67:fd:84:24:ff:da:7a:a4:66:30:
61:0d:65:14:b1:a9:86:86:2b:c1:c5:48:33:97:93:
9d:2e:f0:4c:f6:26:d8:39:aa:43:2e:ad:c1:69:9f:
81:57:8d:73:f7:42:d5:c8:87:3f:0e:15:66:81:ed:
42:11:89:7f:93:cd:92:d5:e0:03:9a:8e:26:76:15:
e6:cc:c4:6d:f7:39:17:67:3c:d4:fc:6a:9d:97:b9:
ba:3a:e9:98:8d:30:71:1a:03:cd:1b:ce:6b:13:0f:
9e:75:a2:7e:b8:3a:4a:98:83:f8:e0:21:0c:54:78:
80:41:31:00:bf:ac:4b:76:1a:e0:4d:ba:af:67:07:
bd:15:a8:40:ea:3a:22:c0:3f:34:20:71:e0:71:2b:
c5:cc:83:09:42:09:94:3a:2c:2e:23:0e:3d:00:4f:
4a:c1:0c:73:f6:43:d3:23:ca:e9:47:a5:94:fb:1d:
78:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:3D:DF:7B:58:A6:FE:24:14:FF:88:67:8A:9E:D0:41:06:AE:AC:A0
X509v3 Authority Key Identifier:
keyid:CA:1C:75:71:59:6E:44:4A:A3:23:71:CB:AB:72:4D:46:D3:C3:C5:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yhx1cVluREqjI3HLq3JNRtPDxSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3362c6-a03a-4f9f-a091-b762c0175f27/1/nz3fe1im_iQU_4hnip7QQQaurKA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3362c6-a03a-4f9f-a091-b762c0175f27/1/yhx1cVluREqjI3HLq3JNRtPDxSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.137.192.0/24
85.192.30.0/24
85.192.56.0/24
Signature Algorithm: sha256WithRSAEncryption
88:4d:57:b0:0d:86:2c:d0:81:af:ca:ff:15:57:b4:b5:d0:a9:
23:21:52:eb:c9:a9:27:03:76:5b:ca:e0:47:c0:41:42:68:5c:
6d:60:57:19:64:3c:b6:6f:43:fd:ef:36:f5:25:20:24:69:cd:
ce:ae:a1:63:7b:88:ba:7e:ac:a1:cc:7e:85:e3:3f:d1:13:9f:
19:51:cd:31:4a:b3:68:f8:3c:c2:ac:f2:92:bd:71:68:7b:66:
f3:dd:df:8b:bf:57:45:88:f5:33:55:b4:32:72:62:4a:5f:e3:
3d:0d:9c:bd:a9:f1:e3:89:b6:c4:f7:21:1a:31:d0:5a:fb:49:
67:ea:4e:6d:2c:96:ec:2e:f1:ff:00:4f:21:51:22:2e:ad:62:
f3:3f:0f:05:49:f3:1a:aa:e0:31:89:3e:70:8e:ad:a7:91:3f:
f5:5f:9a:6a:24:50:df:a2:5a:8f:23:e1:e6:46:4a:2a:c0:67:
bf:b7:df:fb:04:47:fa:c7:14:e5:ec:08:9a:0c:1c:8a:b9:c2:
ad:c3:b3:8e:1d:de:81:93:5c:41:c8:16:7d:ad:67:70:6b:87:
e7:3d:da:ed:78:8f:4f:84:17:49:f9:45:67:f2:49:2f:1b:fb:
f9:84:ce:3a:19:00:d4:14:2b:31:ae:00:39:30:0d:31:02:be:
14:b2:d6:17
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZMgfu9+FdlSqoL2/fpi37ZcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMWM3NTcxNTk2ZTQ0NGFhMzIzNzFjYmFiNzI0ZDQ2ZDNj
M2M1MmMwHhcNMjQxMTEyMTMxMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjNkZGY3YjU4YTZmZTI0MTRmZjg4Njc4YTllZDA0MTA2YWVhY2EwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxTq50Ia0kQkBcBLcvWLmKgLfdFKt
oVkSHIMawbZwV7iclws+OyUYFDgrmEs/iXmRHa+dPox5UjGhZT5eb4d2M75B0daF
PmxC63b5XfQW92f9hCT/2nqkZjBhDWUUsamGhivBxUgzl5OdLvBM9ibYOapDLq3B
aZ+BV41z90LVyIc/DhVmge1CEYl/k82S1eADmo4mdhXmzMRt9zkXZzzU/Gqdl7m6
OumYjTBxGgPNG85rEw+edaJ+uDpKmIP44CEMVHiAQTEAv6xLdhrgTbqvZwe9FahA
6joiwD80IHHgcSvFzIMJQgmUOiwuIw49AE9KwQxz9kPTI8rpR6WU+x141wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJ8933tYpv4kFP+IZ4qe0EEGrqygMB8GA1UdIwQY
MBaAFMocdXFZbkRKoyNxy6tyTUbTw8UsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWh4MWNWbHVSRXFqSTNITHEzSk5SdFBEeFN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8zMzYyYzYtYTAzYS00ZjlmLWEwOTEt
Yjc2MmMwMTc1ZjI3LzEvbnozZmUxaW1faVFVXzRobmlwN1FRUWF1cktBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8zMzYyYzYtYTAzYS00ZjlmLWEwOTEtYjc2MmMwMTc1ZjI3
LzEveWh4MWNWbHVSRXFqSTNITHEzSk5SdFBEeFN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAT4nAAwQA
VcAeAwQAVcA4MA0GCSqGSIb3DQEBCwUAA4IBAQCITVewDYYs0IGvyv8VV7S10Kkj
IVLryaknA3ZbyuBHwEFCaFxtYFcZZDy2b0P97zb1JSAkac3OrqFje4i6fqyhzH6F
4z/RE58ZUc0xSrNo+DzCrPKSvXFoe2bz3d+Lv1dFiPUzVbQycmJKX+M9DZy9qfHj
ibbE9yEaMdBa+0ln6k5tLJbsLvH/AE8hUSIurWLzPw8FSfMaquAxiT5wjq2nkT/1
X5pqJFDfolqPI+HmRkoqwGe/t9/7BEf6xxTl7AiaDByKucKtw7OOHd6Bk1xByBZ9
rWdwa4fnPdrteI9PhBdJ+UVn8kkvG/v5hM46GQDUFCsxrgA5MA0xAr4UstYX
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:03:59 2024 by rpki-client on console-ams.rpki-client.org