Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/NWwM2glIy9wqh-AWA1u9n4EaEQ8.roa
File: NWwM2glIy9wqh-AWA1u9n4EaEQ8.roa (raw, json)
Hash identifier: Zj8hQlXepkEYozvfvVz/575G0zFuFL36npISXMVQc4g=
Subject key identifier: 35:6C:0C:DA:09:48:CB:DC:2A:87:E0:16:03:5B:BD:9F:81:1A:11:0F
Certificate issuer: /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial: 018D36B7CD5805290F3ABFA24A8ACD993151
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/NWwM2glIy9wqh-AWA1u9n4EaEQ8.roa
Signing time: Tue 23 Jan 2024 14:27:11 +0000
ROA not before: Tue 23 Jan 2024 14:27:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48881
IP address blocks: 37.156.7.0/24 maxlen: 24
46.102.254.0/24 maxlen: 24
86.105.26.0/24 maxlen: 24
91.250.247.0/24 maxlen: 24
93.113.28.0/24 maxlen: 24
188.209.212.0/24 maxlen: 24
188.212.111.0/24 maxlen: 24
188.213.134.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.mft
rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:36:b7:cd:58:05:29:0f:3a:bf:a2:4a:8a:cd:99:31:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
Validity
Not Before: Jan 23 14:27:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=356c0cda0948cbdc2a87e016035bbd9f811a110f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:89:42:ab:bc:db:ef:07:ad:65:5b:6f:ea:bd:
b3:ff:98:e1:5c:f4:a8:f0:86:c9:0b:66:2c:11:a8:
bd:37:8a:a3:d8:ab:b0:80:e2:23:7c:07:1e:53:fb:
98:b3:ea:b5:b8:b5:09:3e:19:2b:8b:d6:b1:cf:f8:
56:80:23:64:ac:c0:0e:ae:dc:3d:49:72:6e:78:27:
c4:71:9b:3f:f8:86:a0:10:99:a2:71:ae:d0:b6:ab:
84:45:f4:35:f8:d7:50:a5:43:01:0e:f4:5c:17:6d:
37:6e:7f:b7:c4:da:0e:c7:0e:b7:08:59:cb:fa:88:
86:f7:6b:87:c0:50:2b:8d:9c:a0:bb:e9:51:7a:34:
87:4b:86:3d:f7:9c:03:d3:34:1b:d4:ec:7e:c7:03:
f3:5f:58:84:21:55:1f:cf:a2:f6:84:db:86:9e:09:
7b:ea:4e:0e:db:41:aa:a5:0e:86:e1:90:35:d2:53:
d0:bc:f2:fc:87:21:86:8e:30:4a:d1:d6:6b:c1:be:
2f:82:73:24:b6:e8:3b:73:3a:ce:fa:61:8c:54:fd:
7d:7a:53:ee:b2:92:dd:f8:3f:81:0f:54:bc:92:6a:
8a:e4:41:64:12:ee:c4:68:b6:10:9c:d7:fd:44:80:
ac:a7:54:0b:21:4b:5f:de:b4:44:dc:ee:1e:10:86:
84:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:6C:0C:DA:09:48:CB:DC:2A:87:E0:16:03:5B:BD:9F:81:1A:11:0F
X509v3 Authority Key Identifier:
keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/NWwM2glIy9wqh-AWA1u9n4EaEQ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.156.7.0/24
46.102.254.0/24
86.105.26.0/24
91.250.247.0/24
93.113.28.0/24
188.209.212.0/24
188.212.111.0/24
188.213.134.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:7a:a8:e9:71:36:cb:5d:d5:f6:8a:8b:8a:07:d8:eb:d6:01:
3f:08:a2:52:ca:3b:11:84:0b:56:95:c0:c2:38:5b:4d:8d:a4:
88:4e:9e:ad:6a:3e:de:bc:e3:16:7d:c4:dc:17:0f:a5:2c:8d:
4d:6d:4e:b7:9d:ac:d9:61:a3:ae:32:0d:35:ec:9d:f9:71:48:
80:f8:15:2f:79:ef:d5:d9:40:20:48:8c:06:5a:e4:d9:73:3f:
1f:80:56:08:60:0e:33:00:7a:d6:26:a0:f3:c0:7a:e2:b8:34:
70:b7:48:0e:86:ed:9f:b1:c6:f8:fe:51:c7:77:12:13:2b:7a:
c4:1e:92:42:71:4b:65:66:da:23:d8:8f:b7:fa:d0:74:c7:26:
cf:5a:d3:a1:60:f1:c5:5a:ad:f0:37:52:bf:36:e2:77:ea:13:
27:ea:9d:71:29:6d:c6:86:7e:09:22:7b:5f:f0:85:db:1f:c2:
b7:3a:92:16:2e:e5:e2:75:0d:c1:aa:6d:3d:8b:e1:1a:cf:80:
eb:ce:f6:30:35:d8:0d:87:13:ce:67:2b:c5:a0:8b:9a:8a:17:
9f:8f:9c:4a:c3:fa:de:76:fd:8d:dd:58:aa:57:a2:95:25:16:
74:3f:db:6c:74:ab:ea:69:00:cf:10:5a:88:ea:3a:48:c2:a8:
c0:0e:f7:0d
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAY02t81YBSkPOr+iSorNmTFRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjEzMmRmMTNlNGJlNTNkODI1MGM4YzQ4NDIwMjY0ZWVm
NmMxNGMwHhcNMjQwMTIzMTQyNzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTZjMGNkYTA5NDhjYmRjMmE4N2UwMTYwMzViYmQ5ZjgxMWExMTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4lCq7zb7wetZVtv6r2z/5jhXPSo
8IbJC2YsEai9N4qj2KuwgOIjfAceU/uYs+q1uLUJPhkri9axz/hWgCNkrMAOrtw9
SXJueCfEcZs/+IagEJmica7QtquERfQ1+NdQpUMBDvRcF203bn+3xNoOxw63CFnL
+oiG92uHwFArjZygu+lRejSHS4Y995wD0zQb1Ox+xwPzX1iEIVUfz6L2hNuGngl7
6k4O20GqpQ6G4ZA10lPQvPL8hyGGjjBK0dZrwb4vgnMktug7czrO+mGMVP19elPu
spLd+D+BD1S8kmqK5EFkEu7EaLYQnNf9RICsp1QLIUtf3rRE3O4eEIaEBwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFDVsDNoJSMvcKofgFgNbvZ+BGhEPMB8GA1UdIwQY
MBaAFH3xMt8T5L5T2CUMjEhCAmTu9sFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYt
OTc3ODY3NGVkYzk3LzEvTld3TTJnbEl5OXdxaC1BV0ExdTluNEVhRVE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYtOTc3ODY3NGVkYzk3
LzEvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAJZwHAwQA
Lmb+AwQAVmkaAwQAW/r3AwQAXXEcAwQAvNHUAwQAvNRvAwQAvNWGMA0GCSqGSIb3
DQEBCwUAA4IBAQCfeqjpcTbLXdX2iouKB9jr1gE/CKJSyjsRhAtWlcDCOFtNjaSI
Tp6taj7evOMWfcTcFw+lLI1NbU63nazZYaOuMg017J35cUiA+BUvee/V2UAgSIwG
WuTZcz8fgFYIYA4zAHrWJqDzwHriuDRwt0gOhu2fscb4/lHHdxITK3rEHpJCcUtl
Ztoj2I+3+tB0xybPWtOhYPHFWq3wN1K/NuJ36hMn6p1xKW3Ghn4JIntf8IXbH8K3
OpIWLuXidQ3Bqm09i+Eaz4DrzvYwNdgNhxPOZyvFoIuaihefj5xKw/redv2N3Viq
V6KVJRZ0P9tsdKvqaQDPEFqI6jpIwqjADvcN
-----END CERTIFICATE-----
Generated at Sat Nov 23 00:12:13 2024 by rpki-client on console-ams.rpki-client.org