Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/44e893-9247-452e-9f67-6913387b8083/1/nIZTyn71HxGHEB3Bgoiy7cVji3U.roa
File: nIZTyn71HxGHEB3Bgoiy7cVji3U.roa (raw, json)
Hash identifier: AQTWpdIXIDUQ/i5Cf0PNubjq3/Lmqn8BsE7h+6XmaKk=
Subject key identifier: 9C:86:53:CA:7E:F5:1F:11:87:10:1D:C1:82:88:B2:ED:C5:63:8B:75
Certificate issuer: /CN=9e30294b7e4645aaedb54672d48065b1b1cebc62
Certificate serial: 018CC26D64F209108008F3A63328D61AD793
Authority key identifier: 9E:30:29:4B:7E:46:45:AA:ED:B5:46:72:D4:80:65:B1:B1:CE:BC:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/njApS35GRarttUZy1IBlsbHOvGI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/44e893-9247-452e-9f67-6913387b8083/1/nIZTyn71HxGHEB3Bgoiy7cVji3U.roa
Signing time: Mon 01 Jan 2024 00:29:58 +0000
ROA not before: Mon 01 Jan 2024 00:29:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206123
IP address blocks: 45.131.168.0/22 maxlen: 24
109.106.16.0/23 maxlen: 24
185.195.196.0/22 maxlen: 24
109.106.18.0/23 maxlen: 24
185.211.92.0/22 maxlen: 24
93.115.211.0/24 maxlen: 24
185.123.128.0/22 maxlen: 24
185.254.118.0/23 maxlen: 24
171.22.12.0/22 maxlen: 24
93.115.253.0/24 maxlen: 24
2a0a:5ec0::/29 maxlen: 29
2a0d:c340::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/44e893-9247-452e-9f67-6913387b8083/1/njApS35GRarttUZy1IBlsbHOvGI.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/44e893-9247-452e-9f67-6913387b8083/1/njApS35GRarttUZy1IBlsbHOvGI.mft
rsync://rpki.ripe.net/repository/DEFAULT/njApS35GRarttUZy1IBlsbHOvGI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:64:f2:09:10:80:08:f3:a6:33:28:d6:1a:d7:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e30294b7e4645aaedb54672d48065b1b1cebc62
Validity
Not Before: Jan 1 00:29:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c8653ca7ef51f1187101dc18288b2edc5638b75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:ee:28:43:1d:8b:19:7f:26:cf:75:ee:e1:9a:
5b:e6:a5:b2:7d:f3:80:d7:08:87:0e:3b:29:ab:1d:
16:c1:ed:aa:a2:92:f0:2b:41:00:47:88:d2:f3:c6:
d7:7c:6a:df:a6:75:8f:5b:3b:cc:91:05:95:47:f5:
61:13:dd:67:35:37:4f:4b:4f:57:d6:02:8b:e7:57:
2d:94:5c:2e:f9:30:00:e8:d8:a1:c8:84:8a:f4:87:
ab:1b:f5:43:4d:b9:c1:23:c7:28:04:e4:ba:69:dc:
6e:60:2a:7e:17:2a:93:b8:b2:94:29:ac:ab:b6:8d:
79:6e:7b:40:9c:69:63:a4:5b:e2:4d:8d:f8:66:96:
d3:f8:6d:34:98:24:75:64:43:ae:75:4d:df:bd:b3:
f8:57:5f:96:2a:05:a7:6c:f0:75:75:96:ac:4b:83:
4e:43:af:22:a2:06:75:74:3f:11:41:7a:25:a2:a3:
56:94:81:70:74:ae:7f:12:7b:d4:03:45:37:15:57:
ca:10:59:a8:e9:35:bd:72:6e:4d:4c:cd:59:e7:8a:
7a:8a:d1:43:74:b2:bc:8d:de:fa:36:14:8c:2d:a5:
f4:38:59:8a:e9:00:5c:37:8f:ae:b9:5a:88:87:d8:
60:4d:d2:9c:2f:1d:37:fa:37:36:e0:16:5a:c1:b9:
26:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:86:53:CA:7E:F5:1F:11:87:10:1D:C1:82:88:B2:ED:C5:63:8B:75
X509v3 Authority Key Identifier:
keyid:9E:30:29:4B:7E:46:45:AA:ED:B5:46:72:D4:80:65:B1:B1:CE:BC:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/njApS35GRarttUZy1IBlsbHOvGI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/44e893-9247-452e-9f67-6913387b8083/1/nIZTyn71HxGHEB3Bgoiy7cVji3U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/44e893-9247-452e-9f67-6913387b8083/1/njApS35GRarttUZy1IBlsbHOvGI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.168.0/22
93.115.211.0/24
93.115.253.0/24
109.106.16.0/22
171.22.12.0/22
185.123.128.0/22
185.195.196.0/22
185.211.92.0/22
185.254.118.0/23
IPv6:
2a0a:5ec0::/29
2a0d:c340::/29
Signature Algorithm: sha256WithRSAEncryption
51:04:32:3c:f4:60:6e:a0:56:c8:c4:aa:9d:f8:f0:bb:e9:fa:
3b:69:0b:2d:e0:26:11:8d:0b:3e:a2:d8:05:c4:ca:d3:7c:74:
48:52:33:8a:b4:ec:15:d6:20:7b:e1:bc:78:ea:a7:dc:bd:2f:
78:34:c4:d3:c4:31:f6:29:f0:d3:74:61:32:c0:ee:ee:2e:49:
86:2d:b4:6b:8c:d1:5a:77:f6:15:de:82:e1:c4:d8:64:fb:70:
36:80:65:ba:ae:a7:97:0f:1b:1c:71:5f:25:79:e5:78:f9:c8:
a2:a2:31:cc:4b:94:c1:d7:28:7c:62:5b:40:c9:17:9a:7d:8e:
95:58:33:9a:29:c2:cf:39:af:37:38:15:4a:76:8c:7e:42:ea:
3a:39:48:0e:c1:0c:76:e3:48:43:db:fa:fe:7d:62:5c:8f:74:
d3:87:9c:3f:18:0c:f6:00:3d:0c:72:73:ea:cd:ea:fe:08:9a:
23:64:ad:5e:73:64:8e:e0:1b:c9:e6:8f:f2:c3:16:67:24:ee:
99:ea:5b:10:18:8f:fb:cc:a6:b7:08:94:c8:41:2e:6b:d4:3e:
6b:f6:b2:4d:4e:db:0b:64:53:9c:4c:74:61:cd:1a:8f:21:3c:
cb:2f:86:6f:1a:ab:06:07:1f:21:c0:fb:96:50:35:6c:d5:c1:
48:42:8e:3f
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAYzCbWTyCRCACPOmMyjWGteTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllMzAyOTRiN2U0NjQ1YWFlZGI1NDY3MmQ0ODA2NWIxYjFj
ZWJjNjIwHhcNMjQwMTAxMDAyOTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Yzg2NTNjYTdlZjUxZjExODcxMDFkYzE4Mjg4YjJlZGM1NjM4Yjc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+4oQx2LGX8mz3Xu4Zpb5qWyffOA
1wiHDjspqx0Wwe2qopLwK0EAR4jS88bXfGrfpnWPWzvMkQWVR/VhE91nNTdPS09X
1gKL51ctlFwu+TAA6NihyISK9IerG/VDTbnBI8coBOS6adxuYCp+FyqTuLKUKayr
to15bntAnGljpFviTY34ZpbT+G00mCR1ZEOudU3fvbP4V1+WKgWnbPB1dZasS4NO
Q68iogZ1dD8RQXoloqNWlIFwdK5/EnvUA0U3FVfKEFmo6TW9cm5NTM1Z54p6itFD
dLK8jd76NhSMLaX0OFmK6QBcN4+uuVqIh9hgTdKcLx03+jc24BZawbkmoQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFJyGU8p+9R8RhxAdwYKIsu3FY4t1MB8GA1UdIwQY
MBaAFJ4wKUt+RkWq7bVGctSAZbGxzrxiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmpBcFMzNUdSYXJ0dFVaeTFJQmxzYkhPdkdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC80NGU4OTMtOTI0Ny00NTJlLTlmNjct
NjkxMzM4N2I4MDgzLzEvbklaVHluNzFIeEdIRUIzQmdvaXk3Y1ZqaTNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC80NGU4OTMtOTI0Ny00NTJlLTlmNjctNjkxMzM4N2I4MDgz
LzEvbmpBcFMzNUdSYXJ0dFVaeTFJQmxzYkhPdkdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDA8BAIAATA2AwQCLYOoAwQA
XXPTAwQAXXP9AwQCbWoQAwQCqxYMAwQCuXuAAwQCucPEAwQCudNcAwQBuf52MBQE
AgACMA4DBQMqCl7AAwUDKg3DQDANBgkqhkiG9w0BAQsFAAOCAQEAUQQyPPRgbqBW
yMSqnfjwu+n6O2kLLeAmEY0LPqLYBcTK03x0SFIzirTsFdYge+G8eOqn3L0veDTE
08Qx9inw03RhMsDu7i5Jhi20a4zRWnf2Fd6C4cTYZPtwNoBluq6nlw8bHHFfJXnl
ePnIoqIxzEuUwdcofGJbQMkXmn2OlVgzminCzzmvNzgVSnaMfkLqOjlIDsEMduNI
Q9v6/n1iXI9004ecPxgM9gA9DHJz6s3q/giaI2StXnNkjuAbyeaP8sMWZyTumepb
EBiP+8ymtwiUyEEua9Q+a/ayTU7bC2RTnEx0Yc0ajyE8yy+GbxqrBgcfIcD7llA1
bNXBSEKOPw==
-----END CERTIFICATE-----
Generated at Sat Nov 23 12:04:44 2024 by rpki-client on console-fra.rpki-client.org