Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/NadwFsH7DnF--Z7YKqXLOkWyTLw.roa
File: NadwFsH7DnF--Z7YKqXLOkWyTLw.roa (raw, json)
Hash identifier: 0kMqklkMrYUHwed3xIJqSPTLutbTM31A4r3BRvQLS40=
Subject key identifier: 35:A7:70:16:C1:FB:0E:71:7E:F9:9E:D8:2A:A5:CB:3A:45:B2:4C:BC
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 018CC4938920671CFE6D314B11564C8EC61A
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/NadwFsH7DnF--Z7YKqXLOkWyTLw.roa
Signing time: Mon 01 Jan 2024 10:30:52 +0000
ROA not before: Mon 01 Jan 2024 10:30:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64249
IP address blocks: 5.182.199.0/24 maxlen: 24
193.148.94.0/24 maxlen: 24
79.98.181.0/24 maxlen: 24
45.67.143.0/24 maxlen: 24
45.67.144.0/24 maxlen: 24
45.67.142.0/24 maxlen: 24
92.249.28.0/24 maxlen: 24
63.246.157.0/24 maxlen: 24
63.246.156.0/24 maxlen: 24
94.154.168.0/23 maxlen: 23
94.154.176.0/24 maxlen: 24
94.154.179.0/24 maxlen: 24
63.246.128.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.mft
rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:89:20:67:1c:fe:6d:31:4b:11:56:4c:8e:c6:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Jan 1 10:30:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=35a77016c1fb0e717ef99ed82aa5cb3a45b24cbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:d3:9c:90:8a:b2:49:08:6e:12:47:46:f6:e4:
a1:93:d1:66:be:60:7b:72:ab:11:fb:c1:78:ed:b0:
2a:72:90:95:0f:73:81:f4:15:ae:cd:36:f4:42:34:
bb:cb:39:c7:a1:91:8f:56:63:10:17:a1:5c:c8:61:
b0:c7:aa:2f:04:8e:18:fc:d3:df:e1:dd:5f:cc:4c:
b7:42:c4:5b:78:3a:b3:7a:1b:8b:21:f9:11:dd:fb:
5c:9f:a2:4c:25:9c:a4:4e:6f:76:8e:36:69:8d:c4:
dd:88:97:31:e2:87:a6:8d:87:82:29:78:b8:af:01:
be:4a:1f:f2:b0:fe:01:8a:d2:87:ed:65:d6:d7:ea:
dd:51:c9:ee:0b:be:ba:f8:48:12:23:3c:ef:f1:61:
e9:05:6b:64:3d:32:53:26:26:16:8d:18:55:4d:4e:
ce:86:dd:37:b9:fc:bc:04:2b:c0:be:93:cf:61:af:
0b:0a:f4:e7:53:8e:10:02:47:a9:32:a5:d4:ab:f5:
e2:29:38:6d:1c:20:e5:1b:8c:ed:ca:63:22:c1:88:
53:92:7c:42:f4:bf:54:af:5c:2d:b5:d2:b7:74:62:
6c:cd:39:35:00:7d:57:51:5b:b2:51:89:59:3e:c5:
b5:d5:83:0c:ce:d4:cc:b4:57:f5:23:56:d9:6f:a0:
3b:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:A7:70:16:C1:FB:0E:71:7E:F9:9E:D8:2A:A5:CB:3A:45:B2:4C:BC
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/NadwFsH7DnF--Z7YKqXLOkWyTLw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.199.0/24
45.67.142.0-45.67.144.255
63.246.128.0/24
63.246.156.0/23
79.98.181.0/24
92.249.28.0/24
94.154.168.0/23
94.154.176.0/24
94.154.179.0/24
193.148.94.0/24
Signature Algorithm: sha256WithRSAEncryption
09:b4:06:a8:f2:d1:23:1a:8c:58:0c:1c:c1:f1:7f:13:8a:8f:
ec:3b:15:4f:cd:be:97:2d:38:69:9a:8f:42:10:b1:09:26:c0:
fa:51:94:b0:c9:07:8e:b3:0e:fa:d6:dc:06:b3:40:7a:6b:c3:
00:e4:dd:8f:91:55:16:ec:5b:0f:da:4a:57:e0:2e:5e:ec:c4:
e5:a4:62:47:e4:6f:85:41:ee:dc:88:e3:e9:9d:96:df:c9:69:
67:c1:25:7d:b5:a4:fb:43:77:44:0c:11:d2:ce:5e:70:fe:73:
8f:62:6e:3e:91:6b:50:aa:25:fa:0a:f9:fe:f9:d9:65:ed:fd:
f3:69:0f:2e:43:65:f0:84:97:d8:54:08:67:44:e4:b7:aa:af:
ca:e0:fa:1a:43:2f:9d:28:0b:67:4e:4c:6b:a1:e0:17:67:7f:
41:92:71:77:ae:f9:a8:e1:f1:78:df:5b:b1:15:fd:1d:f0:a9:
93:84:e2:0e:60:aa:ed:67:e3:c9:9b:2f:37:ac:70:79:5a:bc:
3b:e4:69:09:03:04:a1:e2:a1:47:67:c8:4e:f1:0f:97:70:ab:
6c:14:4d:21:7c:05:a8:bd:71:cd:63:81:36:ab:62:05:2f:6f:
8c:35:1b:a3:fb:68:b5:7c:f1:e1:dd:11:71:09:fe:46:86:bd:
2f:d7:5b:56
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYzEk4kgZxz+bTFLEVZMjsYaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjQwMTAxMTAzMDUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWE3NzAxNmMxZmIwZTcxN2VmOTllZDgyYWE1Y2IzYTQ1YjI0Y2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAntOckIqySQhuEkdG9uShk9FmvmB7
cqsR+8F47bAqcpCVD3OB9BWuzTb0QjS7yznHoZGPVmMQF6FcyGGwx6ovBI4Y/NPf
4d1fzEy3QsRbeDqzehuLIfkR3ftcn6JMJZykTm92jjZpjcTdiJcx4oemjYeCKXi4
rwG+Sh/ysP4BitKH7WXW1+rdUcnuC766+EgSIzzv8WHpBWtkPTJTJiYWjRhVTU7O
ht03ufy8BCvAvpPPYa8LCvTnU44QAkepMqXUq/XiKThtHCDlG4ztymMiwYhTknxC
9L9Ur1wttdK3dGJszTk1AH1XUVuyUYlZPsW11YMMztTMtFf1I1bZb6A7PQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFDWncBbB+w5xfvme2CqlyzpFsky8MB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvTmFkd0ZzSDdEbkYtLVo3WUtxWExPa1d5VEx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQABbbHMAwD
BAEtQ44DBAAtQ5ADBAA/9oADBAE/9pwDBABPYrUDBABc+RwDBAFemqgDBABemrAD
BABemrMDBADBlF4wDQYJKoZIhvcNAQELBQADggEBAAm0Bqjy0SMajFgMHMHxfxOK
j+w7FU/NvpctOGmaj0IQsQkmwPpRlLDJB46zDvrW3AazQHprwwDk3Y+RVRbsWw/a
SlfgLl7sxOWkYkfkb4VB7tyI4+mdlt/JaWfBJX21pPtDd0QMEdLOXnD+c49ibj6R
a1CqJfoK+f752WXt/fNpDy5DZfCEl9hUCGdE5Leqr8rg+hpDL50oC2dOTGuh4Bdn
f0GScXeu+ajh8XjfW7EV/R3wqZOE4g5gqu1n48mbLzescHlavDvkaQkDBKHioUdn
yE7xD5dwq2wUTSF8Bai9cc1jgTarYgUvb4w1G6P7aLV88eHdEXEJ/kaGvS/XW1Y=
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:57:22 2024 by rpki-client on console-fra.rpki-client.org