Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/NJdInHVRQG94cx6Vk8961T33AMI.roa
File: NJdInHVRQG94cx6Vk8961T33AMI.roa (raw, json)
Hash identifier: fPUyiymgZ005RWxtA/N3uKKvkqGa1H7eB4XYg3eFCYw=
Subject key identifier: 34:97:48:9C:75:51:40:6F:78:73:1E:95:93:CF:7A:D5:3D:F7:00:C2
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 018DB19A63FBED878CB16F157A257FD3E383
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/NJdInHVRQG94cx6Vk8961T33AMI.roa
Signing time: Fri 16 Feb 2024 11:08:21 +0000
ROA not before: Fri 16 Feb 2024 11:08:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205948
IP address blocks: 5.1.73.0/24 maxlen: 32
5.1.77.0/24 maxlen: 32
5.1.78.0/24 maxlen: 32
5.1.80.0/24 maxlen: 24
5.1.82.0/24 maxlen: 24
5.1.86.0/24 maxlen: 24
5.1.89.0/24 maxlen: 24
2a07:6fc0::/48 maxlen: 48
2a07:6fc0:1::/48 maxlen: 48
2a07:6fc0:452::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.mft
rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 13:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:b1:9a:63:fb:ed:87:8c:b1:6f:15:7a:25:7f:d3:e3:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Feb 16 11:08:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3497489c7551406f78731e9593cf7ad53df700c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:1e:3b:71:a2:c2:51:0d:a7:61:09:8e:b9:db:
02:8f:53:80:46:03:12:ed:04:92:5e:b9:2a:1b:bb:
79:97:90:94:05:b3:eb:fe:a4:ec:68:e0:d7:7c:e6:
e8:37:33:ef:0d:1e:80:9e:49:ab:8a:72:a8:e3:ca:
0d:7b:08:90:68:7d:cf:14:ab:2a:c1:5f:d9:9d:fb:
c6:1d:04:39:49:47:da:a7:69:a4:b7:aa:24:8b:e7:
cc:f9:74:2e:c2:c1:7c:3d:04:eb:3e:a7:08:f9:79:
29:4f:0d:45:57:23:cb:6f:c9:8f:f7:39:26:28:9d:
20:b3:b9:fc:53:05:24:65:5d:da:70:cb:f6:48:71:
18:db:5d:57:4c:8d:18:f6:da:5b:06:a6:1e:12:d2:
f5:4d:4c:1f:6f:26:d5:1c:f4:1e:6e:11:28:34:b3:
1d:12:5f:84:46:fe:07:67:63:d8:e4:98:25:d3:a1:
fd:f9:06:52:05:7a:da:e5:d7:bb:cd:13:cc:85:56:
50:88:fe:3b:4a:8d:9a:57:f4:4f:14:bb:12:0f:7b:
5a:86:76:70:08:75:d8:24:12:06:1e:89:2e:09:3e:
a3:90:db:ba:86:6f:ab:50:16:08:7f:13:71:8f:67:
5c:1d:8b:46:fc:53:3c:8e:c8:6a:06:b5:53:a1:a2:
bb:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:97:48:9C:75:51:40:6F:78:73:1E:95:93:CF:7A:D5:3D:F7:00:C2
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/NJdInHVRQG94cx6Vk8961T33AMI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.1.73.0/24
5.1.77.0-5.1.78.255
5.1.80.0/24
5.1.82.0/24
5.1.86.0/24
5.1.89.0/24
IPv6:
2a07:6fc0::/47
2a07:6fc0:452::/48
Signature Algorithm: sha256WithRSAEncryption
a4:d9:29:e4:cb:b5:80:ce:c1:a5:0b:58:a1:40:a1:35:75:b5:
86:a1:e7:b7:f9:fe:21:2c:5b:2d:5d:c4:65:7e:25:cf:9e:93:
0f:a7:88:8d:54:a8:8a:bd:79:d2:7a:e4:51:3f:63:d9:73:df:
c6:65:64:d2:df:a5:ae:88:12:2e:e6:7e:a7:1e:74:4f:11:01:
62:e4:4c:72:3a:c0:82:b0:30:50:12:20:d8:07:71:e2:58:c4:
3a:e5:5f:50:e6:ea:2b:a4:c1:3a:52:69:01:cb:79:d6:b0:de:
89:10:5b:2a:79:a6:3d:3e:34:1c:be:8d:c9:2e:79:50:80:17:
1f:5b:fb:52:53:5d:74:6c:b4:99:a6:53:57:64:3c:f6:f9:43:
d1:29:e0:db:ae:07:ce:5d:25:80:74:cb:d7:18:b3:96:b0:2d:
7a:58:25:24:9d:0d:fa:01:f3:ea:e8:2a:0c:93:31:1e:83:b9:
60:a2:db:f6:7c:70:7b:aa:45:72:65:03:54:be:55:8d:68:d8:
d5:43:0b:68:2a:36:1f:dd:50:f3:cf:27:da:13:81:17:78:79:
7a:82:33:2a:cc:5b:f4:e2:68:cd:7e:34:e0:4f:9d:32:ac:59:
9d:88:24:d3:9e:84:af:5b:74:bc:c8:3a:7f:0a:ad:38:57:8d:
91:99:c3:67
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAY2xmmP77YeMsW8VeiV/0+ODMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjQwMjE2MTEwODIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDk3NDg5Yzc1NTE0MDZmNzg3MzFlOTU5M2NmN2FkNTNkZjcwMGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArB47caLCUQ2nYQmOudsCj1OARgMS
7QSSXrkqG7t5l5CUBbPr/qTsaODXfOboNzPvDR6AnkmrinKo48oNewiQaH3PFKsq
wV/ZnfvGHQQ5SUfap2mkt6oki+fM+XQuwsF8PQTrPqcI+XkpTw1FVyPLb8mP9zkm
KJ0gs7n8UwUkZV3acMv2SHEY211XTI0Y9tpbBqYeEtL1TUwfbybVHPQebhEoNLMd
El+ERv4HZ2PY5Jgl06H9+QZSBXra5de7zRPMhVZQiP47So2aV/RPFLsSD3tahnZw
CHXYJBIGHokuCT6jkNu6hm+rUBYIfxNxj2dcHYtG/FM8jshqBrVToaK7YQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFDSXSJx1UUBveHMelZPPetU99wDCMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvTkpkSW5IVlJRRzk0Y3g2Vms4OTYxVDMzQU1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjAyBAIAATAsAwQABQFJMAwD
BAAFAU0DBAAFAU4DBAAFAVADBAAFAVIDBAAFAVYDBAAFAVkwGAQCAAIwEgMHASoH
b8AAAAMHACoHb8AEUjANBgkqhkiG9w0BAQsFAAOCAQEApNkp5Mu1gM7BpQtYoUCh
NXW1hqHnt/n+ISxbLV3EZX4lz56TD6eIjVSoir150nrkUT9j2XPfxmVk0t+lrogS
LuZ+px50TxEBYuRMcjrAgrAwUBIg2Adx4ljEOuVfUObqK6TBOlJpAct51rDeiRBb
KnmmPT40HL6NyS55UIAXH1v7UlNddGy0maZTV2Q89vlD0Sng264Hzl0lgHTL1xiz
lrAtelglJJ0N+gHz6ugqDJMxHoO5YKLb9nxwe6pFcmUDVL5VjWjY1UMLaCo2H91Q
888n2hOBF3h5eoIzKsxb9OJozX404E+dMqxZnYgk056Er1t0vMg6fwqtOFeNkZnD
Zw==
-----END CERTIFICATE-----
Generated at Mon Nov 25 22:16:55 2024 by rpki-client on console-ams.rpki-client.org