Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/NC1nxD09jYp2y9Xm_icqz66UFSo.roa
File: NC1nxD09jYp2y9Xm_icqz66UFSo.roa (raw, json)
Hash identifier: HYUTEjqYmfRgeoCSJy/IWyPBJHU/RxX4QiK0iiHevow=
Subject key identifier: 34:2D:67:C4:3D:3D:8D:8A:76:CB:D5:E6:FE:27:2A:CF:AE:94:15:2A
Certificate issuer: /CN=38a8550659bb68e770d8b0126b7261fb87d8240b
Certificate serial: 018CCA2BD9083883501E2656FA82F23B9D09
Authority key identifier: 38:A8:55:06:59:BB:68:E7:70:D8:B0:12:6B:72:61:FB:87:D8:24:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OKhVBlm7aOdw2LASa3Jh-4fYJAs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/NC1nxD09jYp2y9Xm_icqz66UFSo.roa
Signing time: Tue 02 Jan 2024 12:35:20 +0000
ROA not before: Tue 02 Jan 2024 12:35:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206353
IP address blocks: 185.186.128.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/OKhVBlm7aOdw2LASa3Jh-4fYJAs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/OKhVBlm7aOdw2LASa3Jh-4fYJAs.mft
rsync://rpki.ripe.net/repository/DEFAULT/OKhVBlm7aOdw2LASa3Jh-4fYJAs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:d9:08:38:83:50:1e:26:56:fa:82:f2:3b:9d:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38a8550659bb68e770d8b0126b7261fb87d8240b
Validity
Not Before: Jan 2 12:35:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=342d67c43d3d8d8a76cbd5e6fe272acfae94152a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:ef:1e:4e:ba:2a:e8:c2:f2:ce:17:4d:54:f2:
c6:91:a8:d5:8e:78:86:23:1e:bd:d0:ed:e8:5d:a7:
86:08:81:b8:c3:a8:34:c1:a7:ff:dd:d0:1f:c4:67:
e3:86:f5:a8:a7:00:0f:3d:70:e7:c0:93:b7:e1:17:
24:e9:88:64:8a:b6:50:e1:14:fd:01:c5:cd:05:8d:
f9:6f:75:bf:69:c5:c2:32:cf:05:6e:eb:a7:fa:61:
35:ce:cd:80:5b:92:00:26:0e:51:e4:cc:35:dc:2d:
8c:81:6f:6d:1a:cb:69:b2:b1:85:b1:a4:65:49:56:
f1:5f:4c:c2:9e:a2:e3:e8:5b:42:b4:45:dc:0f:93:
b9:4a:ba:14:1d:03:e2:29:5d:dd:71:21:fc:d6:d2:
9f:43:48:33:03:97:34:3a:24:53:56:34:88:e4:9e:
d8:96:51:95:51:c6:f5:4c:77:a5:cb:a6:62:33:8b:
c1:ca:d9:83:4a:39:26:cb:7d:d6:3c:68:42:3f:48:
8f:b7:7a:82:bf:b7:a4:1a:23:33:b0:51:c4:04:5d:
55:9a:bb:f7:2a:3f:f2:60:f8:25:f5:6e:26:90:e6:
52:2a:10:6c:44:4a:a5:33:b2:27:18:1a:7d:16:be:
e1:63:c8:52:a6:94:58:77:27:1a:5b:bd:d7:32:80:
ec:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:2D:67:C4:3D:3D:8D:8A:76:CB:D5:E6:FE:27:2A:CF:AE:94:15:2A
X509v3 Authority Key Identifier:
keyid:38:A8:55:06:59:BB:68:E7:70:D8:B0:12:6B:72:61:FB:87:D8:24:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKhVBlm7aOdw2LASa3Jh-4fYJAs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/NC1nxD09jYp2y9Xm_icqz66UFSo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/OKhVBlm7aOdw2LASa3Jh-4fYJAs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.186.128.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:80:f8:ae:b0:b3:89:9d:5b:3b:84:c4:48:c3:c8:6a:04:39:
52:25:5d:ed:8e:c2:b8:b4:92:62:cf:7b:8f:9b:32:45:a6:16:
fd:53:7e:87:48:ca:02:97:09:d0:69:e7:c2:6f:e8:24:fa:2e:
3d:16:45:1c:1f:d5:bf:18:95:ae:50:fb:23:57:70:5f:25:5e:
43:a9:6f:d3:3f:58:fa:a6:15:ab:2e:24:07:95:2c:8f:8e:e9:
96:36:18:e7:16:eb:66:b1:d0:b3:77:23:29:fc:6d:cc:06:ff:
3e:e6:31:6f:cc:70:3d:ff:b9:db:04:c0:ad:10:ff:dc:56:91:
24:19:31:88:51:0b:84:9f:fe:a7:6c:e1:75:be:09:2d:2f:ae:
7b:0f:43:6e:0f:e2:bf:1a:0b:a7:e2:bf:07:8e:5b:16:79:d0:
ed:a3:af:6f:ac:43:e9:c5:68:02:0b:5c:8a:21:1d:5d:d7:ed:
f8:36:81:14:31:a6:3a:0f:7a:54:43:72:e7:d2:ed:1b:07:b0:
10:ac:31:44:26:21:46:00:9f:d4:29:65:a8:16:b4:69:d4:21:
a0:80:9d:11:90:e9:85:c4:41:06:f1:0e:15:d6:ca:1a:92:f6:
a2:f1:80:25:e0:a1:dd:ef:bc:2f:5e:56:6e:f6:35:df:49:f2:
8b:73:70:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKK9kIOINQHiZW+oLyO50JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YTg1NTA2NTliYjY4ZTc3MGQ4YjAxMjZiNzI2MWZiODdk
ODI0MGIwHhcNMjQwMTAyMTIzNTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDJkNjdjNDNkM2Q4ZDhhNzZjYmQ1ZTZmZTI3MmFjZmFlOTQxNTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAme8eTroq6MLyzhdNVPLGkajVjniG
Ix690O3oXaeGCIG4w6g0waf/3dAfxGfjhvWopwAPPXDnwJO34Rck6YhkirZQ4RT9
AcXNBY35b3W/acXCMs8Fbuun+mE1zs2AW5IAJg5R5Mw13C2MgW9tGstpsrGFsaRl
SVbxX0zCnqLj6FtCtEXcD5O5SroUHQPiKV3dcSH81tKfQ0gzA5c0OiRTVjSI5J7Y
llGVUcb1THely6ZiM4vBytmDSjkmy33WPGhCP0iPt3qCv7ekGiMzsFHEBF1Vmrv3
Kj/yYPgl9W4mkOZSKhBsREqlM7InGBp9Fr7hY8hSppRYdycaW73XMoDs5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDQtZ8Q9PY2KdsvV5v4nKs+ulBUqMB8GA1UdIwQY
MBaAFDioVQZZu2jncNiwEmtyYfuH2CQLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0toVkJsbTdhT2R3MkxBU2EzSmgtNGZZSkFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi83ZGNlNzMtYzRkZi00MzMzLThlODEt
MWQ3MDNiNDk2NjM0LzEvTkMxbnhEMDlqWXAyeTlYbV9pY3F6NjZVRlNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi83ZGNlNzMtYzRkZi00MzMzLThlODEtMWQ3MDNiNDk2NjM0
LzEvT0toVkJsbTdhT2R3MkxBU2EzSmgtNGZZSkFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAubqAMA0G
CSqGSIb3DQEBCwUAA4IBAQCbgPiusLOJnVs7hMRIw8hqBDlSJV3tjsK4tJJiz3uP
mzJFphb9U36HSMoClwnQaefCb+gk+i49FkUcH9W/GJWuUPsjV3BfJV5DqW/TP1j6
phWrLiQHlSyPjumWNhjnFutmsdCzdyMp/G3MBv8+5jFvzHA9/7nbBMCtEP/cVpEk
GTGIUQuEn/6nbOF1vgktL657D0NuD+K/Ggun4r8HjlsWedDto69vrEPpxWgCC1yK
IR1d1+34NoEUMaY6D3pUQ3Ln0u0bB7AQrDFEJiFGAJ/UKWWoFrRp1CGggJ0RkOmF
xEEG8Q4V1soakvai8YAl4KHd77wvXlZu9jXfSfKLc3D7
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:36:00 2024 by rpki-client on console-ams.rpki-client.org