Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/Nun2w1T01mDhuTgGnWbcHPM423I.roa
File: Nun2w1T01mDhuTgGnWbcHPM423I.roa (raw, json)
Hash identifier: wc3dY6VQ87G9u+60GKsrOHUr4qbNnqAPMifUD3yMV7g=
Subject key identifier: 36:E9:F6:C3:54:F4:D6:60:E1:B9:38:06:9D:66:DC:1C:F3:38:DB:72
Certificate issuer: /CN=098f7ba34bc6567bd3616d574f7285dd7556dbfd
Certificate serial: 0193498D315E4EF81D467A4F891817F3E884
Authority key identifier: 09:8F:7B:A3:4B:C6:56:7B:D3:61:6D:57:4F:72:85:DD:75:56:DB:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CY97o0vGVnvTYW1XT3KF3XVW2_0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/Nun2w1T01mDhuTgGnWbcHPM423I.roa
Signing time: Wed 20 Nov 2024 12:30:10 +0000
ROA not before: Wed 20 Nov 2024 12:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 80.93.192.0/24 maxlen: 24
80.93.202.0/24 maxlen: 24
80.93.204.0/24 maxlen: 24
80.93.205.0/24 maxlen: 24
80.93.206.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.crl
rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.mft
rsync://rpki.ripe.net/repository/DEFAULT/CY97o0vGVnvTYW1XT3KF3XVW2_0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:49:8d:31:5e:4e:f8:1d:46:7a:4f:89:18:17:f3:e8:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=098f7ba34bc6567bd3616d574f7285dd7556dbfd
Validity
Not Before: Nov 20 12:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=36e9f6c354f4d660e1b938069d66dc1cf338db72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:df:c4:95:c8:b1:1c:74:26:e8:e0:1e:56:2b:
e7:ea:cd:f7:a2:7c:0c:58:00:90:8e:90:20:16:29:
87:d0:46:2d:6f:96:c5:b2:3c:0d:49:2f:19:6c:4f:
56:36:49:ea:d6:ee:f5:f4:62:09:27:1f:d4:7f:6b:
5f:a3:96:8f:7e:54:8f:99:90:b3:27:24:71:e0:13:
94:73:37:33:26:d4:5d:58:24:fe:49:d8:bb:33:63:
27:6a:eb:e8:ad:36:b7:b6:4f:06:30:39:36:12:40:
e1:8a:8e:a2:0a:70:5a:49:6f:d4:df:a7:74:40:93:
8d:83:ae:41:09:b0:61:1c:01:76:73:21:95:01:0a:
08:a0:75:a8:f1:4c:6e:cc:c0:6b:3a:b2:29:a3:09:
f6:cd:7a:7b:88:6b:c3:ba:2f:3f:49:cd:b5:3e:45:
14:1d:7d:d2:b5:69:25:29:de:07:f4:d8:7d:99:b8:
29:ff:08:44:06:0b:79:f1:62:aa:1d:f8:a3:c0:7e:
66:50:94:17:3d:02:42:ee:6b:3a:23:62:da:a9:39:
9a:b1:c4:c6:2a:d5:69:58:15:6a:de:bb:61:2b:14:
b3:b5:08:3d:53:c5:82:0b:dd:d0:57:b4:ac:3c:9f:
8e:94:4c:46:26:31:48:6b:43:b8:bd:dd:5e:a6:ec:
90:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:E9:F6:C3:54:F4:D6:60:E1:B9:38:06:9D:66:DC:1C:F3:38:DB:72
X509v3 Authority Key Identifier:
keyid:09:8F:7B:A3:4B:C6:56:7B:D3:61:6D:57:4F:72:85:DD:75:56:DB:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CY97o0vGVnvTYW1XT3KF3XVW2_0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/Nun2w1T01mDhuTgGnWbcHPM423I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.93.192.0/24
80.93.202.0/24
80.93.204.0-80.93.206.255
Signature Algorithm: sha256WithRSAEncryption
05:aa:10:ff:ce:b5:6c:72:44:19:cc:03:97:f8:46:3e:cf:0c:
a1:3e:0c:10:f4:24:23:fd:03:d1:df:c3:f7:cc:b2:55:fe:4b:
97:5c:2a:51:dd:1a:8a:62:ae:4f:be:ae:d5:4c:e5:5f:18:00:
27:ca:dc:91:fc:7f:b7:f9:47:a8:8e:e3:cc:c2:4c:f1:6d:d0:
97:9d:93:36:a1:8e:54:64:89:f0:1f:c9:10:70:f9:59:e4:17:
d3:55:2e:34:1e:eb:6b:0c:e3:56:49:2c:8a:99:98:54:c4:a7:
30:f7:aa:e0:01:38:10:e6:ea:fa:24:a5:80:15:d7:24:de:14:
6a:08:ce:8b:85:d9:ab:01:0b:e7:16:50:6f:54:cd:b9:c5:5b:
39:26:52:df:2a:e7:b5:30:8a:44:89:5f:0e:ae:a7:b2:4b:d2:
7a:5d:4a:60:a3:bf:e1:d7:f5:99:8c:26:bf:75:78:d8:6d:39:
b0:d8:c2:5a:ee:cb:f0:72:98:10:50:f6:3d:d0:5a:2b:c1:42:
95:34:60:96:62:93:27:32:72:87:7e:9c:de:e7:78:55:ef:74:
ad:34:f8:18:46:11:f2:f3:da:c5:6e:7d:88:94:c1:23:dc:eb:
5c:fd:d8:1e:67:c6:e1:11:18:fc:2f:02:39:86:75:29:6d:42:
ed:69:2a:5e
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZNJjTFeTvgdRnpPiRgX8+iEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5OGY3YmEzNGJjNjU2N2JkMzYxNmQ1NzRmNzI4NWRkNzU1
NmRiZmQwHhcNMjQxMTIwMTIzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmU5ZjZjMzU0ZjRkNjYwZTFiOTM4MDY5ZDY2ZGMxY2YzMzhkYjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9/ElcixHHQm6OAeVivn6s33onwM
WACQjpAgFimH0EYtb5bFsjwNSS8ZbE9WNknq1u719GIJJx/Uf2tfo5aPflSPmZCz
JyRx4BOUczczJtRdWCT+Sdi7M2MnauvorTa3tk8GMDk2EkDhio6iCnBaSW/U36d0
QJONg65BCbBhHAF2cyGVAQoIoHWo8UxuzMBrOrIpown2zXp7iGvDui8/Sc21PkUU
HX3StWklKd4H9Nh9mbgp/whEBgt58WKqHfijwH5mUJQXPQJC7ms6I2LaqTmascTG
KtVpWBVq3rthKxSztQg9U8WCC93QV7SsPJ+OlExGJjFIa0O4vd1epuyQdwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFDbp9sNU9NZg4bk4Bp1m3BzzONtyMB8GA1UdIwQY
MBaAFAmPe6NLxlZ702FtV09yhd11Vtv9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1k5N28wdkdWbnZUWVcxWFQzS0YzWFZXMl8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8zOGM1YWMtYjdlNy00MGRkLTk4ZDMt
ZTIxNjZhZDc0ZTNmLzEvTnVuMncxVDAxbURodVRnR25XYmNIUE00MjNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8zOGM1YWMtYjdlNy00MGRkLTk4ZDMtZTIxNjZhZDc0ZTNm
LzEvQ1k5N28wdkdWbnZUWVcxWFQzS0YzWFZXMl8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAUF3AAwQA
UF3KMAwDBAJQXcwDBABQXc4wDQYJKoZIhvcNAQELBQADggEBAAWqEP/OtWxyRBnM
A5f4Rj7PDKE+DBD0JCP9A9Hfw/fMslX+S5dcKlHdGopirk++rtVM5V8YACfK3JH8
f7f5R6iO48zCTPFt0JedkzahjlRkifAfyRBw+VnkF9NVLjQe62sM41ZJLIqZmFTE
pzD3quABOBDm6vokpYAV1yTeFGoIzouF2asBC+cWUG9UzbnFWzkmUt8q57UwikSJ
Xw6up7JL0npdSmCjv+HX9ZmMJr91eNhtObDYwlruy/BymBBQ9j3QWivBQpU0YJZi
kycycod+nN7neFXvdK00+BhGEfLz2sVufYiUwSPc61z92B5nxuERGPwvAjmGdSlt
Qu1pKl4=
-----END CERTIFICATE-----
Generated at Mon Nov 25 01:46:17 2024 by rpki-client on console-fra.rpki-client.org