Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/NTq63f2B6ydhmJr2VDY9I3JCFe8.roa
File: NTq63f2B6ydhmJr2VDY9I3JCFe8.roa (raw, json)
Hash identifier: Noby+HQYSBlxbIOscaxsSlauVmCr9KpJxMnkb8Bk/xU=
Subject key identifier: 35:3A:BA:DD:FD:81:EB:27:61:98:9A:F6:54:36:3D:23:72:42:15:EF
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018CC802FB9687ADA49E2D0ADB4ACAAA35BB
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/NTq63f2B6ydhmJr2VDY9I3JCFe8.roa
Signing time: Tue 02 Jan 2024 02:31:27 +0000
ROA not before: Tue 02 Jan 2024 02:31:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199150
IP address blocks: 193.180.242.0/24 maxlen: 24
194.71.236.0/22 maxlen: 22
2a01:280:108::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 25 May 2024 20:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:fb:96:87:ad:a4:9e:2d:0a:db:4a:ca:aa:35:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 02:31:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=353abaddfd81eb2761989af654363d23724215ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:f8:fa:3a:b1:bc:23:9f:24:cb:2f:f5:41:40:
3b:70:87:e9:7e:96:e5:4a:a4:8d:2a:8b:d8:81:c5:
a3:78:f5:02:5e:9e:ee:a3:b9:86:7c:35:92:d8:93:
47:33:37:19:bf:75:90:af:84:f0:fa:78:99:52:84:
bc:72:6e:b2:ab:58:60:f3:22:af:f4:4d:19:ac:cf:
8c:22:d9:00:19:16:8a:75:31:fb:65:e5:ae:fe:6f:
42:4d:46:bb:60:dc:7e:b8:8d:0e:6f:84:87:48:43:
60:90:83:18:93:b1:fd:45:23:54:8a:8e:39:66:0e:
31:d4:b2:ce:4d:bb:4a:3c:75:02:61:6c:cf:08:c2:
ff:be:cc:9a:7e:09:41:18:b3:6e:66:1c:02:df:ab:
83:95:1d:10:b8:55:51:38:6b:1e:72:df:41:82:ee:
e3:ac:8a:91:6a:a0:f1:18:15:72:fa:71:da:ca:25:
f3:ca:fd:b4:32:4a:e9:e5:e2:ab:16:27:ab:a2:e3:
18:3f:4d:9f:71:da:b6:00:48:82:f1:9a:25:bf:fe:
39:a3:e3:7f:8a:b3:38:86:17:d2:67:3b:9b:23:dc:
3f:1f:c7:cd:30:fc:98:08:73:50:19:14:7b:f5:7d:
57:05:6c:19:11:6c:a5:be:99:44:a8:89:5e:99:e0:
25:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:3A:BA:DD:FD:81:EB:27:61:98:9A:F6:54:36:3D:23:72:42:15:EF
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/NTq63f2B6ydhmJr2VDY9I3JCFe8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.180.242.0/24
194.71.236.0/22
IPv6:
2a01:280:108::/48
Signature Algorithm: sha256WithRSAEncryption
7e:45:44:07:32:10:0e:8b:2b:b0:8d:9e:80:bd:d9:77:5c:cc:
f6:06:44:89:e5:71:6b:4d:08:75:fc:b7:a8:03:d8:6c:63:15:
0f:9c:13:ec:90:f8:6e:9b:fb:ae:35:9c:c2:65:ac:5a:7c:36:
cb:05:52:ed:2f:68:76:47:53:07:a6:00:b9:93:df:08:bf:15:
8f:f6:e9:c4:ad:58:63:f5:23:df:cd:69:c0:7f:cd:f5:03:05:
38:0d:e9:d3:59:d4:06:72:59:cf:10:26:b9:6c:cd:29:f9:ad:
07:6a:f0:98:6b:80:62:6e:7a:7e:96:d6:a2:62:c6:d0:a8:86:
37:82:4c:98:59:b5:9c:1d:89:16:8d:4c:56:5a:ca:05:39:c4:
df:4e:4c:39:ba:e1:cc:54:67:04:a4:a0:4f:12:fb:89:08:86:
3e:69:ff:6b:da:08:9f:34:66:a5:09:6e:ff:48:5a:04:ec:2e:
ce:dc:1b:dd:43:84:a3:fd:b4:e8:f3:72:44:b4:70:f6:8a:e2:
50:86:cf:15:2d:1d:0c:c8:f0:5b:67:a6:c7:e7:d6:b0:db:e4:
af:06:42:9d:f9:26:86:f4:45:02:46:57:21:d3:9d:fd:37:a1:
44:38:0c:9b:97:a7:75:58:94:b8:92:11:f3:f2:8a:ad:9a:b9:
d9:5b:33:66
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzIAvuWh62kni0K20rKqjW7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwMTAyMDIzMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTNhYmFkZGZkODFlYjI3NjE5ODlhZjY1NDM2M2QyMzcyNDIxNWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvvj6OrG8I58kyy/1QUA7cIfpfpbl
SqSNKovYgcWjePUCXp7uo7mGfDWS2JNHMzcZv3WQr4Tw+niZUoS8cm6yq1hg8yKv
9E0ZrM+MItkAGRaKdTH7ZeWu/m9CTUa7YNx+uI0Ob4SHSENgkIMYk7H9RSNUio45
Zg4x1LLOTbtKPHUCYWzPCML/vsyafglBGLNuZhwC36uDlR0QuFVROGsect9Bgu7j
rIqRaqDxGBVy+nHayiXzyv20Mkrp5eKrFierouMYP02fcdq2AEiC8Zolv/45o+N/
irM4hhfSZzubI9w/H8fNMPyYCHNQGRR79X1XBWwZEWylvplEqIlemeAl9QIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFDU6ut39gesnYZia9lQ2PSNyQhXvMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvTlRxNjNmMkI2eWRobUpyMlZEWTlJM0pDRmU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAwbTyAwQC
wkfsMA8EAgACMAkDBwAqAQKAAQgwDQYJKoZIhvcNAQELBQADggEBAH5FRAcyEA6L
K7CNnoC92XdczPYGRInlcWtNCHX8t6gD2GxjFQ+cE+yQ+G6b+641nMJlrFp8NssF
Uu0vaHZHUwemALmT3wi/FY/26cStWGP1I9/NacB/zfUDBTgN6dNZ1AZyWc8QJrls
zSn5rQdq8JhrgGJuen6W1qJixtCohjeCTJhZtZwdiRaNTFZaygU5xN9OTDm64cxU
ZwSkoE8S+4kIhj5p/2vaCJ80ZqUJbv9IWgTsLs7cG91DhKP9tOjzckS0cPaK4lCG
zxUtHQzI8Ftnpsfn1rDb5K8GQp35Job0RQJGVyHTnf03oUQ4DJuXp3VYlLiSEfPy
iq2audlbM2Y=
-----END CERTIFICATE-----
Generated at Sat May 25 02:47:15 2024 by rpki-client on console-ams.rpki-client.org