Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/dc573d-a3db-41f9-8c3f-867965eb50ca/1/NA1QW9wf3yOt69j2pcdrqlbho50.roa
File: NA1QW9wf3yOt69j2pcdrqlbho50.roa (raw, json)
Hash identifier: HjARXMVaJtTPKAb9hXMDlz9j/jpfi+tlmdygS/3XzKw=
Subject key identifier: 34:0D:50:5B:DC:1F:DF:23:AD:EB:D8:F6:A5:C7:6B:AA:56:E1:A3:9D
Certificate issuer: /CN=83b5b4913cc78e40803c00bec6b1a9dc48ff3684
Certificate serial: 0192013D9FBFA4FD2BB24E6C129F63404BAE
Authority key identifier: 83:B5:B4:91:3C:C7:8E:40:80:3C:00:BE:C6:B1:A9:DC:48:FF:36:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g7W0kTzHjkCAPAC-xrGp3Ej_NoQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/dc573d-a3db-41f9-8c3f-867965eb50ca/1/NA1QW9wf3yOt69j2pcdrqlbho50.roa
Signing time: Tue 17 Sep 2024 18:27:48 +0000
ROA not before: Tue 17 Sep 2024 18:27:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 174
IP address blocks: 185.115.161.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/dc573d-a3db-41f9-8c3f-867965eb50ca/1/g7W0kTzHjkCAPAC-xrGp3Ej_NoQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/dc573d-a3db-41f9-8c3f-867965eb50ca/1/g7W0kTzHjkCAPAC-xrGp3Ej_NoQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/g7W0kTzHjkCAPAC-xrGp3Ej_NoQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:01:3d:9f:bf:a4:fd:2b:b2:4e:6c:12:9f:63:40:4b:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83b5b4913cc78e40803c00bec6b1a9dc48ff3684
Validity
Not Before: Sep 17 18:27:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=340d505bdc1fdf23adebd8f6a5c76baa56e1a39d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:d1:04:49:59:82:a9:83:f0:37:d0:66:72:90:
6e:e9:79:c1:0b:66:6c:3b:a6:3e:f1:86:45:c7:7b:
05:a4:2c:ba:87:6c:b2:33:33:5b:5a:7a:37:3e:a9:
28:3c:38:04:fd:d9:92:df:87:bd:98:f4:7b:bd:41:
3a:33:49:06:e6:78:81:78:4c:c1:04:ca:bf:bb:3d:
04:53:bc:29:e7:38:02:19:f0:8e:51:f5:5f:f5:7d:
f0:01:e7:26:34:e0:b7:90:61:f9:c7:9c:26:be:d2:
eb:59:3f:b1:39:31:1d:1a:4f:d7:c8:bb:27:50:55:
b5:2c:8e:a0:86:e3:bf:8f:1e:ea:0f:80:13:75:27:
25:40:c7:43:19:55:e1:6c:a5:48:46:24:27:d1:f3:
53:19:ac:51:bc:ea:f1:f6:f6:0d:77:a3:c6:85:3a:
49:46:c8:52:0b:3d:16:ba:d2:81:ff:e4:d3:74:80:
81:11:25:88:1e:30:ad:f7:cc:82:57:84:a8:e6:64:
c4:fe:12:93:b2:34:99:b1:b5:53:fc:2f:0c:99:f2:
6a:1b:2e:d6:62:20:c6:11:ec:dc:65:c9:f8:3d:24:
38:4e:1a:a5:d3:74:0f:9b:a2:61:fb:ac:0b:bd:39:
75:46:41:9f:9e:95:7d:98:ed:39:20:d1:9a:b0:c7:
41:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:0D:50:5B:DC:1F:DF:23:AD:EB:D8:F6:A5:C7:6B:AA:56:E1:A3:9D
X509v3 Authority Key Identifier:
keyid:83:B5:B4:91:3C:C7:8E:40:80:3C:00:BE:C6:B1:A9:DC:48:FF:36:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g7W0kTzHjkCAPAC-xrGp3Ej_NoQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/dc573d-a3db-41f9-8c3f-867965eb50ca/1/NA1QW9wf3yOt69j2pcdrqlbho50.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/dc573d-a3db-41f9-8c3f-867965eb50ca/1/g7W0kTzHjkCAPAC-xrGp3Ej_NoQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.115.161.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:17:1d:67:fd:b1:58:19:f5:68:4d:7f:b4:c0:97:1d:ac:69:
25:f1:ad:94:dd:a3:2b:47:8e:5c:93:41:79:b9:5a:be:94:fc:
fa:e4:bf:cd:74:84:2f:0c:d0:cf:91:f5:e7:6c:91:11:0b:74:
9c:c9:fa:fd:48:68:3e:58:ea:b9:8e:49:18:af:f5:8e:a0:2e:
87:10:24:0d:f1:74:27:da:85:61:73:99:58:95:f2:19:10:f2:
3d:cb:e0:6a:50:f5:29:6b:a6:00:db:d5:b1:80:98:31:8b:67:
a3:34:44:40:99:93:2c:07:27:f1:52:23:c5:5e:8b:6e:41:a3:
e3:fa:df:52:e1:e2:0f:c4:59:15:40:bc:14:54:81:b9:b3:1b:
e0:4b:6c:4e:df:9b:01:82:c0:89:a8:c3:fd:7d:86:16:a9:47:
a3:d8:10:96:d2:63:9e:d9:84:72:68:33:1f:fb:10:93:29:2d:
9c:a5:cc:6b:52:2d:b6:f7:c5:ed:64:f3:60:a2:5a:d0:b6:97:
bf:f5:ef:6f:08:8f:87:a9:6f:99:54:07:ee:6d:24:65:42:86:
f4:d6:3d:ab:93:1e:06:36:a2:c4:21:70:4f:9d:43:b2:3f:11:
0f:82:66:4c:38:a7:e4:7c:0a:8f:a7:21:1f:dc:96:f3:2e:8c:
20:b2:74:f2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZIBPZ+/pP0rsk5sEp9jQEuuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzYjViNDkxM2NjNzhlNDA4MDNjMDBiZWM2YjFhOWRjNDhm
ZjM2ODQwHhcNMjQwOTE3MTgyNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDBkNTA1YmRjMWZkZjIzYWRlYmQ4ZjZhNWM3NmJhYTU2ZTFhMzlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz9EESVmCqYPwN9BmcpBu6XnBC2Zs
O6Y+8YZFx3sFpCy6h2yyMzNbWno3PqkoPDgE/dmS34e9mPR7vUE6M0kG5niBeEzB
BMq/uz0EU7wp5zgCGfCOUfVf9X3wAecmNOC3kGH5x5wmvtLrWT+xOTEdGk/XyLsn
UFW1LI6ghuO/jx7qD4ATdSclQMdDGVXhbKVIRiQn0fNTGaxRvOrx9vYNd6PGhTpJ
RshSCz0WutKB/+TTdICBESWIHjCt98yCV4So5mTE/hKTsjSZsbVT/C8MmfJqGy7W
YiDGEezcZcn4PSQ4Thql03QPm6Jh+6wLvTl1RkGfnpV9mO05INGasMdBrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDQNUFvcH98jrevY9qXHa6pW4aOdMB8GA1UdIwQY
MBaAFIO1tJE8x45AgDwAvsaxqdxI/zaEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzdXMGtUekhqa0NBUEFDLXhyR3AzRWpfTm9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9kYzU3M2QtYTNkYi00MWY5LThjM2Yt
ODY3OTY1ZWI1MGNhLzEvTkExUVc5d2YzeU90NjlqMnBjZHJxbGJobzUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9kYzU3M2QtYTNkYi00MWY5LThjM2YtODY3OTY1ZWI1MGNh
LzEvZzdXMGtUekhqa0NBUEFDLXhyR3AzRWpfTm9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuXOhMA0G
CSqGSIb3DQEBCwUAA4IBAQB6Fx1n/bFYGfVoTX+0wJcdrGkl8a2U3aMrR45ck0F5
uVq+lPz65L/NdIQvDNDPkfXnbJERC3Scyfr9SGg+WOq5jkkYr/WOoC6HECQN8XQn
2oVhc5lYlfIZEPI9y+BqUPUpa6YA29WxgJgxi2ejNERAmZMsByfxUiPFXotuQaPj
+t9S4eIPxFkVQLwUVIG5sxvgS2xO35sBgsCJqMP9fYYWqUej2BCW0mOe2YRyaDMf
+xCTKS2cpcxrUi2298XtZPNgolrQtpe/9e9vCI+HqW+ZVAfubSRlQob01j2rkx4G
NqLEIXBPnUOyPxEPgmZMOKfkfAqPpyEf3JbzLowgsnTy
-----END CERTIFICATE-----
Generated at Mon Nov 25 01:46:20 2024 by rpki-client on console-fra.rpki-client.org