Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/2894d7-14ee-46ab-882a-21272b87728b/1/NuoEBykgNJ8wntY1daEIfYtdSWQ.roa
File: NuoEBykgNJ8wntY1daEIfYtdSWQ.roa (raw, json)
Hash identifier: Hy4vyU7fI56WAeDYEdBe2J0Suqq6Jtr5MIHYxqAjeys=
Subject key identifier: 36:EA:04:07:29:20:34:9F:30:9E:D6:35:75:A1:08:7D:8B:5D:49:64
Certificate issuer: /CN=8efc610ce7bcf479651fd9518c28894ed1eb5a84
Certificate serial: 018ECC942E2BBEAC8195D3AA6245AB329A77
Authority key identifier: 8E:FC:61:0C:E7:BC:F4:79:65:1F:D9:51:8C:28:89:4E:D1:EB:5A:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jvxhDOe89HllH9lRjCiJTtHrWoQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/2894d7-14ee-46ab-882a-21272b87728b/1/NuoEBykgNJ8wntY1daEIfYtdSWQ.roa
Signing time: Thu 11 Apr 2024 09:54:06 +0000
ROA not before: Thu 11 Apr 2024 09:54:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203701
IP address blocks: 195.54.166.0/24 maxlen: 24
195.54.167.0/24 maxlen: 24
202.122.129.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/2894d7-14ee-46ab-882a-21272b87728b/1/jvxhDOe89HllH9lRjCiJTtHrWoQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/2894d7-14ee-46ab-882a-21272b87728b/1/jvxhDOe89HllH9lRjCiJTtHrWoQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/jvxhDOe89HllH9lRjCiJTtHrWoQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 03:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:cc:94:2e:2b:be:ac:81:95:d3:aa:62:45:ab:32:9a:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8efc610ce7bcf479651fd9518c28894ed1eb5a84
Validity
Not Before: Apr 11 09:54:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=36ea04072920349f309ed63575a1087d8b5d4964
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:a0:87:37:27:d9:7f:15:8d:ad:67:44:37:16:
ba:16:6c:58:9e:89:70:ca:34:b9:4c:4d:32:dd:da:
1d:8a:b8:93:1f:51:09:60:ff:b3:d9:e8:71:fb:2e:
5c:b5:30:2d:ae:0e:a6:ba:31:09:10:5e:07:60:63:
3c:49:54:8b:94:5c:ae:0f:7d:7c:51:e0:35:be:ad:
ae:1e:63:45:4d:d9:ec:21:55:4d:ff:0a:8d:f6:d9:
36:69:5c:f0:7a:91:6b:65:8c:0a:73:47:f1:5b:69:
f5:10:0e:23:93:28:1c:da:2d:7c:c5:1a:2c:fd:f9:
8c:e2:79:ee:c5:42:56:c8:e4:e9:6f:c6:3d:ee:dd:
83:85:25:47:1e:ee:19:6d:92:0a:b8:cd:a0:a6:fa:
1c:5d:78:1c:b8:24:a6:f4:44:89:1a:ae:49:f0:d4:
3e:7b:1a:d8:8f:98:18:5d:7b:f5:84:56:9a:e3:a0:
e9:49:9f:37:74:e4:1c:a2:1c:e3:68:83:99:6c:56:
83:a4:62:98:14:59:b3:6f:ae:d7:de:66:65:29:3e:
8c:01:14:36:1b:28:6f:72:02:a0:41:ed:0a:f8:30:
83:9a:c6:75:92:59:42:4e:2c:a7:d6:47:14:c1:8d:
cb:11:93:db:cf:39:6b:a6:ff:03:68:9b:63:22:85:
52:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:EA:04:07:29:20:34:9F:30:9E:D6:35:75:A1:08:7D:8B:5D:49:64
X509v3 Authority Key Identifier:
keyid:8E:FC:61:0C:E7:BC:F4:79:65:1F:D9:51:8C:28:89:4E:D1:EB:5A:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jvxhDOe89HllH9lRjCiJTtHrWoQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/2894d7-14ee-46ab-882a-21272b87728b/1/NuoEBykgNJ8wntY1daEIfYtdSWQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/2894d7-14ee-46ab-882a-21272b87728b/1/jvxhDOe89HllH9lRjCiJTtHrWoQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.54.166.0/23
202.122.129.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:0a:23:81:ce:79:9f:2c:44:08:cd:cd:65:d2:ca:d6:c9:26:
dc:31:3e:ea:7b:f8:b5:2e:6a:02:a3:7f:06:31:26:33:0c:9e:
22:0a:b0:8d:0a:b5:02:26:01:ca:4f:5f:51:40:12:d7:24:15:
67:b6:79:fd:31:ee:a7:12:16:2b:77:62:7e:99:63:a5:b0:c5:
c6:ed:49:83:02:b9:db:a1:58:74:6a:af:f9:c1:96:32:89:50:
d2:ce:4e:76:26:12:9b:4e:b4:56:f7:4a:dd:29:2f:d9:94:24:
5e:b2:bf:76:87:a5:22:39:70:2a:7d:4b:6d:e2:f8:da:43:ec:
2f:3a:9d:94:c7:61:f7:27:25:fe:cb:66:32:77:23:63:39:80:
c6:2b:2e:cc:a2:45:70:1e:a2:c8:9d:ad:96:da:54:af:52:72:
9b:9e:a6:ca:e4:d7:9e:16:5c:3d:cb:97:e2:14:07:f0:73:d2:
f5:28:25:ba:e0:08:f7:22:61:32:c9:64:4a:3e:98:9f:31:56:
60:97:7b:32:9c:f6:54:5e:71:2c:19:dd:57:20:7f:0f:4c:26:
06:f4:ce:84:5d:5d:b1:35:08:b7:89:1a:5f:dc:bf:9b:29:67:
bf:67:1d:2c:51:40:58:04:42:44:ba:22:b7:36:33:d7:04:ff:
4e:36:50:e0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY7MlC4rvqyBldOqYkWrMpp3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlZmM2MTBjZTdiY2Y0Nzk2NTFmZDk1MThjMjg4OTRlZDFl
YjVhODQwHhcNMjQwNDExMDk1NDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmVhMDQwNzI5MjAzNDlmMzA5ZWQ2MzU3NWExMDg3ZDhiNWQ0OTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi6CHNyfZfxWNrWdENxa6FmxYnolw
yjS5TE0y3dodiriTH1EJYP+z2ehx+y5ctTAtrg6mujEJEF4HYGM8SVSLlFyuD318
UeA1vq2uHmNFTdnsIVVN/wqN9tk2aVzwepFrZYwKc0fxW2n1EA4jkygc2i18xRos
/fmM4nnuxUJWyOTpb8Y97t2DhSVHHu4ZbZIKuM2gpvocXXgcuCSm9ESJGq5J8NQ+
exrYj5gYXXv1hFaa46DpSZ83dOQcohzjaIOZbFaDpGKYFFmzb67X3mZlKT6MARQ2
GyhvcgKgQe0K+DCDmsZ1kllCTiyn1kcUwY3LEZPbzzlrpv8DaJtjIoVSlQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDbqBAcpIDSfMJ7WNXWhCH2LXUlkMB8GA1UdIwQY
MBaAFI78YQznvPR5ZR/ZUYwoiU7R61qEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanZ4aERPZTg5SGxsSDlsUmpDaUpUdEhyV29RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8yODk0ZDctMTRlZS00NmFiLTg4MmEt
MjEyNzJiODc3MjhiLzEvTnVvRUJ5a2dOSjh3bnRZMWRhRUlmWXRkU1dRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8yODk0ZDctMTRlZS00NmFiLTg4MmEtMjEyNzJiODc3Mjhi
LzEvanZ4aERPZTg5SGxsSDlsUmpDaUpUdEhyV29RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwzamAwQA
ynqBMA0GCSqGSIb3DQEBCwUAA4IBAQArCiOBznmfLEQIzc1l0srWySbcMT7qe/i1
LmoCo38GMSYzDJ4iCrCNCrUCJgHKT19RQBLXJBVntnn9Me6nEhYrd2J+mWOlsMXG
7UmDArnboVh0aq/5wZYyiVDSzk52JhKbTrRW90rdKS/ZlCResr92h6UiOXAqfUtt
4vjaQ+wvOp2Ux2H3JyX+y2YydyNjOYDGKy7MokVwHqLIna2W2lSvUnKbnqbK5Nee
Flw9y5fiFAfwc9L1KCW64Aj3ImEyyWRKPpifMVZgl3synPZUXnEsGd1XIH8PTCYG
9M6EXV2xNQi3iRpf3L+bKWe/Zx0sUUBYBEJEuiK3NjPXBP9ONlDg
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:58:24 2024 by rpki-client on console-ams.rpki-client.org