Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/468104-3458-44ae-9587-ac842a00d476/1/1NIBu1RauToeaCBWeHNdxq6cA_8.roa
File: 1NIBu1RauToeaCBWeHNdxq6cA_8.roa (raw, json)
Hash identifier: PfjiGG1NyZl3GitJ6dnhkBlwVLh4NFpUfJlvnU6vM04=
Subject key identifier: D4:D2:01:BB:54:5A:B9:3A:1E:68:20:56:78:73:5D:C6:AE:9C:03:FF
Certificate issuer: /CN=00b2987c613aabb659e6be9903ac3501d537312e
Certificate serial: 018CC3489FCB8B1FED4835B39618806D835C
Authority key identifier: 00:B2:98:7C:61:3A:AB:B6:59:E6:BE:99:03:AC:35:01:D5:37:31:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ALKYfGE6q7ZZ5r6ZA6w1AdU3MS4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/468104-3458-44ae-9587-ac842a00d476/1/1NIBu1RauToeaCBWeHNdxq6cA_8.roa
Signing time: Mon 01 Jan 2024 04:29:25 +0000
ROA not before: Mon 01 Jan 2024 04:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43847
IP address blocks: 185.58.156.0/22 maxlen: 24
31.185.104.0/21 maxlen: 24
46.182.16.0/21 maxlen: 24
2a02:2970::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/468104-3458-44ae-9587-ac842a00d476/1/ALKYfGE6q7ZZ5r6ZA6w1AdU3MS4.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/468104-3458-44ae-9587-ac842a00d476/1/ALKYfGE6q7ZZ5r6ZA6w1AdU3MS4.mft
rsync://rpki.ripe.net/repository/DEFAULT/ALKYfGE6q7ZZ5r6ZA6w1AdU3MS4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 22:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:9f:cb:8b:1f:ed:48:35:b3:96:18:80:6d:83:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00b2987c613aabb659e6be9903ac3501d537312e
Validity
Not Before: Jan 1 04:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d4d201bb545ab93a1e68205678735dc6ae9c03ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:fa:3c:aa:bb:51:d4:22:cb:f4:a7:16:2b:53:
53:c4:b2:bb:a2:f5:8b:ba:e4:08:0f:53:dd:c1:fd:
a6:11:17:bc:1d:6a:18:49:36:47:d7:28:cf:b9:8e:
f3:d6:a9:4c:8f:0a:b2:dd:7e:6d:6c:dc:81:5c:99:
5b:3b:59:6e:d4:6e:5a:f6:85:fe:c7:c5:ca:ab:97:
9a:94:81:41:5d:b9:20:db:03:2a:6b:bc:f7:cf:0b:
5b:fd:8d:2b:d3:20:47:b2:70:b0:72:ac:8a:ae:2e:
37:ad:c6:30:69:ba:88:6b:6a:78:2e:c5:91:d8:f7:
ba:34:be:4c:de:a1:38:b7:8d:9b:5c:8d:40:16:0d:
e5:52:4c:ca:5d:c4:ba:71:8f:85:c5:50:f3:af:2e:
b6:d7:7c:fa:c8:8f:6c:6a:4c:85:08:bc:37:3e:dc:
01:e1:f7:c1:19:94:7b:0f:14:67:82:8f:70:7e:18:
fa:c9:80:ba:44:85:14:56:af:8d:74:90:81:05:57:
8c:f6:78:ed:ee:45:86:81:bb:21:34:f1:5c:c2:0e:
ba:e1:1f:63:c3:6b:6f:1b:70:70:58:a9:2c:e5:10:
0b:10:29:9e:ab:e5:ef:b0:7e:39:81:fc:d3:29:98:
85:f6:e2:fc:63:ac:35:66:15:c7:93:c7:bb:97:42:
75:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:D2:01:BB:54:5A:B9:3A:1E:68:20:56:78:73:5D:C6:AE:9C:03:FF
X509v3 Authority Key Identifier:
keyid:00:B2:98:7C:61:3A:AB:B6:59:E6:BE:99:03:AC:35:01:D5:37:31:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ALKYfGE6q7ZZ5r6ZA6w1AdU3MS4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/468104-3458-44ae-9587-ac842a00d476/1/1NIBu1RauToeaCBWeHNdxq6cA_8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/468104-3458-44ae-9587-ac842a00d476/1/ALKYfGE6q7ZZ5r6ZA6w1AdU3MS4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.185.104.0/21
46.182.16.0/21
185.58.156.0/22
IPv6:
2a02:2970::/29
Signature Algorithm: sha256WithRSAEncryption
46:1f:b3:8b:c2:8d:9f:9d:03:4e:9d:7d:b1:2e:8f:b2:9d:0a:
ae:e6:97:88:d7:2c:73:be:af:24:cb:d9:ac:29:0b:36:f2:63:
fd:88:e0:19:07:06:b1:d4:9e:42:88:81:64:35:ff:c1:c5:17:
bc:0b:33:b5:63:64:97:d9:a1:0c:1a:51:71:36:19:5c:e4:50:
6d:c0:08:8e:7a:fd:95:b1:12:89:94:ed:36:d7:33:7d:3f:44:
bd:2a:52:e3:04:29:bb:4d:f5:80:bf:6f:42:71:7f:5f:ff:7b:
eb:57:81:5f:80:28:00:c2:1e:03:79:c9:97:54:ed:dc:5b:d9:
08:24:f8:76:53:cc:67:b3:58:4e:d1:bc:ba:f0:9f:45:d1:44:
90:fa:37:c1:da:41:3a:4e:3a:a2:90:68:23:ea:2c:26:eb:b3:
12:36:8c:36:30:1f:97:36:fa:ea:c9:66:3c:f0:01:3f:cc:8d:
ea:78:f7:1a:07:a7:85:60:c5:b3:3b:85:9c:80:ed:8f:31:d5:
30:e8:4a:78:8f:b4:4f:f1:55:b4:97:5a:8e:4f:3f:38:ab:7c:
ec:1b:29:99:d0:e9:37:4a:96:ac:85:ac:ec:3d:73:2a:6c:55:
09:5f:2d:4f:d2:d0:13:cb:ad:31:6e:45:68:e9:e6:73:fa:fc:
f9:dc:ec:ee
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzDSJ/Lix/tSDWzlhiAbYNcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwYjI5ODdjNjEzYWFiYjY1OWU2YmU5OTAzYWMzNTAxZDUz
NzMxMmUwHhcNMjQwMTAxMDQyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGQyMDFiYjU0NWFiOTNhMWU2ODIwNTY3ODczNWRjNmFlOWMwM2ZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmfo8qrtR1CLL9KcWK1NTxLK7ovWL
uuQID1Pdwf2mERe8HWoYSTZH1yjPuY7z1qlMjwqy3X5tbNyBXJlbO1lu1G5a9oX+
x8XKq5ealIFBXbkg2wMqa7z3zwtb/Y0r0yBHsnCwcqyKri43rcYwabqIa2p4LsWR
2Pe6NL5M3qE4t42bXI1AFg3lUkzKXcS6cY+FxVDzry6213z6yI9sakyFCLw3PtwB
4ffBGZR7DxRngo9wfhj6yYC6RIUUVq+NdJCBBVeM9njt7kWGgbshNPFcwg664R9j
w2tvG3BwWKks5RALECmeq+XvsH45gfzTKZiF9uL8Y6w1ZhXHk8e7l0J13wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFNTSAbtUWrk6HmggVnhzXcaunAP/MB8GA1UdIwQY
MBaAFACymHxhOqu2Wea+mQOsNQHVNzEuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUxLWWZHRTZxN1paNXI2WkE2dzFBZFUzTVM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy80NjgxMDQtMzQ1OC00NGFlLTk1ODct
YWM4NDJhMDBkNDc2LzEvMU5JQnUxUmF1VG9lYUNCV2VITmR4cTZjQV84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy80NjgxMDQtMzQ1OC00NGFlLTk1ODctYWM4NDJhMDBkNDc2
LzEvQUxLWWZHRTZxN1paNXI2WkE2dzFBZFUzTVM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDH7loAwQD
LrYQAwQCuTqcMA0EAgACMAcDBQMqAilwMA0GCSqGSIb3DQEBCwUAA4IBAQBGH7OL
wo2fnQNOnX2xLo+ynQqu5peI1yxzvq8ky9msKQs28mP9iOAZBwax1J5CiIFkNf/B
xRe8CzO1Y2SX2aEMGlFxNhlc5FBtwAiOev2VsRKJlO021zN9P0S9KlLjBCm7TfWA
v29CcX9f/3vrV4FfgCgAwh4DecmXVO3cW9kIJPh2U8xns1hO0by68J9F0USQ+jfB
2kE6TjqikGgj6iwm67MSNow2MB+XNvrqyWY88AE/zI3qePcaB6eFYMWzO4WcgO2P
MdUw6Ep4j7RP8VW0l1qOTz84q3zsGymZ0Ok3SpashazsPXMqbFUJXy1P0tATy60x
bkVo6eZz+vz53Ozu
-----END CERTIFICATE-----
Generated at Sun May 19 07:14:43 2024 by rpki-client on console-ams.rpki-client.org