Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/NUKLhH4cBCTVHTAvaQGjDiEfJgk.roa
File: NUKLhH4cBCTVHTAvaQGjDiEfJgk.roa (raw, json)
Hash identifier: Yf+N+piK0crrNhwEvQQwM7oXw8bG6C9ToPzba6LoS44=
Subject key identifier: 35:42:8B:84:7E:1C:04:24:D5:1D:30:2F:69:01:A3:0E:21:1F:26:09
Certificate issuer: /CN=4acfac8645a3c6f10042dc4a74d700d9d06af17a
Certificate serial: 019292625AC8E11D79ACA10941DD074D9D65
Authority key identifier: 4A:CF:AC:86:45:A3:C6:F1:00:42:DC:4A:74:D7:00:D9:D0:6A:F1:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/NUKLhH4cBCTVHTAvaQGjDiEfJgk.roa
Signing time: Tue 15 Oct 2024 22:52:52 +0000
ROA not before: Tue 15 Oct 2024 22:52:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211680
IP address blocks: 45.156.128.0/24 maxlen: 24
45.156.129.0/24 maxlen: 24
45.156.130.0/24 maxlen: 24
185.180.140.0/24 maxlen: 24
185.180.143.0/24 maxlen: 24
2a10:3c0:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 10:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:92:62:5a:c8:e1:1d:79:ac:a1:09:41:dd:07:4d:9d:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4acfac8645a3c6f10042dc4a74d700d9d06af17a
Validity
Not Before: Oct 15 22:52:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=35428b847e1c0424d51d302f6901a30e211f2609
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:06:03:c2:0b:9e:6d:91:83:14:70:01:c1:06:
84:a5:27:21:bc:eb:cd:87:43:56:a6:02:dd:e8:48:
d8:10:ac:93:ae:5b:f1:a6:f8:4b:b7:19:c3:43:3f:
36:54:7d:b9:d2:3a:6d:86:0a:54:0c:fb:a5:7e:8e:
fc:28:78:bb:1f:b4:cf:d5:fa:d8:4a:f7:49:58:32:
1b:39:2e:0e:cb:eb:14:48:28:9c:f9:15:c5:21:5d:
aa:66:fa:c3:ac:a4:96:e6:e2:88:a9:f7:fe:5a:5b:
a4:8e:68:fd:cb:13:ce:8b:f4:75:23:c0:6b:fc:94:
20:52:7c:af:17:4d:bc:f4:d8:f3:2c:cf:79:99:8d:
25:10:d8:ca:10:e6:e1:6b:e6:75:c6:de:a6:00:46:
74:7b:ad:6a:1e:70:f5:8c:a5:b4:07:39:fa:2f:67:
67:3e:3a:22:6e:77:86:88:b0:92:d1:bd:e2:f9:fe:
a5:49:91:29:d0:2a:c8:58:0b:1b:04:2a:60:5e:ce:
4d:0c:fb:d3:a6:73:1c:b1:52:f2:cb:37:cd:a8:18:
a1:ba:50:8b:c5:11:1f:fe:ec:df:ab:0c:b6:c3:3a:
fa:ef:7d:28:9f:b3:7f:db:56:db:7e:21:72:ac:5f:
fb:c5:4f:7b:6b:fe:53:da:6e:61:6a:56:f3:00:71:
02:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:42:8B:84:7E:1C:04:24:D5:1D:30:2F:69:01:A3:0E:21:1F:26:09
X509v3 Authority Key Identifier:
keyid:4A:CF:AC:86:45:A3:C6:F1:00:42:DC:4A:74:D7:00:D9:D0:6A:F1:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/NUKLhH4cBCTVHTAvaQGjDiEfJgk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.128.0-45.156.130.255
185.180.140.0/24
185.180.143.0/24
IPv6:
2a10:3c0:1::/48
Signature Algorithm: sha256WithRSAEncryption
94:24:c6:ab:ca:f1:62:29:51:c0:6d:ad:29:1a:bd:f8:ef:75:
f0:fd:a9:78:fd:23:44:df:f7:87:67:99:bc:70:b9:df:7f:ba:
be:de:09:eb:90:4e:e1:19:17:28:17:2a:8a:fd:a6:2e:5e:bc:
c2:b7:8e:a5:cd:7b:0a:63:a0:1e:30:c6:bb:f2:0b:1b:9c:b8:
3c:bf:f2:21:8d:61:40:53:1b:18:63:fe:fe:e2:d4:dc:6e:f1:
ae:02:a2:95:89:2f:c3:b3:ff:22:54:2d:a1:7e:ec:e8:4a:aa:
4d:c5:b2:bf:4c:2d:e0:c5:79:3b:45:68:4a:be:6b:54:d5:26:
8a:bf:30:38:03:f6:74:26:7b:66:08:47:2e:e3:a3:78:ed:24:
71:cf:00:00:58:11:f8:dc:8f:44:09:47:ac:7f:38:c5:72:d5:
dd:64:e2:ad:e4:a1:69:d0:93:20:f2:d8:4f:30:53:a8:b7:48:
76:0f:39:88:46:03:47:74:85:49:a0:5b:ce:de:36:86:03:80:
6c:ef:2e:44:82:49:5e:e5:cd:72:2a:5e:6a:5a:b6:a0:03:46:
d2:4a:b3:03:73:8b:bc:fa:cc:fb:36:d7:59:3a:58:0c:a9:d9:
a0:15:2f:a8:a2:10:17:dd:eb:8d:4a:5a:06:62:b1:af:ba:9c:
b3:14:95:bb
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAZKSYlrI4R15rKEJQd0HTZ1lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhY2ZhYzg2NDVhM2M2ZjEwMDQyZGM0YTc0ZDcwMGQ5ZDA2
YWYxN2EwHhcNMjQxMDE1MjI1MjUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTQyOGI4NDdlMWMwNDI0ZDUxZDMwMmY2OTAxYTMwZTIxMWYyNjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsAYDwguebZGDFHABwQaEpSchvOvN
h0NWpgLd6EjYEKyTrlvxpvhLtxnDQz82VH250jpthgpUDPulfo78KHi7H7TP1frY
SvdJWDIbOS4Oy+sUSCic+RXFIV2qZvrDrKSW5uKIqff+Wlukjmj9yxPOi/R1I8Br
/JQgUnyvF0289NjzLM95mY0lENjKEObha+Z1xt6mAEZ0e61qHnD1jKW0Bzn6L2dn
PjoibneGiLCS0b3i+f6lSZEp0CrIWAsbBCpgXs5NDPvTpnMcsVLyyzfNqBihulCL
xREf/uzfqwy2wzr6730on7N/21bbfiFyrF/7xU97a/5T2m5halbzAHECnQIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFDVCi4R+HAQk1R0wL2kBow4hHyYJMB8GA1UdIwQY
MBaAFErPrIZFo8bxAELcSnTXANnQavF6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3Mtc2hrV2p4dkVBUXR4S2ROY0EyZEJxOFhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8yYzE3Y2ItNDc0Mi00NGNmLTg5MWYt
N2JmODI3N2Q4YTJmLzEvTlVLTGhINGNCQ1RWSFRBdmFRR2pEaUVmSmdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8yYzE3Y2ItNDc0Mi00NGNmLTg5MWYtN2JmODI3N2Q4YTJm
LzEvU3Mtc2hrV2p4dkVBUXR4S2ROY0EyZEJxOFhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAgBAIAATAaMAwDBActnIAD
BAAtnIIDBAC5tIwDBAC5tI8wDwQCAAIwCQMHACoQA8AAATANBgkqhkiG9w0BAQsF
AAOCAQEAlCTGq8rxYilRwG2tKRq9+O918P2peP0jRN/3h2eZvHC533+6vt4J65BO
4RkXKBcqiv2mLl68wreOpc17CmOgHjDGu/ILG5y4PL/yIY1hQFMbGGP+/uLU3G7x
rgKilYkvw7P/IlQtoX7s6EqqTcWyv0wt4MV5O0VoSr5rVNUmir8wOAP2dCZ7ZghH
LuOjeO0kcc8AAFgR+NyPRAlHrH84xXLV3WTireShadCTIPLYTzBTqLdIdg85iEYD
R3SFSaBbzt42hgOAbO8uRIJJXuXNcipealq2oANG0kqzA3OLvPrM+zbXWTpYDKnZ
oBUvqKIQF93rjUpaBmKxr7qcsxSVuw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:04:46 2024 by rpki-client on console-fra.rpki-client.org