Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/b3c215-d866-42d0-a6c3-20677d80e838/1/NRqEkvjaiHLhP7YwHQ36JqAydNk.roa
File: NRqEkvjaiHLhP7YwHQ36JqAydNk.roa (raw, json)
Hash identifier: mB6VxHbr/RL8KejIdKmX57CLVnFYDSmKf/lzdowTd/Y=
Subject key identifier: 35:1A:84:92:F8:DA:88:72:E1:3F:B6:30:1D:0D:FA:26:A0:32:74:D9
Certificate issuer: /CN=cca750fcc76d0dd75d7381e36d1bde4edddc3e51
Certificate serial: 018CCA9917552F725066C8D487314469AA4C
Authority key identifier: CC:A7:50:FC:C7:6D:0D:D7:5D:73:81:E3:6D:1B:DE:4E:DD:DC:3E:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zKdQ_MdtDdddc4HjbRveTt3cPlE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/b3c215-d866-42d0-a6c3-20677d80e838/1/NRqEkvjaiHLhP7YwHQ36JqAydNk.roa
Signing time: Tue 02 Jan 2024 14:34:39 +0000
ROA not before: Tue 02 Jan 2024 14:34:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198722
IP address blocks: 185.75.123.0/24 maxlen: 24
185.75.120.0/24 maxlen: 24
185.75.121.0/24 maxlen: 24
185.75.120.0/22 maxlen: 22
185.75.122.0/24 maxlen: 24
2a05:5240::/32 maxlen: 32
2a05:5242::/32 maxlen: 32
2a05:5243::/32 maxlen: 32
2a05:5240::/29 maxlen: 29
2a05:5241::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e0/b3c215-d866-42d0-a6c3-20677d80e838/1/zKdQ_MdtDdddc4HjbRveTt3cPlE.crl
rsync://rpki.ripe.net/repository/DEFAULT/e0/b3c215-d866-42d0-a6c3-20677d80e838/1/zKdQ_MdtDdddc4HjbRveTt3cPlE.mft
rsync://rpki.ripe.net/repository/DEFAULT/zKdQ_MdtDdddc4HjbRveTt3cPlE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 23:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:17:55:2f:72:50:66:c8:d4:87:31:44:69:aa:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cca750fcc76d0dd75d7381e36d1bde4edddc3e51
Validity
Not Before: Jan 2 14:34:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=351a8492f8da8872e13fb6301d0dfa26a03274d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:49:a2:e6:90:e6:f8:5e:0c:59:c3:d4:64:29:
72:24:71:e9:c9:07:37:b5:0a:74:fc:6a:8f:c2:93:
49:d6:84:f6:73:00:ff:1f:03:ed:cf:12:cb:a9:1a:
3e:70:59:80:ef:84:97:ac:ae:41:af:df:2a:28:15:
d5:c7:75:68:98:b8:c4:be:d3:71:86:d7:0e:02:62:
c7:ad:42:61:49:69:b5:f4:f7:0d:9d:0b:f6:7b:50:
2a:3e:cd:f0:58:8d:2b:0d:8d:94:87:41:b6:1d:15:
60:3a:4d:84:bd:1f:14:7c:a3:1f:ab:f0:9f:b3:42:
8b:c1:08:35:47:83:2b:e1:52:51:5d:20:0e:6a:ec:
70:9f:35:db:11:29:5c:ea:b5:d3:c2:51:cd:a0:6d:
17:a4:93:43:47:c1:5e:de:47:57:b6:4b:60:e0:0d:
ec:de:c4:69:44:20:20:ac:6f:c9:0c:e6:82:d3:3d:
95:b4:33:93:13:80:f3:ad:40:6f:8d:a2:30:6c:c1:
b6:46:e8:92:8b:e9:a7:07:49:3b:27:f7:3f:1c:ba:
30:34:29:04:fa:d0:cc:2e:71:95:50:f5:98:dd:de:
b8:67:4d:33:b3:54:67:3b:db:d4:20:e3:d4:c1:48:
12:4e:ae:ef:11:0a:18:a6:55:53:b0:c9:13:fd:65:
d0:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:1A:84:92:F8:DA:88:72:E1:3F:B6:30:1D:0D:FA:26:A0:32:74:D9
X509v3 Authority Key Identifier:
keyid:CC:A7:50:FC:C7:6D:0D:D7:5D:73:81:E3:6D:1B:DE:4E:DD:DC:3E:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zKdQ_MdtDdddc4HjbRveTt3cPlE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/b3c215-d866-42d0-a6c3-20677d80e838/1/NRqEkvjaiHLhP7YwHQ36JqAydNk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/b3c215-d866-42d0-a6c3-20677d80e838/1/zKdQ_MdtDdddc4HjbRveTt3cPlE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.75.120.0/22
IPv6:
2a05:5240::/29
Signature Algorithm: sha256WithRSAEncryption
5d:65:bf:c8:91:84:46:6b:ec:a8:66:1c:ec:f3:f0:ad:8a:a4:
1f:36:0d:41:85:03:9e:63:d0:71:8c:d8:4f:d9:c2:f4:a0:e0:
37:b7:75:32:a4:92:72:e7:ed:6d:50:94:ed:a9:45:e9:8b:e2:
06:d3:71:d0:9d:a0:26:b3:81:ef:e0:25:cb:8d:81:f2:e9:9b:
d1:70:ea:61:53:a5:f7:ca:32:0f:67:2a:0c:58:90:ea:93:7d:
64:df:45:a2:70:f8:e8:de:c2:4c:ee:4c:f3:3f:e6:75:1a:14:
96:41:7a:cb:68:d5:6e:7d:ea:a1:87:37:ea:76:ef:86:b5:ea:
49:e2:02:75:ab:2e:ea:fa:6c:a4:6c:15:3b:b7:e9:95:2a:dd:
19:ee:31:9f:e3:99:8f:ab:a3:5c:b7:24:8c:56:b1:70:1a:9c:
51:ec:78:50:86:ca:54:fd:b9:aa:6a:70:37:06:4c:fe:7c:1c:
13:47:b6:75:4d:7a:03:0c:73:d8:4b:2e:9b:24:57:09:fc:ea:
40:8e:ac:bf:99:32:bd:6d:81:75:d3:c0:96:f0:95:db:f3:76:
96:72:47:29:72:9a:74:8f:a3:d5:01:5d:a8:63:c4:43:bc:3c:
66:4e:4f:53:88:0f:9c:24:2f:ff:db:6f:b9:80:e7:69:3e:1d:
c2:82:23:c9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzKmRdVL3JQZsjUhzFEaapMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjYTc1MGZjYzc2ZDBkZDc1ZDczODFlMzZkMWJkZTRlZGRk
YzNlNTEwHhcNMjQwMTAyMTQzNDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTFhODQ5MmY4ZGE4ODcyZTEzZmI2MzAxZDBkZmEyNmEwMzI3NGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiUmi5pDm+F4MWcPUZClyJHHpyQc3
tQp0/GqPwpNJ1oT2cwD/HwPtzxLLqRo+cFmA74SXrK5Br98qKBXVx3VomLjEvtNx
htcOAmLHrUJhSWm19PcNnQv2e1AqPs3wWI0rDY2Uh0G2HRVgOk2EvR8UfKMfq/Cf
s0KLwQg1R4Mr4VJRXSAOauxwnzXbESlc6rXTwlHNoG0XpJNDR8Fe3kdXtktg4A3s
3sRpRCAgrG/JDOaC0z2VtDOTE4DzrUBvjaIwbMG2RuiSi+mnB0k7J/c/HLowNCkE
+tDMLnGVUPWY3d64Z00zs1RnO9vUIOPUwUgSTq7vEQoYplVTsMkT/WXQ9wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDUahJL42ohy4T+2MB0N+iagMnTZMB8GA1UdIwQY
MBaAFMynUPzHbQ3XXXOB420b3k7d3D5RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvektkUV9NZHREZGRkYzRIamJSdmVUdDNjUGxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC9iM2MyMTUtZDg2Ni00MmQwLWE2YzMt
MjA2NzdkODBlODM4LzEvTlJxRWt2amFpSExoUDdZd0hRMzZKcUF5ZE5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC9iM2MyMTUtZDg2Ni00MmQwLWE2YzMtMjA2NzdkODBlODM4
LzEvektkUV9NZHREZGRkYzRIamJSdmVUdDNjUGxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuUt4MA0E
AgACMAcDBQMqBVJAMA0GCSqGSIb3DQEBCwUAA4IBAQBdZb/IkYRGa+yoZhzs8/Ct
iqQfNg1BhQOeY9BxjNhP2cL0oOA3t3UypJJy5+1tUJTtqUXpi+IG03HQnaAms4Hv
4CXLjYHy6ZvRcOphU6X3yjIPZyoMWJDqk31k30WicPjo3sJM7kzzP+Z1GhSWQXrL
aNVufeqhhzfqdu+GtepJ4gJ1qy7q+mykbBU7t+mVKt0Z7jGf45mPq6NctySMVrFw
GpxR7HhQhspU/bmqanA3Bkz+fBwTR7Z1TXoDDHPYSy6bJFcJ/OpAjqy/mTK9bYF1
08CW8JXb83aWckcpcpp0j6PVAV2oY8RDvDxmTk9TiA+cJC//22+5gOdpPh3CgiPJ
-----END CERTIFICATE-----
Generated at Wed Nov 27 06:05:29 2024 by rpki-client on console-fra.rpki-client.org