Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/2155f1-976a-4f7e-95a4-076e1d77aebe/1/nDkTomoqfIm9yL4BkdFFXgGbzik.roa
File: nDkTomoqfIm9yL4BkdFFXgGbzik.roa (raw, json)
Hash identifier: iyBY7hDCdZOHMVHm+jZBOBG6pAr/DchSkpn9LkI7ogo=
Subject key identifier: 9C:39:13:A2:6A:2A:7C:89:BD:C8:BE:01:91:D1:45:5E:01:9B:CE:29
Certificate issuer: /CN=37602539ec32c3919ff1cbc9594ddcab815674c5
Certificate serial: 018CC9BBDD1EF490B455B6750FCF95A7415E
Authority key identifier: 37:60:25:39:EC:32:C3:91:9F:F1:CB:C9:59:4D:DC:AB:81:56:74:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N2AlOewyw5Gf8cvJWU3cq4FWdMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/2155f1-976a-4f7e-95a4-076e1d77aebe/1/nDkTomoqfIm9yL4BkdFFXgGbzik.roa
Signing time: Tue 02 Jan 2024 10:33:01 +0000
ROA not before: Tue 02 Jan 2024 10:33:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15404
IP address blocks: 193.97.185.0/24 maxlen: 24
193.97.186.0/24 maxlen: 24
193.97.184.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/2155f1-976a-4f7e-95a4-076e1d77aebe/1/N2AlOewyw5Gf8cvJWU3cq4FWdMU.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/2155f1-976a-4f7e-95a4-076e1d77aebe/1/N2AlOewyw5Gf8cvJWU3cq4FWdMU.mft
rsync://rpki.ripe.net/repository/DEFAULT/N2AlOewyw5Gf8cvJWU3cq4FWdMU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:dd:1e:f4:90:b4:55:b6:75:0f:cf:95:a7:41:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37602539ec32c3919ff1cbc9594ddcab815674c5
Validity
Not Before: Jan 2 10:33:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c3913a26a2a7c89bdc8be0191d1455e019bce29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:e4:cb:ff:9e:b0:de:63:de:f8:c8:22:f8:d3:
60:53:da:3a:b9:7f:9b:ac:68:d0:bd:f5:6b:03:79:
43:7e:38:41:e3:8f:e2:9b:30:41:12:38:f2:96:17:
8f:69:7e:a6:54:2c:65:35:65:73:41:eb:c8:fe:c1:
6d:49:90:77:28:3b:5b:20:dd:e8:05:09:4b:a4:2b:
77:11:94:22:37:70:1c:c5:0e:0b:87:37:81:d8:52:
36:2a:01:c2:e8:8f:0e:50:aa:13:dd:fc:8f:ec:83:
d9:2e:21:7c:50:f5:e5:e7:3f:9a:52:58:8a:3b:30:
07:65:1a:ee:44:9f:1c:23:c5:83:61:d0:27:92:5e:
b7:2c:fc:26:af:8f:19:f1:90:2d:6d:bc:90:dc:e3:
95:68:d1:82:79:86:ab:10:b4:2a:80:d8:b4:a3:43:
5b:1c:f0:2c:97:90:88:c9:a4:e1:24:08:23:42:ff:
ee:06:88:0a:91:17:8f:37:72:9f:7f:d6:10:84:e2:
d9:a1:24:a8:eb:a6:74:7d:29:ae:21:dd:1f:bd:65:
0b:fe:b5:76:be:ce:04:38:d1:c6:92:3d:a7:a0:ef:
e5:ab:ca:3a:e2:66:29:33:76:f1:1e:0d:82:31:3a:
b3:93:18:c3:9d:f3:a4:97:6b:b5:95:4b:76:a8:ce:
3d:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:39:13:A2:6A:2A:7C:89:BD:C8:BE:01:91:D1:45:5E:01:9B:CE:29
X509v3 Authority Key Identifier:
keyid:37:60:25:39:EC:32:C3:91:9F:F1:CB:C9:59:4D:DC:AB:81:56:74:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N2AlOewyw5Gf8cvJWU3cq4FWdMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/2155f1-976a-4f7e-95a4-076e1d77aebe/1/nDkTomoqfIm9yL4BkdFFXgGbzik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/2155f1-976a-4f7e-95a4-076e1d77aebe/1/N2AlOewyw5Gf8cvJWU3cq4FWdMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.97.184.0-193.97.186.255
Signature Algorithm: sha256WithRSAEncryption
0e:15:57:c6:b6:df:d8:95:85:1f:5a:09:8e:97:43:3f:17:20:
32:15:ee:6e:68:66:f0:10:49:82:ab:8a:20:da:cd:9d:1c:9e:
bb:0e:a5:9b:1f:29:ee:b6:18:9c:cf:94:35:96:4f:fc:f2:4b:
5d:fa:e3:83:c0:e5:28:b5:33:6a:55:82:2a:d3:ae:4b:8e:30:
70:39:87:df:ef:56:a3:48:23:9c:46:1b:3d:9d:3a:29:92:79:
73:35:9f:68:91:65:95:b6:ed:51:13:6d:7f:78:98:ba:49:2b:
fb:71:62:af:3c:22:40:da:aa:ce:e8:f5:17:ea:04:bd:a3:6b:
29:57:b9:71:8b:7a:52:fa:95:d8:7a:e6:71:1a:4b:cc:12:a6:
68:48:33:0e:c9:a8:8f:5d:82:d2:cd:83:09:00:0d:f3:dc:c7:
d0:f7:5e:e7:22:65:47:c7:66:7e:6c:b5:b3:46:6e:59:61:df:
0a:63:fb:6c:e6:7e:e6:54:89:e7:13:18:a1:3a:5a:9d:e5:79:
0d:a0:6e:c5:5a:21:85:49:86:62:54:18:ee:f5:f7:c4:92:d9:
f9:6f:d4:ef:bb:03:e0:0b:ee:96:78:bb:91:b5:81:85:88:05:
37:a7:9a:7c:ab:6b:65:75:15:a5:16:d1:ec:de:5e:d8:1a:2f:
77:d6:68:cd
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzJu90e9JC0VbZ1D8+Vp0FeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NjAyNTM5ZWMzMmMzOTE5ZmYxY2JjOTU5NGRkY2FiODE1
Njc0YzUwHhcNMjQwMTAyMTAzMzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzM5MTNhMjZhMmE3Yzg5YmRjOGJlMDE5MWQxNDU1ZTAxOWJjZTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnOTL/56w3mPe+Mgi+NNgU9o6uX+b
rGjQvfVrA3lDfjhB44/imzBBEjjylhePaX6mVCxlNWVzQevI/sFtSZB3KDtbIN3o
BQlLpCt3EZQiN3AcxQ4LhzeB2FI2KgHC6I8OUKoT3fyP7IPZLiF8UPXl5z+aUliK
OzAHZRruRJ8cI8WDYdAnkl63LPwmr48Z8ZAtbbyQ3OOVaNGCeYarELQqgNi0o0Nb
HPAsl5CIyaThJAgjQv/uBogKkRePN3Kff9YQhOLZoSSo66Z0fSmuId0fvWUL/rV2
vs4EONHGkj2noO/lq8o64mYpM3bxHg2CMTqzkxjDnfOkl2u1lUt2qM496QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJw5E6JqKnyJvci+AZHRRV4Bm84pMB8GA1UdIwQY
MBaAFDdgJTnsMsORn/HLyVlN3KuBVnTFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjJBbE9ld3l3NUdmOGN2SldVM2NxNEZXZE1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS8yMTU1ZjEtOTc2YS00ZjdlLTk1YTQt
MDc2ZTFkNzdhZWJlLzEvbkRrVG9tb3FmSW05eUw0QmtkRkZYZ0diemlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS8yMTU1ZjEtOTc2YS00ZjdlLTk1YTQtMDc2ZTFkNzdhZWJl
LzEvTjJBbE9ld3l3NUdmOGN2SldVM2NxNEZXZE1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAPBYbgD
BADBYbowDQYJKoZIhvcNAQELBQADggEBAA4VV8a239iVhR9aCY6XQz8XIDIV7m5o
ZvAQSYKriiDazZ0cnrsOpZsfKe62GJzPlDWWT/zyS13644PA5Si1M2pVgirTrkuO
MHA5h9/vVqNII5xGGz2dOimSeXM1n2iRZZW27VETbX94mLpJK/txYq88IkDaqs7o
9RfqBL2jaylXuXGLelL6ldh65nEaS8wSpmhIMw7JqI9dgtLNgwkADfPcx9D3Xuci
ZUfHZn5stbNGbllh3wpj+2zmfuZUiecTGKE6Wp3leQ2gbsVaIYVJhmJUGO7198SS
2flv1O+7A+AL7pZ4u5G1gYWIBTenmnyra2V1FaUW0ezeXtgaL3fWaM0=
-----END CERTIFICATE-----
Generated at Fri Nov 22 15:01:00 2024 by rpki-client on console-ams.rpki-client.org