Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/595db6-8920-4231-ad01-3534c8c5a351/1/Nn_ZoxV8BYIAq56GZvaULBaqSbM.roa
File: Nn_ZoxV8BYIAq56GZvaULBaqSbM.roa (raw, json)
Hash identifier: gjc9PaRjPbrZyiObyup/LP5HGgi9wG2JGtK1odlx2DE=
Subject key identifier: 36:7F:D9:A3:15:7C:05:82:00:AB:9E:86:66:F6:94:2C:16:AA:49:B3
Certificate issuer: /CN=20e114a8fec3f53cbe9cbf6d6a0be0089e30c757
Certificate serial: 018CC2DAF3F10E86F6017AC3EF4307812628
Authority key identifier: 20:E1:14:A8:FE:C3:F5:3C:BE:9C:BF:6D:6A:0B:E0:08:9E:30:C7:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IOEUqP7D9Ty-nL9tagvgCJ4wx1c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/595db6-8920-4231-ad01-3534c8c5a351/1/Nn_ZoxV8BYIAq56GZvaULBaqSbM.roa
Signing time: Mon 01 Jan 2024 02:29:38 +0000
ROA not before: Mon 01 Jan 2024 02:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61984
IP address blocks: 185.51.176.0/22 maxlen: 22
2a01:b0e0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/595db6-8920-4231-ad01-3534c8c5a351/1/IOEUqP7D9Ty-nL9tagvgCJ4wx1c.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/595db6-8920-4231-ad01-3534c8c5a351/1/IOEUqP7D9Ty-nL9tagvgCJ4wx1c.mft
rsync://rpki.ripe.net/repository/DEFAULT/IOEUqP7D9Ty-nL9tagvgCJ4wx1c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:f3:f1:0e:86:f6:01:7a:c3:ef:43:07:81:26:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20e114a8fec3f53cbe9cbf6d6a0be0089e30c757
Validity
Not Before: Jan 1 02:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=367fd9a3157c058200ab9e8666f6942c16aa49b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:6c:de:f1:1c:9a:61:a8:0d:8e:83:21:77:50:
ac:6a:2a:ea:f9:cd:fe:81:b5:14:b1:8d:2c:18:a5:
2e:35:dc:fe:3f:1c:27:5c:d7:27:16:d4:53:01:b3:
5a:98:2c:e2:2b:fc:af:1a:3a:a5:b0:c8:2e:90:31:
35:43:64:da:5f:6b:81:73:c8:b0:23:08:5d:64:94:
bf:d0:91:b6:4a:9c:ff:d6:d1:44:30:9e:57:01:fe:
58:08:9b:f3:01:3b:6d:43:47:e9:be:3b:01:e3:cc:
e2:61:2f:35:8d:0c:c6:64:46:e3:67:ea:80:42:d4:
84:e3:c8:ee:21:fc:ac:26:4a:55:67:67:7d:0e:98:
14:28:e2:84:bb:c0:f7:36:a3:f8:bb:54:95:7f:c9:
13:78:9a:4c:10:af:fd:40:c4:b0:69:a7:99:6f:a6:
8d:bb:f4:80:1d:58:d3:3d:22:06:2a:40:65:02:cf:
8d:03:55:e9:be:60:35:3f:ce:41:f8:2e:77:0d:12:
c7:ba:79:78:8b:df:84:57:54:ff:b3:f7:83:be:15:
2e:fc:4c:39:73:32:f8:2c:ab:09:b0:87:49:17:d9:
e7:41:49:1c:2b:47:d0:fd:88:60:4a:c0:6b:28:1b:
04:de:e3:7d:22:85:fb:24:c0:4a:8a:11:1a:8f:de:
88:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:7F:D9:A3:15:7C:05:82:00:AB:9E:86:66:F6:94:2C:16:AA:49:B3
X509v3 Authority Key Identifier:
keyid:20:E1:14:A8:FE:C3:F5:3C:BE:9C:BF:6D:6A:0B:E0:08:9E:30:C7:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IOEUqP7D9Ty-nL9tagvgCJ4wx1c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/595db6-8920-4231-ad01-3534c8c5a351/1/Nn_ZoxV8BYIAq56GZvaULBaqSbM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/595db6-8920-4231-ad01-3534c8c5a351/1/IOEUqP7D9Ty-nL9tagvgCJ4wx1c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.51.176.0/22
IPv6:
2a01:b0e0::/32
Signature Algorithm: sha256WithRSAEncryption
43:58:41:91:3a:4e:e3:c6:aa:85:95:24:e7:ea:8c:7b:9b:12:
66:f8:68:86:7f:e5:eb:e3:06:2c:75:bb:d1:98:b3:02:1f:58:
e2:f2:14:fb:df:fa:0b:33:4c:04:fe:cf:d8:0a:9a:e9:07:c7:
59:cc:56:22:cb:ca:73:fc:a4:c2:f1:37:47:db:3d:1d:e1:8f:
64:21:eb:03:01:88:c8:ca:49:54:c4:96:c2:7d:d2:36:5f:c3:
25:28:cd:91:0e:ae:31:74:03:8c:1d:9f:47:de:19:dd:3d:a3:
30:ec:02:62:f8:e7:b1:aa:1b:48:55:00:8e:9d:d6:fe:02:7a:
b7:9c:0a:db:ce:95:ef:8a:58:51:fa:06:ce:0b:58:39:0a:11:
a1:b5:88:15:08:ea:bf:22:27:83:64:34:45:f7:2c:f3:58:34:
35:cb:2f:c9:72:1d:e2:50:ca:5c:12:ae:2e:8a:82:66:4e:b9:
9f:67:04:f6:f7:66:ab:cc:be:f3:e6:c8:12:0e:a8:3c:83:4e:
c7:81:73:a6:bb:6f:85:9c:e0:f1:40:b5:9c:72:55:1d:4a:f1:
cf:64:01:61:42:91:37:ee:54:5b:d2:89:e1:9c:dd:bc:ca:11:
ea:55:53:47:cf:5f:12:31:dc:81:cc:ce:98:42:ca:43:ce:3d:
ef:65:c6:d4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzC2vPxDob2AXrD70MHgSYoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwZTExNGE4ZmVjM2Y1M2NiZTljYmY2ZDZhMGJlMDA4OWUz
MGM3NTcwHhcNMjQwMTAxMDIyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjdmZDlhMzE1N2MwNTgyMDBhYjllODY2NmY2OTQyYzE2YWE0OWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlWze8RyaYagNjoMhd1Csairq+c3+
gbUUsY0sGKUuNdz+PxwnXNcnFtRTAbNamCziK/yvGjqlsMgukDE1Q2TaX2uBc8iw
IwhdZJS/0JG2Spz/1tFEMJ5XAf5YCJvzATttQ0fpvjsB48ziYS81jQzGZEbjZ+qA
QtSE48juIfysJkpVZ2d9DpgUKOKEu8D3NqP4u1SVf8kTeJpMEK/9QMSwaaeZb6aN
u/SAHVjTPSIGKkBlAs+NA1XpvmA1P85B+C53DRLHunl4i9+EV1T/s/eDvhUu/Ew5
czL4LKsJsIdJF9nnQUkcK0fQ/YhgSsBrKBsE3uN9IoX7JMBKihEaj96IywIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDZ/2aMVfAWCAKuehmb2lCwWqkmzMB8GA1UdIwQY
MBaAFCDhFKj+w/U8vpy/bWoL4AieMMdXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU9FVXFQN0Q5VHktbkw5dGFndmdDSjR3eDFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS81OTVkYjYtODkyMC00MjMxLWFkMDEt
MzUzNGM4YzVhMzUxLzEvTm5fWm94VjhCWUlBcTU2R1p2YVVMQmFxU2JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS81OTVkYjYtODkyMC00MjMxLWFkMDEtMzUzNGM4YzVhMzUx
LzEvSU9FVXFQN0Q5VHktbkw5dGFndmdDSjR3eDFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTOwMA0E
AgACMAcDBQAqAbDgMA0GCSqGSIb3DQEBCwUAA4IBAQBDWEGROk7jxqqFlSTn6ox7
mxJm+GiGf+Xr4wYsdbvRmLMCH1ji8hT73/oLM0wE/s/YCprpB8dZzFYiy8pz/KTC
8TdH2z0d4Y9kIesDAYjIyklUxJbCfdI2X8MlKM2RDq4xdAOMHZ9H3hndPaMw7AJi
+OexqhtIVQCOndb+Anq3nArbzpXvilhR+gbOC1g5ChGhtYgVCOq/IieDZDRF9yzz
WDQ1yy/Jch3iUMpcEq4uioJmTrmfZwT292arzL7z5sgSDqg8g07HgXOmu2+FnODx
QLWcclUdSvHPZAFhQpE37lRb0onhnN28yhHqVVNHz18SMdyBzM6YQspDzj3vZcbU
-----END CERTIFICATE-----
Generated at Tue Nov 26 23:17:16 2024 by rpki-client on console-fra.rpki-client.org