Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/764b34-0d98-454c-85a2-306045efcd68/1/nC2Ug481KAQBwRSSxhCNZot38bA.roa
File: nC2Ug481KAQBwRSSxhCNZot38bA.roa (raw, json)
Hash identifier: /Zb/nShyWJJF6oRbhFAyiR9eyVmZdJRTigD9nQ/zYzQ=
Subject key identifier: 9C:2D:94:83:8F:35:28:04:01:C1:14:92:C6:10:8D:66:8B:77:F1:B0
Certificate issuer: /CN=be43995289b6a5ca972c4b87b5e3149c32cb4430
Certificate serial: 018D45A77AE9BA97B9208FD82FEB149847C0
Authority key identifier: BE:43:99:52:89:B6:A5:CA:97:2C:4B:87:B5:E3:14:9C:32:CB:44:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vkOZUom2pcqXLEuHteMUnDLLRDA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/764b34-0d98-454c-85a2-306045efcd68/1/nC2Ug481KAQBwRSSxhCNZot38bA.roa
Signing time: Fri 26 Jan 2024 12:03:40 +0000
ROA not before: Fri 26 Jan 2024 12:03:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41012
IP address blocks: 91.103.32.0/23 maxlen: 23
94.119.64.0/18 maxlen: 18
94.119.128.0/18 maxlen: 18
94.119.255.0/24 maxlen: 24
194.42.124.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/764b34-0d98-454c-85a2-306045efcd68/1/vkOZUom2pcqXLEuHteMUnDLLRDA.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/764b34-0d98-454c-85a2-306045efcd68/1/vkOZUom2pcqXLEuHteMUnDLLRDA.mft
rsync://rpki.ripe.net/repository/DEFAULT/vkOZUom2pcqXLEuHteMUnDLLRDA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:45:a7:7a:e9:ba:97:b9:20:8f:d8:2f:eb:14:98:47:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be43995289b6a5ca972c4b87b5e3149c32cb4430
Validity
Not Before: Jan 26 12:03:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c2d94838f35280401c11492c6108d668b77f1b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:b7:0b:da:d1:24:ae:b9:94:30:c9:b1:a4:94:
0b:dd:4b:d5:23:de:46:fa:5f:94:e4:21:91:23:fb:
04:92:09:6f:4b:0a:cd:16:69:2d:2b:39:d0:44:e0:
a9:78:6d:52:4e:ac:b1:0b:b1:ad:56:59:81:20:81:
e6:9c:44:7e:08:bf:31:40:5e:26:44:50:f2:ff:94:
78:91:d5:d0:81:1b:8c:8e:34:0f:fe:b7:6a:72:37:
c7:22:0a:b5:e7:7e:97:24:11:57:33:ab:16:52:42:
23:c5:71:9c:f5:2d:fd:04:1f:e3:86:bc:a0:71:b3:
c0:e5:08:79:dd:00:c8:a7:bb:a5:fc:e3:72:3b:50:
bf:d1:e1:40:9b:d0:97:87:15:da:5d:c3:44:ad:a6:
24:7d:20:2f:f3:ec:6f:ae:d9:d0:21:d4:48:a7:9b:
9b:ff:20:b6:3f:48:5d:d4:45:fe:e4:62:4a:ce:03:
1d:99:e7:9e:28:f5:39:a1:74:00:6f:2d:61:7a:3a:
5d:65:60:93:73:d3:b5:73:12:55:0a:00:69:7c:c0:
10:7b:9c:93:94:cb:e9:8a:74:30:be:4b:d4:b9:43:
82:ec:b5:0f:34:00:5e:42:d3:08:b4:08:1f:fc:07:
46:f3:4d:e0:7a:97:b9:64:04:8c:4f:5a:72:8a:a0:
d8:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:2D:94:83:8F:35:28:04:01:C1:14:92:C6:10:8D:66:8B:77:F1:B0
X509v3 Authority Key Identifier:
keyid:BE:43:99:52:89:B6:A5:CA:97:2C:4B:87:B5:E3:14:9C:32:CB:44:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vkOZUom2pcqXLEuHteMUnDLLRDA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/764b34-0d98-454c-85a2-306045efcd68/1/nC2Ug481KAQBwRSSxhCNZot38bA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/764b34-0d98-454c-85a2-306045efcd68/1/vkOZUom2pcqXLEuHteMUnDLLRDA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.103.32.0/23
94.119.64.0-94.119.191.255
94.119.255.0/24
194.42.124.0/23
Signature Algorithm: sha256WithRSAEncryption
01:27:c2:e7:17:95:c3:04:74:2a:32:02:ef:22:d4:6a:5f:87:
a1:8b:7c:dd:2d:a5:2f:1a:f5:55:f2:8d:31:a4:14:b2:81:80:
db:a2:9f:25:21:fa:7f:d4:af:ac:db:3c:5a:b6:23:f8:a0:41:
d5:5d:8a:83:89:d5:70:1a:5a:b4:e0:f3:32:4f:33:6e:38:d9:
a8:06:16:d3:7a:e6:81:b6:18:d2:9e:a9:48:f1:a7:2e:b3:e9:
04:ad:b1:59:c3:c1:38:e8:b3:4b:4d:1d:ce:05:ac:03:b2:ae:
38:d2:23:c7:6b:86:76:0b:41:99:7f:93:a5:c0:3f:e4:03:91:
55:e5:dd:56:d2:9f:f8:de:f3:71:02:b7:03:9e:47:73:7d:64:
de:24:c0:e4:b5:4e:59:fe:3c:31:72:5a:bf:50:8f:22:0e:f3:
53:80:bd:75:2f:31:a0:0c:4c:e7:5a:0b:15:7f:ee:68:a1:6a:
28:fd:7a:ec:0c:20:f6:fd:56:1f:b5:66:ce:be:3d:d8:d3:c4:
c4:a1:c3:26:8c:24:d0:50:26:1d:78:f2:11:c7:4f:04:0c:87:
56:b8:a1:07:4d:2e:dc:ea:90:f2:b7:d1:07:97:fa:61:96:20:
d9:6c:a0:d1:79:0d:ac:2d:d9:21:7f:3d:1d:9b:1b:e4:a8:d9:
21:38:4e:b3
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAY1Fp3rpupe5II/YL+sUmEfAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNDM5OTUyODliNmE1Y2E5NzJjNGI4N2I1ZTMxNDljMzJj
YjQ0MzAwHhcNMjQwMTI2MTIwMzQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzJkOTQ4MzhmMzUyODA0MDFjMTE0OTJjNjEwOGQ2NjhiNzdmMWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAybcL2tEkrrmUMMmxpJQL3UvVI95G
+l+U5CGRI/sEkglvSwrNFmktKznQROCpeG1STqyxC7GtVlmBIIHmnER+CL8xQF4m
RFDy/5R4kdXQgRuMjjQP/rdqcjfHIgq1536XJBFXM6sWUkIjxXGc9S39BB/jhryg
cbPA5Qh53QDIp7ul/ONyO1C/0eFAm9CXhxXaXcNEraYkfSAv8+xvrtnQIdRIp5ub
/yC2P0hd1EX+5GJKzgMdmeeeKPU5oXQAby1hejpdZWCTc9O1cxJVCgBpfMAQe5yT
lMvpinQwvkvUuUOC7LUPNABeQtMItAgf/AdG803gepe5ZASMT1pyiqDYnwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFJwtlIOPNSgEAcEUksYQjWaLd/GwMB8GA1UdIwQY
MBaAFL5DmVKJtqXKlyxLh7XjFJwyy0QwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmtPWlVvbTJwY3FYTEV1SHRlTVVuRExMUkRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS83NjRiMzQtMGQ5OC00NTRjLTg1YTIt
MzA2MDQ1ZWZjZDY4LzEvbkMyVWc0ODFLQVFCd1JTU3hoQ05ab3QzOGJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS83NjRiMzQtMGQ5OC00NTRjLTg1YTItMzA2MDQ1ZWZjZDY4
LzEvdmtPWlVvbTJwY3FYTEV1SHRlTVVuRExMUkRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBW2cgMAwD
BAZed0ADBAZed4ADBABed/8DBAHCKnwwDQYJKoZIhvcNAQELBQADggEBAAEnwucX
lcMEdCoyAu8i1Gpfh6GLfN0tpS8a9VXyjTGkFLKBgNuinyUh+n/Ur6zbPFq2I/ig
QdVdioOJ1XAaWrTg8zJPM2442agGFtN65oG2GNKeqUjxpy6z6QStsVnDwTjos0tN
Hc4FrAOyrjjSI8drhnYLQZl/k6XAP+QDkVXl3VbSn/je83ECtwOeR3N9ZN4kwOS1
Tln+PDFyWr9QjyIO81OAvXUvMaAMTOdaCxV/7mihaij9euwMIPb9Vh+1Zs6+PdjT
xMShwyaMJNBQJh148hHHTwQMh1a4oQdNLtzqkPK30QeX+mGWINlsoNF5Dawt2SF/
PR2bG+So2SE4TrM=
-----END CERTIFICATE-----
Generated at Sat Nov 23 20:43:28 2024 by rpki-client on console-fra.rpki-client.org