Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/ea402a-0ff6-47d9-9cd0-347a0f7c5b08/1/NfscdmUeXqxSa1PMjlKvvS5E2qM.roa
File: NfscdmUeXqxSa1PMjlKvvS5E2qM.roa (raw, json)
Hash identifier: SMxmgqbfVPWOEcDBEWaPkhiWnDU/9QsTcNRcZ/u4qkc=
Subject key identifier: 35:FB:1C:76:65:1E:5E:AC:52:6B:53:CC:8E:52:AF:BD:2E:44:DA:A3
Certificate issuer: /CN=c15e7d7bb69efacb0c73902972c74d72d29bf77f
Certificate serial: 018CC5DD26004B8AF9C2DA7FF66892E6FC4D
Authority key identifier: C1:5E:7D:7B:B6:9E:FA:CB:0C:73:90:29:72:C7:4D:72:D2:9B:F7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wV59e7ae-ssMc5ApcsdNctKb938.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/ea402a-0ff6-47d9-9cd0-347a0f7c5b08/1/NfscdmUeXqxSa1PMjlKvvS5E2qM.roa
Signing time: Mon 01 Jan 2024 16:30:53 +0000
ROA not before: Mon 01 Jan 2024 16:30:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60064
IP address blocks: 185.102.170.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/ea402a-0ff6-47d9-9cd0-347a0f7c5b08/1/wV59e7ae-ssMc5ApcsdNctKb938.crl
rsync://rpki.ripe.net/repository/DEFAULT/e8/ea402a-0ff6-47d9-9cd0-347a0f7c5b08/1/wV59e7ae-ssMc5ApcsdNctKb938.mft
rsync://rpki.ripe.net/repository/DEFAULT/wV59e7ae-ssMc5ApcsdNctKb938.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 08:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dd:26:00:4b:8a:f9:c2:da:7f:f6:68:92:e6:fc:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c15e7d7bb69efacb0c73902972c74d72d29bf77f
Validity
Not Before: Jan 1 16:30:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=35fb1c76651e5eac526b53cc8e52afbd2e44daa3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b8:d5:3e:e8:1c:3b:da:a4:d9:fc:28:9b:5e:
6e:56:b9:a5:0e:0d:0f:f0:b1:a2:88:cc:12:e9:12:
23:fc:30:2d:70:c5:fa:40:ee:7a:52:cc:f4:cc:d0:
e5:e9:4b:2d:ff:69:58:5a:16:7f:ec:0a:53:c7:7f:
7b:c5:78:9d:c1:50:a2:3a:46:aa:52:15:cd:40:4d:
47:4d:de:af:76:c0:9f:3d:84:b2:9c:23:43:07:27:
63:78:d1:a6:32:78:c7:d0:bf:14:b2:22:6a:95:5d:
b7:c8:91:ea:e4:71:a9:d1:32:eb:74:5d:50:85:45:
37:d4:d4:7c:80:d2:2d:2a:28:f9:28:39:d9:e5:42:
b8:08:e6:c9:9e:f7:95:e0:b3:11:0e:aa:91:8b:62:
53:82:9b:6f:1a:09:c8:33:af:f9:87:6d:34:d5:0f:
83:62:b6:47:07:1c:9e:0c:75:4c:c2:cf:78:c5:e0:
25:b8:1d:45:1a:d7:82:dd:ed:1b:d2:a2:0e:c6:fa:
5e:6c:cf:e2:64:31:c8:d9:4b:40:20:11:ed:b1:ed:
12:f3:72:9a:87:0a:ea:01:b6:0d:73:74:f3:6e:7b:
91:3e:13:26:f0:82:99:2e:5d:37:be:04:99:86:bb:
66:9f:92:65:b1:e0:bf:52:99:1b:c2:5c:75:b8:96:
be:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:FB:1C:76:65:1E:5E:AC:52:6B:53:CC:8E:52:AF:BD:2E:44:DA:A3
X509v3 Authority Key Identifier:
keyid:C1:5E:7D:7B:B6:9E:FA:CB:0C:73:90:29:72:C7:4D:72:D2:9B:F7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wV59e7ae-ssMc5ApcsdNctKb938.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/ea402a-0ff6-47d9-9cd0-347a0f7c5b08/1/NfscdmUeXqxSa1PMjlKvvS5E2qM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/ea402a-0ff6-47d9-9cd0-347a0f7c5b08/1/wV59e7ae-ssMc5ApcsdNctKb938.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.102.170.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:f4:70:9f:3d:fb:18:9e:19:d6:bc:97:41:52:4b:ef:1b:35:
6f:9a:0e:c9:83:35:66:39:77:db:50:82:43:87:0f:58:ed:b8:
92:b2:5a:1d:f0:a7:73:90:4f:83:4f:10:29:47:4b:cb:ab:5e:
6c:4b:80:14:f3:e1:db:5f:3c:05:ff:23:2c:82:38:18:25:3b:
15:82:38:67:b7:3d:0e:0d:5f:d2:23:e8:2b:47:ac:e6:49:9f:
64:27:66:52:bd:c5:78:78:46:32:32:f3:11:6c:5a:b2:e9:c5:
fc:f2:97:6e:27:6e:09:44:47:be:21:62:84:7f:75:b2:38:60:
31:17:91:9a:fb:5d:43:71:8a:56:38:b0:37:ed:ce:de:ef:bd:
16:56:fc:27:d3:e1:7b:2c:49:a5:7b:86:11:a8:1b:6a:0e:08:
3f:67:02:5a:e8:cb:a0:d5:10:ce:dd:ad:f6:ca:4f:a6:f2:a7:
6f:35:4e:0b:d3:95:a9:53:ee:e9:cc:d6:a8:ff:83:c4:78:44:
9f:36:dc:28:61:7b:fb:8e:2e:1a:42:d6:d2:d5:9d:fb:16:a4:
a5:a4:0a:95:d1:36:5b:b6:01:d7:5b:b9:34:a8:30:00:d7:2d:
80:ff:9e:54:39:1b:53:7d:5d:0e:1a:e6:bc:a4:0a:23:b0:a8:
1f:4c:80:31
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3SYAS4r5wtp/9miS5vxNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxNWU3ZDdiYjY5ZWZhY2IwYzczOTAyOTcyYzc0ZDcyZDI5
YmY3N2YwHhcNMjQwMTAxMTYzMDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWZiMWM3NjY1MWU1ZWFjNTI2YjUzY2M4ZTUyYWZiZDJlNDRkYWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7jVPugcO9qk2fwom15uVrmlDg0P
8LGiiMwS6RIj/DAtcMX6QO56Usz0zNDl6Ust/2lYWhZ/7ApTx397xXidwVCiOkaq
UhXNQE1HTd6vdsCfPYSynCNDBydjeNGmMnjH0L8UsiJqlV23yJHq5HGp0TLrdF1Q
hUU31NR8gNItKij5KDnZ5UK4CObJnveV4LMRDqqRi2JTgptvGgnIM6/5h2001Q+D
YrZHBxyeDHVMws94xeAluB1FGteC3e0b0qIOxvpebM/iZDHI2UtAIBHtse0S83Ka
hwrqAbYNc3TzbnuRPhMm8IKZLl03vgSZhrtmn5JlseC/Upkbwlx1uJa+NQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDX7HHZlHl6sUmtTzI5Sr70uRNqjMB8GA1UdIwQY
MBaAFMFefXu2nvrLDHOQKXLHTXLSm/d/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1Y1OWU3YWUtc3NNYzVBcGNzZE5jdEtiOTM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC9lYTQwMmEtMGZmNi00N2Q5LTljZDAt
MzQ3YTBmN2M1YjA4LzEvTmZzY2RtVWVYcXhTYTFQTWpsS3Z2UzVFMnFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC9lYTQwMmEtMGZmNi00N2Q5LTljZDAtMzQ3YTBmN2M1YjA4
LzEvd1Y1OWU3YWUtc3NNYzVBcGNzZE5jdEtiOTM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuWaqMA0G
CSqGSIb3DQEBCwUAA4IBAQCp9HCfPfsYnhnWvJdBUkvvGzVvmg7JgzVmOXfbUIJD
hw9Y7biSslod8KdzkE+DTxApR0vLq15sS4AU8+HbXzwF/yMsgjgYJTsVgjhntz0O
DV/SI+grR6zmSZ9kJ2ZSvcV4eEYyMvMRbFqy6cX88pduJ24JREe+IWKEf3WyOGAx
F5Ga+11DcYpWOLA37c7e770WVvwn0+F7LEmle4YRqBtqDgg/ZwJa6Mug1RDO3a32
yk+m8qdvNU4L05WpU+7pzNao/4PEeESfNtwoYXv7ji4aQtbS1Z37FqSlpAqV0TZb
tgHXW7k0qDAA1y2A/55UORtTfV0OGua8pAojsKgfTIAx
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:08:23 2024 by rpki-client on console-ams.rpki-client.org