Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/56ebd2-8185-48bd-bbd4-9ceeba8ba24c/1/NXaOFjXYkWQ80r-3Jg9gst32sRc.roa
File: NXaOFjXYkWQ80r-3Jg9gst32sRc.roa (raw, json)
Hash identifier: 2AaTRAopZxBnmsf45eDDNl0cqCYytfwWlR327OuPmMg=
Subject key identifier: 35:76:8E:16:35:D8:91:64:3C:D2:BF:B7:26:0F:60:B2:DD:F6:B1:17
Certificate issuer: /CN=d81bef5a1a31ef5cfc036b9c2b70a42abd04007e
Certificate serial: 018CC500908BC1F1311EEBA9261B936E1411
Authority key identifier: D8:1B:EF:5A:1A:31:EF:5C:FC:03:6B:9C:2B:70:A4:2A:BD:04:00:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2BvvWhox71z8A2ucK3CkKr0EAH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/56ebd2-8185-48bd-bbd4-9ceeba8ba24c/1/NXaOFjXYkWQ80r-3Jg9gst32sRc.roa
Signing time: Mon 01 Jan 2024 12:29:57 +0000
ROA not before: Mon 01 Jan 2024 12:29:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204536
IP address blocks: 185.87.180.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ec/56ebd2-8185-48bd-bbd4-9ceeba8ba24c/1/2BvvWhox71z8A2ucK3CkKr0EAH4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ec/56ebd2-8185-48bd-bbd4-9ceeba8ba24c/1/2BvvWhox71z8A2ucK3CkKr0EAH4.mft
rsync://rpki.ripe.net/repository/DEFAULT/2BvvWhox71z8A2ucK3CkKr0EAH4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 20:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:90:8b:c1:f1:31:1e:eb:a9:26:1b:93:6e:14:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d81bef5a1a31ef5cfc036b9c2b70a42abd04007e
Validity
Not Before: Jan 1 12:29:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=35768e1635d891643cd2bfb7260f60b2ddf6b117
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:46:ac:c6:6e:c9:f6:13:47:a3:60:96:84:e7:
0b:eb:2c:7c:83:0d:df:24:68:7c:bd:48:0f:28:01:
e2:84:94:81:d1:e0:b8:8b:5b:dd:49:71:f6:70:22:
ae:09:f3:5b:19:4b:e7:7a:18:b1:44:98:7f:c3:0d:
df:32:c9:ec:da:21:ef:3d:3a:b1:f6:38:f2:24:bd:
b6:a5:3c:c6:c1:a8:72:75:da:16:95:49:75:c4:21:
92:a3:23:19:03:da:0d:60:ad:b3:b5:15:c2:4c:87:
56:48:d8:fa:09:2d:70:35:61:ed:7e:ac:dc:87:d0:
c3:30:7e:6f:ef:1d:eb:2a:a6:76:4c:ef:25:2e:90:
b2:a5:0e:82:03:60:2d:bf:6f:a6:9c:b1:0e:5e:22:
0c:83:3c:6c:b0:8a:ed:30:dc:fb:93:c1:fc:0a:b8:
5d:e1:c7:98:5b:58:e8:b7:6f:14:89:55:cd:dd:f6:
2e:59:bf:76:12:84:a4:3f:53:b3:e1:45:fb:95:b6:
bf:40:f8:bb:b7:64:0a:94:31:c9:00:a3:1d:67:fd:
5c:e9:72:54:6a:31:0d:2f:51:1d:e4:3e:1d:2f:12:
15:f5:7b:95:74:82:a0:e2:0a:3e:7b:5e:1c:46:d4:
21:51:78:75:bf:78:3f:e2:14:a7:77:b1:ed:3f:fd:
ba:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:76:8E:16:35:D8:91:64:3C:D2:BF:B7:26:0F:60:B2:DD:F6:B1:17
X509v3 Authority Key Identifier:
keyid:D8:1B:EF:5A:1A:31:EF:5C:FC:03:6B:9C:2B:70:A4:2A:BD:04:00:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2BvvWhox71z8A2ucK3CkKr0EAH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/56ebd2-8185-48bd-bbd4-9ceeba8ba24c/1/NXaOFjXYkWQ80r-3Jg9gst32sRc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/56ebd2-8185-48bd-bbd4-9ceeba8ba24c/1/2BvvWhox71z8A2ucK3CkKr0EAH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.87.180.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:f9:9b:e5:40:b8:44:0d:f0:cd:66:e0:2e:f4:7c:69:d7:0d:
03:8b:3d:c9:12:2f:d4:44:e1:52:2e:b6:2c:bf:37:e6:6c:1c:
df:45:fa:08:27:13:5d:8e:f1:79:58:84:2e:ec:1f:6b:d2:02:
87:30:99:5f:ed:9a:ce:fa:e7:10:ad:04:aa:ea:02:4a:5d:32:
d2:5c:79:55:05:11:c0:f5:fd:db:9c:a2:00:a4:9c:68:fe:52:
27:4f:43:61:99:50:46:5a:84:d7:d2:7d:4b:f6:e0:9a:bc:61:
9f:67:ad:36:88:cc:79:1e:c3:dc:14:df:cf:c3:d6:67:8f:64:
d0:b0:85:76:99:4d:72:d8:ff:d7:4b:ee:11:e8:bb:32:ee:a4:
c3:e7:13:31:db:61:ad:0d:68:91:88:45:12:eb:af:7f:24:26:
fc:49:19:18:a3:0f:c8:0f:f4:5b:7a:e8:83:66:5d:ee:68:6a:
a1:61:00:19:ae:0a:60:dd:09:3b:96:39:db:9f:b7:8f:4a:82:
3d:23:aa:41:cc:c5:13:18:28:58:f6:47:1d:9f:83:99:ef:34:
60:ac:59:39:01:07:6d:e0:22:e6:a3:13:0f:8f:e2:df:df:bf:
3a:fd:69:1a:37:3d:81:0d:c1:ec:ba:55:a3:70:8c:ca:24:50:
34:ba:ab:43
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFAJCLwfExHuupJhuTbhQRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MWJlZjVhMWEzMWVmNWNmYzAzNmI5YzJiNzBhNDJhYmQw
NDAwN2UwHhcNMjQwMTAxMTIyOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTc2OGUxNjM1ZDg5MTY0M2NkMmJmYjcyNjBmNjBiMmRkZjZiMTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu0asxm7J9hNHo2CWhOcL6yx8gw3f
JGh8vUgPKAHihJSB0eC4i1vdSXH2cCKuCfNbGUvnehixRJh/ww3fMsns2iHvPTqx
9jjyJL22pTzGwahyddoWlUl1xCGSoyMZA9oNYK2ztRXCTIdWSNj6CS1wNWHtfqzc
h9DDMH5v7x3rKqZ2TO8lLpCypQ6CA2Atv2+mnLEOXiIMgzxssIrtMNz7k8H8Crhd
4ceYW1jot28UiVXN3fYuWb92EoSkP1Oz4UX7lba/QPi7t2QKlDHJAKMdZ/1c6XJU
ajENL1Ed5D4dLxIV9XuVdIKg4go+e14cRtQhUXh1v3g/4hSnd7HtP/26qwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDV2jhY12JFkPNK/tyYPYLLd9rEXMB8GA1UdIwQY
MBaAFNgb71oaMe9c/ANrnCtwpCq9BAB+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkJ2dldob3g3MXo4QTJ1Y0szQ2tLcjBFQUg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy81NmViZDItODE4NS00OGJkLWJiZDQt
OWNlZWJhOGJhMjRjLzEvTlhhT0ZqWFlrV1E4MHItM0pnOWdzdDMyc1JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy81NmViZDItODE4NS00OGJkLWJiZDQtOWNlZWJhOGJhMjRj
LzEvMkJ2dldob3g3MXo4QTJ1Y0szQ2tLcjBFQUg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVe0MA0G
CSqGSIb3DQEBCwUAA4IBAQAv+ZvlQLhEDfDNZuAu9Hxp1w0Diz3JEi/UROFSLrYs
vzfmbBzfRfoIJxNdjvF5WIQu7B9r0gKHMJlf7ZrO+ucQrQSq6gJKXTLSXHlVBRHA
9f3bnKIApJxo/lInT0NhmVBGWoTX0n1L9uCavGGfZ602iMx5HsPcFN/Pw9Znj2TQ
sIV2mU1y2P/XS+4R6Lsy7qTD5xMx22GtDWiRiEUS669/JCb8SRkYow/ID/RbeuiD
Zl3uaGqhYQAZrgpg3Qk7ljnbn7ePSoI9I6pBzMUTGChY9kcdn4OZ7zRgrFk5AQdt
4CLmoxMPj+Lf3786/WkaNz2BDcHsulWjcIzKJFA0uqtD
-----END CERTIFICATE-----
Generated at Sat May 18 23:14:40 2024 by rpki-client on console-fra.rpki-client.org