Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/f74280-cc6d-41c1-858a-b5368330baf2/1/NHX-TO-xQKO8-S8d5CUBSXmGbxM.roa
File: NHX-TO-xQKO8-S8d5CUBSXmGbxM.roa (raw, json)
Hash identifier: MLTWXVtq/q5N2A5FbfaBc6P6kLXE4BmtVRNPsUPYfFI=
Subject key identifier: 34:75:FE:4C:EF:B1:40:A3:BC:F9:2F:1D:E4:25:01:49:79:86:6F:13
Certificate issuer: /CN=a4b666cb0e5496116eb7ae6714d9055309ba69ac
Certificate serial: 018CC795558860DF7CD5177869AF063D065A
Authority key identifier: A4:B6:66:CB:0E:54:96:11:6E:B7:AE:67:14:D9:05:53:09:BA:69:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pLZmyw5UlhFut65nFNkFUwm6aaw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/f74280-cc6d-41c1-858a-b5368330baf2/1/NHX-TO-xQKO8-S8d5CUBSXmGbxM.roa
Signing time: Tue 02 Jan 2024 00:31:41 +0000
ROA not before: Tue 02 Jan 2024 00:31:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48685
IP address blocks: 94.142.152.0/21 maxlen: 21
185.25.252.0/22 maxlen: 22
176.10.32.0/21 maxlen: 21
185.169.188.0/22 maxlen: 22
185.169.188.0/23 maxlen: 23
176.57.224.0/20 maxlen: 20
2a06:a100::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/f74280-cc6d-41c1-858a-b5368330baf2/1/pLZmyw5UlhFut65nFNkFUwm6aaw.crl
rsync://rpki.ripe.net/repository/DEFAULT/ee/f74280-cc6d-41c1-858a-b5368330baf2/1/pLZmyw5UlhFut65nFNkFUwm6aaw.mft
rsync://rpki.ripe.net/repository/DEFAULT/pLZmyw5UlhFut65nFNkFUwm6aaw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:55:88:60:df:7c:d5:17:78:69:af:06:3d:06:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4b666cb0e5496116eb7ae6714d9055309ba69ac
Validity
Not Before: Jan 2 00:31:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3475fe4cefb140a3bcf92f1de425014979866f13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:8a:c0:a1:52:ba:64:a5:60:c0:63:b5:7d:ac:
6f:36:99:1b:6a:a8:ee:54:15:4c:e9:c3:0f:e5:e1:
25:37:b4:7f:4a:bd:4d:38:55:ab:9a:f8:1a:23:1c:
3e:14:cf:e1:4c:9f:8f:63:29:74:79:e2:cf:fe:bf:
1c:1d:e1:7f:1c:51:a2:9e:de:18:8c:b3:a9:18:52:
f5:32:87:f1:bb:9c:88:ee:c9:80:0b:e7:16:91:5f:
76:f4:d9:ef:a3:72:de:9c:59:8d:9f:77:37:df:cb:
b0:01:e5:e7:86:b0:f3:dd:26:cf:40:bd:91:e5:8f:
70:53:6a:6c:1f:e7:30:8c:0f:c6:e9:70:da:b2:d5:
be:35:08:c6:fc:a5:55:85:e1:e3:2c:ad:5e:1d:f8:
cb:52:6f:80:1e:43:aa:9c:b0:a9:bd:20:d7:6f:8a:
4d:f4:4f:d5:21:36:63:52:0f:93:3b:a4:00:e5:ce:
3a:e0:15:d8:ea:a7:b7:6a:f3:32:fc:bd:fc:40:9a:
39:0f:70:9a:fa:ba:8e:64:73:8a:2a:22:c5:b1:9d:
94:5c:b0:fa:16:20:7f:b2:1f:a7:9b:35:cd:ad:11:
4e:52:02:72:1f:57:86:3a:e5:86:7a:5e:96:6f:a0:
12:be:91:15:36:28:f2:19:62:b5:30:d2:a1:ab:b1:
36:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:75:FE:4C:EF:B1:40:A3:BC:F9:2F:1D:E4:25:01:49:79:86:6F:13
X509v3 Authority Key Identifier:
keyid:A4:B6:66:CB:0E:54:96:11:6E:B7:AE:67:14:D9:05:53:09:BA:69:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pLZmyw5UlhFut65nFNkFUwm6aaw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/f74280-cc6d-41c1-858a-b5368330baf2/1/NHX-TO-xQKO8-S8d5CUBSXmGbxM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/f74280-cc6d-41c1-858a-b5368330baf2/1/pLZmyw5UlhFut65nFNkFUwm6aaw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.142.152.0/21
176.10.32.0/21
176.57.224.0/20
185.25.252.0/22
185.169.188.0/22
IPv6:
2a06:a100::/29
Signature Algorithm: sha256WithRSAEncryption
a4:d5:69:99:cf:0f:32:bf:47:5d:ab:f0:8a:37:cf:fa:e7:1a:
b4:99:2f:11:b4:7b:bb:4b:cc:b7:e8:37:e2:cf:d9:e4:fc:2d:
65:fa:dc:e9:cf:66:3e:a8:89:39:44:74:3e:04:03:40:92:92:
bc:9f:e8:bd:72:5c:11:93:bf:a0:bc:da:cb:b7:9d:ec:f1:7a:
88:9c:b2:c3:54:a5:28:79:d9:27:65:d1:27:f6:49:d5:27:27:
ce:db:6a:66:16:e7:9d:8a:8e:b4:dd:7a:06:2f:34:72:95:4d:
83:c4:37:4c:d6:29:da:c2:89:b0:92:4a:91:e5:f1:d4:10:51:
a0:2a:39:02:f7:75:33:ad:2a:bd:d2:6d:2b:0e:31:5f:75:10:
8c:a2:9d:6c:47:83:8e:15:69:b6:de:88:77:33:f0:14:7e:76:
97:2f:ae:bf:5f:cc:22:04:91:73:87:4a:4e:3e:35:e9:56:5e:
ba:8b:0f:be:48:92:4e:0d:f5:1a:96:de:47:0e:f4:a0:b6:50:
f7:26:eb:56:17:4c:32:aa:b4:b0:d2:ee:57:ed:44:2f:8b:74:
3f:19:88:a2:59:e8:e8:09:07:c0:ea:c6:ac:49:ce:4a:f0:bb:
fe:04:1b:c6:0b:36:ee:ac:2c:82:ae:fc:71:de:2c:ea:19:00:
46:70:2e:b9
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzHlVWIYN981Rd4aa8GPQZaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0YjY2NmNiMGU1NDk2MTE2ZWI3YWU2NzE0ZDkwNTUzMDli
YTY5YWMwHhcNMjQwMTAyMDAzMTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDc1ZmU0Y2VmYjE0MGEzYmNmOTJmMWRlNDI1MDE0OTc5ODY2ZjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4rAoVK6ZKVgwGO1faxvNpkbaqju
VBVM6cMP5eElN7R/Sr1NOFWrmvgaIxw+FM/hTJ+PYyl0eeLP/r8cHeF/HFGint4Y
jLOpGFL1Mofxu5yI7smAC+cWkV929Nnvo3LenFmNn3c338uwAeXnhrDz3SbPQL2R
5Y9wU2psH+cwjA/G6XDastW+NQjG/KVVheHjLK1eHfjLUm+AHkOqnLCpvSDXb4pN
9E/VITZjUg+TO6QA5c464BXY6qe3avMy/L38QJo5D3Ca+rqOZHOKKiLFsZ2UXLD6
FiB/sh+nmzXNrRFOUgJyH1eGOuWGel6Wb6ASvpEVNijyGWK1MNKhq7E2JQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFDR1/kzvsUCjvPkvHeQlAUl5hm8TMB8GA1UdIwQY
MBaAFKS2ZssOVJYRbreuZxTZBVMJummsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcExabXl3NVVsaEZ1dDY1bkZOa0ZVd202YWF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9mNzQyODAtY2M2ZC00MWMxLTg1OGEt
YjUzNjgzMzBiYWYyLzEvTkhYLVRPLXhRS084LVM4ZDVDVUJTWG1HYnhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9mNzQyODAtY2M2ZC00MWMxLTg1OGEtYjUzNjgzMzBiYWYy
LzEvcExabXl3NVVsaEZ1dDY1bkZOa0ZVd202YWF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDXo6YAwQD
sAogAwQEsDngAwQCuRn8AwQCuam8MA0EAgACMAcDBQMqBqEAMA0GCSqGSIb3DQEB
CwUAA4IBAQCk1WmZzw8yv0ddq/CKN8/65xq0mS8RtHu7S8y36Dfiz9nk/C1l+tzp
z2Y+qIk5RHQ+BANAkpK8n+i9clwRk7+gvNrLt53s8XqInLLDVKUoedknZdEn9knV
JyfO22pmFuedio603XoGLzRylU2DxDdM1inawomwkkqR5fHUEFGgKjkC93UzrSq9
0m0rDjFfdRCMop1sR4OOFWm23oh3M/AUfnaXL66/X8wiBJFzh0pOPjXpVl66iw++
SJJODfUalt5HDvSgtlD3JutWF0wyqrSw0u5X7UQvi3Q/GYiiWejoCQfA6sasSc5K
8Lv+BBvGCzburCyCrvxx3izqGQBGcC65
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:17:51 2024 by rpki-client on console-fra.rpki-client.org