Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/648c75-2be8-4bfd-a1b1-cb8b3a094209/1/nczUXyMbG1FKliGHU6UHIH8HZ_Q.roa
File: nczUXyMbG1FKliGHU6UHIH8HZ_Q.roa (raw, json)
Hash identifier: vCvLhXa09+gBCawO/60RQRCJC8njG+qhRv4b1istSJo=
Subject key identifier: 9D:CC:D4:5F:23:1B:1B:51:4A:96:21:87:53:A5:07:20:7F:07:67:F4
Certificate issuer: /CN=4ecf53007c79cc5e2f2d7356ba9121a78c0c7714
Certificate serial: 018CC4254C3644A660467EA18273BDEF0BDB
Authority key identifier: 4E:CF:53:00:7C:79:CC:5E:2F:2D:73:56:BA:91:21:A7:8C:0C:77:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ts9TAHx5zF4vLXNWupEhp4wMdxQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/648c75-2be8-4bfd-a1b1-cb8b3a094209/1/nczUXyMbG1FKliGHU6UHIH8HZ_Q.roa
Signing time: Mon 01 Jan 2024 08:30:27 +0000
ROA not before: Mon 01 Jan 2024 08:30:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 26506
IP address blocks: 83.2.226.0/23 maxlen: 23
2a01:1100:b001::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/648c75-2be8-4bfd-a1b1-cb8b3a094209/1/Ts9TAHx5zF4vLXNWupEhp4wMdxQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/648c75-2be8-4bfd-a1b1-cb8b3a094209/1/Ts9TAHx5zF4vLXNWupEhp4wMdxQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ts9TAHx5zF4vLXNWupEhp4wMdxQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:4c:36:44:a6:60:46:7e:a1:82:73:bd:ef:0b:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ecf53007c79cc5e2f2d7356ba9121a78c0c7714
Validity
Not Before: Jan 1 08:30:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9dccd45f231b1b514a96218753a507207f0767f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:69:bb:ac:3a:c5:aa:ee:02:08:05:e9:07:9c:
45:8d:3c:d8:b8:aa:e8:cd:8f:e1:bd:c8:b8:50:15:
a0:d0:b5:dc:fa:69:b8:c0:07:84:06:4e:60:bc:a1:
aa:70:97:77:a0:2b:d5:e4:31:f0:63:61:3e:a0:c9:
96:a4:be:e6:1a:ad:3d:0e:3b:86:b0:ce:52:53:29:
b4:35:2c:d2:c5:17:82:7d:75:bd:ce:48:60:fd:73:
cf:cd:af:7e:8b:3a:74:42:53:8b:be:c7:8d:42:3a:
6c:5c:1c:31:21:10:e7:7f:be:ff:fd:23:4b:cb:17:
03:a9:79:9b:d7:7d:1b:cf:26:b1:15:fa:3e:1b:59:
2f:77:bf:3a:d3:45:d0:7d:b3:94:bf:45:69:ed:07:
d9:11:78:cc:b0:80:e4:5d:31:0f:5f:32:02:f4:98:
bb:6a:49:b4:bd:68:4c:8c:7d:c4:78:f9:be:02:03:
85:bf:73:02:e0:1c:79:10:68:d3:9e:3f:9e:bd:34:
91:54:8d:13:bd:c2:4b:3e:31:7e:99:82:f3:97:12:
28:de:40:19:a2:e1:b7:b8:f6:cc:6e:26:06:95:15:
ae:6e:01:39:b8:09:ee:5a:8b:a8:41:7e:14:75:e5:
fd:ad:d5:26:1f:8f:20:8e:e4:15:1d:5f:1e:95:07:
2c:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:CC:D4:5F:23:1B:1B:51:4A:96:21:87:53:A5:07:20:7F:07:67:F4
X509v3 Authority Key Identifier:
keyid:4E:CF:53:00:7C:79:CC:5E:2F:2D:73:56:BA:91:21:A7:8C:0C:77:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ts9TAHx5zF4vLXNWupEhp4wMdxQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/648c75-2be8-4bfd-a1b1-cb8b3a094209/1/nczUXyMbG1FKliGHU6UHIH8HZ_Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/648c75-2be8-4bfd-a1b1-cb8b3a094209/1/Ts9TAHx5zF4vLXNWupEhp4wMdxQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.2.226.0/23
IPv6:
2a01:1100:b001::/48
Signature Algorithm: sha256WithRSAEncryption
5a:09:bf:ae:6e:16:1b:3b:b6:2e:64:48:69:1f:26:57:54:3b:
1a:70:ed:9c:6c:3d:c8:33:37:ce:19:5d:f4:2d:36:cf:28:42:
29:a4:1f:fb:08:65:c3:8c:80:09:65:57:70:23:91:68:d5:fc:
a4:4d:ba:77:16:90:df:cb:d5:f2:76:96:a2:85:11:b8:7c:e9:
43:5a:c9:50:d5:21:7c:95:70:76:f7:f3:09:c3:c5:1a:15:dc:
72:27:49:ba:35:af:cc:01:a7:60:0f:c6:8d:5b:a2:01:7f:90:
65:37:07:41:91:e1:64:47:84:05:6e:4a:2e:7d:c7:2b:a3:a1:
ef:45:21:9b:24:94:60:2c:9e:aa:ef:aa:35:c7:cf:89:88:43:
8a:16:ff:06:62:cd:77:77:a0:aa:0a:2a:11:c2:41:b7:2a:9f:
21:2c:dc:d2:7a:77:b9:26:8c:16:de:03:93:81:35:01:07:ab:
b5:4b:6a:47:42:e8:64:f2:f7:41:33:5e:f3:54:f3:c5:19:ac:
16:fc:1d:3f:49:ac:ef:6a:48:a6:d4:2f:61:00:25:06:e1:de:
19:87:6f:b5:05:14:84:0d:c0:d2:12:c2:36:09:b7:fb:e7:44:
91:fa:57:22:97:f6:84:70:19:87:01:ff:0c:06:f0:5b:65:49:
56:35:b2:7d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzEJUw2RKZgRn6hgnO97wvbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlY2Y1MzAwN2M3OWNjNWUyZjJkNzM1NmJhOTEyMWE3OGMw
Yzc3MTQwHhcNMjQwMTAxMDgzMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGNjZDQ1ZjIzMWIxYjUxNGE5NjIxODc1M2E1MDcyMDdmMDc2N2Y0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlmm7rDrFqu4CCAXpB5xFjTzYuKro
zY/hvci4UBWg0LXc+mm4wAeEBk5gvKGqcJd3oCvV5DHwY2E+oMmWpL7mGq09DjuG
sM5SUym0NSzSxReCfXW9zkhg/XPPza9+izp0QlOLvseNQjpsXBwxIRDnf77//SNL
yxcDqXmb130bzyaxFfo+G1kvd78600XQfbOUv0Vp7QfZEXjMsIDkXTEPXzIC9Ji7
akm0vWhMjH3EePm+AgOFv3MC4Bx5EGjTnj+evTSRVI0TvcJLPjF+mYLzlxIo3kAZ
ouG3uPbMbiYGlRWubgE5uAnuWouoQX4UdeX9rdUmH48gjuQVHV8elQcsXwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJ3M1F8jGxtRSpYhh1OlByB/B2f0MB8GA1UdIwQY
MBaAFE7PUwB8ecxeLy1zVrqRIaeMDHcUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHM5VEFIeDV6RjR2TFhOV3VwRWhwNHdNZHhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi82NDhjNzUtMmJlOC00YmZkLWExYjEt
Y2I4YjNhMDk0MjA5LzEvbmN6VVh5TWJHMUZLbGlHSFU2VUhJSDhIWl9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi82NDhjNzUtMmJlOC00YmZkLWExYjEtY2I4YjNhMDk0MjA5
LzEvVHM5VEFIeDV6RjR2TFhOV3VwRWhwNHdNZHhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBUwLiMA8E
AgACMAkDBwAqAREAsAEwDQYJKoZIhvcNAQELBQADggEBAFoJv65uFhs7ti5kSGkf
JldUOxpw7ZxsPcgzN84ZXfQtNs8oQimkH/sIZcOMgAllV3AjkWjV/KRNuncWkN/L
1fJ2lqKFEbh86UNayVDVIXyVcHb38wnDxRoV3HInSbo1r8wBp2APxo1bogF/kGU3
B0GR4WRHhAVuSi59xyujoe9FIZsklGAsnqrvqjXHz4mIQ4oW/wZizXd3oKoKKhHC
QbcqnyEs3NJ6d7kmjBbeA5OBNQEHq7VLakdC6GTy90EzXvNU88UZrBb8HT9JrO9q
SKbUL2EAJQbh3hmHb7UFFIQNwNISwjYJt/vnRJH6VyKX9oRwGYcB/wwG8FtlSVY1
sn0=
-----END CERTIFICATE-----
Generated at Tue May 21 11:54:38 2024 by rpki-client on console-ams.rpki-client.org