Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/f5c6ba-170d-47c5-9c7c-1766a277d85b/1/NKiIy2qt0pzOt1dVeYL2U-GEPbs.roa
File: NKiIy2qt0pzOt1dVeYL2U-GEPbs.roa (raw, json)
Hash identifier: Lmojelah2OlTab8O1+U+G3CjB6zbqGCimDGkFv1z/dY=
Subject key identifier: 34:A8:88:CB:6A:AD:D2:9C:CE:B7:57:55:79:82:F6:53:E1:84:3D:BB
Certificate issuer: /CN=4dd23422264a79c0315482ed4f27c751353f26bb
Certificate serial: 018CC500C9A6E486D9C1202AF10A4AAB035C
Authority key identifier: 4D:D2:34:22:26:4A:79:C0:31:54:82:ED:4F:27:C7:51:35:3F:26:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TdI0IiZKecAxVILtTyfHUTU_Jrs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/f5c6ba-170d-47c5-9c7c-1766a277d85b/1/NKiIy2qt0pzOt1dVeYL2U-GEPbs.roa
Signing time: Mon 01 Jan 2024 12:30:12 +0000
ROA not before: Mon 01 Jan 2024 12:30:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43625
IP address blocks: 91.198.84.0/24 maxlen: 24
185.160.132.0/22 maxlen: 22
109.232.48.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/f5c6ba-170d-47c5-9c7c-1766a277d85b/1/TdI0IiZKecAxVILtTyfHUTU_Jrs.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/f5c6ba-170d-47c5-9c7c-1766a277d85b/1/TdI0IiZKecAxVILtTyfHUTU_Jrs.mft
rsync://rpki.ripe.net/repository/DEFAULT/TdI0IiZKecAxVILtTyfHUTU_Jrs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:c9:a6:e4:86:d9:c1:20:2a:f1:0a:4a:ab:03:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4dd23422264a79c0315482ed4f27c751353f26bb
Validity
Not Before: Jan 1 12:30:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=34a888cb6aadd29cceb757557982f653e1843dbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:9c:5f:04:0e:2b:de:46:8d:40:05:3e:1f:4a:
40:ed:7d:75:81:f4:0d:eb:54:cd:9b:67:72:8c:0c:
d7:40:02:3a:64:70:3d:21:ec:97:67:09:39:14:f9:
a0:1a:99:03:b3:d7:8c:02:58:42:c7:f2:89:07:cf:
ae:48:c1:33:ce:7b:98:fe:0b:cf:f7:c2:07:bc:7d:
86:fd:b6:f0:4f:d6:12:97:74:41:e9:5e:66:4d:ec:
d8:09:4b:86:01:13:8e:65:19:f8:05:07:0d:69:39:
7d:35:5b:db:5d:3f:59:35:5e:a4:27:7e:3c:05:39:
42:9e:f0:1b:50:bf:ea:7a:8c:bb:49:37:11:e3:0d:
1a:32:5a:3a:7e:1a:ee:b4:68:5c:63:9d:08:76:5f:
7a:cb:56:f5:9f:92:03:b4:3a:a3:ed:d0:96:88:25:
b2:4f:d8:3c:df:27:6d:6a:36:ae:bb:68:fb:16:1b:
58:0f:a7:b5:80:cd:32:f0:79:5a:62:85:ce:84:d9:
f7:27:aa:b2:f1:75:7b:6e:ea:56:c0:9b:d0:14:f5:
41:23:81:6e:1f:7f:f7:d3:fd:24:f3:cc:36:66:c3:
ea:56:4c:94:cc:d6:a1:eb:c2:6f:bb:2e:e7:3f:c0:
a0:39:4a:cf:4a:58:23:d4:90:68:ec:e2:13:af:7b:
de:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:A8:88:CB:6A:AD:D2:9C:CE:B7:57:55:79:82:F6:53:E1:84:3D:BB
X509v3 Authority Key Identifier:
keyid:4D:D2:34:22:26:4A:79:C0:31:54:82:ED:4F:27:C7:51:35:3F:26:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TdI0IiZKecAxVILtTyfHUTU_Jrs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/f5c6ba-170d-47c5-9c7c-1766a277d85b/1/NKiIy2qt0pzOt1dVeYL2U-GEPbs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/f5c6ba-170d-47c5-9c7c-1766a277d85b/1/TdI0IiZKecAxVILtTyfHUTU_Jrs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.84.0/24
109.232.48.0/21
185.160.132.0/22
Signature Algorithm: sha256WithRSAEncryption
52:47:56:5b:7a:2b:f7:a1:1b:f6:97:2f:dd:54:bf:dc:22:7d:
a4:db:0e:1b:7b:b9:7e:c5:5c:2e:e3:2f:a2:6f:d9:68:56:09:
7c:b4:7f:0b:16:66:fa:c1:3b:66:a3:dd:1f:78:f4:ff:23:3d:
b8:a7:c9:7d:bc:88:41:b6:1a:76:4d:73:e9:e9:ae:87:4c:57:
6b:98:f4:5d:06:bd:84:e8:45:8c:f9:2e:03:84:d3:e2:cd:8a:
53:91:0a:52:7a:3b:a5:07:b5:58:a7:75:73:f5:52:e5:d4:61:
ac:72:01:55:ac:78:cb:cf:fd:cd:7c:ae:ce:f0:54:af:d2:40:
1a:2c:db:5d:02:25:a1:66:13:82:59:61:2a:55:e0:4a:67:c7:
62:85:a0:33:c6:75:9d:80:23:82:f2:96:b6:62:06:e6:93:15:
cb:c7:23:51:36:33:da:77:67:12:eb:7f:a7:f0:0e:62:9b:ef:
54:9a:09:fb:84:ed:55:59:f4:ae:f3:43:c1:dc:16:c0:1a:da:
0c:e9:26:62:da:66:d4:71:26:44:e3:d8:da:7f:5d:82:e5:ad:
a2:b0:91:f4:07:7e:cb:1e:72:a8:54:b5:11:35:da:59:7e:b4:
96:91:a0:2d:46:1a:5a:43:f0:73:09:a4:23:20:97:77:77:54:
07:02:30:2b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzFAMmm5IbZwSAq8QpKqwNcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZDIzNDIyMjY0YTc5YzAzMTU0ODJlZDRmMjdjNzUxMzUz
ZjI2YmIwHhcNMjQwMTAxMTIzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGE4ODhjYjZhYWRkMjljY2ViNzU3NTU3OTgyZjY1M2UxODQzZGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5xfBA4r3kaNQAU+H0pA7X11gfQN
61TNm2dyjAzXQAI6ZHA9IeyXZwk5FPmgGpkDs9eMAlhCx/KJB8+uSMEzznuY/gvP
98IHvH2G/bbwT9YSl3RB6V5mTezYCUuGAROOZRn4BQcNaTl9NVvbXT9ZNV6kJ348
BTlCnvAbUL/qeoy7STcR4w0aMlo6fhrutGhcY50Idl96y1b1n5IDtDqj7dCWiCWy
T9g83ydtajauu2j7FhtYD6e1gM0y8HlaYoXOhNn3J6qy8XV7bupWwJvQFPVBI4Fu
H3/30/0k88w2ZsPqVkyUzNah68Jvuy7nP8CgOUrPSlgj1JBo7OITr3vewQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDSoiMtqrdKczrdXVXmC9lPhhD27MB8GA1UdIwQY
MBaAFE3SNCImSnnAMVSC7U8nx1E1Pya7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGRJMElpWktlY0F4VklMdFR5ZkhVVFVfSnJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9mNWM2YmEtMTcwZC00N2M1LTljN2Mt
MTc2NmEyNzdkODViLzEvTktpSXkycXQwcHpPdDFkVmVZTDJVLUdFUGJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9mNWM2YmEtMTcwZC00N2M1LTljN2MtMTc2NmEyNzdkODVi
LzEvVGRJMElpWktlY0F4VklMdFR5ZkhVVFVfSnJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW8ZUAwQD
begwAwQCuaCEMA0GCSqGSIb3DQEBCwUAA4IBAQBSR1Zbeiv3oRv2ly/dVL/cIn2k
2w4be7l+xVwu4y+ib9loVgl8tH8LFmb6wTtmo90fePT/Iz24p8l9vIhBthp2TXPp
6a6HTFdrmPRdBr2E6EWM+S4DhNPizYpTkQpSejulB7VYp3Vz9VLl1GGscgFVrHjL
z/3NfK7O8FSv0kAaLNtdAiWhZhOCWWEqVeBKZ8dihaAzxnWdgCOC8pa2YgbmkxXL
xyNRNjPad2cS63+n8A5im+9Umgn7hO1VWfSu80PB3BbAGtoM6SZi2mbUcSZE49ja
f12C5a2isJH0B37LHnKoVLURNdpZfrSWkaAtRhpaQ/BzCaQjIJd3d1QHAjAr
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:14:48 2024 by rpki-client on console-fra.rpki-client.org