Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/425149-9c68-41fb-8035-d76c8c739861/1/NcO6vwcGcnUOC_AQrU4yrvcsXuM.roa
File: NcO6vwcGcnUOC_AQrU4yrvcsXuM.roa (raw, json)
Hash identifier: G12dtw8ij8oZW1o733If35WiBNNjwMZGrHhFhkxJ4SY=
Subject key identifier: 35:C3:BA:BF:07:06:72:75:0E:0B:F0:10:AD:4E:32:AE:F7:2C:5E:E3
Certificate issuer: /CN=8ad240603ec6ebcd62f72d46f1dc00cb7e1f0b2e
Certificate serial: 018CC94CAA9ABF4D5663E47DA8AB14DCFED4
Authority key identifier: 8A:D2:40:60:3E:C6:EB:CD:62:F7:2D:46:F1:DC:00:CB:7E:1F:0B:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/itJAYD7G681i9y1G8dwAy34fCy4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/425149-9c68-41fb-8035-d76c8c739861/1/NcO6vwcGcnUOC_AQrU4yrvcsXuM.roa
Signing time: Tue 02 Jan 2024 08:31:33 +0000
ROA not before: Tue 02 Jan 2024 08:31:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3330
IP address blocks: 194.112.192.0/18 maxlen: 18
62.249.64.0/18 maxlen: 18
194.112.128.0/18 maxlen: 18
193.186.161.0/24 maxlen: 24
185.92.100.0/22 maxlen: 22
2a02:5e0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/425149-9c68-41fb-8035-d76c8c739861/1/itJAYD7G681i9y1G8dwAy34fCy4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/425149-9c68-41fb-8035-d76c8c739861/1/itJAYD7G681i9y1G8dwAy34fCy4.mft
rsync://rpki.ripe.net/repository/DEFAULT/itJAYD7G681i9y1G8dwAy34fCy4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4c:aa:9a:bf:4d:56:63:e4:7d:a8:ab:14:dc:fe:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ad240603ec6ebcd62f72d46f1dc00cb7e1f0b2e
Validity
Not Before: Jan 2 08:31:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=35c3babf070672750e0bf010ad4e32aef72c5ee3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:4e:8e:59:b6:be:7f:fc:d1:de:2c:7f:4d:79:
be:aa:47:1b:08:20:13:49:eb:85:94:21:e9:84:0e:
a7:ea:73:de:11:9a:0f:96:dc:a1:81:24:e9:51:3d:
31:1a:22:6b:c2:1b:c5:5f:d8:19:d7:84:4d:6c:99:
e8:58:05:85:87:fe:89:bb:57:3c:47:f4:b2:d5:a0:
b8:71:71:a4:30:0f:82:9e:62:a6:dd:99:b5:35:28:
ef:37:4b:2f:83:0c:98:b3:f5:bd:4d:a7:14:bf:c8:
3b:74:57:07:ac:78:51:fe:d2:3b:c3:82:7e:df:fa:
ba:32:b0:94:5d:d8:93:d5:39:f2:16:c4:25:13:9c:
ad:1d:83:66:1d:f8:3e:38:0d:64:79:da:2c:3b:5a:
5d:d8:ea:90:25:51:8d:57:a9:b5:ea:a9:a3:ed:e2:
80:3d:fd:c7:de:3e:dd:63:0c:c4:05:83:ee:a2:2e:
67:fa:54:e0:87:8d:ce:ab:f1:f1:d5:9f:07:2a:d5:
54:0c:88:a5:b9:6b:39:d2:41:a8:19:f4:ca:2b:c2:
71:32:c8:02:bb:28:79:eb:2e:ed:2a:6d:23:c3:73:
87:7a:9f:09:80:f9:b4:7c:4c:13:ab:4a:da:ca:df:
58:e0:ba:39:ed:5a:4e:dd:9f:69:b5:b0:53:49:9a:
71:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:C3:BA:BF:07:06:72:75:0E:0B:F0:10:AD:4E:32:AE:F7:2C:5E:E3
X509v3 Authority Key Identifier:
keyid:8A:D2:40:60:3E:C6:EB:CD:62:F7:2D:46:F1:DC:00:CB:7E:1F:0B:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/itJAYD7G681i9y1G8dwAy34fCy4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/425149-9c68-41fb-8035-d76c8c739861/1/NcO6vwcGcnUOC_AQrU4yrvcsXuM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/425149-9c68-41fb-8035-d76c8c739861/1/itJAYD7G681i9y1G8dwAy34fCy4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.249.64.0/18
185.92.100.0/22
193.186.161.0/24
194.112.128.0/17
IPv6:
2a02:5e0::/32
Signature Algorithm: sha256WithRSAEncryption
61:ce:29:ec:4e:57:ac:05:a0:7c:6f:ae:49:ca:29:c1:73:ba:
7f:0c:c3:65:62:a8:0f:4a:9f:44:01:af:5c:2d:6b:a3:67:91:
f4:21:48:64:ce:5d:0d:e5:a9:27:49:0b:12:6c:e4:27:e0:1a:
09:49:87:98:cf:0d:80:91:13:c1:bf:3b:90:b9:9c:a2:c2:89:
9f:58:e7:f2:a9:7f:43:86:d2:6d:53:28:3d:ec:3f:c8:44:4e:
5c:d7:85:08:37:bd:85:79:da:f2:2b:b7:e6:00:79:c6:4e:35:
cd:38:d4:9e:54:14:bf:a2:b8:9d:dd:05:3a:c5:fb:56:9b:b7:
32:a8:84:8e:2a:bf:4a:a0:df:5a:8e:55:eb:59:49:0d:33:8b:
eb:51:e0:04:21:6f:2f:89:e3:ad:bb:1f:34:8d:a0:b8:68:f5:
f2:6b:70:cc:39:b6:40:8d:58:9a:4f:b4:3f:a2:3b:8c:0c:e2:
94:b1:1e:39:34:84:01:5a:67:36:f8:f1:d3:b8:49:84:4e:bc:
d6:82:cb:48:99:d0:a8:4a:99:26:da:3b:f4:36:12:aa:95:a1:
b0:1d:84:92:88:34:06:1d:35:fa:5f:e1:24:e0:67:66:31:5a:
d2:82:48:1d:de:33:45:1f:a8:b7:8c:2d:26:83:52:aa:2a:38:
b1:2b:d5:e6
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzJTKqav01WY+R9qKsU3P7UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhZDI0MDYwM2VjNmViY2Q2MmY3MmQ0NmYxZGMwMGNiN2Ux
ZjBiMmUwHhcNMjQwMTAyMDgzMTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWMzYmFiZjA3MDY3Mjc1MGUwYmYwMTBhZDRlMzJhZWY3MmM1ZWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk06OWba+f/zR3ix/TXm+qkcbCCAT
SeuFlCHphA6n6nPeEZoPltyhgSTpUT0xGiJrwhvFX9gZ14RNbJnoWAWFh/6Ju1c8
R/Sy1aC4cXGkMA+CnmKm3Zm1NSjvN0svgwyYs/W9TacUv8g7dFcHrHhR/tI7w4J+
3/q6MrCUXdiT1TnyFsQlE5ytHYNmHfg+OA1kedosO1pd2OqQJVGNV6m16qmj7eKA
Pf3H3j7dYwzEBYPuoi5n+lTgh43Oq/Hx1Z8HKtVUDIiluWs50kGoGfTKK8JxMsgC
uyh56y7tKm0jw3OHep8JgPm0fEwTq0rayt9Y4Lo57VpO3Z9ptbBTSZpx+wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFDXDur8HBnJ1DgvwEK1OMq73LF7jMB8GA1UdIwQY
MBaAFIrSQGA+xuvNYvctRvHcAMt+HwsuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXRKQVlEN0c2ODFpOXkxRzhkd0F5MzRmQ3k0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy80MjUxNDktOWM2OC00MWZiLTgwMzUt
ZDc2YzhjNzM5ODYxLzEvTmNPNnZ3Y0djblVPQ19BUXJVNHlydmNzWHVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy80MjUxNDktOWM2OC00MWZiLTgwMzUtZDc2YzhjNzM5ODYx
LzEvaXRKQVlEN0c2ODFpOXkxRzhkd0F5MzRmQ3k0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQGPvlAAwQC
uVxkAwQAwbqhAwQHwnCAMA0EAgACMAcDBQAqAgXgMA0GCSqGSIb3DQEBCwUAA4IB
AQBhzinsTlesBaB8b65JyinBc7p/DMNlYqgPSp9EAa9cLWujZ5H0IUhkzl0N5akn
SQsSbOQn4BoJSYeYzw2AkRPBvzuQuZyiwomfWOfyqX9DhtJtUyg97D/IRE5c14UI
N72FedryK7fmAHnGTjXNONSeVBS/orid3QU6xftWm7cyqISOKr9KoN9ajlXrWUkN
M4vrUeAEIW8vieOtux80jaC4aPXya3DMObZAjViaT7Q/ojuMDOKUsR45NIQBWmc2
+PHTuEmETrzWgstImdCoSpkm2jv0NhKqlaGwHYSSiDQGHTX6X+Ek4GdmMVrSgkgd
3jNFH6i3jC0mg1KqKjixK9Xm
-----END CERTIFICATE-----
Generated at Sat Nov 23 13:14:26 2024 by rpki-client on console-ams.rpki-client.org