Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/d2aab0-8363-4b14-9cc2-c8bb8ea39804/1/NM10MBaBSFAHVemX2KMm2aMJ7VE.roa
File: NM10MBaBSFAHVemX2KMm2aMJ7VE.roa (raw, json)
Hash identifier: g4Cq2JShey8f6eJ/rgeeZ2wmC2GK3fY8FHhXtiFAGno=
Subject key identifier: 34:CD:74:30:16:81:48:50:07:55:E9:97:D8:A3:26:D9:A3:09:ED:51
Certificate issuer: /CN=77b020308865c3360dab19f3a5703341864e9f50
Certificate serial: 018CC3488C20B1BEBFF19FF56B592F606276
Authority key identifier: 77:B0:20:30:88:65:C3:36:0D:AB:19:F3:A5:70:33:41:86:4E:9F:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d7AgMIhlwzYNqxnzpXAzQYZOn1A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/d2aab0-8363-4b14-9cc2-c8bb8ea39804/1/NM10MBaBSFAHVemX2KMm2aMJ7VE.roa
Signing time: Mon 01 Jan 2024 04:29:20 +0000
ROA not before: Mon 01 Jan 2024 04:29:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 22351
IP address blocks: 91.232.198.0/24 maxlen: 24
91.232.208.0/24 maxlen: 24
185.87.144.0/22 maxlen: 24
91.232.235.0/24 maxlen: 24
91.232.129.0/24 maxlen: 24
80.73.219.0/24 maxlen: 24
80.73.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/d2aab0-8363-4b14-9cc2-c8bb8ea39804/1/d7AgMIhlwzYNqxnzpXAzQYZOn1A.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/d2aab0-8363-4b14-9cc2-c8bb8ea39804/1/d7AgMIhlwzYNqxnzpXAzQYZOn1A.mft
rsync://rpki.ripe.net/repository/DEFAULT/d7AgMIhlwzYNqxnzpXAzQYZOn1A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 19:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:8c:20:b1:be:bf:f1:9f:f5:6b:59:2f:60:62:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77b020308865c3360dab19f3a5703341864e9f50
Validity
Not Before: Jan 1 04:29:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=34cd7430168148500755e997d8a326d9a309ed51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:db:54:ca:ef:a0:cb:bb:88:3b:ba:ab:dc:49:
4c:5f:ae:fa:66:5f:e2:d6:d6:23:f3:d9:dd:da:73:
1a:79:9c:da:f9:e7:a0:36:56:3e:10:45:df:ba:50:
ad:31:ca:8b:61:d2:05:98:40:40:86:75:14:97:9b:
ac:f0:e6:9a:f7:d2:f5:cd:d6:0f:32:8e:b7:a3:2a:
2b:9b:3c:65:ca:c0:95:90:24:ee:bb:6a:0a:79:4c:
34:ff:18:8a:2c:78:bb:f3:ed:05:f7:a1:6d:b0:33:
f5:01:08:87:f2:c5:0b:02:cf:ef:64:c1:9c:00:48:
b9:e6:d6:5d:f2:f4:0d:b9:44:80:a2:40:e2:63:a9:
02:02:4a:8d:59:8e:62:1e:2b:10:9f:51:dc:dc:c9:
45:58:3a:60:19:5f:96:ce:19:87:cf:c9:04:85:2c:
7c:af:b0:ce:e3:22:94:3d:a7:79:4f:77:8b:4f:f3:
6e:9d:ce:78:22:97:de:5f:73:70:a4:6d:fc:d1:5d:
3f:7c:c4:81:db:ad:14:f3:7c:79:d0:d9:bb:18:e5:
32:35:96:dc:6a:53:3f:6b:3f:e2:40:20:d7:e6:5d:
11:c5:8c:b4:21:15:db:ba:3c:20:5a:65:d7:c0:f5:
17:a3:43:3d:1b:89:e4:cf:33:d9:bd:5d:41:e7:e0:
ee:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:CD:74:30:16:81:48:50:07:55:E9:97:D8:A3:26:D9:A3:09:ED:51
X509v3 Authority Key Identifier:
keyid:77:B0:20:30:88:65:C3:36:0D:AB:19:F3:A5:70:33:41:86:4E:9F:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7AgMIhlwzYNqxnzpXAzQYZOn1A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/d2aab0-8363-4b14-9cc2-c8bb8ea39804/1/NM10MBaBSFAHVemX2KMm2aMJ7VE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/d2aab0-8363-4b14-9cc2-c8bb8ea39804/1/d7AgMIhlwzYNqxnzpXAzQYZOn1A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.73.219.0-80.73.220.255
91.232.129.0/24
91.232.198.0/24
91.232.208.0/24
91.232.235.0/24
185.87.144.0/22
Signature Algorithm: sha256WithRSAEncryption
78:2a:cc:73:ca:68:79:5b:60:06:54:0a:92:9d:00:27:95:7b:
fd:7b:e2:af:37:38:71:38:b6:ca:30:12:1d:3c:82:b0:6f:72:
fc:97:bb:8f:4d:2e:29:3f:f2:5e:9f:74:b2:f3:10:b6:67:2e:
bf:ae:a0:b1:3d:ce:19:34:ff:cd:ec:3a:f0:a8:00:ef:46:1a:
34:60:21:8c:95:ef:7f:77:b8:c4:59:a2:fb:cf:6f:dc:b2:00:
d9:97:56:96:de:f4:06:dd:44:a1:81:4c:39:09:4f:ae:57:57:
6e:1f:7e:56:dd:b7:7f:e7:44:56:59:fc:fd:63:9b:c9:05:20:
93:ba:cb:80:f8:71:90:14:37:47:5f:b5:d4:d2:68:31:df:8a:
86:a0:ae:a3:3b:4e:b5:da:0d:2c:f4:8b:74:6c:12:68:b1:9f:
a5:d5:3e:4f:87:e2:24:2e:b5:9e:46:db:3f:76:31:18:09:e3:
2c:ec:b0:89:24:63:4a:be:cc:34:8d:93:cf:28:46:b6:fc:1a:
c8:d2:70:33:55:84:8b:44:11:f5:9b:61:48:6c:c0:21:f2:db:
76:8d:ed:0b:9b:14:2b:27:b3:a2:49:72:e9:85:c0:d6:35:5d:
a4:4d:67:a9:5e:98:e4:6e:b0:ca:97:27:18:42:99:c2:89:76:
07:33:54:7f
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYzDSIwgsb6/8Z/1a1kvYGJ2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3YjAyMDMwODg2NWMzMzYwZGFiMTlmM2E1NzAzMzQxODY0
ZTlmNTAwHhcNMjQwMTAxMDQyOTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGNkNzQzMDE2ODE0ODUwMDc1NWU5OTdkOGEzMjZkOWEzMDllZDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkttUyu+gy7uIO7qr3ElMX676Zl/i
1tYj89nd2nMaeZza+eegNlY+EEXfulCtMcqLYdIFmEBAhnUUl5us8Oaa99L1zdYP
Mo63oyormzxlysCVkCTuu2oKeUw0/xiKLHi78+0F96FtsDP1AQiH8sULAs/vZMGc
AEi55tZd8vQNuUSAokDiY6kCAkqNWY5iHisQn1Hc3MlFWDpgGV+WzhmHz8kEhSx8
r7DO4yKUPad5T3eLT/Nunc54IpfeX3NwpG380V0/fMSB260U83x50Nm7GOUyNZbc
alM/az/iQCDX5l0RxYy0IRXbujwgWmXXwPUXo0M9G4nkzzPZvV1B5+DuJwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFDTNdDAWgUhQB1Xpl9ijJtmjCe1RMB8GA1UdIwQY
MBaAFHewIDCIZcM2DasZ86VwM0GGTp9QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDdBZ01JaGx3ellOcXhuenBYQXpRWVpPbjFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9kMmFhYjAtODM2My00YjE0LTljYzIt
YzhiYjhlYTM5ODA0LzEvTk0xME1CYUJTRkFIVmVtWDJLTW0yYU1KN1ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9kMmFhYjAtODM2My00YjE0LTljYzItYzhiYjhlYTM5ODA0
LzEvZDdBZ01JaGx3ellOcXhuenBYQXpRWVpPbjFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsMAwDBABQSdsD
BABQSdwDBABb6IEDBABb6MYDBABb6NADBABb6OsDBAK5V5AwDQYJKoZIhvcNAQEL
BQADggEBAHgqzHPKaHlbYAZUCpKdACeVe/174q83OHE4tsowEh08grBvcvyXu49N
Lik/8l6fdLLzELZnLr+uoLE9zhk0/83sOvCoAO9GGjRgIYyV7393uMRZovvPb9yy
ANmXVpbe9AbdRKGBTDkJT65XV24fflbdt3/nRFZZ/P1jm8kFIJO6y4D4cZAUN0df
tdTSaDHfioagrqM7TrXaDSz0i3RsEmixn6XVPk+H4iQutZ5G2z92MRgJ4yzssIkk
Y0q+zDSNk88oRrb8GsjScDNVhItEEfWbYUhswCHy23aN7QubFCsns6JJcumFwNY1
XaRNZ6lemORusMqXJxhCmcKJdgczVH8=
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:42:55 2024 by rpki-client on console-fra.rpki-client.org