Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/703bd6-1b2f-4083-b1e7-7a5f60189c51/1/noobUfXLR01ci1yDFZxV4J538C0.roa
File: noobUfXLR01ci1yDFZxV4J538C0.roa (raw, json)
Hash identifier: d52s/4e1/xDmoZAgFRhZdim8aHl6OF/5NCpcyrxGJ6o=
Subject key identifier: 9E:8A:1B:51:F5:CB:47:4D:5C:8B:5C:83:15:9C:55:E0:9E:77:F0:2D
Certificate issuer: /CN=d742fa4fb28faf28a18e8add4c10c96337c3c4c5
Certificate serial: 018CC9BC470B48C738728DE77D1A67B2DC85
Authority key identifier: D7:42:FA:4F:B2:8F:AF:28:A1:8E:8A:DD:4C:10:C9:63:37:C3:C4:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10L6T7KPryihjordTBDJYzfDxMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/703bd6-1b2f-4083-b1e7-7a5f60189c51/1/noobUfXLR01ci1yDFZxV4J538C0.roa
Signing time: Tue 02 Jan 2024 10:33:28 +0000
ROA not before: Tue 02 Jan 2024 10:33:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39544
IP address blocks: 185.137.236.0/22 maxlen: 22
178.211.224.0/19 maxlen: 19
185.20.200.0/22 maxlen: 22
109.203.32.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/703bd6-1b2f-4083-b1e7-7a5f60189c51/1/10L6T7KPryihjordTBDJYzfDxMU.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/703bd6-1b2f-4083-b1e7-7a5f60189c51/1/10L6T7KPryihjordTBDJYzfDxMU.mft
rsync://rpki.ripe.net/repository/DEFAULT/10L6T7KPryihjordTBDJYzfDxMU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 14 May 2024 01:01:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:47:0b:48:c7:38:72:8d:e7:7d:1a:67:b2:dc:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d742fa4fb28faf28a18e8add4c10c96337c3c4c5
Validity
Not Before: Jan 2 10:33:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9e8a1b51f5cb474d5c8b5c83159c55e09e77f02d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:9c:c0:aa:ff:5e:4a:7b:b9:d6:5e:c1:07:39:
8a:1a:7e:04:b7:80:1e:7c:f4:d3:32:d5:e8:be:57:
d5:62:e0:58:a8:1e:9d:1a:78:69:55:5f:05:aa:c7:
09:99:9a:68:fd:6c:e4:10:49:dd:08:99:47:e9:1e:
7d:cf:ad:e9:65:72:c2:ed:f3:40:dd:5f:56:cd:83:
50:89:ca:fa:32:46:55:d2:1e:8e:a6:06:69:93:54:
fe:66:cf:97:37:a8:f2:a3:1a:d6:37:63:f7:a9:d7:
a7:fa:4f:36:b4:9c:a1:cf:13:b2:ad:fe:31:a9:88:
a9:39:df:50:68:a8:17:d5:a7:0c:ff:da:aa:5a:b2:
b0:2a:fe:f1:de:95:f1:c3:2b:93:cc:d2:25:34:68:
82:f0:2e:87:fe:d1:db:30:de:cd:93:a6:6a:12:df:
dd:a9:f2:94:ba:14:75:04:44:8d:1e:d2:05:dd:ac:
62:d7:00:74:4a:65:b4:e6:8a:23:fe:f0:7d:b0:a6:
9a:b5:93:18:5c:60:4b:f5:2e:85:09:6c:ed:10:47:
4f:d5:bc:1b:59:f8:4d:fb:96:c3:9c:0e:f3:b7:e5:
b7:12:44:73:5f:a7:8a:34:05:1c:cc:9f:85:60:dd:
c6:d9:0d:9f:0c:76:5d:09:09:9d:5d:6d:8e:62:3d:
f3:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:8A:1B:51:F5:CB:47:4D:5C:8B:5C:83:15:9C:55:E0:9E:77:F0:2D
X509v3 Authority Key Identifier:
keyid:D7:42:FA:4F:B2:8F:AF:28:A1:8E:8A:DD:4C:10:C9:63:37:C3:C4:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10L6T7KPryihjordTBDJYzfDxMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/703bd6-1b2f-4083-b1e7-7a5f60189c51/1/noobUfXLR01ci1yDFZxV4J538C0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/703bd6-1b2f-4083-b1e7-7a5f60189c51/1/10L6T7KPryihjordTBDJYzfDxMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.203.32.0/19
178.211.224.0/19
185.20.200.0/22
185.137.236.0/22
Signature Algorithm: sha256WithRSAEncryption
93:99:72:d5:3a:8c:90:54:19:d0:82:1a:ce:ce:79:e8:68:4d:
2c:a2:82:8b:20:53:b8:fd:35:49:24:9a:0d:6e:05:0d:f5:85:
86:c7:d6:01:9e:e4:8c:51:23:34:1c:da:e7:32:5c:97:8b:b7:
cf:05:71:40:9a:c4:c1:9f:0f:44:02:ef:0d:f4:88:b2:01:40:
95:80:73:cd:08:2f:a1:06:4b:8c:18:72:a8:42:6c:44:f3:cc:
33:6d:1a:bc:0f:12:6d:48:36:8a:7c:c5:0b:19:cf:5c:f7:97:
7e:3d:65:d2:46:51:30:79:d8:3a:ad:3c:2b:06:ee:f5:6e:66:
5f:8f:19:97:f2:7a:25:bd:47:3f:94:b1:12:ae:1b:ac:77:0f:
08:d0:92:18:30:de:82:05:f4:2f:46:71:2b:6e:63:4e:1f:c8:
95:58:bd:13:90:50:15:e7:a1:f3:b3:c4:8b:f0:59:42:09:c2:
c3:94:71:57:a7:f7:eb:c9:28:cf:6c:2d:04:d9:1f:84:26:cf:
2c:80:86:00:fa:ac:25:14:75:52:0b:40:1a:1b:dd:46:51:4c:
ad:94:ed:28:d8:f1:18:0c:3b:a8:10:df:07:4e:ca:fd:9d:0d:
1c:cd:70:d0:e5:c2:74:f9:ed:83:68:0e:b8:41:a8:70:7a:8e:
a1:ad:23:7f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzJvEcLSMc4co3nfRpnstyFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NDJmYTRmYjI4ZmFmMjhhMThlOGFkZDRjMTBjOTYzMzdj
M2M0YzUwHhcNMjQwMTAyMTAzMzI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZThhMWI1MWY1Y2I0NzRkNWM4YjVjODMxNTljNTVlMDllNzdmMDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2pzAqv9eSnu51l7BBzmKGn4Et4Ae
fPTTMtXovlfVYuBYqB6dGnhpVV8FqscJmZpo/WzkEEndCJlH6R59z63pZXLC7fNA
3V9WzYNQicr6MkZV0h6OpgZpk1T+Zs+XN6jyoxrWN2P3qden+k82tJyhzxOyrf4x
qYipOd9QaKgX1acM/9qqWrKwKv7x3pXxwyuTzNIlNGiC8C6H/tHbMN7Nk6ZqEt/d
qfKUuhR1BESNHtIF3axi1wB0SmW05ooj/vB9sKaatZMYXGBL9S6FCWztEEdP1bwb
WfhN+5bDnA7zt+W3EkRzX6eKNAUczJ+FYN3G2Q2fDHZdCQmdXW2OYj3zxQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJ6KG1H1y0dNXItcgxWcVeCed/AtMB8GA1UdIwQY
MBaAFNdC+k+yj68ooY6K3UwQyWM3w8TFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTBMNlQ3S1ByeWloam9yZFRCREpZemZEeE1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi83MDNiZDYtMWIyZi00MDgzLWIxZTct
N2E1ZjYwMTg5YzUxLzEvbm9vYlVmWExSMDFjaTF5REZaeFY0SjUzOEMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi83MDNiZDYtMWIyZi00MDgzLWIxZTctN2E1ZjYwMTg5YzUx
LzEvMTBMNlQ3S1ByeWloam9yZFRCREpZemZEeE1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQFbcsgAwQF
stPgAwQCuRTIAwQCuYnsMA0GCSqGSIb3DQEBCwUAA4IBAQCTmXLVOoyQVBnQghrO
znnoaE0sooKLIFO4/TVJJJoNbgUN9YWGx9YBnuSMUSM0HNrnMlyXi7fPBXFAmsTB
nw9EAu8N9IiyAUCVgHPNCC+hBkuMGHKoQmxE88wzbRq8DxJtSDaKfMULGc9c95d+
PWXSRlEwedg6rTwrBu71bmZfjxmX8nolvUc/lLESrhusdw8I0JIYMN6CBfQvRnEr
bmNOH8iVWL0TkFAV56Hzs8SL8FlCCcLDlHFXp/frySjPbC0E2R+EJs8sgIYA+qwl
FHVSC0AaG91GUUytlO0o2PEYDDuoEN8HTsr9nQ0czXDQ5cJ0+e2DaA64Qahweo6h
rSN/
-----END CERTIFICATE-----
Generated at Mon May 13 11:50:44 2024 by rpki-client on console-fra.rpki-client.org