Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/3001ad-de90-4360-811f-0a0d05ed0c6b/1/nh9gXYbuO-HTwmrL6SeiJz0yJcs.roa
File: nh9gXYbuO-HTwmrL6SeiJz0yJcs.roa (raw, json)
Hash identifier: MU2G4TvgdF1Nnz/zc4ub1vium29qaASdcupxfjx7Xsk=
Subject key identifier: 9E:1F:60:5D:86:EE:3B:E1:D3:C2:6A:CB:E9:27:A2:27:3D:32:25:CB
Certificate issuer: /CN=af935603e52e831537716d458b360192f99a3689
Certificate serial: 018CC6B883E874CA9228B94ED6AEEE37FE3A
Authority key identifier: AF:93:56:03:E5:2E:83:15:37:71:6D:45:8B:36:01:92:F9:9A:36:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r5NWA-UugxU3cW1FizYBkvmaNok.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/3001ad-de90-4360-811f-0a0d05ed0c6b/1/nh9gXYbuO-HTwmrL6SeiJz0yJcs.roa
Signing time: Mon 01 Jan 2024 20:30:30 +0000
ROA not before: Mon 01 Jan 2024 20:30:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 185.49.132.0/23 maxlen: 23
185.49.132.0/22 maxlen: 22
185.49.134.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/3001ad-de90-4360-811f-0a0d05ed0c6b/1/r5NWA-UugxU3cW1FizYBkvmaNok.crl
rsync://rpki.ripe.net/repository/DEFAULT/fc/3001ad-de90-4360-811f-0a0d05ed0c6b/1/r5NWA-UugxU3cW1FizYBkvmaNok.mft
rsync://rpki.ripe.net/repository/DEFAULT/r5NWA-UugxU3cW1FizYBkvmaNok.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 16:01:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:83:e8:74:ca:92:28:b9:4e:d6:ae:ee:37:fe:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af935603e52e831537716d458b360192f99a3689
Validity
Not Before: Jan 1 20:30:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9e1f605d86ee3be1d3c26acbe927a2273d3225cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:a5:54:49:5e:6d:96:e2:08:62:d8:d5:75:c0:
11:ba:7f:e1:d1:23:37:fe:b6:55:84:23:5f:a4:ee:
fc:9a:20:73:0b:fd:d1:f8:82:19:e7:ce:f2:42:2a:
67:b1:0d:8a:31:c1:55:29:90:14:d5:4d:10:4c:50:
c1:13:7f:d9:96:29:bc:d6:d6:b9:b5:c6:b4:61:82:
09:2d:41:d0:34:0c:93:6e:8d:70:b6:e9:30:91:d6:
b0:43:e3:d1:16:13:66:42:d5:1d:94:c8:9b:cc:ab:
68:a7:d1:d8:fb:82:00:69:04:f3:53:bf:6a:81:7b:
6f:09:79:d5:7c:62:dd:2a:2c:52:0b:c7:2f:f6:67:
84:2c:81:52:16:8a:eb:43:11:45:99:dc:f4:db:66:
17:40:cf:90:3e:d6:4e:e5:2f:3c:61:43:5f:7a:d3:
5c:a0:9c:f6:6f:89:4e:b6:6c:81:8b:27:5c:8d:46:
5a:6b:1f:42:ec:0c:89:00:50:af:4a:bd:b3:96:7d:
f9:4e:23:c4:5c:aa:09:cb:a7:88:ef:b1:af:c7:19:
42:3a:82:19:0d:86:42:40:5e:53:9b:50:9d:2d:06:
d5:00:9c:5b:b0:8c:de:fd:ff:d6:7b:ec:1a:eb:1f:
ba:19:e7:34:df:72:9a:24:d7:f0:45:2d:10:bc:ec:
9d:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:1F:60:5D:86:EE:3B:E1:D3:C2:6A:CB:E9:27:A2:27:3D:32:25:CB
X509v3 Authority Key Identifier:
keyid:AF:93:56:03:E5:2E:83:15:37:71:6D:45:8B:36:01:92:F9:9A:36:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r5NWA-UugxU3cW1FizYBkvmaNok.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/3001ad-de90-4360-811f-0a0d05ed0c6b/1/nh9gXYbuO-HTwmrL6SeiJz0yJcs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/3001ad-de90-4360-811f-0a0d05ed0c6b/1/r5NWA-UugxU3cW1FizYBkvmaNok.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.49.132.0/22
Signature Algorithm: sha256WithRSAEncryption
05:0c:7d:8a:88:43:67:7a:4c:2d:30:95:3d:f6:c2:86:0c:5d:
e1:3a:dc:ad:15:c6:45:14:7b:3a:7b:f3:3c:50:a6:e0:a1:9d:
ea:c9:b6:ba:c5:fd:d2:20:a7:43:07:cd:98:74:c6:4a:a4:60:
02:85:99:e4:64:02:e9:de:58:f0:a9:a4:0b:22:14:8a:10:1c:
5e:fc:00:30:44:54:0a:fd:e4:d3:2b:3e:e6:53:fa:e0:0c:70:
29:c8:34:1f:e4:4c:31:b1:00:86:ee:0a:3c:9c:25:82:66:36:
c4:10:8f:fa:c2:71:4c:a3:10:02:72:b8:4f:54:8a:9c:52:aa:
4a:ff:ae:cd:05:ee:11:70:38:3a:45:eb:57:74:8d:5c:3e:7f:
48:5c:ff:79:a0:d7:28:4b:d0:7e:aa:1f:1c:40:82:06:42:c9:
de:b3:65:ee:e5:ca:42:b8:7b:06:ad:b0:91:91:9b:8f:45:a8:
52:97:3b:60:d2:e7:e7:9d:76:27:d3:a0:49:4d:b2:5e:3a:46:
c7:04:93:e4:ec:7a:26:85:74:ad:89:c8:bb:7e:c7:37:4a:46:
c6:5f:a5:fa:99:80:be:27:27:97:b5:b5:40:6a:bb:29:26:73:
36:4c:14:98:12:a7:98:40:5a:8a:ec:ab:dd:cd:5e:d3:2c:d6:
af:8e:8a:d5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuIPodMqSKLlO1q7uN/46MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmOTM1NjAzZTUyZTgzMTUzNzcxNmQ0NThiMzYwMTkyZjk5
YTM2ODkwHhcNMjQwMTAxMjAzMDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTFmNjA1ZDg2ZWUzYmUxZDNjMjZhY2JlOTI3YTIyNzNkMzIyNWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApqVUSV5tluIIYtjVdcARun/h0SM3
/rZVhCNfpO78miBzC/3R+IIZ587yQipnsQ2KMcFVKZAU1U0QTFDBE3/Zlim81ta5
tca0YYIJLUHQNAyTbo1wtukwkdawQ+PRFhNmQtUdlMibzKtop9HY+4IAaQTzU79q
gXtvCXnVfGLdKixSC8cv9meELIFSForrQxFFmdz022YXQM+QPtZO5S88YUNfetNc
oJz2b4lOtmyBiydcjUZaax9C7AyJAFCvSr2zln35TiPEXKoJy6eI77GvxxlCOoIZ
DYZCQF5Tm1CdLQbVAJxbsIze/f/We+wa6x+6Gec033KaJNfwRS0QvOydMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ4fYF2G7jvh08Jqy+knoic9MiXLMB8GA1UdIwQY
MBaAFK+TVgPlLoMVN3FtRYs2AZL5mjaJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjVOV0EtVXVneFUzY1cxRml6WUJrdm1hTm9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy8zMDAxYWQtZGU5MC00MzYwLTgxMWYt
MGEwZDA1ZWQwYzZiLzEvbmg5Z1hZYnVPLUhUd21yTDZTZWlKejB5SmNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy8zMDAxYWQtZGU5MC00MzYwLTgxMWYtMGEwZDA1ZWQwYzZi
LzEvcjVOV0EtVXVneFUzY1cxRml6WUJrdm1hTm9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuTGEMA0G
CSqGSIb3DQEBCwUAA4IBAQAFDH2KiENnekwtMJU99sKGDF3hOtytFcZFFHs6e/M8
UKbgoZ3qyba6xf3SIKdDB82YdMZKpGAChZnkZALp3ljwqaQLIhSKEBxe/AAwRFQK
/eTTKz7mU/rgDHApyDQf5EwxsQCG7go8nCWCZjbEEI/6wnFMoxACcrhPVIqcUqpK
/67NBe4RcDg6RetXdI1cPn9IXP95oNcoS9B+qh8cQIIGQsnes2Xu5cpCuHsGrbCR
kZuPRahSlztg0ufnnXYn06BJTbJeOkbHBJPk7HomhXStici7fsc3SkbGX6X6mYC+
JyeXtbVAarspJnM2TBSYEqeYQFqK7KvdzV7TLNavjorV
-----END CERTIFICATE-----
Generated at Thu May 2 19:46:13 2024 by rpki-client on console-fra.rpki-client.org