Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/NtPJUFPkD0g5FW7b7Y3hDpKtMxI.roa
File: NtPJUFPkD0g5FW7b7Y3hDpKtMxI.roa (raw, json)
Hash identifier: wqpIfCJhv96JtpST99cC60AK3o2tdZApwiyMXYCqG6s=
Subject key identifier: 36:D3:C9:50:53:E4:0F:48:39:15:6E:DB:ED:8D:E1:0E:92:AD:33:12
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018EE157BB03D703741DD0015725CF19673F
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/NtPJUFPkD0g5FW7b7Y3hDpKtMxI.roa
Signing time: Mon 15 Apr 2024 10:40:06 +0000
ROA not before: Mon 15 Apr 2024 10:40:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34137
IP address blocks: 79.105.0.0/16 maxlen: 16
79.105.128.0/17 maxlen: 17
85.88.160.0/19 maxlen: 19
89.109.128.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e1:57:bb:03:d7:03:74:1d:d0:01:57:25:cf:19:67:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Apr 15 10:40:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=36d3c95053e40f4839156edbed8de10e92ad3312
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:2a:eb:70:ad:30:44:7b:e3:df:33:ef:38:36:
bd:c5:0d:39:86:e9:e0:5e:fa:6b:32:8f:a3:2c:b1:
c6:08:82:84:2d:10:73:16:9e:d6:86:a0:59:2d:98:
93:de:00:e2:41:a1:6a:fb:e3:f5:53:1b:06:09:79:
98:a0:55:4e:1e:43:ae:ad:4d:f3:13:41:9e:9e:56:
16:44:e2:af:d0:a0:57:6c:2f:88:d4:46:6f:97:8b:
8c:00:3b:81:b7:cb:71:0e:dc:66:c9:2e:1f:94:cc:
f5:28:20:55:30:d0:19:ac:7f:96:ac:7f:e7:bc:8f:
a6:41:6a:91:f5:42:aa:16:9f:9f:c2:cc:4f:2a:4d:
bf:0e:08:2e:46:89:e2:ac:bd:6e:81:e9:b6:75:0f:
a6:28:c5:69:ae:24:8f:e7:3c:45:9b:a4:96:fc:18:
ce:4a:ee:b8:8d:5e:61:00:15:55:e8:a5:a3:40:1c:
54:c9:69:74:65:57:0a:35:77:3f:7d:60:13:b6:b9:
b0:f7:1a:3f:7d:a6:b1:c2:74:79:97:0c:5f:9f:b3:
a9:4b:b9:bc:fb:1b:b3:ca:f3:00:0d:18:93:00:5a:
e6:2f:55:66:f4:31:77:bf:4f:0d:9b:38:fb:b1:3e:
50:83:d6:79:37:2d:e0:87:a0:b2:ac:e1:12:8c:f5:
b3:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:D3:C9:50:53:E4:0F:48:39:15:6E:DB:ED:8D:E1:0E:92:AD:33:12
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/NtPJUFPkD0g5FW7b7Y3hDpKtMxI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.105.0.0/16
85.88.160.0/19
89.109.128.0/18
Signature Algorithm: sha256WithRSAEncryption
6f:cf:7a:db:fb:f6:3b:71:b3:8b:91:89:b5:13:64:ad:db:8d:
c9:20:8e:6e:e5:0d:3a:cc:a3:49:c1:50:dc:c9:f8:2c:53:74:
27:e4:a0:cd:8b:49:a5:70:bb:7d:9d:4c:e7:fb:ac:64:e2:cb:
e6:76:e8:c6:fc:26:19:47:7f:0b:e6:2d:9d:86:b9:c6:67:dd:
d4:02:5d:e5:1d:54:85:f2:16:dc:ec:47:fa:74:64:85:e4:6b:
a9:95:d0:49:b5:d8:7a:e7:28:8c:53:2a:ff:a7:c4:9e:1b:bc:
f3:7f:7b:6e:40:b9:9d:4f:dc:78:42:de:58:77:86:6f:45:5a:
fc:8b:a3:b6:20:78:c4:6a:b1:0c:9a:99:c5:9f:b2:f6:52:29:
c7:ca:a6:3e:3a:e4:2e:78:31:af:bb:3c:6f:93:0b:1f:02:76:
f7:6d:04:dc:f6:f1:64:68:21:54:c5:25:51:9c:3c:fd:ee:ea:
e1:80:0d:f7:30:d0:56:fb:00:f5:bf:22:e0:25:f9:63:cd:4a:
07:48:d1:3d:b1:02:e4:bd:37:2b:16:cc:c5:ef:0e:24:69:c6:
0b:c3:d9:39:e2:b4:7f:d8:90:65:05:9b:a0:b0:fd:23:e2:59:
08:ed:1e:82:ca:d9:25:9c:9e:e3:c0:55:85:a7:8b:77:03:e7:
1e:5f:f8:9c
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAY7hV7sD1wN0HdABVyXPGWc/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwNDE1MTA0MDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmQzYzk1MDUzZTQwZjQ4MzkxNTZlZGJlZDhkZTEwZTkyYWQzMzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgyrrcK0wRHvj3zPvODa9xQ05hung
XvprMo+jLLHGCIKELRBzFp7WhqBZLZiT3gDiQaFq++P1UxsGCXmYoFVOHkOurU3z
E0GenlYWROKv0KBXbC+I1EZvl4uMADuBt8txDtxmyS4flMz1KCBVMNAZrH+WrH/n
vI+mQWqR9UKqFp+fwsxPKk2/DgguRonirL1ugem2dQ+mKMVpriSP5zxFm6SW/BjO
Su64jV5hABVV6KWjQBxUyWl0ZVcKNXc/fWATtrmw9xo/faaxwnR5lwxfn7OpS7m8
+xuzyvMADRiTAFrmL1Vm9DF3v08Nmzj7sT5Qg9Z5Ny3gh6CyrOESjPWzFQIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFDbTyVBT5A9IORVu2+2N4Q6SrTMSMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvTnRQSlVGUGtEMGc1Rlc3YjdZM2hEcEt0TXhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAATARAwMAT2kDBAVV
WKADBAZZbYAwDQYJKoZIhvcNAQELBQADggEBAG/Petv79jtxs4uRibUTZK3bjckg
jm7lDTrMo0nBUNzJ+CxTdCfkoM2LSaVwu32dTOf7rGTiy+Z26Mb8JhlHfwvmLZ2G
ucZn3dQCXeUdVIXyFtzsR/p0ZIXka6mV0Em12HrnKIxTKv+nxJ4bvPN/e25AuZ1P
3HhC3lh3hm9FWvyLo7YgeMRqsQyamcWfsvZSKcfKpj465C54Ma+7PG+TCx8Cdvdt
BNz28WRoIVTFJVGcPP3u6uGADfcw0Fb7APW/IuAl+WPNSgdI0T2xAuS9NysWzMXv
DiRpxgvD2TnitH/YkGUFm6Cw/SPiWQjtHoLK2SWcnuPAVYWni3cD5x5f+Jw=
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:43:26 2024 by rpki-client on console-fra.rpki-client.org