Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/e2c33a-2143-43ff-8fd6-e6f3ecbf6743/1/NLCorC-J1ZeYTnF_uDihCYrygLw.roa
File: NLCorC-J1ZeYTnF_uDihCYrygLw.roa (raw, json)
Hash identifier: CdVQL79J5JcqChuqfNcSEuMwSktZZcoK/sHX7IvTnJo=
Subject key identifier: 34:B0:A8:AC:2F:89:D5:97:98:4E:71:7F:B8:38:A1:09:8A:F2:80:BC
Certificate issuer: /CN=620dd5186de65a646dda4b89dd48ed44873af149
Certificate serial: 018CC8DF3B4B682FC8BBCF205FE3B7A7704A
Authority key identifier: 62:0D:D5:18:6D:E6:5A:64:6D:DA:4B:89:DD:48:ED:44:87:3A:F1:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yg3VGG3mWmRt2kuJ3UjtRIc68Uk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/e2c33a-2143-43ff-8fd6-e6f3ecbf6743/1/NLCorC-J1ZeYTnF_uDihCYrygLw.roa
Signing time: Tue 02 Jan 2024 06:32:02 +0000
ROA not before: Tue 02 Jan 2024 06:32:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44664
IP address blocks: 91.247.226.0/24 maxlen: 24
91.247.224.0/24 maxlen: 24
91.247.224.0/22 maxlen: 22
91.247.225.0/24 maxlen: 24
91.247.227.0/24 maxlen: 24
91.225.56.0/24 maxlen: 24
91.225.56.0/22 maxlen: 22
91.225.58.0/24 maxlen: 24
91.225.57.0/24 maxlen: 24
91.225.59.0/24 maxlen: 24
91.202.144.0/22 maxlen: 22
91.202.144.0/24 maxlen: 24
91.202.145.0/24 maxlen: 24
91.202.147.0/24 maxlen: 24
91.202.146.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/e2c33a-2143-43ff-8fd6-e6f3ecbf6743/1/Yg3VGG3mWmRt2kuJ3UjtRIc68Uk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/e2c33a-2143-43ff-8fd6-e6f3ecbf6743/1/Yg3VGG3mWmRt2kuJ3UjtRIc68Uk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yg3VGG3mWmRt2kuJ3UjtRIc68Uk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:3b:4b:68:2f:c8:bb:cf:20:5f:e3:b7:a7:70:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=620dd5186de65a646dda4b89dd48ed44873af149
Validity
Not Before: Jan 2 06:32:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=34b0a8ac2f89d597984e717fb838a1098af280bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:21:86:e8:9e:a3:79:6d:0a:da:76:5c:0a:df:
82:a5:a4:1a:ce:0a:b0:a5:fd:08:72:95:d9:9d:c3:
1c:82:a0:2b:d0:5a:56:a9:70:b0:73:58:0b:16:b1:
3e:5c:f8:2c:87:b8:d0:9b:f2:24:47:56:72:98:bb:
45:f0:ca:74:2d:f6:db:8f:7e:f0:c6:19:35:fa:e3:
c7:28:c1:8d:4e:ac:53:eb:22:dd:04:89:27:13:65:
c9:85:9f:76:b6:ed:05:0a:ed:f9:6b:4b:2e:68:37:
5b:18:ed:9f:a8:bf:53:16:57:ce:d2:45:14:88:17:
6a:1a:da:c3:26:27:37:e2:26:0b:98:8d:d5:97:15:
ce:dd:40:16:65:8a:d5:bc:41:c6:9d:b6:6c:48:d4:
a3:ec:4f:df:21:82:76:96:ca:7f:45:61:b3:bd:5f:
3c:73:25:12:f9:8e:13:33:c8:81:66:0f:68:0a:e4:
a0:bf:9f:be:3a:c3:1f:db:8b:33:20:f9:f4:10:dc:
23:5a:fa:df:4b:6e:09:3b:4e:92:44:fc:f1:0e:cc:
5e:5a:70:f7:f9:99:18:81:29:aa:cc:e5:b7:db:25:
63:ec:3b:82:65:00:a7:32:4b:01:0d:ba:9b:04:0b:
ea:c6:bb:9a:5d:99:fb:4d:69:39:a9:0b:c8:9e:f0:
5a:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:B0:A8:AC:2F:89:D5:97:98:4E:71:7F:B8:38:A1:09:8A:F2:80:BC
X509v3 Authority Key Identifier:
keyid:62:0D:D5:18:6D:E6:5A:64:6D:DA:4B:89:DD:48:ED:44:87:3A:F1:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yg3VGG3mWmRt2kuJ3UjtRIc68Uk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/e2c33a-2143-43ff-8fd6-e6f3ecbf6743/1/NLCorC-J1ZeYTnF_uDihCYrygLw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/e2c33a-2143-43ff-8fd6-e6f3ecbf6743/1/Yg3VGG3mWmRt2kuJ3UjtRIc68Uk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.202.144.0/22
91.225.56.0/22
91.247.224.0/22
Signature Algorithm: sha256WithRSAEncryption
90:e1:7e:17:4f:30:0f:ac:51:c2:26:23:ad:eb:50:60:84:21:
03:6a:5a:cc:3b:fb:08:e1:67:3d:4f:f3:bb:4c:2e:d5:17:09:
53:6e:79:b0:68:c9:c9:39:3f:0e:c1:51:aa:d2:25:4e:62:a0:
05:37:5f:5f:64:56:6a:7b:be:2d:45:a9:f9:73:e2:d6:a0:ab:
9e:89:8a:ec:db:94:6a:73:ec:bc:60:7c:7d:1a:7e:1b:36:12:
c1:a2:32:7e:e7:09:05:3d:e7:10:b9:c4:c9:74:8f:de:32:79:
b1:f4:12:a8:91:44:f7:60:32:33:c4:08:e2:ac:dc:a8:16:d7:
12:c1:28:30:2f:4e:78:8a:2c:f1:71:b2:ad:97:20:fe:af:f9:
2e:fe:4e:c3:84:23:d3:62:f6:6c:ea:19:6d:1b:49:d0:2c:3a:
d9:5e:9d:b7:c2:23:08:31:8d:0a:73:7b:6a:06:a5:0c:d1:89:
a6:5b:49:fa:58:8f:a9:e4:75:d5:d2:3e:be:cb:05:ba:4c:1e:
65:1a:f4:6b:b1:88:c0:60:d0:14:b3:c7:cd:4e:e1:85:a0:88:
c7:51:17:89:ff:93:03:a8:d5:4d:d7:09:56:fc:c2:0d:7c:34:
50:86:f4:7c:76:db:0f:f4:75:85:d4:4b:46:da:76:35:37:45:
1b:18:99:98
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzI3ztLaC/Iu88gX+O3p3BKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMGRkNTE4NmRlNjVhNjQ2ZGRhNGI4OWRkNDhlZDQ0ODcz
YWYxNDkwHhcNMjQwMTAyMDYzMjAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGIwYThhYzJmODlkNTk3OTg0ZTcxN2ZiODM4YTEwOThhZjI4MGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiiGG6J6jeW0K2nZcCt+CpaQazgqw
pf0IcpXZncMcgqAr0FpWqXCwc1gLFrE+XPgsh7jQm/IkR1ZymLtF8Mp0Lfbbj37w
xhk1+uPHKMGNTqxT6yLdBIknE2XJhZ92tu0FCu35a0suaDdbGO2fqL9TFlfO0kUU
iBdqGtrDJic34iYLmI3VlxXO3UAWZYrVvEHGnbZsSNSj7E/fIYJ2lsp/RWGzvV88
cyUS+Y4TM8iBZg9oCuSgv5++OsMf24szIPn0ENwjWvrfS24JO06SRPzxDsxeWnD3
+ZkYgSmqzOW32yVj7DuCZQCnMksBDbqbBAvqxruaXZn7TWk5qQvInvBaNwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDSwqKwvidWXmE5xf7g4oQmK8oC8MB8GA1UdIwQY
MBaAFGIN1Rht5lpkbdpLid1I7USHOvFJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWczVkdHM21XbVJ0Mmt1SjNVanRSSWM2OFVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9lMmMzM2EtMjE0My00M2ZmLThmZDYt
ZTZmM2VjYmY2NzQzLzEvTkxDb3JDLUoxWmVZVG5GX3VEaWhDWXJ5Z0x3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9lMmMzM2EtMjE0My00M2ZmLThmZDYtZTZmM2VjYmY2NzQz
LzEvWWczVkdHM21XbVJ0Mmt1SjNVanRSSWM2OFVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCW8qQAwQC
W+E4AwQCW/fgMA0GCSqGSIb3DQEBCwUAA4IBAQCQ4X4XTzAPrFHCJiOt61BghCED
alrMO/sI4Wc9T/O7TC7VFwlTbnmwaMnJOT8OwVGq0iVOYqAFN19fZFZqe74tRan5
c+LWoKueiYrs25Rqc+y8YHx9Gn4bNhLBojJ+5wkFPecQucTJdI/eMnmx9BKokUT3
YDIzxAjirNyoFtcSwSgwL054iizxcbKtlyD+r/ku/k7DhCPTYvZs6hltG0nQLDrZ
Xp23wiMIMY0Kc3tqBqUM0YmmW0n6WI+p5HXV0j6+ywW6TB5lGvRrsYjAYNAUs8fN
TuGFoIjHUReJ/5MDqNVN1wlW/MINfDRQhvR8dtsP9HWF1EtG2nY1N0UbGJmY
-----END CERTIFICATE-----
Generated at Fri Jun 7 20:52:21 2024 by rpki-client on console-ams.rpki-client.org