Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/410eaf-f82d-47ff-9926-0b1b30895602/1/1nNXrg9kNJmrbwr01_wdlr4zRG8.roa
File: 1nNXrg9kNJmrbwr01_wdlr4zRG8.roa (raw, json)
Hash identifier: jP5XT6aNraFgRF1RUdhNykj84LWIdETmEVMazBCC7NY=
Subject key identifier: D6:73:57:AE:0F:64:34:99:AB:6F:0A:F4:D7:FC:1D:96:BE:33:44:6F
Certificate issuer: /CN=13d59fd683e3570d63895530ceb9f2c84fefe0a3
Certificate serial: 019424456DFA67066B6BB39FA7698F50DD57
Authority key identifier: 13:D5:9F:D6:83:E3:57:0D:63:89:55:30:CE:B9:F2:C8:4F:EF:E0:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E9Wf1oPjVw1jiVUwzrnyyE_v4KM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/410eaf-f82d-47ff-9926-0b1b30895602/1/1nNXrg9kNJmrbwr01_wdlr4zRG8.roa
Signing time: Wed 01 Jan 2025 23:48:37 +0000
ROA not before: Wed 01 Jan 2025 23:48:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 38955
IP address blocks: 81.19.144.0/20 maxlen: 24
178.23.80.0/21 maxlen: 23
185.16.188.0/22 maxlen: 24
185.16.188.0/24 maxlen: 32
185.16.190.0/24 maxlen: 24
185.115.184.0/23 maxlen: 23
185.115.186.0/23 maxlen: 23
185.164.4.0/23 maxlen: 23
185.164.6.0/23 maxlen: 23
185.173.140.0/22 maxlen: 24
2a00:1a68::/32 maxlen: 34
2a0a:7c00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/410eaf-f82d-47ff-9926-0b1b30895602/1/E9Wf1oPjVw1jiVUwzrnyyE_v4KM.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/410eaf-f82d-47ff-9926-0b1b30895602/1/E9Wf1oPjVw1jiVUwzrnyyE_v4KM.mft
rsync://rpki.ripe.net/repository/DEFAULT/E9Wf1oPjVw1jiVUwzrnyyE_v4KM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:6d:fa:67:06:6b:6b:b3:9f:a7:69:8f:50:dd:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13d59fd683e3570d63895530ceb9f2c84fefe0a3
Validity
Not Before: Jan 1 23:48:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d67357ae0f643499ab6f0af4d7fc1d96be33446f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:fd:5e:96:80:d5:b4:90:13:70:f0:0d:6e:0b:
44:73:19:bb:67:1d:e7:98:d8:2c:24:1c:e8:48:9e:
02:fa:50:45:02:e6:fb:34:6e:6a:b4:ad:69:09:e6:
f4:ee:c2:d8:32:cd:0c:91:98:d5:40:57:b9:15:40:
79:c1:ba:15:d4:dd:84:17:b1:a0:fe:1c:cc:3d:d4:
35:0c:35:1b:6d:d7:98:48:a1:d3:26:58:76:0a:e9:
fb:4a:77:5b:ac:98:ac:ba:16:64:b1:30:3e:fd:f2:
1b:96:cf:21:be:f1:1f:24:3c:17:61:2a:31:e6:ae:
a3:f4:ef:52:1b:25:d5:de:ed:00:38:85:64:52:4d:
fc:4e:f6:37:3e:e1:f8:ae:59:b7:f9:3e:24:8a:49:
c9:ed:c8:ef:bf:94:52:25:01:00:6a:89:81:31:29:
2d:fb:5c:6e:b6:a7:53:92:16:39:60:af:53:3e:4b:
07:3a:f4:ac:88:95:ee:a4:10:f8:0b:ac:ff:83:40:
ad:52:bc:1b:fa:8c:27:bc:f5:7d:49:60:0c:bb:6d:
a3:b1:7a:de:11:0a:41:94:ad:dd:10:84:4e:55:04:
af:e6:e6:31:c7:36:b2:e9:43:12:b9:f2:1b:ca:d6:
01:53:20:84:d2:c5:2b:25:83:17:e0:09:8f:c0:b8:
be:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:73:57:AE:0F:64:34:99:AB:6F:0A:F4:D7:FC:1D:96:BE:33:44:6F
X509v3 Authority Key Identifier:
keyid:13:D5:9F:D6:83:E3:57:0D:63:89:55:30:CE:B9:F2:C8:4F:EF:E0:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E9Wf1oPjVw1jiVUwzrnyyE_v4KM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/410eaf-f82d-47ff-9926-0b1b30895602/1/1nNXrg9kNJmrbwr01_wdlr4zRG8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/410eaf-f82d-47ff-9926-0b1b30895602/1/E9Wf1oPjVw1jiVUwzrnyyE_v4KM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.144.0/20
178.23.80.0/21
185.16.188.0/22
185.115.184.0/22
185.164.4.0/22
185.173.140.0/22
IPv6:
2a00:1a68::/32
2a0a:7c00::/29
Signature Algorithm: sha256WithRSAEncryption
24:bc:a3:03:3c:ce:09:bf:a2:65:aa:81:5c:b4:df:59:6b:ca:
7a:06:9e:4e:85:d2:b5:e8:71:eb:34:2d:af:41:32:e4:a3:cc:
fd:8a:53:02:d1:db:c0:42:30:16:ba:11:f7:80:a8:ba:99:fc:
f5:63:91:83:3a:4f:09:e3:21:f5:d3:12:b8:5c:79:d3:a8:da:
7b:00:0f:19:85:75:4f:c5:75:e0:b3:1f:a1:90:67:98:17:05:
8e:d6:de:81:16:e1:83:4c:a9:d0:84:a3:0e:93:d1:1b:36:55:
93:98:77:95:69:8b:4b:15:58:b4:a1:ca:51:bb:58:6a:e1:3a:
66:a5:9f:12:0c:20:81:a9:67:ec:b4:52:9e:75:fa:f7:50:58:
5c:49:de:de:bd:73:63:fb:1b:d6:d7:64:e1:02:6a:6b:3b:1d:
09:cb:9a:eb:4b:28:07:44:26:61:34:2a:a8:7b:66:34:97:9a:
ca:17:2e:ad:cc:57:07:17:c7:87:3a:35:45:e0:cd:db:5d:7a:
9b:87:8a:1b:bb:91:a2:7a:54:49:ce:27:fb:b0:98:e9:20:d7:
83:18:c6:85:c7:f2:0c:d3:3f:64:19:30:bd:50:d1:1e:cd:2b:
7f:24:b0:f7:00:24:aa:58:23:37:48:72:13:e1:f8:3a:95:4b:
60:df:ca:b8
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZQkRW36ZwZra7Ofp2mPUN1XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzZDU5ZmQ2ODNlMzU3MGQ2Mzg5NTUzMGNlYjlmMmM4NGZl
ZmUwYTMwHhcNMjUwMTAxMjM0ODM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjczNTdhZTBmNjQzNDk5YWI2ZjBhZjRkN2ZjMWQ5NmJlMzM0NDZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqP1eloDVtJATcPANbgtEcxm7Zx3n
mNgsJBzoSJ4C+lBFAub7NG5qtK1pCeb07sLYMs0MkZjVQFe5FUB5wboV1N2EF7Gg
/hzMPdQ1DDUbbdeYSKHTJlh2Cun7SndbrJisuhZksTA+/fIbls8hvvEfJDwXYSox
5q6j9O9SGyXV3u0AOIVkUk38TvY3PuH4rlm3+T4kiknJ7cjvv5RSJQEAaomBMSkt
+1xutqdTkhY5YK9TPksHOvSsiJXupBD4C6z/g0CtUrwb+ownvPV9SWAMu22jsXre
EQpBlK3dEIROVQSv5uYxxzay6UMSufIbytYBUyCE0sUrJYMX4AmPwLi+WwIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFNZzV64PZDSZq28K9Nf8HZa+M0RvMB8GA1UdIwQY
MBaAFBPVn9aD41cNY4lVMM658shP7+CjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTlXZjFvUGpWdzFqaVZVd3pybnl5RV92NEtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi80MTBlYWYtZjgyZC00N2ZmLTk5MjYt
MGIxYjMwODk1NjAyLzEvMW5OWHJnOWtOSm1yYndyMDFfd2RscjR6Ukc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi80MTBlYWYtZjgyZC00N2ZmLTk5MjYtMGIxYjMwODk1NjAy
LzEvRTlXZjFvUGpWdzFqaVZVd3pybnl5RV92NEtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQEUROQAwQD
shdQAwQCuRC8AwQCuXO4AwQCuaQEAwQCua2MMBQEAgACMA4DBQAqABpoAwUDKgp8
ADANBgkqhkiG9w0BAQsFAAOCAQEAJLyjAzzOCb+iZaqBXLTfWWvKegaeToXStehx
6zQtr0Ey5KPM/YpTAtHbwEIwFroR94Coupn89WORgzpPCeMh9dMSuFx506jaewAP
GYV1T8V14LMfoZBnmBcFjtbegRbhg0yp0ISjDpPRGzZVk5h3lWmLSxVYtKHKUbtY
auE6ZqWfEgwggaln7LRSnnX691BYXEne3r1zY/sb1tdk4QJqazsdCcua60soB0Qm
YTQqqHtmNJeayhcurcxXBxfHhzo1ReDN2116m4eKG7uRonpUSc4n+7CY6SDXgxjG
hcfyDNM/ZBkwvVDRHs0rfySw9wAkqlgjN0hyE+H4OpVLYN/KuA==
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:19:41 2025 by rpki-client