Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/atuec3UTPwJqa2nbFVc6PceCm_U.roa
File: atuec3UTPwJqa2nbFVc6PceCm_U.roa (raw, json)
Hash identifier: mxjn4P2BAxt4/rhflGcv4gtLgmXNo6T8LNPaEGy8CeQ=
Subject key identifier: 6A:DB:9E:73:75:13:3F:02:6A:6B:69:DB:15:57:3A:3D:C7:82:9B:F5
Certificate issuer: /CN=9e4b3281b08e6b5ec1fdeb0d0440528ed934dc3f
Certificate serial: 01942826D48591E2360310C443D3DEF2FF7B
Authority key identifier: 9E:4B:32:81:B0:8E:6B:5E:C1:FD:EB:0D:04:40:52:8E:D9:34:DC:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nksygbCOa17B_esNBEBSjtk03D8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/atuec3UTPwJqa2nbFVc6PceCm_U.roa
Signing time: Thu 02 Jan 2025 17:53:40 +0000
ROA not before: Thu 02 Jan 2025 17:53:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12322
IP address blocks: 62.147.0.0/16 maxlen: 16
78.192.0.0/10 maxlen: 11
82.64.0.0/14 maxlen: 15
82.224.0.0/11 maxlen: 13
88.160.0.0/11 maxlen: 15
212.27.32.0/19 maxlen: 19
213.228.0.0/18 maxlen: 18
2a01:e00::/26 maxlen: 39
2a01:e08::/32 maxlen: 32
2a01:e08:100::/44 maxlen: 44
2a01:e08:500::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/nksygbCOa17B_esNBEBSjtk03D8.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/nksygbCOa17B_esNBEBSjtk03D8.mft
rsync://rpki.ripe.net/repository/DEFAULT/nksygbCOa17B_esNBEBSjtk03D8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 20 Apr 2025 13:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:d4:85:91:e2:36:03:10:c4:43:d3:de:f2:ff:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e4b3281b08e6b5ec1fdeb0d0440528ed934dc3f
Validity
Not Before: Jan 2 17:53:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6adb9e7375133f026a6b69db15573a3dc7829bf5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:8a:38:e1:97:76:11:09:a6:f0:0c:d1:0c:ce:
17:6f:c7:53:a5:e6:64:8e:77:5c:29:02:64:fa:de:
9a:de:c1:f8:df:a5:71:b3:ec:a2:49:c2:53:04:a1:
6a:84:13:7f:40:a1:18:5e:b3:93:23:08:01:3c:99:
1e:84:8a:68:ca:80:b3:b9:30:db:25:2c:21:75:c2:
67:44:a9:79:b0:a0:1a:d4:c3:c6:c8:8a:b0:75:24:
3e:3b:5a:e8:0f:ef:23:58:cc:79:ed:45:19:4a:41:
4c:f2:08:ca:09:12:f3:70:28:dc:c2:0b:85:32:5a:
b9:04:df:ae:f8:58:15:71:80:7e:b7:71:96:d7:45:
d2:f3:37:80:f7:cc:1e:8d:bc:e8:ec:c5:52:1f:2c:
51:d7:d9:35:11:bc:2a:8b:89:db:59:a6:a9:46:d5:
63:34:88:ce:d3:2a:2c:35:5f:ca:52:bf:b9:09:eb:
04:01:b1:c2:6d:40:d7:2b:48:a2:9a:97:bd:a4:a2:
b4:b7:ca:89:3c:41:25:27:79:27:5d:7a:2c:d6:ce:
5b:53:ea:3d:8a:ed:5a:e3:a8:05:2e:65:9d:93:91:
1a:cc:73:bf:75:94:68:54:8d:b6:6f:77:ee:f0:36:
1d:f9:6f:30:8c:18:c0:f5:98:4d:8c:74:53:c5:9b:
86:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:DB:9E:73:75:13:3F:02:6A:6B:69:DB:15:57:3A:3D:C7:82:9B:F5
X509v3 Authority Key Identifier:
keyid:9E:4B:32:81:B0:8E:6B:5E:C1:FD:EB:0D:04:40:52:8E:D9:34:DC:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nksygbCOa17B_esNBEBSjtk03D8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/atuec3UTPwJqa2nbFVc6PceCm_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/nksygbCOa17B_esNBEBSjtk03D8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.147.0.0/16
78.192.0.0/10
82.64.0.0/14
82.224.0.0/11
88.160.0.0/11
212.27.32.0/19
213.228.0.0/18
IPv6:
2a01:e00::/26
Signature Algorithm: sha256WithRSAEncryption
77:45:38:ff:c0:23:b8:2c:4e:d4:73:20:af:ef:61:6b:9c:51:
16:52:62:ba:a5:07:4d:05:4b:6a:66:bc:6c:21:d2:8a:26:de:
c8:28:3a:c0:d3:cc:cd:82:2a:d9:5a:3d:59:e1:45:19:56:1b:
24:5f:f8:49:2f:8f:4a:1d:f9:f9:03:d9:a3:c6:11:44:8b:09:
96:86:17:75:9f:92:b2:83:fa:9d:6a:92:59:40:89:60:83:1a:
4d:3f:1a:70:26:8b:e4:33:f2:a1:49:b9:1b:12:e7:c1:7e:d2:
be:4c:da:7a:3d:45:e6:0d:ad:1a:14:86:46:ee:de:87:af:d2:
c7:c8:9f:61:91:ef:4e:3d:4c:15:13:64:2e:e1:d7:4f:34:c0:
97:4d:8e:1f:4b:fc:54:b7:9f:8e:b2:a8:05:15:14:52:4c:2d:
f3:ac:d4:f1:27:96:63:57:0b:30:78:7f:ea:24:c9:e4:b8:48:
58:45:08:bf:83:cb:64:cd:cf:e7:11:f0:d1:3d:f4:01:98:e4:
25:31:21:8f:f7:ae:e6:8c:94:26:5a:20:67:ad:bc:93:40:78:
a9:55:ca:9f:1a:07:21:49:73:c9:20:42:8d:1f:61:e6:24:4a:
7d:6d:04:9b:45:7e:71:5d:b9:5e:ce:5b:02:58:a3:61:a0:83:
85:9e:4c:1d
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZQoJtSFkeI2AxDEQ9Pe8v97MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNGIzMjgxYjA4ZTZiNWVjMWZkZWIwZDA0NDA1MjhlZDkz
NGRjM2YwHhcNMjUwMTAyMTc1MzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWRiOWU3Mzc1MTMzZjAyNmE2YjY5ZGIxNTU3M2EzZGM3ODI5YmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1oo44Zd2EQmm8AzRDM4Xb8dTpeZk
jndcKQJk+t6a3sH436Vxs+yiScJTBKFqhBN/QKEYXrOTIwgBPJkehIpoyoCzuTDb
JSwhdcJnRKl5sKAa1MPGyIqwdSQ+O1roD+8jWMx57UUZSkFM8gjKCRLzcCjcwguF
Mlq5BN+u+FgVcYB+t3GW10XS8zeA98wejbzo7MVSHyxR19k1Ebwqi4nbWaapRtVj
NIjO0yosNV/KUr+5CesEAbHCbUDXK0iimpe9pKK0t8qJPEElJ3knXXos1s5bU+o9
iu1a46gFLmWdk5EazHO/dZRoVI22b3fu8DYd+W8wjBjA9ZhNjHRTxZuGLwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFGrbnnN1Ez8Camtp2xVXOj3Hgpv1MB8GA1UdIwQY
MBaAFJ5LMoGwjmtewf3rDQRAUo7ZNNw/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmtzeWdiQ09hMTdCX2VzTkJFQlNqdGswM0Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9mZjdkMzMtZTRmNy00M2MwLTkyNGIt
NmIyZDQ2OTI0YzZmLzEvYXR1ZWMzVVRQd0pxYTJuYkZWYzZQY2VDbV9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9mZjdkMzMtZTRmNy00M2MwLTkyNGItNmIyZDQ2OTI0YzZm
LzEvbmtzeWdiQ09hMTdCX2VzTkJFQlNqdGswM0Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDArBAIAATAlAwMAPpMDAwZO
wAMDAlJAAwMFUuADAwVYoAMEBdQbIAMEBtXkADANBAIAAjAHAwUGKgEOADANBgkq
hkiG9w0BAQsFAAOCAQEAd0U4/8AjuCxO1HMgr+9ha5xRFlJiuqUHTQVLama8bCHS
iibeyCg6wNPMzYIq2Vo9WeFFGVYbJF/4SS+PSh35+QPZo8YRRIsJloYXdZ+SsoP6
nWqSWUCJYIMaTT8acCaL5DPyoUm5GxLnwX7Svkzaej1F5g2tGhSGRu7eh6/Sx8if
YZHvTj1MFRNkLuHXTzTAl02OH0v8VLefjrKoBRUUUkwt86zU8SeWY1cLMHh/6iTJ
5LhIWEUIv4PLZM3P5xHw0T30AZjkJTEhj/eu5oyUJlogZ628k0B4qVXKnxoHIUlz
ySBCjR9h5iRKfW0Em0V+cV25Xs5bAlijYaCDhZ5MHQ==
-----END CERTIFICATE-----
Generated at Sat Apr 19 17:39:08 2025 by rpki-client