Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/40503a-6be9-4e1b-8243-716c0347aa76/1/d_nm2W-JAOMOvlYUOY6MB9B3XU8.roa
File: d_nm2W-JAOMOvlYUOY6MB9B3XU8.roa (raw, json)
Hash identifier: FXXHaJZOOCGhJh6oru5lWoLEhggOrs5w/eP6GgcI5Qc=
Subject key identifier: 77:F9:E6:D9:6F:89:00:E3:0E:BE:56:14:39:8E:8C:07:D0:77:5D:4F
Certificate issuer: /CN=19acf07f1352222658b789e4fe40ea38a8aa71df
Certificate serial: 019423D70F907762D758A0ABF73F5A12E4DE
Authority key identifier: 19:AC:F0:7F:13:52:22:26:58:B7:89:E4:FE:40:EA:38:A8:AA:71:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GazwfxNSIiZYt4nk_kDqOKiqcd8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/40503a-6be9-4e1b-8243-716c0347aa76/1/d_nm2W-JAOMOvlYUOY6MB9B3XU8.roa
Signing time: Wed 01 Jan 2025 21:48:04 +0000
ROA not before: Wed 01 Jan 2025 21:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205881
IP address blocks: 151.136.0.0/16 maxlen: 16
2a07:4ac0:2400::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/40503a-6be9-4e1b-8243-716c0347aa76/1/GazwfxNSIiZYt4nk_kDqOKiqcd8.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/40503a-6be9-4e1b-8243-716c0347aa76/1/GazwfxNSIiZYt4nk_kDqOKiqcd8.mft
rsync://rpki.ripe.net/repository/DEFAULT/GazwfxNSIiZYt4nk_kDqOKiqcd8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:0f:90:77:62:d7:58:a0:ab:f7:3f:5a:12:e4:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19acf07f1352222658b789e4fe40ea38a8aa71df
Validity
Not Before: Jan 1 21:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=77f9e6d96f8900e30ebe5614398e8c07d0775d4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:df:8a:ff:6c:09:0e:29:ea:d9:fb:9f:ad:1c:
f8:06:70:3a:d8:08:b7:b7:8f:4b:b8:fe:ae:45:82:
ac:d2:e1:98:91:1a:e6:81:27:94:bc:a1:ee:be:1d:
8d:07:e7:18:c3:e7:cf:d8:f2:1c:2c:79:7e:ad:d1:
fb:f5:28:25:8d:c6:a7:3f:7f:6f:84:bf:3e:a6:1c:
48:cd:56:f0:87:eb:ed:30:44:17:79:1d:87:bf:2f:
14:d4:f8:ca:45:36:f5:66:cd:56:7b:9d:5a:01:f2:
21:09:3f:4b:4c:f7:05:24:46:d5:94:e7:5e:dd:5f:
db:35:23:45:4f:bf:0d:a1:97:17:3d:d5:e6:d4:65:
b0:71:20:8d:24:f5:b8:a1:92:f1:9d:18:09:2d:3a:
d7:ff:8d:7d:56:ce:11:b7:9c:17:53:55:32:30:e9:
17:20:7d:87:3d:59:44:e5:f4:79:cd:e6:e4:99:6a:
d4:2f:d8:db:33:18:73:90:3b:bb:0c:08:43:42:1e:
0d:d8:df:bb:e0:a9:c0:41:60:12:d1:fe:84:38:59:
4b:a4:27:8a:ba:77:9d:a8:58:28:f9:eb:df:e4:06:
4d:7b:f3:43:0a:91:3c:7e:e4:89:cf:8f:62:20:e2:
f2:97:97:e6:5b:60:4a:a4:f8:92:37:49:d5:45:1c:
b5:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:F9:E6:D9:6F:89:00:E3:0E:BE:56:14:39:8E:8C:07:D0:77:5D:4F
X509v3 Authority Key Identifier:
keyid:19:AC:F0:7F:13:52:22:26:58:B7:89:E4:FE:40:EA:38:A8:AA:71:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GazwfxNSIiZYt4nk_kDqOKiqcd8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/40503a-6be9-4e1b-8243-716c0347aa76/1/d_nm2W-JAOMOvlYUOY6MB9B3XU8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/40503a-6be9-4e1b-8243-716c0347aa76/1/GazwfxNSIiZYt4nk_kDqOKiqcd8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.136.0.0/16
IPv6:
2a07:4ac0:2400::/40
Signature Algorithm: sha256WithRSAEncryption
3f:6a:1a:3e:e5:96:e1:65:47:c4:4b:f1:f0:4f:bb:20:7c:9b:
03:2f:c1:34:91:bc:09:69:9e:9c:63:c9:13:d6:29:97:e1:d5:
ba:1d:3d:f2:e5:dc:a3:49:d4:a7:fc:b2:1a:1b:71:16:2e:8d:
7d:c6:36:27:40:35:be:b5:20:65:0b:fd:8a:e8:bb:79:84:e6:
37:ee:8b:e5:0d:c2:5b:bf:7c:26:05:83:d2:12:83:ac:ef:82:
84:5c:cf:fb:2f:74:89:4b:62:cc:64:38:df:03:cc:4a:bb:ab:
08:4d:b1:9c:5d:ed:2f:eb:d0:89:f7:a9:d8:46:4e:92:69:d2:
e2:70:1b:29:4d:f5:14:04:bd:19:99:84:e6:f2:56:0f:1b:b9:
b3:dc:62:76:83:11:81:21:4e:33:22:8a:86:96:a3:6b:d1:20:
35:0a:9c:aa:fe:6f:bc:4c:b8:51:96:5b:c3:7a:6a:37:85:e0:
3c:bc:7e:d1:d0:9c:a6:28:74:83:90:d3:a6:ff:cf:48:85:8e:
0c:3a:43:f2:4d:32:2b:2f:a8:d2:fe:eb:4c:40:a8:80:d3:c5:
e3:81:8d:0f:8f:b8:21:f7:b9:70:67:b7:3d:25:a3:d9:27:12:
2c:0c:60:54:37:72:f1:3e:de:c3:ca:aa:b8:81:c2:d6:28:d0:
a0:30:11:4c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQj1w+Qd2LXWKCr9z9aEuTeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5YWNmMDdmMTM1MjIyMjY1OGI3ODllNGZlNDBlYTM4YThh
YTcxZGYwHhcNMjUwMTAxMjE0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2Y5ZTZkOTZmODkwMGUzMGViZTU2MTQzOThlOGMwN2QwNzc1ZDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9+K/2wJDinq2fufrRz4BnA62Ai3
t49LuP6uRYKs0uGYkRrmgSeUvKHuvh2NB+cYw+fP2PIcLHl+rdH79SgljcanP39v
hL8+phxIzVbwh+vtMEQXeR2Hvy8U1PjKRTb1Zs1We51aAfIhCT9LTPcFJEbVlOde
3V/bNSNFT78NoZcXPdXm1GWwcSCNJPW4oZLxnRgJLTrX/419Vs4Rt5wXU1UyMOkX
IH2HPVlE5fR5zebkmWrUL9jbMxhzkDu7DAhDQh4N2N+74KnAQWAS0f6EOFlLpCeK
unedqFgo+evf5AZNe/NDCpE8fuSJz49iIOLyl5fmW2BKpPiSN0nVRRy14wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHf55tlviQDjDr5WFDmOjAfQd11PMB8GA1UdIwQY
MBaAFBms8H8TUiImWLeJ5P5A6jioqnHfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2F6d2Z4TlNJaVpZdDRua19rRHFPS2lxY2Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy80MDUwM2EtNmJlOS00ZTFiLTgyNDMt
NzE2YzAzNDdhYTc2LzEvZF9ubTJXLUpBT01PdmxZVU9ZNk1COUIzWFU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy80MDUwM2EtNmJlOS00ZTFiLTgyNDMtNzE2YzAzNDdhYTc2
LzEvR2F6d2Z4TlNJaVpZdDRua19rRHFPS2lxY2Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTALBAIAATAFAwMAl4gwDgQC
AAIwCAMGACoHSsAkMA0GCSqGSIb3DQEBCwUAA4IBAQA/aho+5ZbhZUfES/HwT7sg
fJsDL8E0kbwJaZ6cY8kT1imX4dW6HT3y5dyjSdSn/LIaG3EWLo19xjYnQDW+tSBl
C/2K6Lt5hOY37ovlDcJbv3wmBYPSEoOs74KEXM/7L3SJS2LMZDjfA8xKu6sITbGc
Xe0v69CJ96nYRk6SadLicBspTfUUBL0ZmYTm8lYPG7mz3GJ2gxGBIU4zIoqGlqNr
0SA1Cpyq/m+8TLhRllvDemo3heA8vH7R0JymKHSDkNOm/89IhY4MOkPyTTIrL6jS
/utMQKiA08XjgY0Pj7gh97lwZ7c9JaPZJxIsDGBUN3LxPt7Dyqq4gcLWKNCgMBFM
-----END CERTIFICATE-----
Generated at Wed Apr 23 07:10:35 2025 by rpki-client