Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/56d502-c5d8-4b14-9836-a67f95f2de5e/1/njJ08DLk77AkZ1iIEBC7jMkFvlQ.roa
File: njJ08DLk77AkZ1iIEBC7jMkFvlQ.roa (raw, json)
Hash identifier: GEX/RSN8tQvNqg+ko8rD3JrvjgsOgbyicEDl49n/sdU=
Subject key identifier: 9E:32:74:F0:32:E4:EF:B0:24:67:58:88:10:10:BB:8C:C9:05:BE:54
Certificate issuer: /CN=536c4c94fed4fa8b903f6f6fb5340484c0e4a4d3
Certificate serial: 019420D5AFB2A4A0F6A50B401E553F0FFEA9
Authority key identifier: 53:6C:4C:94:FE:D4:FA:8B:90:3F:6F:6F:B5:34:04:84:C0:E4:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U2xMlP7U-ouQP29vtTQEhMDkpNM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/56d502-c5d8-4b14-9836-a67f95f2de5e/1/njJ08DLk77AkZ1iIEBC7jMkFvlQ.roa
Signing time: Wed 01 Jan 2025 07:47:42 +0000
ROA not before: Wed 01 Jan 2025 07:47:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8859
IP address blocks: 185.181.188.0/22 maxlen: 24
193.17.21.0/24 maxlen: 24
194.45.27.0/24 maxlen: 24
212.114.64.0/19 maxlen: 24
213.241.128.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/56d502-c5d8-4b14-9836-a67f95f2de5e/1/U2xMlP7U-ouQP29vtTQEhMDkpNM.crl
rsync://rpki.ripe.net/repository/DEFAULT/6d/56d502-c5d8-4b14-9836-a67f95f2de5e/1/U2xMlP7U-ouQP29vtTQEhMDkpNM.mft
rsync://rpki.ripe.net/repository/DEFAULT/U2xMlP7U-ouQP29vtTQEhMDkpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:af:b2:a4:a0:f6:a5:0b:40:1e:55:3f:0f:fe:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=536c4c94fed4fa8b903f6f6fb5340484c0e4a4d3
Validity
Not Before: Jan 1 07:47:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9e3274f032e4efb0246758881010bb8cc905be54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:b8:dd:12:7e:1f:83:fc:4c:e2:8f:06:62:6c:
c8:b3:2b:dc:9c:85:41:85:4a:53:44:e9:28:39:ef:
12:93:12:87:2f:b1:48:8f:39:42:54:9d:36:22:0c:
7e:d0:54:05:12:52:e0:62:c6:d6:98:98:9a:2d:c3:
3a:18:46:62:5f:0c:19:79:6c:c9:62:8a:a1:c3:b4:
3d:d4:65:6f:e5:d2:ee:f8:f4:03:65:45:9b:36:8a:
2c:26:c4:8b:c8:46:52:94:35:e2:e7:17:aa:80:14:
53:41:b5:f2:c9:39:f6:71:f9:79:be:9c:82:cf:3e:
a8:bc:ea:bb:aa:d8:b8:d5:60:1b:a6:38:25:1b:01:
04:af:aa:1d:9b:15:8e:aa:d5:43:ce:53:72:75:f9:
d4:b6:2e:d7:8d:f5:05:71:a6:f3:f6:8d:ec:94:ad:
9d:2b:49:06:6c:26:37:bf:5e:49:e7:8a:b7:72:d9:
52:75:f7:80:d9:3b:9e:a9:c9:fb:f0:08:a5:fb:5d:
d8:cf:05:45:8a:07:f6:4c:52:4a:e8:8c:95:91:15:
e4:88:ee:0c:c6:1f:75:15:0a:60:bb:1e:93:7a:a5:
01:e9:1f:94:f7:45:23:8f:6b:9b:b2:b9:72:1e:db:
8e:fd:e3:a5:8b:8f:5a:29:8b:e0:7a:a7:00:43:5d:
e5:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:32:74:F0:32:E4:EF:B0:24:67:58:88:10:10:BB:8C:C9:05:BE:54
X509v3 Authority Key Identifier:
keyid:53:6C:4C:94:FE:D4:FA:8B:90:3F:6F:6F:B5:34:04:84:C0:E4:A4:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U2xMlP7U-ouQP29vtTQEhMDkpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/56d502-c5d8-4b14-9836-a67f95f2de5e/1/njJ08DLk77AkZ1iIEBC7jMkFvlQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/56d502-c5d8-4b14-9836-a67f95f2de5e/1/U2xMlP7U-ouQP29vtTQEhMDkpNM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.181.188.0/22
193.17.21.0/24
194.45.27.0/24
212.114.64.0/19
213.241.128.0/18
Signature Algorithm: sha256WithRSAEncryption
10:82:46:56:21:fa:4f:8d:af:8a:9a:70:4e:e2:b9:9f:cb:d1:
57:4b:00:98:a1:ef:2e:c3:8f:79:6f:9a:0b:0f:27:b8:03:b7:
c4:c0:31:14:94:38:24:67:b4:fb:d0:7a:c1:6f:e8:12:3e:e2:
ec:68:1f:7b:4a:13:55:97:9e:3e:28:be:5d:04:fe:c0:87:cd:
04:10:4b:5d:e5:6d:07:6f:52:ae:75:83:43:8f:d2:2e:3e:5a:
ad:22:af:9c:55:e3:bc:c0:5b:e5:8a:2f:f1:dd:6f:29:80:db:
ff:07:b7:1b:84:92:1f:9d:e3:2a:e8:c8:b4:56:be:ee:5a:4b:
6b:de:1f:2c:ca:ce:53:38:75:4a:6e:37:44:54:40:00:41:d2:
6d:56:5f:93:a9:a5:f0:50:6d:0c:81:04:88:74:ed:c8:8b:c1:
74:95:94:bc:1e:85:ea:1a:a0:d8:e0:7d:33:7b:da:6d:75:c5:
28:58:66:d5:80:79:54:83:40:ac:ce:c4:a8:d6:b7:77:02:0b:
92:b5:94:4a:aa:48:10:80:6a:60:dd:ab:30:31:c8:b9:8b:08:
b7:bd:c2:01:c7:5d:f3:18:12:57:2f:74:af:26:91:93:26:05:
e2:9d:67:e6:b4:bd:47:96:7d:19:5d:ee:67:03:de:28:c3:81:
a7:65:2f:84
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQg1a+ypKD2pQtAHlU/D/6pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzNmM0Yzk0ZmVkNGZhOGI5MDNmNmY2ZmI1MzQwNDg0YzBl
NGE0ZDMwHhcNMjUwMTAxMDc0NzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTMyNzRmMDMyZTRlZmIwMjQ2NzU4ODgxMDEwYmI4Y2M5MDViZTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz7jdEn4fg/xM4o8GYmzIsyvcnIVB
hUpTROkoOe8SkxKHL7FIjzlCVJ02Igx+0FQFElLgYsbWmJiaLcM6GEZiXwwZeWzJ
Yoqhw7Q91GVv5dLu+PQDZUWbNoosJsSLyEZSlDXi5xeqgBRTQbXyyTn2cfl5vpyC
zz6ovOq7qti41WAbpjglGwEEr6odmxWOqtVDzlNydfnUti7XjfUFcabz9o3slK2d
K0kGbCY3v15J54q3ctlSdfeA2Tueqcn78Ail+13YzwVFigf2TFJK6IyVkRXkiO4M
xh91FQpgux6TeqUB6R+U90Ujj2ubsrlyHtuO/eOli49aKYvgeqcAQ13lswIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJ4ydPAy5O+wJGdYiBAQu4zJBb5UMB8GA1UdIwQY
MBaAFFNsTJT+1PqLkD9vb7U0BITA5KTTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTJ4TWxQN1Utb3VRUDI5dnRUUUVoTURrcE5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC81NmQ1MDItYzVkOC00YjE0LTk4MzYt
YTY3Zjk1ZjJkZTVlLzEvbmpKMDhETGs3N0FrWjFpSUVCQzdqTWtGdmxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC81NmQ1MDItYzVkOC00YjE0LTk4MzYtYTY3Zjk1ZjJkZTVl
LzEvVTJ4TWxQN1Utb3VRUDI5dnRUUUVoTURrcE5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCubW8AwQA
wREVAwQAwi0bAwQF1HJAAwQG1fGAMA0GCSqGSIb3DQEBCwUAA4IBAQAQgkZWIfpP
ja+KmnBO4rmfy9FXSwCYoe8uw495b5oLDye4A7fEwDEUlDgkZ7T70HrBb+gSPuLs
aB97ShNVl54+KL5dBP7Ah80EEEtd5W0Hb1KudYNDj9IuPlqtIq+cVeO8wFvlii/x
3W8pgNv/B7cbhJIfneMq6Mi0Vr7uWktr3h8sys5TOHVKbjdEVEAAQdJtVl+TqaXw
UG0MgQSIdO3Ii8F0lZS8HoXqGqDY4H0ze9ptdcUoWGbVgHlUg0CszsSo1rd3AguS
tZRKqkgQgGpg3aswMci5iwi3vcIBx13zGBJXL3SvJpGTJgXinWfmtL1Hln0ZXe5n
A94ow4GnZS+E
-----END CERTIFICATE-----
Generated at Sun Apr 20 22:36:20 2025 by rpki-client