Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/19c76f-2f67-421c-84ae-dd549f3b83bf/1/1-nkq1gI9c-xmhnINJKTO0eY1F-c.roa
File: 1-nkq1gI9c-xmhnINJKTO0eY1F-c.roa (raw, json)
Hash identifier: esI7VyyO9I62Rhxi2p/PfcbKRFK2dputujGVLb2DIKs=
Subject key identifier: FA:79:2A:D6:02:3D:73:EC:66:86:72:0D:24:A4:CE:D1:E6:35:17:E7
Certificate issuer: /CN=2450bfbf798faeaa7d6a36058d013e24d4bb1d9d
Certificate serial: 019421439982A3867F4DC5A8CE71B0D3E55E
Authority key identifier: 24:50:BF:BF:79:8F:AE:AA:7D:6A:36:05:8D:01:3E:24:D4:BB:1D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JFC_v3mPrqp9ajYFjQE-JNS7HZ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/19c76f-2f67-421c-84ae-dd549f3b83bf/1/1-nkq1gI9c-xmhnINJKTO0eY1F-c.roa
Signing time: Wed 01 Jan 2025 09:47:45 +0000
ROA not before: Wed 01 Jan 2025 09:47:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 185.75.60.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/19c76f-2f67-421c-84ae-dd549f3b83bf/1/JFC_v3mPrqp9ajYFjQE-JNS7HZ0.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/19c76f-2f67-421c-84ae-dd549f3b83bf/1/JFC_v3mPrqp9ajYFjQE-JNS7HZ0.mft
rsync://rpki.ripe.net/repository/DEFAULT/JFC_v3mPrqp9ajYFjQE-JNS7HZ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 03:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:99:82:a3:86:7f:4d:c5:a8:ce:71:b0:d3:e5:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2450bfbf798faeaa7d6a36058d013e24d4bb1d9d
Validity
Not Before: Jan 1 09:47:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fa792ad6023d73ec6686720d24a4ced1e63517e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:06:c2:aa:12:3d:b4:cb:50:ee:7a:3e:6b:00:
0c:50:28:c2:26:a2:75:ad:a2:7f:71:ea:85:b2:5b:
5f:c5:0c:57:23:93:7f:ba:e3:06:4c:b2:e7:4c:11:
81:78:46:d7:b0:a7:7b:61:c7:5a:65:26:ce:82:36:
92:64:37:2c:1d:ea:d1:da:2e:77:9b:b2:33:53:77:
93:89:ae:03:42:ed:b7:39:f6:ee:f2:02:dc:e7:50:
cc:e8:d2:d1:a9:1b:3e:4e:97:39:05:42:04:45:49:
71:8d:f9:dd:6d:ab:61:6c:02:ff:1f:c6:cb:9c:36:
2f:78:4e:c7:3b:2b:23:37:fa:d3:48:c3:f5:26:3a:
fc:1b:44:90:5d:66:0e:64:d0:4d:28:1d:46:3c:11:
24:71:47:d7:bf:0a:1a:89:76:e8:8a:a3:27:1e:be:
5b:96:7d:a3:d6:55:19:84:6e:c2:3c:19:64:9c:7b:
ce:41:df:fd:99:d5:9b:34:0a:b4:0f:70:70:05:ba:
f2:0f:5b:65:33:17:40:b6:2b:96:53:4f:84:48:ac:
3a:3f:ba:ce:67:a9:3d:e8:b3:bd:57:b9:16:b9:8b:
8a:b7:6e:22:a2:c5:45:3a:89:d4:fb:31:fd:aa:1d:
65:a6:b5:c3:4c:a9:0d:b1:eb:af:de:2e:6f:4f:1b:
9f:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:79:2A:D6:02:3D:73:EC:66:86:72:0D:24:A4:CE:D1:E6:35:17:E7
X509v3 Authority Key Identifier:
keyid:24:50:BF:BF:79:8F:AE:AA:7D:6A:36:05:8D:01:3E:24:D4:BB:1D:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JFC_v3mPrqp9ajYFjQE-JNS7HZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/19c76f-2f67-421c-84ae-dd549f3b83bf/1/1-nkq1gI9c-xmhnINJKTO0eY1F-c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/19c76f-2f67-421c-84ae-dd549f3b83bf/1/JFC_v3mPrqp9ajYFjQE-JNS7HZ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.75.60.0/22
Signature Algorithm: sha256WithRSAEncryption
84:2e:81:d4:30:99:00:c4:7c:a3:48:7b:70:f3:44:a5:c7:c7:
4c:1c:d4:70:ae:63:8c:49:20:56:0a:62:97:33:17:13:25:9e:
14:7d:6a:a2:bb:ac:d4:3f:32:5c:2a:63:f2:86:b0:aa:4b:0b:
81:1a:9b:97:d0:c9:e7:fa:9e:e3:44:8f:8a:06:ac:2b:88:e3:
54:e8:be:07:a7:11:95:9a:a4:c5:e1:2e:76:20:c8:90:eb:31:
f0:4f:56:40:4b:c5:6b:92:98:58:d7:14:dd:df:be:88:78:50:
ed:59:07:68:61:23:29:e1:80:1a:df:25:04:e5:0c:ab:8c:de:
0b:1c:bd:ac:1a:5a:77:9f:62:47:ba:15:0e:51:db:a1:e3:54:
38:0e:e4:a0:9f:01:ce:01:ff:6d:f1:a6:a4:b9:8b:fa:15:8a:
56:4b:59:a8:63:58:f6:0f:99:56:da:98:3d:ec:f4:75:61:a3:
8d:dc:46:ad:1d:32:6b:69:01:39:64:b0:14:a8:da:4d:11:8c:
17:4b:02:6a:84:91:32:84:ff:3c:4b:a4:ac:c3:a3:7c:78:4f:
24:5c:45:6d:9e:5d:02:fe:0f:19:84:a3:60:ce:64:73:57:9a:
5f:9b:7e:dc:e7:10:85:44:f3:db:e5:65:5c:e7:5d:76:d2:39:
89:e0:1b:1e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQhQ5mCo4Z/TcWoznGw0+VeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0NTBiZmJmNzk4ZmFlYWE3ZDZhMzYwNThkMDEzZTI0ZDRi
YjFkOWQwHhcNMjUwMTAxMDk0NzQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTc5MmFkNjAyM2Q3M2VjNjY4NjcyMGQyNGE0Y2VkMWU2MzUxN2U3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArAbCqhI9tMtQ7no+awAMUCjCJqJ1
raJ/ceqFsltfxQxXI5N/uuMGTLLnTBGBeEbXsKd7YcdaZSbOgjaSZDcsHerR2i53
m7IzU3eTia4DQu23Ofbu8gLc51DM6NLRqRs+Tpc5BUIERUlxjfndbathbAL/H8bL
nDYveE7HOysjN/rTSMP1Jjr8G0SQXWYOZNBNKB1GPBEkcUfXvwoaiXboiqMnHr5b
ln2j1lUZhG7CPBlknHvOQd/9mdWbNAq0D3BwBbryD1tlMxdAtiuWU0+ESKw6P7rO
Z6k96LO9V7kWuYuKt24iosVFOonU+zH9qh1lprXDTKkNseuv3i5vTxuf0QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPp5KtYCPXPsZoZyDSSkztHmNRfnMB8GA1UdIwQY
MBaAFCRQv795j66qfWo2BY0BPiTUux2dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkZDX3YzbVBycXA5YWpZRmpRRS1KTlM3SFowLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC8xOWM3NmYtMmY2Ny00MjFjLTg0YWUt
ZGQ1NDlmM2I4M2JmLzEvMS1ua3ExZ0k5Yy14bWhuSU5KS1RPMGVZMUYtYy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZDQvMTljNzZmLTJmNjctNDIxYy04NGFlLWRkNTQ5ZjNiODNi
Zi8xL0pGQ192M21QcnFwOWFqWUZqUUUtSk5TN0haMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArlLPDAN
BgkqhkiG9w0BAQsFAAOCAQEAhC6B1DCZAMR8o0h7cPNEpcfHTBzUcK5jjEkgVgpi
lzMXEyWeFH1qorus1D8yXCpj8oawqksLgRqbl9DJ5/qe40SPigasK4jjVOi+B6cR
lZqkxeEudiDIkOsx8E9WQEvFa5KYWNcU3d++iHhQ7VkHaGEjKeGAGt8lBOUMq4ze
Cxy9rBpad59iR7oVDlHboeNUOA7koJ8BzgH/bfGmpLmL+hWKVktZqGNY9g+ZVtqY
Pez0dWGjjdxGrR0ya2kBOWSwFKjaTRGMF0sCaoSRMoT/PEukrMOjfHhPJFxFbZ5d
Av4PGYSjYM5kc1eaX5t+3OcQhUTz2+VlXOdddtI5ieAbHg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:51:33 2025 by rpki-client