Route Origin Authorization
$ rpki-client -vvf rpki.nellicus.net/repo/nellicus/1/3138352e3230342e31342e302f32332d3233203d3e20323033393339.roa
File: 3138352e3230342e31342e302f32332d3233203d3e20323033393339.roa (raw, json)
Hash identifier: 0iU1VE4oIBeR0g+kEvaxFQYjnK8h1fW0reMHFIiSAYk=
Subject key identifier: B1:44:2C:9A:A3:16:D5:D6:48:01:89:C2:6A:33:52:B2:BE:12:0F:6F
Certificate issuer: /CN=4e9a6c18f349b395c31c33bb7f9b9f5817bde9a8
Certificate serial: 55023E9BAA148342642E9B9FEC77437EC28DE2A2
Authority key identifier: 4E:9A:6C:18:F3:49:B3:95:C3:1C:33:BB:7F:9B:9F:58:17:BD:E9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TppsGPNJs5XDHDO7f5ufWBe96ag.cer
Subject info access: rsync://rpki.nellicus.net/repo/nellicus/1/3138352e3230342e31342e302f32332d3233203d3e20323033393339.roa
Signing time: Mon 30 Dec 2024 07:27:45 +0000
ROA not before: Mon 30 Dec 2024 07:22:45 +0000
ROA not after: Mon 29 Dec 2025 07:27:45 +0000
asID: 203939
IP address blocks: 185.204.14.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.nellicus.net/repo/nellicus/1/4E9A6C18F349B395C31C33BB7F9B9F5817BDE9A8.crl
rsync://rpki.nellicus.net/repo/nellicus/1/4E9A6C18F349B395C31C33BB7F9B9F5817BDE9A8.mft
rsync://rpki.ripe.net/repository/DEFAULT/TppsGPNJs5XDHDO7f5ufWBe96ag.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 22:02:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:02:3e:9b:aa:14:83:42:64:2e:9b:9f:ec:77:43:7e:c2:8d:e2:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9a6c18f349b395c31c33bb7f9b9f5817bde9a8
Validity
Not Before: Dec 30 07:22:45 2024 GMT
Not After : Dec 29 07:27:45 2025 GMT
Subject: CN=B1442C9AA316D5D6480189C26A3352B2BE120F6F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:f0:60:7a:fd:aa:59:47:27:dd:06:00:16:e9:
34:73:5d:e8:32:52:a2:1e:45:32:e2:62:73:a6:58:
0f:80:ba:9d:1f:0d:8c:8e:1c:ec:58:02:25:50:16:
97:7b:92:48:4d:20:fb:9f:a8:6a:b1:20:70:7a:1d:
1b:ed:15:52:44:0e:b7:d6:b2:a7:cb:d8:e6:51:39:
23:3d:63:3b:4d:98:6d:d5:81:26:1f:d9:e0:da:3f:
7d:06:96:c9:35:81:a9:05:2a:f8:cd:c5:33:16:ef:
2a:97:68:08:47:f5:16:25:5c:88:be:5e:61:78:d7:
46:88:09:f0:91:a1:75:2a:ca:1d:93:c8:4f:57:0a:
11:9d:66:09:a3:22:93:dc:eb:b2:bc:29:17:92:c1:
a3:b5:d1:91:a0:de:17:bf:c3:d3:48:c9:97:cb:15:
59:49:0c:8d:54:b2:d6:b8:20:3c:76:94:af:f3:87:
7a:8d:05:88:6d:0e:ca:2b:4a:57:ab:b1:f3:06:92:
de:8f:b0:15:08:44:f1:da:6f:2e:54:38:38:0b:9b:
a7:65:68:3e:59:01:5f:a5:28:7c:84:eb:cb:75:2d:
11:23:cb:1c:fd:bf:07:c2:eb:04:ab:5c:bb:36:18:
a6:c7:11:02:be:95:ce:27:cb:8d:ee:aa:f1:35:b1:
5c:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:44:2C:9A:A3:16:D5:D6:48:01:89:C2:6A:33:52:B2:BE:12:0F:6F
X509v3 Authority Key Identifier:
keyid:4E:9A:6C:18:F3:49:B3:95:C3:1C:33:BB:7F:9B:9F:58:17:BD:E9:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.nellicus.net/repo/nellicus/1/4E9A6C18F349B395C31C33BB7F9B9F5817BDE9A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TppsGPNJs5XDHDO7f5ufWBe96ag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.nellicus.net/repo/nellicus/1/3138352e3230342e31342e302f32332d3233203d3e20323033393339.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.204.14.0/23
Signature Algorithm: sha256WithRSAEncryption
6c:71:9d:a9:46:3e:59:6c:de:a0:90:71:b5:f2:e3:2a:e2:f9:
76:8c:46:f7:8a:04:12:9b:b9:9d:69:b7:46:fd:b6:46:49:6b:
ae:57:c0:25:1d:22:44:c1:19:7a:29:c2:ff:c3:ae:62:4e:3e:
a7:3c:11:ca:c3:ad:e9:e0:7d:a9:d0:96:8e:3d:07:2b:ef:de:
f9:7d:7f:02:bd:bc:74:4a:de:4f:f1:2d:26:32:dc:38:a2:a5:
9b:ce:f9:65:4c:61:03:02:23:54:1c:d6:db:d7:1d:64:e7:ba:
e6:44:55:1e:b1:8a:73:c8:72:d1:90:b9:1e:51:b8:b6:d9:7a:
e2:af:b0:74:d4:f3:08:fd:04:51:b0:ea:36:2c:3c:13:8c:84:
6f:e2:b5:15:3a:3b:b6:04:33:3c:2a:84:19:60:5b:39:ec:21:
fc:e9:56:b4:08:cf:ce:ea:64:f0:28:df:65:84:f3:2e:02:f7:
ec:44:fb:72:b1:84:2e:c7:4b:62:f4:6c:b6:ff:2b:88:0e:b8:
e4:92:88:6e:b1:6b:2b:a6:b4:74:18:1b:1b:e7:60:17:e7:83:
93:97:e3:4b:e9:51:d2:03:98:ad:03:f8:9d:97:be:11:cd:52:
cf:b0:45:b8:8a:03:56:d8:75:63:9e:a3:6f:7a:22:24:f5:3c:
d9:4c:e6:ca
-----BEGIN CERTIFICATE-----
MIIE2TCCA8GgAwIBAgIUVQI+m6oUg0JkLpuf7HdDfsKN4qIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5YTZjMThmMzQ5YjM5NWMzMWMzM2JiN2Y5YjlmNTgx
N2JkZTlhODAeFw0yNDEyMzAwNzIyNDVaFw0yNTEyMjkwNzI3NDVaMDMxMTAvBgNV
BAMTKEIxNDQyQzlBQTMxNkQ1RDY0ODAxODlDMjZBMzM1MkIyQkUxMjBGNkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDI8GB6/apZRyfdBgAW6TRzXegy
UqIeRTLiYnOmWA+Aup0fDYyOHOxYAiVQFpd7kkhNIPufqGqxIHB6HRvtFVJEDrfW
sqfL2OZROSM9YztNmG3VgSYf2eDaP30Glsk1gakFKvjNxTMW7yqXaAhH9RYlXIi+
XmF410aICfCRoXUqyh2TyE9XChGdZgmjIpPc67K8KReSwaO10ZGg3he/w9NIyZfL
FVlJDI1Usta4IDx2lK/zh3qNBYhtDsorSlersfMGkt6PsBUIRPHaby5UODgLm6dl
aD5ZAV+lKHyE68t1LREjyxz9vwfC6wSrXLs2GKbHEQK+lc4ny43uqvE1sVw5AgMB
AAGjggHjMIIB3zAdBgNVHQ4EFgQUsUQsmqMW1dZIAYnCajNSsr4SD28wHwYDVR0j
BBgwFoAUTppsGPNJs5XDHDO7f5ufWBe96agwDgYDVR0PAQH/BAQDAgeAMGcGA1Ud
HwRgMF4wXKBaoFiGVnJzeW5jOi8vcnBraS5uZWxsaWN1cy5uZXQvcmVwby9uZWxs
aWN1cy8xLzRFOUE2QzE4RjM0OUIzOTVDMzFDMzNCQjdGOUI5RjU4MTdCREU5QTgu
Y3JsMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJp
cGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9UcHBzR1BOSnM1WERIRE83ZjV1ZldC
ZTk2YWcuY2VyMIGCBggrBgEFBQcBCwR2MHQwcgYIKwYBBQUHMAuGZnJzeW5jOi8v
cnBraS5uZWxsaWN1cy5uZXQvcmVwby9uZWxsaWN1cy8xLzMxMzgzNTJlMzIzMDM0
MmUzMTM0MmUzMDJmMzIzMzJkMzIzMzIwM2QzZTIwMzIzMDMzMzkzMzM5LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA
ATAGAwQBucwOMA0GCSqGSIb3DQEBCwUAA4IBAQBscZ2pRj5ZbN6gkHG18uMq4vl2
jEb3igQSm7mdabdG/bZGSWuuV8AlHSJEwRl6KcL/w65iTj6nPBHKw63p4H2p0JaO
PQcr7975fX8Cvbx0St5P8S0mMtw4oqWbzvllTGEDAiNUHNbb1x1k57rmRFUesYpz
yHLRkLkeUbi22Xrir7B01PMI/QRRsOo2LDwTjIRv4rUVOju2BDM8KoQZYFs57CH8
6Va0CM/O6mTwKN9lhPMuAvfsRPtysYQux0ti9Gy2/yuIDrjkkohusWsrprR0GBsb
52AX54OTl+NL6VHSA5itA/idl74RzVLPsEW4igNW2HVjnqNveiIk9TzZTObK
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:01:49 2025 by rpki-client