Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/NJpbUkabt1V3MvfUzRxR33Tm_kw.roa
File: NJpbUkabt1V3MvfUzRxR33Tm_kw.roa (raw, json)
Hash identifier: lj+qnpJ6KhS8RYzIjZTBXSDEnRBsDZ5iNMIByHD4jBo=
Subject key identifier: 34:9A:5B:52:46:9B:B7:55:77:32:F7:D4:CD:1C:51:DF:74:E6:FE:4C
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01942824845FFD3C4D2E9C2ACCA99A1FD970
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/NJpbUkabt1V3MvfUzRxR33Tm_kw.roa
Signing time: Thu 02 Jan 2025 17:51:09 +0000
ROA not before: Thu 02 Jan 2025 17:51:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48917
IP address blocks: 87.121.119.0/24 maxlen: 24
91.92.106.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 00:57:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:84:5f:fd:3c:4d:2e:9c:2a:cc:a9:9a:1f:d9:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 17:51:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=349a5b52469bb7557732f7d4cd1c51df74e6fe4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:85:1d:60:7f:a9:12:e3:02:aa:a6:49:02:60:
79:d8:65:2b:d4:ae:fa:e7:fe:eb:9d:d7:d7:fd:d1:
9a:23:a2:d9:c4:48:45:0d:9f:ef:83:28:f6:0d:6a:
27:f6:99:c9:5f:c5:0d:93:ef:ab:b7:f0:76:ff:00:
56:d5:00:29:47:2d:58:a1:b3:1b:42:69:17:a3:a5:
9f:cd:22:7c:56:32:16:77:5c:dc:98:e8:e1:c3:06:
15:31:cd:ca:14:81:a2:79:51:36:18:0d:65:0e:ae:
81:e3:a5:f2:98:35:b2:08:69:d7:8f:ff:b0:0a:61:
a7:3d:a0:78:08:26:4d:75:08:a9:49:63:b1:7f:b3:
89:58:05:9a:6a:54:4f:9d:53:4c:5d:21:a2:a0:70:
25:05:2b:5d:fb:b2:47:22:35:2e:5f:45:e5:af:9c:
a0:54:47:58:81:6c:c3:c9:53:1f:30:a6:9a:e4:00:
86:06:c3:f6:16:f7:a3:de:1e:9f:b7:6a:a3:3b:0d:
3b:9e:da:68:5c:b6:28:81:5e:d0:b6:9d:9c:24:f1:
7c:ff:3a:8a:41:f0:9d:9b:0f:58:68:02:73:3b:a7:
b6:21:f6:94:50:10:d1:40:62:c8:7f:84:21:b0:63:
b4:07:45:7a:d9:40:c2:3c:cf:60:5f:c9:1b:bf:ae:
b1:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:9A:5B:52:46:9B:B7:55:77:32:F7:D4:CD:1C:51:DF:74:E6:FE:4C
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/NJpbUkabt1V3MvfUzRxR33Tm_kw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.121.119.0/24
91.92.106.0/23
Signature Algorithm: sha256WithRSAEncryption
a4:5a:5a:ac:fd:4d:b9:36:89:a9:88:4c:60:2a:09:5d:1b:a0:
f7:b9:69:42:35:80:f9:92:34:01:64:ce:c7:cc:1f:33:3c:c9:
40:dc:23:d0:c7:eb:74:d5:4f:d7:05:0c:10:d3:05:47:b3:46:
dc:97:72:c3:4c:6a:2d:a1:0c:fc:2e:43:92:6c:eb:53:af:d9:
94:7c:d8:8a:09:6f:1a:84:54:02:74:d6:6f:aa:63:b2:79:b0:
e0:73:81:c0:a5:87:10:c3:26:65:60:e4:87:84:ff:2a:a4:8f:
2e:2d:bc:2a:58:cb:dc:4c:b3:b1:c8:14:54:13:17:55:64:54:
e9:22:9b:ef:07:32:a4:12:b7:94:3a:bc:d4:e3:5f:87:86:ac:
ac:b3:78:0a:7a:de:4c:ef:1f:bf:3f:1f:9a:3f:43:e0:66:e4:
de:35:60:e4:0e:b0:b3:95:7e:14:68:da:cc:de:f2:90:c3:99:
1a:66:32:46:63:d0:e1:09:82:b6:25:68:01:22:6b:6a:2c:b8:
d7:70:ae:cc:d1:67:47:2c:cb:75:b1:18:a6:40:99:2a:94:5e:
06:ee:7d:c6:84:c7:85:8a:90:63:1b:72:87:24:27:4f:93:12:
2d:60:e8:bf:b6:39:ab:6f:96:93:f5:76:78:02:54:80:ae:4f:
00:39:00:b3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQoJIRf/TxNLpwqzKmaH9lwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMTAyMTc1MTA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDlhNWI1MjQ2OWJiNzU1NzczMmY3ZDRjZDFjNTFkZjc0ZTZmZTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7oUdYH+pEuMCqqZJAmB52GUr1K76
5/7rndfX/dGaI6LZxEhFDZ/vgyj2DWon9pnJX8UNk++rt/B2/wBW1QApRy1YobMb
QmkXo6WfzSJ8VjIWd1zcmOjhwwYVMc3KFIGieVE2GA1lDq6B46XymDWyCGnXj/+w
CmGnPaB4CCZNdQipSWOxf7OJWAWaalRPnVNMXSGioHAlBStd+7JHIjUuX0Xlr5yg
VEdYgWzDyVMfMKaa5ACGBsP2Fvej3h6ft2qjOw07ntpoXLYogV7Qtp2cJPF8/zqK
QfCdmw9YaAJzO6e2IfaUUBDRQGLIf4QhsGO0B0V62UDCPM9gX8kbv66xqwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDSaW1JGm7dVdzL31M0cUd905v5MMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvTkpwYlVrYWJ0MVYzTXZmVXpSeFIzM1RtX2t3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAV3l3AwQB
W1xqMA0GCSqGSIb3DQEBCwUAA4IBAQCkWlqs/U25NompiExgKgldG6D3uWlCNYD5
kjQBZM7HzB8zPMlA3CPQx+t01U/XBQwQ0wVHs0bcl3LDTGotoQz8LkOSbOtTr9mU
fNiKCW8ahFQCdNZvqmOyebDgc4HApYcQwyZlYOSHhP8qpI8uLbwqWMvcTLOxyBRU
ExdVZFTpIpvvBzKkEreUOrzU41+Hhqyss3gKet5M7x+/Px+aP0PgZuTeNWDkDrCz
lX4UaNrM3vKQw5kaZjJGY9DhCYK2JWgBImtqLLjXcK7M0WdHLMt1sRimQJkqlF4G
7n3GhMeFipBjG3KHJCdPkxItYOi/tjmrb5aT9XZ4AlSArk8AOQCz
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:53:26 2025 by rpki-client