Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/d5b1a7-466d-471c-a70c-2fb25abfdc53/1/nMDCAx4S7BvyRseCP1AtruhoXlQ.roa
File: nMDCAx4S7BvyRseCP1AtruhoXlQ.roa (raw, json)
Hash identifier: MzKXqieiYhEALeqU1AUv5CMaIkFtOJxEDtJDUquvAg0=
Subject key identifier: 9C:C0:C2:03:1E:12:EC:1B:F2:46:C7:82:3F:50:2D:AE:E8:68:5E:54
Certificate issuer: /CN=8cdcf26f74860588cac6bae17f99de22dbc49ae6
Certificate serial: 01942368FF43CCD3E7684FBF78B8B64F6C8E
Authority key identifier: 8C:DC:F2:6F:74:86:05:88:CA:C6:BA:E1:7F:99:DE:22:DB:C4:9A:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jNzyb3SGBYjKxrrhf5neItvEmuY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/d5b1a7-466d-471c-a70c-2fb25abfdc53/1/nMDCAx4S7BvyRseCP1AtruhoXlQ.roa
Signing time: Wed 01 Jan 2025 19:47:51 +0000
ROA not before: Wed 01 Jan 2025 19:47:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62038
IP address blocks: 153.92.96.0/21 maxlen: 21
185.50.32.0/22 maxlen: 22
2a04:bd40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/d5b1a7-466d-471c-a70c-2fb25abfdc53/1/jNzyb3SGBYjKxrrhf5neItvEmuY.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/d5b1a7-466d-471c-a70c-2fb25abfdc53/1/jNzyb3SGBYjKxrrhf5neItvEmuY.mft
rsync://rpki.ripe.net/repository/DEFAULT/jNzyb3SGBYjKxrrhf5neItvEmuY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Feb 2025 10:01:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:68:ff:43:cc:d3:e7:68:4f:bf:78:b8:b6:4f:6c:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8cdcf26f74860588cac6bae17f99de22dbc49ae6
Validity
Not Before: Jan 1 19:47:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9cc0c2031e12ec1bf246c7823f502daee8685e54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:30:90:35:1c:dd:85:b0:f7:ad:81:3b:cf:f0:
d2:56:e1:aa:d4:1d:61:11:e4:25:65:96:95:b3:39:
63:42:13:93:9c:7c:c7:b7:53:c4:14:41:ba:2e:e7:
b6:94:7d:8a:82:24:01:bd:8b:19:a4:55:8a:d7:6a:
80:3b:a3:0a:09:b8:37:ca:4a:90:17:0d:64:96:8d:
d6:ed:b8:37:be:18:f0:e8:b3:79:2d:d4:be:8a:32:
52:f2:f4:cc:56:eb:9e:95:e0:18:04:ef:52:c7:ed:
02:c0:58:b4:20:f5:1d:d2:95:02:5a:1a:c3:a0:ba:
3b:d9:1a:6a:25:43:b2:e5:aa:ea:be:5c:f0:88:d7:
2c:da:98:dd:44:4b:2f:46:df:a7:48:1c:97:db:e2:
92:08:0a:6f:26:40:3c:df:48:6b:e3:81:a8:49:e9:
bf:c9:36:81:db:55:bc:27:66:9d:bb:59:d9:b6:54:
1f:0f:74:be:3c:c5:c9:00:5c:4b:8f:9d:6d:0c:91:
80:f6:11:5d:9b:28:8e:c0:69:b3:52:84:32:a4:0b:
c7:9b:96:46:e2:ff:93:e1:e6:02:2c:13:85:40:4e:
c0:04:5d:8e:90:12:59:37:79:51:20:b7:00:22:99:
10:ae:23:3b:28:15:56:81:8f:80:5a:c4:69:35:ad:
52:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:C0:C2:03:1E:12:EC:1B:F2:46:C7:82:3F:50:2D:AE:E8:68:5E:54
X509v3 Authority Key Identifier:
keyid:8C:DC:F2:6F:74:86:05:88:CA:C6:BA:E1:7F:99:DE:22:DB:C4:9A:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jNzyb3SGBYjKxrrhf5neItvEmuY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/d5b1a7-466d-471c-a70c-2fb25abfdc53/1/nMDCAx4S7BvyRseCP1AtruhoXlQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/d5b1a7-466d-471c-a70c-2fb25abfdc53/1/jNzyb3SGBYjKxrrhf5neItvEmuY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
153.92.96.0/21
185.50.32.0/22
IPv6:
2a04:bd40::/29
Signature Algorithm: sha256WithRSAEncryption
8b:de:36:ba:52:e4:2d:1e:f7:f9:64:9d:8e:c6:8d:26:31:c6:
60:fe:aa:ab:74:d9:17:22:e3:eb:33:cf:3d:ef:a6:40:1c:09:
88:c2:4b:d0:5c:4f:d6:e3:0c:25:f4:f8:b4:1e:d5:a6:93:5a:
ff:64:d3:0e:05:79:8e:a5:0c:15:94:bb:51:c2:03:ec:ff:bc:
03:ae:f5:d7:93:c5:d0:30:74:70:f4:04:bf:f3:3c:48:d9:12:
07:c3:99:c0:89:bc:04:0a:c1:35:69:46:a1:6f:83:2a:b2:03:
09:72:56:20:ce:ca:9c:e2:3e:6a:9b:83:63:27:6a:b5:15:45:
70:95:d6:20:84:b6:9c:a1:6f:7c:bc:1f:83:9d:b2:3d:47:0d:
72:93:ea:89:b6:40:1f:e1:94:c1:c9:f5:06:3b:d3:e9:b3:b3:
9b:8c:6e:d9:1d:34:2f:91:fd:ab:35:fb:9a:cd:e7:aa:8b:56:
3c:bd:a2:3c:dc:df:23:40:78:dd:be:85:15:d9:6c:55:94:80:
97:74:0e:36:3e:09:05:29:6b:6b:b6:05:fa:a3:cd:03:25:d4:
44:6e:dd:93:fa:dc:90:94:44:71:29:44:f8:82:8d:6b:06:77:
d6:c8:3b:83:a0:3b:b3:df:da:60:0a:84:db:5c:60:a8:7d:1e:
b5:d7:c6:3b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQjaP9DzNPnaE+/eLi2T2yOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjZGNmMjZmNzQ4NjA1ODhjYWM2YmFlMTdmOTlkZTIyZGJj
NDlhZTYwHhcNMjUwMTAxMTk0NzUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2MwYzIwMzFlMTJlYzFiZjI0NmM3ODIzZjUwMmRhZWU4Njg1ZTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jCQNRzdhbD3rYE7z/DSVuGq1B1h
EeQlZZaVszljQhOTnHzHt1PEFEG6Lue2lH2KgiQBvYsZpFWK12qAO6MKCbg3ykqQ
Fw1klo3W7bg3vhjw6LN5LdS+ijJS8vTMVuueleAYBO9Sx+0CwFi0IPUd0pUCWhrD
oLo72RpqJUOy5arqvlzwiNcs2pjdREsvRt+nSByX2+KSCApvJkA830hr44GoSem/
yTaB21W8J2adu1nZtlQfD3S+PMXJAFxLj51tDJGA9hFdmyiOwGmzUoQypAvHm5ZG
4v+T4eYCLBOFQE7ABF2OkBJZN3lRILcAIpkQriM7KBVWgY+AWsRpNa1SyQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJzAwgMeEuwb8kbHgj9QLa7oaF5UMB8GA1UdIwQY
MBaAFIzc8m90hgWIysa64X+Z3iLbxJrmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvak56eWIzU0dCWWpLeHJyaGY1bmVJdHZFbXVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9kNWIxYTctNDY2ZC00NzFjLWE3MGMt
MmZiMjVhYmZkYzUzLzEvbk1EQ0F4NFM3QnZ5UnNlQ1AxQXRydWhvWGxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9kNWIxYTctNDY2ZC00NzFjLWE3MGMtMmZiMjVhYmZkYzUz
LzEvak56eWIzU0dCWWpLeHJyaGY1bmVJdHZFbXVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDmVxgAwQC
uTIgMA0EAgACMAcDBQMqBL1AMA0GCSqGSIb3DQEBCwUAA4IBAQCL3ja6UuQtHvf5
ZJ2Oxo0mMcZg/qqrdNkXIuPrM88976ZAHAmIwkvQXE/W4wwl9Pi0HtWmk1r/ZNMO
BXmOpQwVlLtRwgPs/7wDrvXXk8XQMHRw9AS/8zxI2RIHw5nAibwECsE1aUahb4Mq
sgMJclYgzsqc4j5qm4NjJ2q1FUVwldYghLacoW98vB+DnbI9Rw1yk+qJtkAf4ZTB
yfUGO9Pps7ObjG7ZHTQvkf2rNfuazeeqi1Y8vaI83N8jQHjdvoUV2WxVlICXdA42
PgkFKWtrtgX6o80DJdREbt2T+tyQlERxKUT4go1rBnfWyDuDoDuz39pgCoTbXGCo
fR6118Y7
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:43:29 2025 by rpki-client