Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/nxY9K3hs4eW9wiyd2zfVyuMPTZ8.roa
File: nxY9K3hs4eW9wiyd2zfVyuMPTZ8.roa (raw, json)
Hash identifier: kvygY+cOmoK64hnXWrmGQdyj1Eanlt8CEQUra7ZV1bE=
Subject key identifier: 9F:16:3D:2B:78:6C:E1:E5:BD:C2:2C:9D:DB:37:D5:CA:E3:0F:4D:9F
Certificate issuer: /CN=5e400ac2396ae228d2b2e56f4b06739969379e44
Certificate serial: 019426D9FBBF70B5EE585DC7FD74954FEFE9
Authority key identifier: 5E:40:0A:C2:39:6A:E2:28:D2:B2:E5:6F:4B:06:73:99:69:37:9E:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XkAKwjlq4ijSsuVvSwZzmWk3nkQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/nxY9K3hs4eW9wiyd2zfVyuMPTZ8.roa
Signing time: Thu 02 Jan 2025 11:50:07 +0000
ROA not before: Thu 02 Jan 2025 11:50:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202187
IP address blocks: 89.30.108.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/XkAKwjlq4ijSsuVvSwZzmWk3nkQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/XkAKwjlq4ijSsuVvSwZzmWk3nkQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/XkAKwjlq4ijSsuVvSwZzmWk3nkQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:fb:bf:70:b5:ee:58:5d:c7:fd:74:95:4f:ef:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e400ac2396ae228d2b2e56f4b06739969379e44
Validity
Not Before: Jan 2 11:50:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9f163d2b786ce1e5bdc22c9ddb37d5cae30f4d9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:66:a5:e5:c6:be:c7:f5:97:03:50:50:aa:05:
e6:41:70:e1:ac:2b:7d:e5:d7:9a:63:17:e7:af:ed:
e3:a0:33:18:f7:40:2f:1b:9b:31:36:aa:cd:81:e8:
62:1c:b7:bc:cf:d4:30:de:ba:2b:c7:13:bc:36:08:
94:50:83:43:1e:7c:c6:73:93:ee:04:c5:fe:3a:c8:
5a:29:8b:fa:2e:20:c2:29:7b:d9:9b:c7:d6:01:5d:
35:28:c7:a2:34:71:c1:72:e6:e6:a5:c4:8d:9e:7a:
14:1b:fa:56:94:81:77:76:4a:b0:d8:42:0b:6b:57:
92:99:42:6a:6c:4a:87:90:35:3c:ab:0b:1f:20:0a:
13:f2:b2:6c:30:bd:e9:46:fd:1b:18:e4:c8:0f:c2:
07:fd:21:7a:49:2a:62:bc:49:f3:d5:1c:92:ba:2f:
c8:fa:9c:84:f6:ea:e5:4a:7c:26:7c:ef:b3:27:46:
8b:57:1a:b7:0d:57:fc:53:40:76:34:8c:cc:e7:3b:
6f:22:9a:1d:b9:a3:0d:7f:dc:eb:34:be:ee:0f:27:
ba:98:1a:e0:15:16:85:1c:a8:1a:24:61:ac:83:39:
12:be:ec:94:a9:63:e6:f5:0a:5e:85:12:2c:db:2c:
16:07:44:bb:3c:88:5d:8f:8e:b7:93:37:11:c1:ce:
e9:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:16:3D:2B:78:6C:E1:E5:BD:C2:2C:9D:DB:37:D5:CA:E3:0F:4D:9F
X509v3 Authority Key Identifier:
keyid:5E:40:0A:C2:39:6A:E2:28:D2:B2:E5:6F:4B:06:73:99:69:37:9E:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XkAKwjlq4ijSsuVvSwZzmWk3nkQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/nxY9K3hs4eW9wiyd2zfVyuMPTZ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/XkAKwjlq4ijSsuVvSwZzmWk3nkQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.30.108.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:47:bc:02:07:c4:0d:76:27:10:7b:9d:71:84:ce:09:e0:0f:
a3:b4:a3:d5:bd:b2:4f:b1:57:cd:9a:b3:46:a5:c5:b5:46:7d:
cd:73:4b:34:fc:bc:d9:b0:56:51:16:a8:6e:28:fe:9c:8b:fd:
70:4f:c3:0c:ce:aa:9a:2b:45:3b:58:00:84:ac:89:24:d0:61:
d6:6e:2d:be:66:f7:0b:16:ba:3f:7f:bb:7b:1f:12:91:e8:d8:
b8:92:e1:de:2f:2e:71:cc:99:a5:17:62:b6:2a:f4:30:35:ea:
55:6e:bd:14:43:2c:e3:07:e5:72:31:b5:09:bc:7b:04:34:d4:
3b:48:09:11:84:2a:34:e9:10:6c:45:a3:d5:aa:b3:dc:a0:3f:
38:66:8c:db:5f:0b:0d:d5:1f:33:25:67:4a:ec:7f:85:de:0d:
d2:d5:b7:2e:55:39:bd:a0:0e:c3:39:5e:c1:fa:42:b4:5f:62:
36:df:15:b6:26:f9:af:ed:15:ed:8d:23:30:af:c7:0a:8a:7c:
64:ea:22:8e:eb:59:ad:fc:ee:49:fb:50:07:56:13:7e:64:48:
50:28:d3:05:f7:4b:b5:bc:f7:40:85:50:29:12:47:b3:0c:4a:
fc:b4:07:72:e3:85:f3:ae:ce:d7:a6:f3:1d:5b:56:7c:dc:06:
ed:1b:b2:77
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2fu/cLXuWF3H/XSVT+/pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlNDAwYWMyMzk2YWUyMjhkMmIyZTU2ZjRiMDY3Mzk5Njkz
NzllNDQwHhcNMjUwMTAyMTE1MDA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjE2M2QyYjc4NmNlMWU1YmRjMjJjOWRkYjM3ZDVjYWUzMGY0ZDlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvmal5ca+x/WXA1BQqgXmQXDhrCt9
5deaYxfnr+3joDMY90AvG5sxNqrNgehiHLe8z9Qw3rorxxO8NgiUUINDHnzGc5Pu
BMX+OshaKYv6LiDCKXvZm8fWAV01KMeiNHHBcubmpcSNnnoUG/pWlIF3dkqw2EIL
a1eSmUJqbEqHkDU8qwsfIAoT8rJsML3pRv0bGOTID8IH/SF6SSpivEnz1RySui/I
+pyE9urlSnwmfO+zJ0aLVxq3DVf8U0B2NIzM5ztvIpoduaMNf9zrNL7uDye6mBrg
FRaFHKgaJGGsgzkSvuyUqWPm9QpehRIs2ywWB0S7PIhdj463kzcRwc7pUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ8WPSt4bOHlvcIsnds31crjD02fMB8GA1UdIwQY
MBaAFF5ACsI5auIo0rLlb0sGc5lpN55EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGtBS3dqbHE0aWpTc3VWdlN3WnptV2szbmtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9kNjdhOTUtY2IzNi00OTM3LTkyMjYt
ZGZlZDEyZjFhMDFlLzEvbnhZOUszaHM0ZVc5d2l5ZDJ6ZlZ5dU1QVFo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9kNjdhOTUtY2IzNi00OTM3LTkyMjYtZGZlZDEyZjFhMDFl
LzEvWGtBS3dqbHE0aWpTc3VWdlN3WnptV2szbmtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWR5sMA0G
CSqGSIb3DQEBCwUAA4IBAQA8R7wCB8QNdicQe51xhM4J4A+jtKPVvbJPsVfNmrNG
pcW1Rn3Nc0s0/LzZsFZRFqhuKP6ci/1wT8MMzqqaK0U7WACErIkk0GHWbi2+ZvcL
Fro/f7t7HxKR6Ni4kuHeLy5xzJmlF2K2KvQwNepVbr0UQyzjB+VyMbUJvHsENNQ7
SAkRhCo06RBsRaPVqrPcoD84ZozbXwsN1R8zJWdK7H+F3g3S1bcuVTm9oA7DOV7B
+kK0X2I23xW2Jvmv7RXtjSMwr8cKinxk6iKO61mt/O5J+1AHVhN+ZEhQKNMF90u1
vPdAhVApEkezDEr8tAdy44Xzrs7XpvMdW1Z83AbtG7J3
-----END CERTIFICATE-----
Generated at Fri Apr 18 09:58:07 2025 by rpki-client