Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/1ed1f6-09d7-4294-92b4-e551745d276e/1/nVML7LcRQkLl4LsQylRXZkNhkNs.roa
File: nVML7LcRQkLl4LsQylRXZkNhkNs.roa (raw, json)
Hash identifier: aP+8mW119fycA5Li+oipfw+Kb6S3KHGW180HDqCC2II=
Subject key identifier: 9D:53:0B:EC:B7:11:42:42:E5:E0:BB:10:CA:54:57:66:43:61:90:DB
Certificate issuer: /CN=fcd77e6877829833043333538b47f12682cebdc3
Certificate serial: 019421B22F5B3DE43131D520EFF0E7C3BAAB
Authority key identifier: FC:D7:7E:68:77:82:98:33:04:33:33:53:8B:47:F1:26:82:CE:BD:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_Nd-aHeCmDMEMzNTi0fxJoLOvcM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/1ed1f6-09d7-4294-92b4-e551745d276e/1/nVML7LcRQkLl4LsQylRXZkNhkNs.roa
Signing time: Wed 01 Jan 2025 11:48:33 +0000
ROA not before: Wed 01 Jan 2025 11:48:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210136
IP address blocks: 62.192.144.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/1ed1f6-09d7-4294-92b4-e551745d276e/1/_Nd-aHeCmDMEMzNTi0fxJoLOvcM.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/1ed1f6-09d7-4294-92b4-e551745d276e/1/_Nd-aHeCmDMEMzNTi0fxJoLOvcM.mft
rsync://rpki.ripe.net/repository/DEFAULT/_Nd-aHeCmDMEMzNTi0fxJoLOvcM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 23:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:2f:5b:3d:e4:31:31:d5:20:ef:f0:e7:c3:ba:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fcd77e6877829833043333538b47f12682cebdc3
Validity
Not Before: Jan 1 11:48:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9d530becb7114242e5e0bb10ca545766436190db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:6a:84:3e:91:ea:cf:37:0b:5f:5a:8d:eb:e4:
77:97:a2:ba:a6:2b:b6:d1:95:08:17:eb:87:2f:25:
49:57:87:36:b6:52:b5:18:93:9a:a7:6a:60:83:b5:
5f:af:ce:2d:6b:7f:f0:69:f4:47:cd:4b:a7:94:77:
5a:90:90:bf:da:d4:ac:26:f1:b8:a2:a7:1d:bc:09:
12:a9:6a:d0:b3:47:7e:0f:5c:d7:de:06:78:f7:a8:
3b:c7:b6:99:73:b9:a4:de:55:cf:0f:2d:b8:66:10:
0b:e6:86:a6:f4:3e:e6:7a:0b:da:a9:34:ba:af:77:
a4:5f:ba:1b:0d:47:3f:d2:0c:8c:c4:74:31:0a:8f:
f5:6a:1a:23:b6:66:ac:a9:39:66:ca:8c:c6:11:fc:
03:d6:5a:de:1c:78:73:4e:07:3c:00:68:80:07:06:
1c:14:dc:70:d5:c1:40:5b:84:40:2f:ca:a7:2f:1d:
60:32:18:09:85:06:dd:0d:2c:9f:16:48:63:7e:bd:
ef:17:d1:56:ff:ee:41:a1:dc:c6:e1:60:53:45:ac:
1d:43:23:4e:bf:be:e1:e2:c1:be:d8:90:4e:ff:7a:
95:56:1d:57:a0:e2:65:4b:b0:4a:89:84:83:22:7c:
d6:f6:37:b8:e8:85:45:24:95:32:91:26:49:39:08:
e5:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:53:0B:EC:B7:11:42:42:E5:E0:BB:10:CA:54:57:66:43:61:90:DB
X509v3 Authority Key Identifier:
keyid:FC:D7:7E:68:77:82:98:33:04:33:33:53:8B:47:F1:26:82:CE:BD:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_Nd-aHeCmDMEMzNTi0fxJoLOvcM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/1ed1f6-09d7-4294-92b4-e551745d276e/1/nVML7LcRQkLl4LsQylRXZkNhkNs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/1ed1f6-09d7-4294-92b4-e551745d276e/1/_Nd-aHeCmDMEMzNTi0fxJoLOvcM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.192.144.0/22
Signature Algorithm: sha256WithRSAEncryption
12:cd:2a:f1:d3:34:fa:56:3a:1b:de:e0:5f:46:00:80:63:7f:
2e:ca:50:85:8b:0b:4f:47:68:23:be:43:ad:af:05:5d:6d:c8:
8c:f7:2c:3e:73:80:94:ff:4d:94:c5:b9:37:1c:94:dc:37:70:
a7:b3:37:1c:ef:b7:68:d0:ec:44:c6:13:f9:50:4b:05:2c:2d:
f7:6c:db:96:67:80:92:4a:ee:da:b5:ef:93:c0:70:16:e4:05:
04:a7:7d:4d:fe:6b:eb:2b:a0:e4:a9:3e:a6:45:31:4b:7c:5e:
e8:df:56:9b:d2:74:34:8f:08:c2:4e:87:bf:1a:e9:b1:da:af:
be:df:12:fc:8d:5e:e0:35:f0:47:c7:df:df:3d:d9:68:bd:e1:
54:6f:a3:27:a7:05:30:0b:25:2c:96:fa:73:d4:05:87:6e:d3:
61:88:a5:63:81:93:b5:a4:e9:bf:11:2a:a1:09:38:3a:52:bd:
a9:d8:67:4a:4a:18:cb:41:57:ae:45:65:c8:dc:45:66:0f:c6:
b3:9b:01:d3:2f:e0:10:9c:a4:f6:8a:ca:32:ea:cc:2d:9f:2f:
1d:51:70:71:8f:a7:f4:30:7a:0d:85:63:38:6f:f8:96:d9:00:
5d:d9:ea:e1:86:fa:92:25:d8:31:9d:1e:24:b0:bc:55:b8:9d:
49:6d:64:68
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsi9bPeQxMdUg7/Dnw7qrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjZDc3ZTY4Nzc4Mjk4MzMwNDMzMzM1MzhiNDdmMTI2ODJj
ZWJkYzMwHhcNMjUwMTAxMTE0ODMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDUzMGJlY2I3MTE0MjQyZTVlMGJiMTBjYTU0NTc2NjQzNjE5MGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGqEPpHqzzcLX1qN6+R3l6K6piu2
0ZUIF+uHLyVJV4c2tlK1GJOap2pgg7Vfr84ta3/wafRHzUunlHdakJC/2tSsJvG4
oqcdvAkSqWrQs0d+D1zX3gZ496g7x7aZc7mk3lXPDy24ZhAL5oam9D7megvaqTS6
r3ekX7obDUc/0gyMxHQxCo/1ahojtmasqTlmyozGEfwD1lreHHhzTgc8AGiABwYc
FNxw1cFAW4RAL8qnLx1gMhgJhQbdDSyfFkhjfr3vF9FW/+5BodzG4WBTRawdQyNO
v77h4sG+2JBO/3qVVh1XoOJlS7BKiYSDInzW9je46IVFJJUykSZJOQjllQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ1TC+y3EUJC5eC7EMpUV2ZDYZDbMB8GA1UdIwQY
MBaAFPzXfmh3gpgzBDMzU4tH8SaCzr3DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX05kLWFIZUNtRE1FTXpOVGkwZnhKb0xPdmNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xZWQxZjYtMDlkNy00Mjk0LTkyYjQt
ZTU1MTc0NWQyNzZlLzEvblZNTDdMY1JRa0xsNExzUXlsUlhaa05oa05zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xZWQxZjYtMDlkNy00Mjk0LTkyYjQtZTU1MTc0NWQyNzZl
LzEvX05kLWFIZUNtRE1FTXpOVGkwZnhKb0xPdmNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCPsCQMA0G
CSqGSIb3DQEBCwUAA4IBAQASzSrx0zT6Vjob3uBfRgCAY38uylCFiwtPR2gjvkOt
rwVdbciM9yw+c4CU/02Uxbk3HJTcN3Cnszcc77do0OxExhP5UEsFLC33bNuWZ4CS
Su7ate+TwHAW5AUEp31N/mvrK6DkqT6mRTFLfF7o31ab0nQ0jwjCToe/Gumx2q++
3xL8jV7gNfBHx9/fPdloveFUb6MnpwUwCyUslvpz1AWHbtNhiKVjgZO1pOm/ESqh
CTg6Ur2p2GdKShjLQVeuRWXI3EVmD8azmwHTL+AQnKT2isoy6swtny8dUXBxj6f0
MHoNhWM4b/iW2QBd2erhhvqSJdgxnR4ksLxVuJ1JbWRo
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:50:24 2025 by rpki-client