Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/nuAp8jQeL57cxcv-qMziP5TUwtY.roa
File: nuAp8jQeL57cxcv-qMziP5TUwtY.roa (raw, json)
Hash identifier: vb4FRcaEF1fztUtawfL6ZNK658gxKBaRE6cvTVdZv2U=
Subject key identifier: 9E:E0:29:F2:34:1E:2F:9E:DC:C5:CB:FE:A8:CC:E2:3F:94:D4:C2:D6
Certificate issuer: /CN=f4d08a1e1cbc909254e9e6b9c939fd85a268b1e1
Certificate serial: 0194266B916F67E40F9AC111036E75A70A7A
Authority key identifier: F4:D0:8A:1E:1C:BC:90:92:54:E9:E6:B9:C9:39:FD:85:A2:68:B1:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9NCKHhy8kJJU6ea5yTn9haJoseE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/nuAp8jQeL57cxcv-qMziP5TUwtY.roa
Signing time: Thu 02 Jan 2025 09:49:31 +0000
ROA not before: Thu 02 Jan 2025 09:49:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 395092
IP address blocks: 45.95.16.0/22 maxlen: 22
45.155.36.0/22 maxlen: 22
185.93.220.0/22 maxlen: 24
213.108.246.0/23 maxlen: 23
213.139.204.0/22 maxlen: 22
217.195.152.0/22 maxlen: 22
2a0d:9ec0::/48 maxlen: 48
2a0d:9ec1::/48 maxlen: 48
2a0d:9ec2::/48 maxlen: 48
2a0d:d8c0::/48 maxlen: 48
2a0d:d8c0:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/9NCKHhy8kJJU6ea5yTn9haJoseE.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/9NCKHhy8kJJU6ea5yTn9haJoseE.mft
rsync://rpki.ripe.net/repository/DEFAULT/9NCKHhy8kJJU6ea5yTn9haJoseE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 21:19:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:91:6f:67:e4:0f:9a:c1:11:03:6e:75:a7:0a:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4d08a1e1cbc909254e9e6b9c939fd85a268b1e1
Validity
Not Before: Jan 2 09:49:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9ee029f2341e2f9edcc5cbfea8cce23f94d4c2d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:72:f9:f5:de:cb:6c:80:36:38:92:93:2c:84:
9e:4d:28:4f:c6:e2:37:a7:9d:ef:df:ce:46:88:31:
4c:12:b6:64:91:30:3d:7c:d6:a6:02:ba:46:eb:6a:
05:f6:a4:3c:b9:1d:68:51:2e:a3:49:2d:12:18:e1:
cc:e8:a9:9c:42:ea:73:27:c0:ef:b9:bc:7a:2f:fb:
1c:00:f2:12:23:3f:24:e8:7c:a9:77:2a:d0:1c:3b:
5e:80:5f:a1:a9:dc:58:ee:94:76:41:24:b1:78:41:
51:35:e0:d4:8a:12:4c:8e:6e:2d:1d:bd:f3:92:ee:
a0:a9:43:c0:97:ee:62:73:51:cc:25:3a:d5:f6:13:
4f:d6:ba:b9:f4:09:e6:b2:61:d5:74:2f:aa:52:ef:
c7:f9:71:1d:eb:cc:f7:f4:8d:3c:33:28:01:9b:e4:
c1:24:f6:46:38:23:0e:14:9f:1c:be:ea:b3:7b:63:
43:56:a1:85:0e:d1:04:2b:0a:8d:11:d5:74:a5:15:
e5:ae:fd:53:a8:b3:79:4d:6c:ee:2b:5c:b3:53:4e:
2f:bc:6f:f5:77:8a:86:5e:a6:71:72:be:a3:03:06:
a5:90:56:34:d2:dd:34:b8:9c:41:3e:e7:df:df:e6:
44:2e:a5:78:66:29:64:ac:fd:1c:16:7c:07:98:af:
df:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:E0:29:F2:34:1E:2F:9E:DC:C5:CB:FE:A8:CC:E2:3F:94:D4:C2:D6
X509v3 Authority Key Identifier:
keyid:F4:D0:8A:1E:1C:BC:90:92:54:E9:E6:B9:C9:39:FD:85:A2:68:B1:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9NCKHhy8kJJU6ea5yTn9haJoseE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/nuAp8jQeL57cxcv-qMziP5TUwtY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/9NCKHhy8kJJU6ea5yTn9haJoseE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.16.0/22
45.155.36.0/22
185.93.220.0/22
213.108.246.0/23
213.139.204.0/22
217.195.152.0/22
IPv6:
2a0d:9ec0::/48
2a0d:9ec1::/48
2a0d:9ec2::/48
2a0d:d8c0::/47
Signature Algorithm: sha256WithRSAEncryption
0c:f0:c9:59:78:30:bd:60:55:f3:6c:66:fb:8d:57:80:74:69:
fc:00:51:2d:40:bc:23:23:23:94:fe:e1:98:24:7b:43:62:be:
94:1f:f9:26:53:59:a2:9a:74:00:ec:7b:75:47:3d:79:25:e2:
14:19:8f:1a:5d:5f:d9:a9:58:ac:68:f2:d5:5b:43:e7:89:fd:
c9:89:f7:b3:f3:ed:e9:30:e1:12:50:96:57:1d:9a:03:19:0c:
ed:3d:b5:30:27:29:69:a6:cf:fd:9b:d4:af:a1:02:0a:af:ec:
cc:1d:73:65:f0:ce:32:30:f0:65:ff:3d:bf:25:8b:ce:68:ca:
09:89:c5:d4:f8:65:4a:27:1b:02:f0:0d:78:26:b1:90:a7:3f:
a1:a7:97:b3:fa:e2:5f:ec:2e:05:c2:32:19:9c:06:d0:92:03:
ce:4e:fd:63:4e:da:bf:d5:f4:25:47:8c:60:52:f9:3f:05:3a:
47:34:dd:89:62:a9:68:33:a9:aa:55:33:55:60:ae:b6:8e:7f:
61:35:f0:2e:e4:67:9b:a6:e7:a2:95:05:b0:d6:39:fe:05:ee:
8c:c8:91:5e:af:0e:ac:a7:90:db:9f:66:f5:8d:3c:fe:f4:3f:
4f:16:4c:34:4c:f4:3f:22:63:ad:81:ec:11:9c:cb:2b:66:81:
c7:92:f2:38
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAZQma5FvZ+QPmsERA251pwp6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZDA4YTFlMWNiYzkwOTI1NGU5ZTZiOWM5MzlmZDg1YTI2
OGIxZTEwHhcNMjUwMTAyMDk0OTMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWUwMjlmMjM0MWUyZjllZGNjNWNiZmVhOGNjZTIzZjk0ZDRjMmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwnL59d7LbIA2OJKTLISeTShPxuI3
p53v385GiDFMErZkkTA9fNamArpG62oF9qQ8uR1oUS6jSS0SGOHM6KmcQupzJ8Dv
ubx6L/scAPISIz8k6HypdyrQHDtegF+hqdxY7pR2QSSxeEFRNeDUihJMjm4tHb3z
ku6gqUPAl+5ic1HMJTrV9hNP1rq59AnmsmHVdC+qUu/H+XEd68z39I08MygBm+TB
JPZGOCMOFJ8cvuqze2NDVqGFDtEEKwqNEdV0pRXlrv1TqLN5TWzuK1yzU04vvG/1
d4qGXqZxcr6jAwalkFY00t00uJxBPuff3+ZELqV4ZilkrP0cFnwHmK/fnwIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFJ7gKfI0Hi+e3MXL/qjM4j+U1MLWMB8GA1UdIwQY
MBaAFPTQih4cvJCSVOnmuck5/YWiaLHhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU5DS0hoeThrSkpVNmVhNXlUbjloYUpvc2VFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NDlmZGMtMGQzYS00MWVjLWExY2Ut
ZGNlOTQ3ZTI5NGI2LzEvbnVBcDhqUWVMNTdjeGN2LXFNemlQNVRVd3RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NDlmZGMtMGQzYS00MWVjLWExY2UtZGNlOTQ3ZTI5NGI2
LzEvOU5DS0hoeThrSkpVNmVhNXlUbjloYUpvc2VFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDAqBAIAATAkAwQCLV8QAwQC
LZskAwQCuV3cAwQB1Wz2AwQC1YvMAwQC2cOYMCoEAgACMCQDBwAqDZ7AAAADBwAq
DZ7BAAADBwAqDZ7CAAADBwEqDdjAAAAwDQYJKoZIhvcNAQELBQADggEBAAzwyVl4
ML1gVfNsZvuNV4B0afwAUS1AvCMjI5T+4Zgke0NivpQf+SZTWaKadADse3VHPXkl
4hQZjxpdX9mpWKxo8tVbQ+eJ/cmJ97Pz7ekw4RJQllcdmgMZDO09tTAnKWmmz/2b
1K+hAgqv7Mwdc2XwzjIw8GX/Pb8li85oygmJxdT4ZUonGwLwDXgmsZCnP6Gnl7P6
4l/sLgXCMhmcBtCSA85O/WNO2r/V9CVHjGBS+T8FOkc03YliqWgzqapVM1VgrraO
f2E18C7kZ5um56KVBbDWOf4F7ozIkV6vDqynkNufZvWNPP70P08WTDRM9D8iY62B
7BGcyytmgceS8jg=
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:29:56 2025 by rpki-client