Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nupUDi_qr4iqGhGngql4DkwDGWs.roa
File: nupUDi_qr4iqGhGngql4DkwDGWs.roa (raw, json)
Hash identifier: 6hNFnAOiuYWCMRck2GbCUNTrO5nKvIaGCFp9oGoolFc=
Subject key identifier: 9E:EA:54:0E:2F:EA:AF:88:AA:1A:11:A7:82:A9:78:0E:4C:03:19:6B
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 019422FBB87408A07CC612C1FB5AF06AA487
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nupUDi_qr4iqGhGngql4DkwDGWs.roa
Signing time: Wed 01 Jan 2025 17:48:29 +0000
ROA not before: Wed 01 Jan 2025 17:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198361
IP address blocks: 2.56.111.0/24 maxlen: 24
45.9.28.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
77.83.38.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:b8:74:08:a0:7c:c6:12:c1:fb:5a:f0:6a:a4:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jan 1 17:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9eea540e2feaaf88aa1a11a782a9780e4c03196b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:f6:b2:08:6b:ea:eb:af:e3:d4:a4:4f:ef:5e:
06:6d:61:83:20:61:5a:4d:99:78:64:ee:31:cb:2d:
ad:ad:f2:57:dd:f7:bb:4e:41:c7:dd:db:75:4c:32:
fc:71:07:4c:eb:b5:a4:06:bf:e4:b8:a3:72:43:6e:
de:d8:b2:4f:e0:4b:d4:27:43:da:42:6b:58:cd:22:
2f:05:0d:47:9e:15:89:a9:9e:27:64:fe:e8:e1:b6:
bd:a4:b1:84:41:07:61:83:62:9b:84:34:cf:7f:34:
1e:94:e3:9c:17:bb:ba:13:8c:d1:db:7f:64:11:1b:
ed:d7:a9:c9:29:26:b9:ff:ab:26:ee:99:c9:06:20:
fb:df:18:01:1c:20:cc:80:aa:b5:64:28:6b:c5:a2:
7d:44:c2:c5:da:64:42:d4:a7:c5:72:2e:40:12:66:
5b:f4:ba:92:d5:e9:88:23:14:e6:dd:70:0c:01:87:
e7:98:38:03:57:d9:a9:e5:3d:e7:01:29:61:64:98:
17:1e:99:30:45:15:1d:dc:8c:05:7c:d6:cc:a1:23:
82:aa:30:99:29:03:0f:1b:d3:ac:de:06:4a:2d:21:
8f:f6:47:05:4e:9e:11:a2:5d:e9:07:ed:46:81:ce:
59:0d:a3:28:1a:01:e3:bf:45:dd:ab:16:90:89:9c:
45:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:EA:54:0E:2F:EA:AF:88:AA:1A:11:A7:82:A9:78:0E:4C:03:19:6B
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nupUDi_qr4iqGhGngql4DkwDGWs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.111.0/24
45.9.28.0/24
45.88.138.0/24
77.83.38.0/24
Signature Algorithm: sha256WithRSAEncryption
80:89:ad:4a:b8:31:cd:71:e6:cb:0d:21:43:c5:01:53:00:35:
d2:2d:35:f4:23:86:17:fb:9d:83:4e:e1:0c:73:e0:93:48:00:
97:5d:e2:b9:c7:93:b5:36:23:c4:90:2b:32:9b:70:45:9c:0c:
3f:e3:86:1b:6e:8b:52:aa:b6:1e:16:bc:b7:b3:42:76:19:2c:
1a:b3:50:66:46:dc:75:d8:f2:00:fc:74:bf:86:07:00:f9:10:
4f:d9:4d:10:85:21:dd:a1:58:3d:c5:8d:5b:82:65:4b:26:87:
6f:40:9b:c6:91:47:22:23:ec:23:d3:4f:7d:33:17:70:12:2e:
61:09:1f:f8:0b:31:e9:75:36:12:91:94:cf:2c:58:1e:b6:ab:
0e:cd:e6:46:41:5f:4d:72:79:4c:23:27:b4:ef:89:48:ce:49:
b2:e3:71:f4:a7:38:d8:37:c6:87:a8:60:97:e2:51:06:6a:40:
ca:aa:90:71:cc:f9:dc:b6:00:53:cb:c6:88:ca:64:00:d1:bb:
32:72:2c:80:7b:11:ba:58:79:f9:21:e5:fa:e4:3c:f5:c2:7b:
53:80:01:56:ca:d5:82:96:72:f1:62:d4:c7:7e:e8:38:c2:bb:
58:6e:03:40:c7:9f:a6:7a:7a:a1:a7:bc:51:07:33:ab:20:4e:
d6:d4:02:91
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQi+7h0CKB8xhLB+1rwaqSHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjUwMTAxMTc0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWVhNTQwZTJmZWFhZjg4YWExYTExYTc4MmE5NzgwZTRjMDMxOTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0vayCGvq66/j1KRP714GbWGDIGFa
TZl4ZO4xyy2trfJX3fe7TkHH3dt1TDL8cQdM67WkBr/kuKNyQ27e2LJP4EvUJ0Pa
QmtYzSIvBQ1HnhWJqZ4nZP7o4ba9pLGEQQdhg2KbhDTPfzQelOOcF7u6E4zR239k
ERvt16nJKSa5/6sm7pnJBiD73xgBHCDMgKq1ZChrxaJ9RMLF2mRC1KfFci5AEmZb
9LqS1emIIxTm3XAMAYfnmDgDV9mp5T3nASlhZJgXHpkwRRUd3IwFfNbMoSOCqjCZ
KQMPG9Os3gZKLSGP9kcFTp4Rol3pB+1Ggc5ZDaMoGgHjv0XdqxaQiZxFlwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJ7qVA4v6q+IqhoRp4KpeA5MAxlrMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvbnVwVURpX3FyNGlxR2hHbmdxbDREa3dER1dzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAAjhvAwQA
LQkcAwQALViKAwQATVMmMA0GCSqGSIb3DQEBCwUAA4IBAQCAia1KuDHNcebLDSFD
xQFTADXSLTX0I4YX+52DTuEMc+CTSACXXeK5x5O1NiPEkCsym3BFnAw/44YbbotS
qrYeFry3s0J2GSwas1BmRtx12PIA/HS/hgcA+RBP2U0QhSHdoVg9xY1bgmVLJodv
QJvGkUciI+wj0099MxdwEi5hCR/4CzHpdTYSkZTPLFgetqsOzeZGQV9NcnlMIye0
74lIzkmy43H0pzjYN8aHqGCX4lEGakDKqpBxzPnctgBTy8aIymQA0bsyciyAexG6
WHn5IeX65Dz1wntTgAFWytWClnLxYtTHfug4wrtYbgNAx5+menqhp7xRBzOrIE7W
1AKR
-----END CERTIFICATE-----
Generated at Wed Feb 5 06:54:57 2025 by rpki-client