Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/e9f29c-9231-450d-adb0-6de05a316239/1/nrEMql0zV0P3dpHmZH6RSxKuJFg.roa
File: nrEMql0zV0P3dpHmZH6RSxKuJFg.roa (raw, json)
Hash identifier: 1gVFTzoG8NuAbMx8im63wNse5kBK1gIOddqrPu/oX6A=
Subject key identifier: 9E:B1:0C:AA:5D:33:57:43:F7:76:91:E6:64:7E:91:4B:12:AE:24:58
Certificate issuer: /CN=217b491dccb5632216d80b48f8d6286b1effd8d7
Certificate serial: 0194266C1C419F95547DCD548ACFCBC22081
Authority key identifier: 21:7B:49:1D:CC:B5:63:22:16:D8:0B:48:F8:D6:28:6B:1E:FF:D8:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IXtJHcy1YyIW2AtI-NYoax7_2Nc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/e9f29c-9231-450d-adb0-6de05a316239/1/nrEMql0zV0P3dpHmZH6RSxKuJFg.roa
Signing time: Thu 02 Jan 2025 09:50:06 +0000
ROA not before: Thu 02 Jan 2025 09:50:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19905
IP address blocks: 185.240.18.0/24 maxlen: 24
185.240.19.0/24 maxlen: 24
185.244.178.0/24 maxlen: 24
185.244.179.0/24 maxlen: 24
204.154.200.0/24 maxlen: 24
204.154.201.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/e9f29c-9231-450d-adb0-6de05a316239/1/IXtJHcy1YyIW2AtI-NYoax7_2Nc.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/e9f29c-9231-450d-adb0-6de05a316239/1/IXtJHcy1YyIW2AtI-NYoax7_2Nc.mft
rsync://rpki.ripe.net/repository/DEFAULT/IXtJHcy1YyIW2AtI-NYoax7_2Nc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 08:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:1c:41:9f:95:54:7d:cd:54:8a:cf:cb:c2:20:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=217b491dccb5632216d80b48f8d6286b1effd8d7
Validity
Not Before: Jan 2 09:50:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9eb10caa5d335743f77691e6647e914b12ae2458
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:1f:df:18:85:1e:86:26:14:7f:3e:e8:b5:78:
39:bb:0f:12:a7:17:64:b9:6f:62:63:f6:80:fa:5d:
b3:83:95:1e:89:7c:54:67:f7:46:9d:3f:68:9e:84:
7c:7e:a7:76:ca:c4:74:2b:47:85:ba:b5:5c:f9:b3:
5d:61:d6:3f:34:00:d9:ad:fc:dd:a6:03:ac:71:40:
de:45:f2:d1:f7:72:73:27:49:37:ba:65:61:dd:31:
45:95:c1:47:3b:ab:a0:30:c2:d7:70:e8:7b:04:3e:
25:4e:e8:43:25:38:83:6c:93:59:ac:3d:11:bf:fc:
19:ee:a7:da:09:8b:ea:32:e6:5c:21:e8:35:67:85:
e8:d4:59:0f:bd:e7:9b:d8:1e:9d:8f:49:5f:e9:c6:
15:33:ea:50:90:56:aa:bb:9e:a7:6d:b2:f4:60:05:
86:58:a0:04:f3:b3:19:48:5b:08:05:5a:b2:1e:51:
33:22:db:21:72:d4:b3:13:8d:73:40:b5:7d:c6:71:
ce:9a:65:e1:56:e0:dc:90:f5:0f:38:e2:3f:cf:44:
b5:34:d7:8c:5a:55:92:19:e5:9e:87:b0:4a:d9:8d:
b1:74:98:23:2b:09:c9:25:0f:b8:c2:90:fa:dd:bc:
c2:77:c9:9a:19:08:f4:ba:94:3a:ce:f7:bf:f4:4c:
d8:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:B1:0C:AA:5D:33:57:43:F7:76:91:E6:64:7E:91:4B:12:AE:24:58
X509v3 Authority Key Identifier:
keyid:21:7B:49:1D:CC:B5:63:22:16:D8:0B:48:F8:D6:28:6B:1E:FF:D8:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IXtJHcy1YyIW2AtI-NYoax7_2Nc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/e9f29c-9231-450d-adb0-6de05a316239/1/nrEMql0zV0P3dpHmZH6RSxKuJFg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/e9f29c-9231-450d-adb0-6de05a316239/1/IXtJHcy1YyIW2AtI-NYoax7_2Nc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.240.18.0/23
185.244.178.0/23
204.154.200.0/23
Signature Algorithm: sha256WithRSAEncryption
41:8a:c6:29:24:98:70:75:d6:65:bc:7b:4b:21:5a:20:c7:75:
92:fd:18:ef:e2:b3:dd:2f:85:06:fd:e7:97:28:6d:ba:8c:62:
e1:7a:9d:12:bb:13:a9:27:4d:a5:b3:24:1c:3c:f1:53:d0:b2:
da:44:36:00:d7:b9:f8:a3:c4:cb:2b:6e:f9:1c:38:f4:ab:a5:
74:7a:d2:2e:dd:43:70:7a:3d:7e:40:29:29:d6:02:68:4b:bf:
38:77:15:bf:cc:61:81:25:fb:aa:47:35:d4:03:87:f2:d4:8e:
29:b4:88:45:b9:49:c7:83:8a:c6:c2:78:3b:fb:91:5e:15:9b:
e9:e3:f6:d4:59:71:9d:f3:cf:8f:ae:06:33:91:ca:8e:0e:e5:
57:20:e6:3a:3a:f8:3a:c8:e5:f2:4e:84:f3:9d:4c:6a:be:e8:
f1:46:db:0b:b3:a3:ee:b0:0f:2d:d7:d0:95:42:c3:7e:cf:0a:
0b:5f:83:8d:19:dc:fe:85:6a:19:c9:fb:60:d6:13:1c:fb:42:
cd:24:79:d3:d9:be:50:01:15:ab:1b:d0:7a:51:6e:a9:8a:81:
cd:9d:d0:84:db:94:8f:41:85:8d:09:bd:ba:3c:e6:6d:5f:fa:
48:72:d9:33:cd:62:46:d7:d3:c1:f4:48:ef:5b:88:71:ae:f7:
00:28:db:a4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQmbBxBn5VUfc1Uis/LwiCBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxN2I0OTFkY2NiNTYzMjIxNmQ4MGI0OGY4ZDYyODZiMWVm
ZmQ4ZDcwHhcNMjUwMTAyMDk1MDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWIxMGNhYTVkMzM1NzQzZjc3NjkxZTY2NDdlOTE0YjEyYWUyNDU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkh/fGIUehiYUfz7otXg5uw8Spxdk
uW9iY/aA+l2zg5UeiXxUZ/dGnT9onoR8fqd2ysR0K0eFurVc+bNdYdY/NADZrfzd
pgOscUDeRfLR93JzJ0k3umVh3TFFlcFHO6ugMMLXcOh7BD4lTuhDJTiDbJNZrD0R
v/wZ7qfaCYvqMuZcIeg1Z4Xo1FkPveeb2B6dj0lf6cYVM+pQkFaqu56nbbL0YAWG
WKAE87MZSFsIBVqyHlEzItshctSzE41zQLV9xnHOmmXhVuDckPUPOOI/z0S1NNeM
WlWSGeWeh7BK2Y2xdJgjKwnJJQ+4wpD63bzCd8maGQj0upQ6zve/9EzYkwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJ6xDKpdM1dD93aR5mR+kUsSriRYMB8GA1UdIwQY
MBaAFCF7SR3MtWMiFtgLSPjWKGse/9jXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVh0SkhjeTFZeUlXMkF0SS1OWW9heDdfMk5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9lOWYyOWMtOTIzMS00NTBkLWFkYjAt
NmRlMDVhMzE2MjM5LzEvbnJFTXFsMHpWMFAzZHBIbVpINlJTeEt1SkZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9lOWYyOWMtOTIzMS00NTBkLWFkYjAtNmRlMDVhMzE2MjM5
LzEvSVh0SkhjeTFZeUlXMkF0SS1OWW9heDdfMk5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBufASAwQB
ufSyAwQBzJrIMA0GCSqGSIb3DQEBCwUAA4IBAQBBisYpJJhwddZlvHtLIVogx3WS
/Rjv4rPdL4UG/eeXKG26jGLhep0SuxOpJ02lsyQcPPFT0LLaRDYA17n4o8TLK275
HDj0q6V0etIu3UNwej1+QCkp1gJoS784dxW/zGGBJfuqRzXUA4fy1I4ptIhFuUnH
g4rGwng7+5FeFZvp4/bUWXGd88+PrgYzkcqODuVXIOY6Ovg6yOXyToTznUxqvujx
RtsLs6PusA8t19CVQsN+zwoLX4ONGdz+hWoZyftg1hMc+0LNJHnT2b5QARWrG9B6
UW6pioHNndCE25SPQYWNCb26POZtX/pIctkzzWJG19PB9EjvW4hxrvcAKNuk
-----END CERTIFICATE-----
Generated at Sat Apr 12 15:55:38 2025 by rpki-client