Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/NMYTYXjVSSW_zjS5UcL1_MJYMhw.roa
File: NMYTYXjVSSW_zjS5UcL1_MJYMhw.roa (raw, json)
Hash identifier: sb8TB9OQXYjgHET+s0jEt1SW4MRtm0F3nj4wUyz73j8=
Subject key identifier: 34:C6:13:61:78:D5:49:25:BF:CE:34:B9:51:C2:F5:FC:C2:58:32:1C
Certificate issuer: /CN=1c390bff65dcedca813d7a10d7ec328c2f6eac34
Certificate serial: 019420686A05B83B5EDB1AED2E6BB8DB4D16
Authority key identifier: 1C:39:0B:FF:65:DC:ED:CA:81:3D:7A:10:D7:EC:32:8C:2F:6E:AC:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/NMYTYXjVSSW_zjS5UcL1_MJYMhw.roa
Signing time: Wed 01 Jan 2025 05:48:21 +0000
ROA not before: Wed 01 Jan 2025 05:48:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30971
IP address blocks: 83.136.32.0/21 maxlen: 24
185.102.15.0/24 maxlen: 24
193.46.104.0/21 maxlen: 24
193.46.112.0/20 maxlen: 24
2a02:850::/44 maxlen: 44
2a02:850:10::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:6a:05:b8:3b:5e:db:1a:ed:2e:6b:b8:db:4d:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c390bff65dcedca813d7a10d7ec328c2f6eac34
Validity
Not Before: Jan 1 05:48:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=34c6136178d54925bfce34b951c2f5fcc258321c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:a5:e6:9e:4c:a5:9a:2d:14:fc:f3:50:e2:97:
21:46:aa:6b:1d:1c:9f:b1:85:2a:02:23:ef:04:f8:
4e:49:d1:f8:e2:ec:bf:b0:81:07:54:8e:de:74:0f:
04:34:06:bb:90:c8:fd:20:11:60:c3:85:ca:92:32:
f3:0d:bc:7c:c9:87:d7:c3:75:6f:9c:9e:19:47:9d:
7c:08:2c:32:5f:a8:eb:59:f4:48:60:24:44:58:a9:
11:d0:1e:cd:2e:78:72:93:70:85:3c:0d:e1:25:13:
de:3a:d3:ca:4d:be:1e:9e:07:2e:17:ab:9c:0e:8a:
4f:34:65:58:5a:78:0b:b8:2c:81:3c:a1:ce:b5:c8:
82:42:c9:8d:b7:8e:6b:47:ac:1a:86:e9:c1:c0:86:
25:a6:95:9e:9a:0c:e0:77:89:86:c6:b4:6e:39:65:
f2:9a:37:83:eb:e3:12:1e:dc:f7:7f:87:8f:aa:cc:
65:4c:ac:f2:60:d6:1c:de:60:45:f0:67:02:b0:d2:
0e:8c:dc:78:38:64:af:81:5a:2d:24:53:8b:68:cd:
4c:fa:59:f1:75:68:76:08:22:73:9e:a2:13:12:7b:
fa:67:2b:65:10:ed:88:6a:c3:ea:1d:7f:cd:92:8f:
37:0e:55:2e:40:3f:11:77:9b:d9:f1:32:77:70:3b:
7d:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:C6:13:61:78:D5:49:25:BF:CE:34:B9:51:C2:F5:FC:C2:58:32:1C
X509v3 Authority Key Identifier:
keyid:1C:39:0B:FF:65:DC:ED:CA:81:3D:7A:10:D7:EC:32:8C:2F:6E:AC:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/NMYTYXjVSSW_zjS5UcL1_MJYMhw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.136.32.0/21
185.102.15.0/24
193.46.104.0-193.46.127.255
IPv6:
2a02:850::/43
Signature Algorithm: sha256WithRSAEncryption
2a:1e:2e:48:4d:40:91:3d:a8:0f:f3:7e:30:ce:8e:6c:bf:8a:
a1:ea:a9:a5:c2:f0:e8:94:d0:36:3c:ac:90:d2:78:9b:cb:f5:
75:0d:27:f6:e7:12:3c:44:e9:3f:7a:59:e5:55:b3:08:f8:b6:
b8:94:f4:20:28:1c:07:de:08:aa:bf:48:36:8c:99:dc:57:f7:
5d:a7:8e:dc:80:08:76:9a:6e:49:f9:62:de:13:fe:5d:07:64:
48:85:f6:bf:ad:36:7f:58:f1:36:b5:2a:27:ba:07:a0:4f:b3:
e5:17:92:85:94:95:03:c5:ca:82:fe:97:b7:d8:28:de:77:0d:
2f:6d:8d:ee:48:0d:aa:89:ce:9c:8f:15:13:b2:93:d1:4a:2b:
1a:91:14:fd:2f:31:46:12:f1:89:99:43:2a:28:48:b4:53:92:
dc:f7:de:a5:ce:87:d8:14:8c:54:2f:c5:df:0f:46:3d:38:82:
73:e6:e7:59:f1:0b:a9:44:0b:b7:79:05:cc:07:fb:db:45:7c:
91:94:5c:4d:f9:32:03:84:b0:5a:1b:ba:de:30:62:81:bd:a1:
56:63:f7:d5:a6:5e:3b:58:27:1c:23:cc:1c:d8:21:70:a0:a0:
ff:4d:bd:83:90:d9:73:6f:9c:46:43:62:7b:95:70:4e:95:21:
7c:31:c9:34
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAZQgaGoFuDte2xrtLmu4200WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMzkwYmZmNjVkY2VkY2E4MTNkN2ExMGQ3ZWMzMjhjMmY2
ZWFjMzQwHhcNMjUwMTAxMDU0ODIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGM2MTM2MTc4ZDU0OTI1YmZjZTM0Yjk1MWMyZjVmY2MyNTgzMjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsKXmnkylmi0U/PNQ4pchRqprHRyf
sYUqAiPvBPhOSdH44uy/sIEHVI7edA8ENAa7kMj9IBFgw4XKkjLzDbx8yYfXw3Vv
nJ4ZR518CCwyX6jrWfRIYCREWKkR0B7NLnhyk3CFPA3hJRPeOtPKTb4engcuF6uc
DopPNGVYWngLuCyBPKHOtciCQsmNt45rR6wahunBwIYlppWemgzgd4mGxrRuOWXy
mjeD6+MSHtz3f4ePqsxlTKzyYNYc3mBF8GcCsNIOjNx4OGSvgVotJFOLaM1M+lnx
dWh2CCJznqITEnv6ZytlEO2IasPqHX/Nko83DlUuQD8Rd5vZ8TJ3cDt9AQIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFDTGE2F41Uklv840uVHC9fzCWDIcMB8GA1UdIwQY
MBaAFBw5C/9l3O3KgT16ENfsMowvbqw0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSERrTF8yWGM3Y3FCUFhvUTEtd3lqQzl1ckRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8zNDgxMDQtOGE0MS00OTQ5LTg1NTIt
YTk3NjVlZGM3OTVjLzEvTk1ZVFlYalZTU1dfempTNVVjTDFfTUpZTWh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8zNDgxMDQtOGE0MS00OTQ5LTg1NTItYTk3NjVlZGM3OTVj
LzEvSERrTF8yWGM3Y3FCUFhvUTEtd3lqQzl1ckRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAgBAIAATAaAwQDU4ggAwQA
uWYPMAwDBAPBLmgDBAfBLgAwDwQCAAIwCQMHBSoCCFAAADANBgkqhkiG9w0BAQsF
AAOCAQEAKh4uSE1AkT2oD/N+MM6ObL+KoeqppcLw6JTQNjyskNJ4m8v1dQ0n9ucS
PETpP3pZ5VWzCPi2uJT0ICgcB94Iqr9INoyZ3Ff3XaeO3IAIdppuSfli3hP+XQdk
SIX2v602f1jxNrUqJ7oHoE+z5ReShZSVA8XKgv6Xt9go3ncNL22N7kgNqonOnI8V
E7KT0UorGpEU/S8xRhLxiZlDKihItFOS3Pfepc6H2BSMVC/F3w9GPTiCc+bnWfEL
qUQLt3kFzAf720V8kZRcTfkyA4SwWhu63jBigb2hVmP31aZeO1gnHCPMHNghcKCg
/029g5DZc2+cRkNie5VwTpUhfDHJNA==
-----END CERTIFICATE-----
Generated at Fri Apr 18 15:01:23 2025 by rpki-client