Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/eadad3-ced9-41fa-8e5f-5fbf33acd83e/1/nc-Ut0N4YEzlSxLCriwNW3L5bJY.roa
File: nc-Ut0N4YEzlSxLCriwNW3L5bJY.roa (raw, json)
Hash identifier: CpEDv7qT3u78wfAAABUYzMXZLOCk+u5BsQilcshLjO0=
Subject key identifier: 9D:CF:94:B7:43:78:60:4C:E5:4B:12:C2:AE:2C:0D:5B:72:F9:6C:96
Certificate issuer: /CN=c8184a4505b0576058fd333059bff153ae6ead5b
Certificate serial: 0194221F7A935D577E6C9E91C0801DCD3BB8
Authority key identifier: C8:18:4A:45:05:B0:57:60:58:FD:33:30:59:BF:F1:53:AE:6E:AD:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yBhKRQWwV2BY_TMwWb_xU65urVs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/eadad3-ced9-41fa-8e5f-5fbf33acd83e/1/nc-Ut0N4YEzlSxLCriwNW3L5bJY.roa
Signing time: Wed 01 Jan 2025 13:47:55 +0000
ROA not before: Wed 01 Jan 2025 13:47:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62313
IP address blocks: 213.32.224.0/24 maxlen: 24
213.32.228.0/24 maxlen: 24
213.32.230.0/24 maxlen: 24
213.32.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/eadad3-ced9-41fa-8e5f-5fbf33acd83e/1/yBhKRQWwV2BY_TMwWb_xU65urVs.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/eadad3-ced9-41fa-8e5f-5fbf33acd83e/1/yBhKRQWwV2BY_TMwWb_xU65urVs.mft
rsync://rpki.ripe.net/repository/DEFAULT/yBhKRQWwV2BY_TMwWb_xU65urVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 15 Apr 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:7a:93:5d:57:7e:6c:9e:91:c0:80:1d:cd:3b:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8184a4505b0576058fd333059bff153ae6ead5b
Validity
Not Before: Jan 1 13:47:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9dcf94b74378604ce54b12c2ae2c0d5b72f96c96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:d3:d6:2a:68:a1:92:fe:c2:f2:26:a3:7d:83:
2f:b3:f7:89:e5:73:0f:d9:fa:16:eb:aa:68:ad:1c:
d2:88:fe:22:ea:39:bf:4f:cf:dc:4b:81:b5:5f:fb:
6d:0e:52:51:1b:d5:a4:83:66:a0:95:44:13:b6:83:
a7:4c:42:80:74:67:b9:73:2c:18:14:ec:4c:f5:df:
92:6c:c5:c0:b1:aa:7c:61:0d:9b:93:e2:e8:d9:36:
d6:c1:d4:87:24:d5:69:71:c0:bb:b6:dc:84:b4:28:
9e:79:d7:70:20:b2:b4:66:eb:12:2b:1e:64:df:44:
2e:fc:70:d1:8d:da:f0:0d:09:d2:71:2c:54:95:53:
79:bb:86:d5:c9:f1:63:1b:9b:89:5d:72:af:c1:b8:
02:0a:d8:36:72:f4:cb:1c:8f:c9:0b:ef:82:9e:3d:
47:c6:ad:80:89:39:52:60:f0:68:34:1d:79:57:94:
38:fc:53:8a:bc:4d:a9:9b:74:1f:fb:05:b9:8a:84:
00:97:21:09:f6:cf:dc:54:01:f9:4f:56:14:43:fa:
7a:c1:8e:05:d5:9a:fa:66:a8:69:3b:fe:9f:59:dd:
fd:00:2f:fe:82:ed:8d:32:f6:c1:62:4f:b3:fa:3b:
49:2f:2c:20:9b:08:0d:bd:26:e7:c8:96:ad:18:0d:
ab:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:CF:94:B7:43:78:60:4C:E5:4B:12:C2:AE:2C:0D:5B:72:F9:6C:96
X509v3 Authority Key Identifier:
keyid:C8:18:4A:45:05:B0:57:60:58:FD:33:30:59:BF:F1:53:AE:6E:AD:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yBhKRQWwV2BY_TMwWb_xU65urVs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/eadad3-ced9-41fa-8e5f-5fbf33acd83e/1/nc-Ut0N4YEzlSxLCriwNW3L5bJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/eadad3-ced9-41fa-8e5f-5fbf33acd83e/1/yBhKRQWwV2BY_TMwWb_xU65urVs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.32.224.0/24
213.32.228.0/24
213.32.230.0/23
Signature Algorithm: sha256WithRSAEncryption
06:9c:e2:83:a9:0d:73:40:d3:68:4b:bf:51:05:cd:d7:4c:cd:
cc:29:8a:16:27:19:de:a1:33:60:7e:06:d7:bf:77:74:65:ac:
28:7d:f7:04:2c:2c:92:72:52:74:d3:ca:83:3c:18:b0:5a:16:
18:0d:c0:84:e7:e6:11:5e:f6:a6:74:71:47:9a:8f:57:e2:b3:
ec:95:bd:95:56:a2:66:6b:9e:a6:83:73:2b:50:12:e1:0d:d4:
a1:c5:41:9a:9e:cb:a4:ef:a9:be:78:e5:4e:ff:ea:33:24:69:
c5:b8:f1:dd:bc:a8:d5:94:63:e8:93:2a:bd:35:3d:52:c5:d8:
45:86:23:0e:0c:29:35:b9:0a:cb:f9:36:ae:85:df:9b:74:4e:
09:09:3c:d0:c3:99:cc:39:f4:9f:fc:fe:e6:a4:21:77:8d:14:
6c:cf:5d:f1:96:a5:f6:24:9a:f2:4e:6a:61:94:12:12:a9:12:
ae:57:2f:11:9a:42:97:49:14:03:19:d6:11:67:7e:3f:8a:f7:
78:e9:55:28:5a:7c:7d:ad:59:7b:e5:ab:cc:0e:d1:7a:c8:d5:
bd:51:18:2f:95:51:f0:52:e6:e0:e2:cc:33:c4:f8:1b:1f:4e:
ff:25:c9:64:fc:90:9f:b3:0e:ae:10:29:a1:2f:ca:f1:27:d9:
b1:76:0a:75
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQiH3qTXVd+bJ6RwIAdzTu4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4MTg0YTQ1MDViMDU3NjA1OGZkMzMzMDU5YmZmMTUzYWU2
ZWFkNWIwHhcNMjUwMTAxMTM0NzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGNmOTRiNzQzNzg2MDRjZTU0YjEyYzJhZTJjMGQ1YjcyZjk2Yzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwdPWKmihkv7C8iajfYMvs/eJ5XMP
2foW66porRzSiP4i6jm/T8/cS4G1X/ttDlJRG9Wkg2aglUQTtoOnTEKAdGe5cywY
FOxM9d+SbMXAsap8YQ2bk+Lo2TbWwdSHJNVpccC7ttyEtCieeddwILK0ZusSKx5k
30Qu/HDRjdrwDQnScSxUlVN5u4bVyfFjG5uJXXKvwbgCCtg2cvTLHI/JC++Cnj1H
xq2AiTlSYPBoNB15V5Q4/FOKvE2pm3Qf+wW5ioQAlyEJ9s/cVAH5T1YUQ/p6wY4F
1Zr6ZqhpO/6fWd39AC/+gu2NMvbBYk+z+jtJLywgmwgNvSbnyJatGA2r/QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJ3PlLdDeGBM5UsSwq4sDVty+WyWMB8GA1UdIwQY
MBaAFMgYSkUFsFdgWP0zMFm/8VOubq1bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUJoS1JRV3dWMkJZX1RNd1diX3hVNjV1clZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9lYWRhZDMtY2VkOS00MWZhLThlNWYt
NWZiZjMzYWNkODNlLzEvbmMtVXQwTjRZRXpsU3hMQ3Jpd05XM0w1YkpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9lYWRhZDMtY2VkOS00MWZhLThlNWYtNWZiZjMzYWNkODNl
LzEveUJoS1JRV3dWMkJZX1RNd1diX3hVNjV1clZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQA1SDgAwQA
1SDkAwQB1SDmMA0GCSqGSIb3DQEBCwUAA4IBAQAGnOKDqQ1zQNNoS79RBc3XTM3M
KYoWJxneoTNgfgbXv3d0ZawoffcELCySclJ008qDPBiwWhYYDcCE5+YRXvamdHFH
mo9X4rPslb2VVqJma56mg3MrUBLhDdShxUGansuk76m+eOVO/+ozJGnFuPHdvKjV
lGPokyq9NT1SxdhFhiMODCk1uQrL+Tauhd+bdE4JCTzQw5nMOfSf/P7mpCF3jRRs
z13xlqX2JJryTmphlBISqRKuVy8RmkKXSRQDGdYRZ34/ivd46VUoWnx9rVl75avM
DtF6yNW9URgvlVHwUubg4swzxPgbH07/Jclk/JCfsw6uECmhL8rxJ9mxdgp1
-----END CERTIFICATE-----
Generated at Tue Apr 15 09:50:12 2025 by rpki-client