Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/c3a85d-9d0b-4562-9238-46ee0cd7fcba/1/NT96ZXytZXeLYG8nYXbccb_AzMM.roa
File: NT96ZXytZXeLYG8nYXbccb_AzMM.roa (raw, json)
Hash identifier: jF7i9U0X2AT56VYqylel02ci97XBnH5+7EoAI42ntOM=
Subject key identifier: 35:3F:7A:65:7C:AD:65:77:8B:60:6F:27:61:76:DC:71:BF:C0:CC:C3
Certificate issuer: /CN=4eca105ce4af6c21cd429e992d06ea7d06d8a56d
Certificate serial: 01943BD0FB08D297C27B1CD115A8EC061FC5
Authority key identifier: 4E:CA:10:5C:E4:AF:6C:21:CD:42:9E:99:2D:06:EA:7D:06:D8:A5:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TsoQXOSvbCHNQp6ZLQbqfQbYpW0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/c3a85d-9d0b-4562-9238-46ee0cd7fcba/1/NT96ZXytZXeLYG8nYXbccb_AzMM.roa
Signing time: Mon 06 Jan 2025 13:32:18 +0000
ROA not before: Mon 06 Jan 2025 13:32:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50181
IP address blocks: 77.74.204.0/22 maxlen: 22
81.94.240.0/20 maxlen: 20
88.132.224.0/20 maxlen: 20
88.132.240.0/22 maxlen: 22
109.110.128.0/19 maxlen: 19
185.45.196.0/22 maxlen: 22
185.119.180.0/22 maxlen: 22
2a01:7d60::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/c3a85d-9d0b-4562-9238-46ee0cd7fcba/1/TsoQXOSvbCHNQp6ZLQbqfQbYpW0.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/c3a85d-9d0b-4562-9238-46ee0cd7fcba/1/TsoQXOSvbCHNQp6ZLQbqfQbYpW0.mft
rsync://rpki.ripe.net/repository/DEFAULT/TsoQXOSvbCHNQp6ZLQbqfQbYpW0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 19:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:3b:d0:fb:08:d2:97:c2:7b:1c:d1:15:a8:ec:06:1f:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4eca105ce4af6c21cd429e992d06ea7d06d8a56d
Validity
Not Before: Jan 6 13:32:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=353f7a657cad65778b606f276176dc71bfc0ccc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:4d:49:99:da:72:73:c6:8e:14:de:4c:17:06:
c6:f8:20:ae:8a:b6:f0:71:be:33:74:e9:46:c3:65:
36:bc:cd:1b:8b:9e:e3:35:ac:2c:ee:ee:ab:a4:c6:
61:83:a5:bc:1e:01:38:6e:05:22:c6:c0:c8:b4:79:
c4:55:08:0c:91:7d:29:87:99:bd:ed:cc:cb:3b:54:
5d:94:27:e4:43:28:bc:73:dc:de:bf:da:2f:ab:01:
14:57:42:88:29:0b:2d:b7:9c:f0:20:de:17:d1:d3:
4d:c6:10:6f:92:d9:98:97:da:7b:05:77:16:db:e9:
67:92:4d:29:06:30:29:81:c3:95:f4:98:c7:b7:3e:
fb:6f:45:57:5b:6f:f8:24:bf:cd:2f:ca:f6:67:31:
71:29:21:d9:f8:f4:1e:5a:f0:8d:32:1b:6c:2e:2e:
7d:d5:5a:d7:2e:98:a4:6d:a1:d9:1d:b3:27:61:1e:
16:73:a5:00:46:94:25:db:54:c2:f8:7c:1b:c0:11:
8c:19:89:78:f1:a7:2c:96:c5:a6:c1:fa:8c:88:b4:
99:ee:03:4c:f1:0a:8b:c3:34:ee:34:bc:85:c5:cc:
6c:86:75:bb:ff:63:50:1c:65:6d:37:d8:ab:ff:2f:
6f:02:5d:95:ea:0f:b5:90:af:65:1c:db:af:79:e7:
c1:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:3F:7A:65:7C:AD:65:77:8B:60:6F:27:61:76:DC:71:BF:C0:CC:C3
X509v3 Authority Key Identifier:
keyid:4E:CA:10:5C:E4:AF:6C:21:CD:42:9E:99:2D:06:EA:7D:06:D8:A5:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TsoQXOSvbCHNQp6ZLQbqfQbYpW0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/c3a85d-9d0b-4562-9238-46ee0cd7fcba/1/NT96ZXytZXeLYG8nYXbccb_AzMM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/c3a85d-9d0b-4562-9238-46ee0cd7fcba/1/TsoQXOSvbCHNQp6ZLQbqfQbYpW0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.74.204.0/22
81.94.240.0/20
88.132.224.0-88.132.243.255
109.110.128.0/19
185.45.196.0/22
185.119.180.0/22
IPv6:
2a01:7d60::/32
Signature Algorithm: sha256WithRSAEncryption
b7:9a:d2:73:3e:8e:0e:39:cb:5b:78:7c:54:87:7d:50:e9:04:
71:18:e5:54:87:7d:62:24:ad:3d:06:c0:51:55:b3:eb:d7:41:
1e:be:c4:58:f6:2e:21:46:ff:00:c1:e9:68:e0:89:30:9c:c2:
7b:bf:02:ec:d1:c0:ce:c7:90:99:21:f2:96:c3:da:5c:01:0e:
d8:82:a5:24:4a:c7:b4:6f:57:60:76:00:29:df:4d:9b:60:e6:
0e:ba:be:16:a2:e2:9b:1a:f0:d0:0d:f0:94:3c:9c:75:eb:a7:
8d:15:ad:38:73:56:e0:d5:4d:34:a1:1a:3a:35:78:33:83:0a:
0f:a3:ba:fb:0c:db:2c:8e:ef:6f:02:51:09:20:26:25:1b:75:
cc:4f:09:2c:a5:93:65:0f:83:e0:6a:76:d9:9e:06:77:1c:42:
2f:84:e5:86:62:20:d2:44:6f:10:7c:78:e2:8e:a2:67:8e:ab:
50:63:2e:f9:58:96:9c:09:91:04:64:c6:02:29:08:0f:66:db:
60:2f:20:8b:a7:39:2c:44:88:f7:59:7c:33:9a:97:ae:d3:df:
cc:6a:40:0e:f2:28:28:42:21:df:1a:45:79:08:df:b8:e8:fb:
04:17:67:24:c1:20:42:57:3c:0c:81:03:1e:84:4a:f1:7f:bc:
7f:e9:96:1b
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAZQ70PsI0pfCexzRFajsBh/FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlY2ExMDVjZTRhZjZjMjFjZDQyOWU5OTJkMDZlYTdkMDZk
OGE1NmQwHhcNMjUwMTA2MTMzMjE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTNmN2E2NTdjYWQ2NTc3OGI2MDZmMjc2MTc2ZGM3MWJmYzBjY2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu01Jmdpyc8aOFN5MFwbG+CCuirbw
cb4zdOlGw2U2vM0bi57jNaws7u6rpMZhg6W8HgE4bgUixsDItHnEVQgMkX0ph5m9
7czLO1RdlCfkQyi8c9zev9ovqwEUV0KIKQstt5zwIN4X0dNNxhBvktmYl9p7BXcW
2+lnkk0pBjApgcOV9JjHtz77b0VXW2/4JL/NL8r2ZzFxKSHZ+PQeWvCNMhtsLi59
1VrXLpikbaHZHbMnYR4Wc6UARpQl21TC+HwbwBGMGYl48acslsWmwfqMiLSZ7gNM
8QqLwzTuNLyFxcxshnW7/2NQHGVtN9ir/y9vAl2V6g+1kK9lHNuveefBsQIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFDU/emV8rWV3i2BvJ2F23HG/wMzDMB8GA1UdIwQY
MBaAFE7KEFzkr2whzUKemS0G6n0G2KVtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHNvUVhPU3ZiQ0hOUXA2WkxRYnFmUWJZcFcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9jM2E4NWQtOWQwYi00NTYyLTkyMzgt
NDZlZTBjZDdmY2JhLzEvTlQ5NlpYeXRaWGVMWUc4bllYYmNjYl9Bek1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9jM2E4NWQtOWQwYi00NTYyLTkyMzgtNDZlZTBjZDdmY2Jh
LzEvVHNvUVhPU3ZiQ0hOUXA2WkxRYnFmUWJZcFcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAyBAIAATAsAwQCTUrMAwQE
UV7wMAwDBAVYhOADBAJYhPADBAVtboADBAK5LcQDBAK5d7QwDQQCAAIwBwMFACoB
fWAwDQYJKoZIhvcNAQELBQADggEBALea0nM+jg45y1t4fFSHfVDpBHEY5VSHfWIk
rT0GwFFVs+vXQR6+xFj2LiFG/wDB6WjgiTCcwnu/AuzRwM7HkJkh8pbD2lwBDtiC
pSRKx7RvV2B2ACnfTZtg5g66vhai4psa8NAN8JQ8nHXrp40VrThzVuDVTTShGjo1
eDODCg+juvsM2yyO728CUQkgJiUbdcxPCSylk2UPg+BqdtmeBnccQi+E5YZiINJE
bxB8eOKOomeOq1BjLvlYlpwJkQRkxgIpCA9m22AvIIunOSxEiPdZfDOal67T38xq
QA7yKChCId8aRXkI37jo+wQXZyTBIEJXPAyBAx6ESvF/vH/plhs=
-----END CERTIFICATE-----
Generated at Mon Apr 7 04:41:34 2025 by rpki-client