Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/621629-ed3d-49af-bf39-85a37cf1b2ea/1/NhJBxI5W8KC_WePH5ss0tv9aU5U.roa
File: NhJBxI5W8KC_WePH5ss0tv9aU5U.roa (raw, json)
Hash identifier: /CWlrfID9lQOxgVeBTFIGSk2eqixT2ZM3bIGkRsAuOA=
Subject key identifier: 36:12:41:C4:8E:56:F0:A0:BF:59:E3:C7:E6:CB:34:B6:FF:5A:53:95
Certificate issuer: /CN=a57b608fccf3230e445c983f9e36b50e11f72cf2
Certificate serial: 0194258F53AE80B3F0F03F990EBF7BE20776
Authority key identifier: A5:7B:60:8F:CC:F3:23:0E:44:5C:98:3F:9E:36:B5:0E:11:F7:2C:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXtgj8zzIw5EXJg_nja1DhH3LPI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/621629-ed3d-49af-bf39-85a37cf1b2ea/1/NhJBxI5W8KC_WePH5ss0tv9aU5U.roa
Signing time: Thu 02 Jan 2025 05:48:57 +0000
ROA not before: Thu 02 Jan 2025 05:48:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203144
IP address blocks: 185.28.172.0/23 maxlen: 24
185.28.174.0/23 maxlen: 24
2a00:a0a0::/48 maxlen: 48
2a00:a0a0:1::/48 maxlen: 48
2a00:a0a0:2::/48 maxlen: 48
2a00:a0a0:3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/621629-ed3d-49af-bf39-85a37cf1b2ea/1/pXtgj8zzIw5EXJg_nja1DhH3LPI.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/621629-ed3d-49af-bf39-85a37cf1b2ea/1/pXtgj8zzIw5EXJg_nja1DhH3LPI.mft
rsync://rpki.ripe.net/repository/DEFAULT/pXtgj8zzIw5EXJg_nja1DhH3LPI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:53:ae:80:b3:f0:f0:3f:99:0e:bf:7b:e2:07:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a57b608fccf3230e445c983f9e36b50e11f72cf2
Validity
Not Before: Jan 2 05:48:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=361241c48e56f0a0bf59e3c7e6cb34b6ff5a5395
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:27:c0:68:2e:2a:7e:cf:6b:87:9d:90:2e:d8:
fc:7c:97:b4:76:11:a7:53:ee:f6:70:b5:19:08:65:
b8:43:78:27:dc:56:82:c4:82:c0:2f:59:ff:8c:58:
59:ce:ad:43:53:74:a6:f8:36:73:a8:6d:d4:33:9b:
bb:0b:12:6f:e3:6a:c2:3a:f2:2d:ec:d9:4f:da:d9:
2c:11:d5:4f:05:d4:30:89:f0:a9:b9:27:e3:0f:dd:
02:d3:35:66:b8:98:99:ab:ef:72:d0:81:58:0d:4c:
88:e5:fb:1c:b3:1e:45:74:00:1a:73:d4:1b:94:7f:
77:d6:33:a8:1e:17:06:08:bd:20:bb:cd:f7:0c:fa:
6d:ab:a9:4f:8c:fc:3f:4f:33:e8:4a:69:99:78:56:
df:82:3e:e7:25:bb:79:5f:09:fd:da:ae:0e:2f:39:
26:e2:d7:ab:7b:3b:69:85:b0:48:a5:8e:48:7c:31:
34:4d:35:d2:89:e8:e8:99:6c:4e:1e:bd:4c:0b:18:
59:7c:45:70:a7:4d:e2:37:18:a9:a3:eb:2a:f1:8b:
dc:a1:a5:b1:24:a6:6e:0f:2b:5c:d1:1f:88:c5:51:
24:7d:0a:53:2c:cf:9f:cb:50:8a:c1:66:cd:94:08:
88:d1:ac:33:32:e0:fc:f5:e8:0a:b7:90:b8:c1:1f:
c6:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:12:41:C4:8E:56:F0:A0:BF:59:E3:C7:E6:CB:34:B6:FF:5A:53:95
X509v3 Authority Key Identifier:
keyid:A5:7B:60:8F:CC:F3:23:0E:44:5C:98:3F:9E:36:B5:0E:11:F7:2C:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXtgj8zzIw5EXJg_nja1DhH3LPI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/621629-ed3d-49af-bf39-85a37cf1b2ea/1/NhJBxI5W8KC_WePH5ss0tv9aU5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/621629-ed3d-49af-bf39-85a37cf1b2ea/1/pXtgj8zzIw5EXJg_nja1DhH3LPI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.28.172.0/22
IPv6:
2a00:a0a0::/46
Signature Algorithm: sha256WithRSAEncryption
6c:8f:a5:6a:8d:5c:65:de:d0:62:9a:26:43:7f:4a:fa:9a:a6:
82:68:f7:7e:4e:88:89:bc:a7:21:99:ab:07:fa:98:2c:74:34:
2e:d0:d5:03:b9:8c:a5:88:78:22:9d:13:4f:7d:81:a5:4e:74:
2a:32:93:e0:d3:24:ce:69:15:72:83:df:f1:eb:32:4c:2a:c7:
4a:13:63:d1:bc:77:bb:c2:8d:c4:f0:53:20:d3:c8:8c:c1:0d:
7d:42:92:20:97:2a:cc:93:36:b0:57:9c:96:7b:0c:19:43:5c:
a9:30:81:9c:dc:66:70:cf:08:2c:0d:ee:c7:6d:dd:bd:3c:88:
4d:c0:0f:8c:ed:1f:e1:68:d5:31:ab:ac:5b:24:60:cc:da:ac:
28:0f:1e:11:b6:7c:c3:c3:a3:f0:9d:07:5e:c4:96:02:23:23:
31:be:9c:27:95:98:2e:a1:a1:03:d6:c2:14:db:a8:73:e3:78:
22:f5:87:97:6d:3c:ad:5c:05:41:cb:78:d7:04:d8:8c:a1:02:
f9:6d:97:ff:08:98:83:2b:70:d6:3d:15:32:b0:de:c6:bb:cd:
f7:35:83:81:26:36:d0:4f:06:45:d2:72:39:ec:83:18:29:00:
c3:ff:28:85:12:d9:cd:1e:e3:74:da:e4:b2:c5:33:ed:19:92:
da:c9:91:dd
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQlj1OugLPw8D+ZDr974gd2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1N2I2MDhmY2NmMzIzMGU0NDVjOTgzZjllMzZiNTBlMTFm
NzJjZjIwHhcNMjUwMTAyMDU0ODU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjEyNDFjNDhlNTZmMGEwYmY1OWUzYzdlNmNiMzRiNmZmNWE1Mzk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoifAaC4qfs9rh52QLtj8fJe0dhGn
U+72cLUZCGW4Q3gn3FaCxILAL1n/jFhZzq1DU3Sm+DZzqG3UM5u7CxJv42rCOvIt
7NlP2tksEdVPBdQwifCpuSfjD90C0zVmuJiZq+9y0IFYDUyI5fscsx5FdAAac9Qb
lH931jOoHhcGCL0gu833DPptq6lPjPw/TzPoSmmZeFbfgj7nJbt5Xwn92q4OLzkm
4tereztphbBIpY5IfDE0TTXSiejomWxOHr1MCxhZfEVwp03iNxipo+sq8YvcoaWx
JKZuDytc0R+IxVEkfQpTLM+fy1CKwWbNlAiI0awzMuD89egKt5C4wR/G4QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDYSQcSOVvCgv1njx+bLNLb/WlOVMB8GA1UdIwQY
MBaAFKV7YI/M8yMORFyYP542tQ4R9yzyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFh0Z2o4enpJdzVFWEpnX25qYTFEaEgzTFBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC82MjE2MjktZWQzZC00OWFmLWJmMzkt
ODVhMzdjZjFiMmVhLzEvTmhKQnhJNVc4S0NfV2VQSDVzczB0djlhVTVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC82MjE2MjktZWQzZC00OWFmLWJmMzktODVhMzdjZjFiMmVh
LzEvcFh0Z2o4enpJdzVFWEpnX25qYTFEaEgzTFBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCuRysMA8E
AgACMAkDBwIqAKCgAAAwDQYJKoZIhvcNAQELBQADggEBAGyPpWqNXGXe0GKaJkN/
SvqapoJo935OiIm8pyGZqwf6mCx0NC7Q1QO5jKWIeCKdE099gaVOdCoyk+DTJM5p
FXKD3/HrMkwqx0oTY9G8d7vCjcTwUyDTyIzBDX1CkiCXKsyTNrBXnJZ7DBlDXKkw
gZzcZnDPCCwN7sdt3b08iE3AD4ztH+Fo1TGrrFskYMzarCgPHhG2fMPDo/CdB17E
lgIjIzG+nCeVmC6hoQPWwhTbqHPjeCL1h5dtPK1cBUHLeNcE2IyhAvltl/8ImIMr
cNY9FTKw3sa7zfc1g4EmNtBPBkXScjnsgxgpAMP/KIUS2c0e43Ta5LLFM+0ZktrJ
kd0=
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:56:13 2025 by rpki-client