Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/NLV2XXoCt3Ea_fW1DOx4xTdovVQ.roa
File: NLV2XXoCt3Ea_fW1DOx4xTdovVQ.roa (raw, json)
Hash identifier: 5U/uHStcgoigbCdytI5QybLLFuHsVatX5XmpoglcCjw=
Subject key identifier: 34:B5:76:5D:7A:02:B7:71:1A:FD:F5:B5:0C:EC:78:C5:37:68:BD:54
Certificate issuer: /CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Certificate serial: 019427484F0BF48ECF489DBDD8EBF160612B
Authority key identifier: D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/NLV2XXoCt3Ea_fW1DOx4xTdovVQ.roa
Signing time: Thu 02 Jan 2025 13:50:37 +0000
ROA not before: Thu 02 Jan 2025 13:50:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 85.203.20.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.mft
rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 05:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:4f:0b:f4:8e:cf:48:9d:bd:d8:eb:f1:60:61:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Validity
Not Before: Jan 2 13:50:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=34b5765d7a02b7711afdf5b50cec78c53768bd54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:ea:aa:e4:fc:d5:e5:66:5b:59:32:50:e1:98:
aa:61:8d:7a:37:ac:ad:4b:34:1f:97:8c:65:4a:92:
e3:68:09:ab:ed:61:a6:0b:ea:36:c8:e5:7d:9d:0d:
d2:f8:da:4c:6c:7e:fb:c6:2c:ed:32:40:4d:56:1f:
a4:90:1d:18:38:e3:8a:05:29:67:10:b3:91:49:e8:
f0:62:e4:5e:63:ce:67:9d:14:dc:61:b8:21:3d:b6:
0e:3f:2c:4e:80:cd:17:3f:83:06:b3:56:6f:e1:ee:
14:f4:d5:6b:ae:cc:62:62:01:39:d7:4b:79:21:bf:
06:0d:62:db:58:ed:1f:58:02:9d:18:ec:9a:71:25:
1e:37:a8:b1:0b:c1:3c:4a:56:79:ed:f5:5a:69:d2:
36:bc:8f:85:1b:57:a9:54:27:37:d4:ef:d3:98:5d:
d0:5c:0e:9f:d5:80:8e:e4:d0:88:05:d3:b9:87:3c:
c0:6a:0f:51:ea:83:2d:ab:bd:f2:cc:f0:5a:17:7f:
4e:76:c0:be:52:3e:df:d4:41:1d:ba:ea:ee:64:78:
ea:af:e9:01:aa:a8:21:2e:03:0b:20:d8:d6:b5:fe:
45:3a:50:75:1c:a0:e3:04:9b:56:9c:7c:50:80:5b:
f5:47:89:2a:3a:74:12:69:f5:61:a1:3f:a8:89:71:
69:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:B5:76:5D:7A:02:B7:71:1A:FD:F5:B5:0C:EC:78:C5:37:68:BD:54
X509v3 Authority Key Identifier:
keyid:D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/NLV2XXoCt3Ea_fW1DOx4xTdovVQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.203.20.0/24
Signature Algorithm: sha256WithRSAEncryption
90:2b:bc:45:f9:89:bb:be:67:dd:5d:2d:c8:d0:7a:5a:eb:7f:
b1:7f:00:76:a8:ad:01:28:08:5d:95:53:f5:a6:7a:d4:ab:c2:
e7:37:a5:f3:ad:9a:ff:a4:56:ac:55:8a:fe:e2:53:97:32:af:
29:bf:5d:64:cd:6d:f4:b8:2d:7b:40:2d:f4:3e:cc:d4:8f:94:
4f:3d:fa:a3:c7:8f:56:71:50:32:44:59:47:e0:36:30:94:d3:
48:82:c1:7d:4a:d3:2e:b2:fe:a9:fe:13:2a:07:59:df:f9:e7:
b6:7e:e1:17:42:50:50:a1:22:00:b3:e0:8b:8d:6e:f6:7c:89:
2b:ab:da:96:32:0b:f8:b1:0d:0e:27:47:8b:98:3b:df:da:61:
2c:91:83:63:3d:f7:77:18:89:79:36:26:8a:1d:e0:ee:0b:cb:
65:ea:42:49:62:e7:57:b9:76:d5:93:5f:43:58:fe:64:24:9a:
17:da:06:8b:4f:d2:0c:c6:0a:88:af:71:62:1a:5f:ea:66:c5:
40:80:bc:1b:64:bc:82:12:66:4d:4a:ee:46:ca:89:e0:e2:f0:
b7:b0:ae:a5:ab:de:d8:f2:f1:b9:5c:84:e6:ff:c2:a9:a8:96:
8f:3a:7d:b5:e3:50:69:de:0d:99:12:85:5a:03:9a:19:a8:ca:
6a:79:99:31
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnSE8L9I7PSJ292OvxYGErMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NWJkZjZlZWMwODM3MGFlMWY2N2U4M2Y5OWI1YWMxZmUy
Njg3MmMwHhcNMjUwMTAyMTM1MDM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGI1NzY1ZDdhMDJiNzcxMWFmZGY1YjUwY2VjNzhjNTM3NjhiZDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAweqq5PzV5WZbWTJQ4ZiqYY16N6yt
SzQfl4xlSpLjaAmr7WGmC+o2yOV9nQ3S+NpMbH77xiztMkBNVh+kkB0YOOOKBSln
ELORSejwYuReY85nnRTcYbghPbYOPyxOgM0XP4MGs1Zv4e4U9NVrrsxiYgE510t5
Ib8GDWLbWO0fWAKdGOyacSUeN6ixC8E8SlZ57fVaadI2vI+FG1epVCc31O/TmF3Q
XA6f1YCO5NCIBdO5hzzAag9R6oMtq73yzPBaF39OdsC+Uj7f1EEduuruZHjqr+kB
qqghLgMLINjWtf5FOlB1HKDjBJtWnHxQgFv1R4kqOnQSafVhoT+oiXFpEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDS1dl16ArdxGv31tQzseMU3aL1UMB8GA1UdIwQY
MBaAFNRb327sCDcK4fZ+g/mbWsH+JocsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEt
OTg0NjM4NTllY2MxLzEvTkxWMlhYb0N0M0VhX2ZXMURPeDR4VGRvdlZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEtOTg0NjM4NTllY2Mx
LzEvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVcsUMA0G
CSqGSIb3DQEBCwUAA4IBAQCQK7xF+Ym7vmfdXS3I0Hpa63+xfwB2qK0BKAhdlVP1
pnrUq8LnN6XzrZr/pFasVYr+4lOXMq8pv11kzW30uC17QC30PszUj5RPPfqjx49W
cVAyRFlH4DYwlNNIgsF9StMusv6p/hMqB1nf+ee2fuEXQlBQoSIAs+CLjW72fIkr
q9qWMgv4sQ0OJ0eLmDvf2mEskYNjPfd3GIl5NiaKHeDuC8tl6kJJYudXuXbVk19D
WP5kJJoX2gaLT9IMxgqIr3FiGl/qZsVAgLwbZLyCEmZNSu5Gyong4vC3sK6lq97Y
8vG5XITm/8KpqJaPOn2141Bp3g2ZEoVaA5oZqMpqeZkx
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:08:38 2025 by rpki-client