Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/nobXS_EDX1u5OLuM3jnkQJc5t54.roa
File: nobXS_EDX1u5OLuM3jnkQJc5t54.roa (raw, json)
Hash identifier: 735lQDz4Vu7mXLkQ1OEt71c9RAs4JRSb3jvCDTUy3KY=
Subject key identifier: 9E:86:D7:4B:F1:03:5F:5B:B9:38:BB:8C:DE:39:E4:40:97:39:B7:9E
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 01942747303A85BAF6A6A591860A368603E7
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/nobXS_EDX1u5OLuM3jnkQJc5t54.roa
Signing time: Thu 02 Jan 2025 13:49:24 +0000
ROA not before: Thu 02 Jan 2025 13:49:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209711
IP address blocks: 185.86.155.0/24 maxlen: 24
185.98.62.0/24 maxlen: 24
185.184.25.0/24 maxlen: 24
185.184.26.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.mft
rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:30:3a:85:ba:f6:a6:a5:91:86:0a:36:86:03:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Jan 2 13:49:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9e86d74bf1035f5bb938bb8cde39e4409739b79e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:91:81:43:6b:53:81:f3:a9:bf:77:b1:68:e1:
8c:20:d1:a5:2f:6b:81:40:23:7c:44:3c:66:73:f6:
27:ef:fb:6a:5e:ea:2e:7c:3f:c2:4d:a8:eb:cf:e7:
7e:64:85:c7:2c:09:b0:be:45:c6:09:5d:92:f3:13:
ce:51:e0:1c:d1:21:dc:00:de:78:5f:c7:77:01:f4:
02:7e:e4:1e:13:79:ec:ac:d9:1d:60:13:ae:0f:b4:
10:18:e0:3c:6a:bd:f8:e2:39:f7:67:9f:36:1c:0a:
93:80:e7:79:05:5e:74:70:fc:c2:91:fe:e4:67:03:
64:28:50:1b:31:2d:fb:18:0d:fa:20:9c:e2:96:74:
62:f9:80:41:ad:75:f5:b8:00:2c:33:d3:63:03:fd:
63:9a:80:25:6f:57:10:93:63:48:6d:cc:13:8e:88:
8c:89:ad:e1:2b:79:fe:53:47:a0:a0:b2:9c:78:ce:
a0:a1:a8:a5:40:43:6c:49:e0:d1:1c:5f:ca:46:83:
9f:e1:fd:d5:ae:0d:16:99:52:c0:62:f4:f8:bb:90:
46:96:b1:46:8f:52:9f:16:bc:d9:96:58:3d:da:ab:
1d:ac:c2:fa:40:4c:a6:2f:db:c8:d0:ba:97:74:7f:
80:f2:f8:3d:b4:6d:78:5b:1d:b8:b4:08:a6:db:c1:
78:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:86:D7:4B:F1:03:5F:5B:B9:38:BB:8C:DE:39:E4:40:97:39:B7:9E
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/nobXS_EDX1u5OLuM3jnkQJc5t54.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.86.155.0/24
185.98.62.0/24
185.184.25.0-185.184.26.255
Signature Algorithm: sha256WithRSAEncryption
97:8b:bb:d9:e5:fe:8f:8b:30:77:01:a0:fb:38:81:97:e8:0b:
d2:12:0a:1d:c5:1a:e0:a3:b5:f6:a7:2e:4d:d1:3d:d8:cf:87:
93:91:7f:83:f9:c7:71:5a:8c:54:fb:77:4e:62:97:30:bb:02:
66:ae:c9:9a:d7:99:22:35:e7:b9:39:5b:d5:a3:e6:91:16:21:
d1:16:b8:73:8a:de:7d:7f:59:e9:09:ab:b5:39:33:06:cd:65:
ee:52:0d:7c:31:10:79:0a:99:e0:20:c9:b3:1f:b8:e0:d7:ca:
e5:52:15:38:ce:b1:1a:66:02:01:ed:9d:29:9e:2c:c4:94:b2:
43:a7:3a:ea:8d:7b:cb:d9:c5:7b:6e:7d:c5:c8:2d:60:37:bb:
a0:67:d4:71:e1:ef:de:66:99:a4:0a:ec:38:21:27:b4:ce:25:
f8:de:64:2f:c9:68:a2:b8:b5:c0:bc:a9:53:30:dc:9a:92:3a:
41:e2:c7:b6:32:f7:cc:ec:b6:1b:69:57:d2:83:58:a1:d5:f4:
07:a4:89:b3:a6:0d:75:59:36:c7:80:53:7b:61:a2:41:2b:21:
28:af:38:bd:af:e6:81:98:58:38:5b:74:d1:17:60:a5:68:e0:
4c:56:5c:a7:d5:ac:af:36:ea:0e:1e:19:1c:0c:da:64:f8:ae:
15:80:1d:20
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQnRzA6hbr2pqWRhgo2hgPnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjUwMTAyMTM0OTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTg2ZDc0YmYxMDM1ZjViYjkzOGJiOGNkZTM5ZTQ0MDk3MzliNzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp5GBQ2tTgfOpv3exaOGMINGlL2uB
QCN8RDxmc/Yn7/tqXuoufD/CTajrz+d+ZIXHLAmwvkXGCV2S8xPOUeAc0SHcAN54
X8d3AfQCfuQeE3nsrNkdYBOuD7QQGOA8ar344jn3Z582HAqTgOd5BV50cPzCkf7k
ZwNkKFAbMS37GA36IJzilnRi+YBBrXX1uAAsM9NjA/1jmoAlb1cQk2NIbcwTjoiM
ia3hK3n+U0egoLKceM6goailQENsSeDRHF/KRoOf4f3Vrg0WmVLAYvT4u5BGlrFG
j1KfFrzZllg92qsdrML6QEymL9vI0LqXdH+A8vg9tG14Wx24tAim28F4oQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFJ6G10vxA19buTi7jN455ECXObeeMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvbm9iWFNfRURYMXU1T0x1TTNqbmtRSmM1dDU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAuVabAwQA
uWI+MAwDBAC5uBkDBAC5uBowDQYJKoZIhvcNAQELBQADggEBAJeLu9nl/o+LMHcB
oPs4gZfoC9ISCh3FGuCjtfanLk3RPdjPh5ORf4P5x3FajFT7d05ilzC7AmauyZrX
mSI157k5W9Wj5pEWIdEWuHOK3n1/WekJq7U5MwbNZe5SDXwxEHkKmeAgybMfuODX
yuVSFTjOsRpmAgHtnSmeLMSUskOnOuqNe8vZxXtufcXILWA3u6Bn1HHh795mmaQK
7DghJ7TOJfjeZC/JaKK4tcC8qVMw3JqSOkHix7Yy98zsthtpV9KDWKHV9AekibOm
DXVZNseAU3thokErISivOL2v5oGYWDhbdNEXYKVo4ExWXKfVrK826g4eGRwM2mT4
rhWAHSA=
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:43:39 2025 by rpki-client