Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/nA8ldX9v5Ip91riXYh1Is3JlGWU.roa
File: nA8ldX9v5Ip91riXYh1Is3JlGWU.roa (raw, json)
Hash identifier: LGoPjUjc03K0F3TRSud6cQW/fDxbqmiVQ8elBoGls6M=
Subject key identifier: 9C:0F:25:75:7F:6F:E4:8A:7D:D6:B8:97:62:1D:48:B3:72:65:19:65
Certificate issuer: /CN=76a75826e991225a429ff8a1e7ffdc80466420df
Certificate serial: 019426D8EB0639ADB80A3208F3DDDDF13DBE
Authority key identifier: 76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/nA8ldX9v5Ip91riXYh1Is3JlGWU.roa
Signing time: Thu 02 Jan 2025 11:48:57 +0000
ROA not before: Thu 02 Jan 2025 11:48:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16097
IP address blocks: 129.233.172.0/24 maxlen: 24
129.233.216.0/24 maxlen: 24
153.96.27.0/24 maxlen: 24
153.96.84.0/23 maxlen: 23
153.96.86.0/24 maxlen: 24
153.96.132.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.crl
rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.mft
rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d8:eb:06:39:ad:b8:0a:32:08:f3:dd:dd:f1:3d:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76a75826e991225a429ff8a1e7ffdc80466420df
Validity
Not Before: Jan 2 11:48:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9c0f25757f6fe48a7dd6b897621d48b372651965
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:7a:9f:01:1c:3c:e0:9f:dc:2a:8d:22:33:5e:
e8:96:2d:a1:83:75:e5:f1:5f:40:48:11:fc:9b:b8:
84:0e:63:a2:8d:ce:f8:a8:47:96:d3:22:8e:34:a5:
61:fb:01:de:24:0e:8e:90:dc:99:7b:e2:c8:e1:f4:
d2:05:23:9a:07:88:bd:b7:b8:16:45:b5:37:f5:e0:
c2:1a:78:7d:c4:0c:1c:8f:59:ae:2d:4c:7d:a2:39:
3e:e0:d2:c5:bb:bb:ff:cb:7a:35:e8:cb:00:6f:f7:
21:eb:00:85:83:4d:f8:2c:2e:39:7a:72:35:6c:2d:
8b:d6:6d:e1:5f:78:41:15:64:6a:50:44:b6:c5:e0:
db:db:ad:96:ad:fe:9a:84:7c:3c:d8:91:73:c4:b1:
22:d5:f4:ae:8d:0a:a3:32:ed:dc:35:67:9e:51:5d:
bf:a1:f1:fe:9b:20:68:c0:6e:ff:90:70:9e:3b:32:
9b:20:77:6d:b1:d0:d8:1d:7c:11:eb:b3:49:39:6d:
3f:27:5f:bd:da:cf:2d:42:06:76:e8:1f:d4:60:45:
f8:b5:78:c4:5d:f5:c2:bc:66:e3:2f:b7:d4:b3:bc:
80:2e:07:6d:3b:54:c5:c3:49:5e:fe:0b:e2:f9:bc:
a6:6c:90:2c:9a:8b:d3:6c:55:51:c3:3b:de:b8:42:
9b:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:0F:25:75:7F:6F:E4:8A:7D:D6:B8:97:62:1D:48:B3:72:65:19:65
X509v3 Authority Key Identifier:
keyid:76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/nA8ldX9v5Ip91riXYh1Is3JlGWU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
129.233.172.0/24
129.233.216.0/24
153.96.27.0/24
153.96.84.0-153.96.86.255
153.96.132.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:88:09:b5:ca:f6:48:f0:ec:5b:8e:11:9f:fa:f8:33:ac:8e:
2a:9b:f0:1a:48:09:6a:1e:e8:21:f2:65:44:aa:d7:b0:f7:58:
81:4b:8f:ee:9b:d3:0d:22:cf:ce:5d:d8:8d:42:75:91:f7:da:
ef:53:c9:82:51:73:65:17:16:a0:fe:a8:8e:d4:b2:6e:29:54:
8c:0e:87:00:3a:3a:6e:b3:90:c8:48:7b:6c:b5:ad:3e:b1:b4:
d3:56:00:66:f3:c2:12:ce:f4:61:f3:c4:be:d8:fc:0f:b0:d1:
7c:1b:16:02:af:22:dd:26:16:c8:b9:fb:c1:8e:e3:8f:c6:41:
64:89:aa:a2:71:16:8e:71:6d:57:47:75:9f:5a:3c:26:b6:19:
77:14:eb:c4:55:c0:21:44:46:e6:63:b1:a7:15:39:d4:7e:32:
e6:2e:22:37:51:10:d1:bd:da:52:65:4b:e4:ce:a0:09:3f:1b:
4d:fc:e3:a2:34:ea:9b:2c:bb:ba:b6:5a:52:61:f0:63:d9:35:
a7:24:aa:48:da:6a:2e:20:49:87:30:7e:66:bf:25:2d:32:28:
16:5a:fd:1d:a3:09:3b:13:b2:e9:62:c9:92:f1:06:f6:76:8a:
1c:4a:93:c8:be:a9:03:5b:4f:b1:42:2a:ac:05:10:de:eb:c3:
2a:a3:f5:10
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZQm2OsGOa24CjII893d8T2+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2YTc1ODI2ZTk5MTIyNWE0MjlmZjhhMWU3ZmZkYzgwNDY2
NDIwZGYwHhcNMjUwMTAyMTE0ODU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzBmMjU3NTdmNmZlNDhhN2RkNmI4OTc2MjFkNDhiMzcyNjUxOTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsXqfARw84J/cKo0iM17oli2hg3Xl
8V9ASBH8m7iEDmOijc74qEeW0yKONKVh+wHeJA6OkNyZe+LI4fTSBSOaB4i9t7gW
RbU39eDCGnh9xAwcj1muLUx9ojk+4NLFu7v/y3o16MsAb/ch6wCFg034LC45enI1
bC2L1m3hX3hBFWRqUES2xeDb262Wrf6ahHw82JFzxLEi1fSujQqjMu3cNWeeUV2/
ofH+myBowG7/kHCeOzKbIHdtsdDYHXwR67NJOW0/J1+92s8tQgZ26B/UYEX4tXjE
XfXCvGbjL7fUs7yALgdtO1TFw0le/gvi+bymbJAsmovTbFVRwzveuEKbAQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFJwPJXV/b+SKfda4l2IdSLNyZRllMB8GA1UdIwQY
MBaAFHanWCbpkSJaQp/4oef/3IBGZCDfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHFkWUp1bVJJbHBDbl9paDVfX2NnRVprSU44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS8xZDMzY2EtOGQxYy00OWMwLWJlOTct
YWQ4ZmJlYWE4ZGQ5LzEvbkE4bGRYOXY1SXA5MXJpWFloMUlzM0psR1dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS8xZDMzY2EtOGQxYy00OWMwLWJlOTctYWQ4ZmJlYWE4ZGQ5
LzEvZHFkWUp1bVJJbHBDbl9paDVfX2NnRVprSU44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAgemsAwQA
genYAwQAmWAbMAwDBAKZYFQDBACZYFYDBACZYIQwDQYJKoZIhvcNAQELBQADggEB
ALaICbXK9kjw7FuOEZ/6+DOsjiqb8BpICWoe6CHyZUSq17D3WIFLj+6b0w0iz85d
2I1CdZH32u9TyYJRc2UXFqD+qI7Usm4pVIwOhwA6Om6zkMhIe2y1rT6xtNNWAGbz
whLO9GHzxL7Y/A+w0XwbFgKvIt0mFsi5+8GO44/GQWSJqqJxFo5xbVdHdZ9aPCa2
GXcU68RVwCFERuZjsacVOdR+MuYuIjdRENG92lJlS+TOoAk/G03846I06pssu7q2
WlJh8GPZNackqkjaai4gSYcwfma/JS0yKBZa/R2jCTsTsuliyZLxBvZ2ihxKk8i+
qQNbT7FCKqwFEN7rwyqj9RA=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:38:54 2025 by rpki-client