Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/nheDIdc7Ex5DQQ3yUWyXEO40Wag.roa
File: nheDIdc7Ex5DQQ3yUWyXEO40Wag.roa (raw, json)
Hash identifier: QW76PsmZ19rGr3AHGvysCP+0ICfRHV3icfaUxRkR4IA=
Subject key identifier: 9E:17:83:21:D7:3B:13:1E:43:41:0D:F2:51:6C:97:10:EE:34:59:A8
Certificate issuer: /CN=76a75826e991225a429ff8a1e7ffdc80466420df
Certificate serial: 019426D8E8259FF6DEAF6493F39B919BC3F7
Authority key identifier: 76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/nheDIdc7Ex5DQQ3yUWyXEO40Wag.roa
Signing time: Thu 02 Jan 2025 11:48:56 +0000
ROA not before: Thu 02 Jan 2025 11:48:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12643
IP address blocks: 129.233.208.0/23 maxlen: 23
153.96.244.0/22 maxlen: 22
192.44.32.0/22 maxlen: 22
192.67.200.0/21 maxlen: 21
2a03:db80:3410::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.crl
rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.mft
rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d8:e8:25:9f:f6:de:af:64:93:f3:9b:91:9b:c3:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76a75826e991225a429ff8a1e7ffdc80466420df
Validity
Not Before: Jan 2 11:48:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9e178321d73b131e43410df2516c9710ee3459a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:28:ad:d9:89:77:78:b9:a4:4e:66:21:9b:29:
fd:44:0d:3a:fd:cb:37:1e:eb:7c:c1:41:3f:18:03:
e2:35:29:54:94:61:7d:56:9f:a4:12:6d:64:e9:c6:
0f:ab:45:35:db:27:47:db:10:95:76:25:89:48:26:
2b:71:2f:f9:16:14:ab:48:b4:44:3b:28:48:b3:2b:
39:bb:cc:bf:b5:b5:6e:29:b4:25:98:cd:ef:a9:92:
fb:ec:b6:32:22:ef:4d:a6:c3:f7:14:fc:2a:95:32:
4c:c5:e0:ff:05:89:ce:70:38:45:61:98:d6:02:06:
cc:d9:48:2d:e8:56:79:a5:21:7b:ef:0f:d9:2d:ef:
f6:98:34:0f:02:b8:89:0c:37:dd:8f:90:7b:75:84:
18:18:37:33:27:7c:ee:49:0a:36:35:28:38:04:c1:
c9:09:43:aa:93:3e:18:03:a3:f9:10:08:27:db:df:
8a:35:39:46:9d:ad:91:8b:d4:8a:49:98:d1:6e:1f:
ab:de:66:bd:a0:d2:c1:4e:84:f8:a9:7d:18:7d:76:
47:7d:97:8c:87:65:ae:3a:70:02:94:a1:bc:d7:55:
72:96:35:bf:fe:73:34:59:9f:00:61:5d:56:81:e1:
5d:fd:6a:29:1c:a8:ac:ba:03:8a:47:36:47:59:58:
f4:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:17:83:21:D7:3B:13:1E:43:41:0D:F2:51:6C:97:10:EE:34:59:A8
X509v3 Authority Key Identifier:
keyid:76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/nheDIdc7Ex5DQQ3yUWyXEO40Wag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
129.233.208.0/23
153.96.244.0/22
192.44.32.0/22
192.67.200.0/21
IPv6:
2a03:db80:3410::/48
Signature Algorithm: sha256WithRSAEncryption
7c:2b:0e:78:85:10:3e:e3:34:99:32:5c:85:1a:70:e1:ee:0f:
5b:a5:23:5a:3d:56:c8:c7:7f:80:74:9f:e2:0a:1f:28:af:df:
fd:a1:74:34:3e:1b:df:fa:7c:77:3a:0f:99:e3:85:d4:2d:b6:
c5:81:89:4e:ec:be:3f:99:ca:27:6f:cc:77:a4:da:a4:09:9f:
48:a0:3a:47:fd:56:8e:31:d7:2e:3b:b8:77:1b:b3:0c:ac:79:
22:7e:d3:bb:0f:53:93:89:0f:0f:15:d5:c0:b3:db:7c:1d:4f:
bc:2e:d7:72:b0:19:00:44:9f:6c:58:09:a6:17:a3:9e:5c:ae:
f6:11:9f:9b:49:39:e7:b5:d0:b9:49:31:dc:5a:f2:7d:05:41:
2e:d5:61:b3:1a:7c:1a:94:69:05:fb:9f:4f:06:d1:7d:ab:c5:
69:78:bc:db:fe:d6:eb:c5:f9:03:bd:e6:44:61:75:1c:9b:89:
12:30:0c:cb:59:04:e5:70:b5:2c:b2:f4:7b:13:63:55:34:8b:
c8:01:2b:bb:79:48:6f:bd:ea:d0:bf:e1:67:4c:fe:7d:82:3f:
1b:c3:19:da:eb:93:8b:b2:42:38:f0:14:15:fc:6f:f2:d4:da:
22:e6:17:e7:56:d3:b2:31:9a:01:3a:f5:2f:c4:86:73:84:38:
28:db:ae:49
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZQm2Ogln/ber2ST85uRm8P3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2YTc1ODI2ZTk5MTIyNWE0MjlmZjhhMWU3ZmZkYzgwNDY2
NDIwZGYwHhcNMjUwMTAyMTE0ODU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTE3ODMyMWQ3M2IxMzFlNDM0MTBkZjI1MTZjOTcxMGVlMzQ1OWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAySit2Yl3eLmkTmYhmyn9RA06/cs3
Hut8wUE/GAPiNSlUlGF9Vp+kEm1k6cYPq0U12ydH2xCVdiWJSCYrcS/5FhSrSLRE
OyhIsys5u8y/tbVuKbQlmM3vqZL77LYyIu9NpsP3FPwqlTJMxeD/BYnOcDhFYZjW
AgbM2Ugt6FZ5pSF77w/ZLe/2mDQPAriJDDfdj5B7dYQYGDczJ3zuSQo2NSg4BMHJ
CUOqkz4YA6P5EAgn29+KNTlGna2Ri9SKSZjRbh+r3ma9oNLBToT4qX0YfXZHfZeM
h2WuOnAClKG811VyljW//nM0WZ8AYV1WgeFd/WopHKisugOKRzZHWVj02wIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFJ4XgyHXOxMeQ0EN8lFslxDuNFmoMB8GA1UdIwQY
MBaAFHanWCbpkSJaQp/4oef/3IBGZCDfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHFkWUp1bVJJbHBDbl9paDVfX2NnRVprSU44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS8xZDMzY2EtOGQxYy00OWMwLWJlOTct
YWQ4ZmJlYWE4ZGQ5LzEvbmhlRElkYzdFeDVEUVEzeVVXeVhFTzQwV2FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS8xZDMzY2EtOGQxYy00OWMwLWJlOTctYWQ4ZmJlYWE4ZGQ5
LzEvZHFkWUp1bVJJbHBDbl9paDVfX2NnRVprSU44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQBgenQAwQC
mWD0AwQCwCwgAwQDwEPIMA8EAgACMAkDBwAqA9uANBAwDQYJKoZIhvcNAQELBQAD
ggEBAHwrDniFED7jNJkyXIUacOHuD1ulI1o9VsjHf4B0n+IKHyiv3/2hdDQ+G9/6
fHc6D5njhdQttsWBiU7svj+ZyidvzHek2qQJn0igOkf9Vo4x1y47uHcbswyseSJ+
07sPU5OJDw8V1cCz23wdT7wu13KwGQBEn2xYCaYXo55crvYRn5tJOee10LlJMdxa
8n0FQS7VYbMafBqUaQX7n08G0X2rxWl4vNv+1uvF+QO95kRhdRybiRIwDMtZBOVw
tSyy9HsTY1U0i8gBK7t5SG+96tC/4WdM/n2CPxvDGdrrk4uyQjjwFBX8b/LU2iLm
F+dW07IxmgE69S/EhnOEOCjbrkk=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:33:01 2025 by rpki-client