Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/9c1f34-c52a-462e-b47e-f9a0f48c275a/1/NjtRv5Q_0eZIY70ytziif3lPISQ.roa
File: NjtRv5Q_0eZIY70ytziif3lPISQ.roa (raw, json)
Hash identifier: /6raoHgUbdMd0T7X1w8hUg8mjsKg/piCtJBKivMkkxU=
Subject key identifier: 36:3B:51:BF:94:3F:D1:E6:48:63:BD:32:B7:38:A2:7F:79:4F:21:24
Certificate issuer: /CN=7965cd15030483d114b00419c25b99340058d520
Certificate serial: 019422FC164B93DDE7F6AEE5E772A1E20EA1
Authority key identifier: 79:65:CD:15:03:04:83:D1:14:B0:04:19:C2:5B:99:34:00:58:D5:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eWXNFQMEg9EUsAQZwluZNABY1SA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/9c1f34-c52a-462e-b47e-f9a0f48c275a/1/NjtRv5Q_0eZIY70ytziif3lPISQ.roa
Signing time: Wed 01 Jan 2025 17:48:53 +0000
ROA not before: Wed 01 Jan 2025 17:48:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57244
IP address blocks: 192.166.124.0/22 maxlen: 22
192.166.124.0/23 maxlen: 23
192.166.124.0/24 maxlen: 24
192.166.125.0/24 maxlen: 24
192.166.126.0/23 maxlen: 23
192.166.126.0/24 maxlen: 24
192.166.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/9c1f34-c52a-462e-b47e-f9a0f48c275a/1/eWXNFQMEg9EUsAQZwluZNABY1SA.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/9c1f34-c52a-462e-b47e-f9a0f48c275a/1/eWXNFQMEg9EUsAQZwluZNABY1SA.mft
rsync://rpki.ripe.net/repository/DEFAULT/eWXNFQMEg9EUsAQZwluZNABY1SA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:16:4b:93:dd:e7:f6:ae:e5:e7:72:a1:e2:0e:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7965cd15030483d114b00419c25b99340058d520
Validity
Not Before: Jan 1 17:48:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=363b51bf943fd1e64863bd32b738a27f794f2124
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:f0:91:f5:a7:a1:4d:d3:3b:fd:ce:a7:f5:b9:
f6:78:9e:48:0e:d9:ca:05:12:73:18:40:e5:54:d1:
ae:d8:a0:9e:fb:76:76:6f:c9:f8:27:66:55:68:62:
cf:d9:5f:15:c5:4d:98:e2:77:cf:eb:af:49:95:9f:
6b:c1:cf:cc:6f:d7:3f:5b:38:66:7c:54:2f:39:7a:
e0:b5:8f:5c:58:19:b9:b0:cc:21:43:17:86:0f:b4:
05:42:d2:c3:e0:90:f0:b3:db:33:e9:48:6b:dd:01:
bc:16:24:5b:3b:b6:e0:cf:a6:2e:7c:ad:19:1a:0a:
5a:63:87:12:e1:77:42:77:7e:48:b1:05:15:3b:8f:
1d:05:b9:3c:ed:58:76:69:a3:2a:36:b8:ae:ae:b1:
10:f8:51:c1:9f:51:68:29:c0:d7:35:c5:47:c0:5e:
a0:1c:57:dd:e6:88:67:b0:4d:80:f3:e2:e3:6d:0d:
91:64:53:9d:12:d9:65:1d:b9:e4:b9:da:8e:41:f5:
0e:9d:d9:73:56:21:7c:e0:3b:e6:a1:b1:d9:9b:3b:
9d:15:57:cf:8b:aa:a1:d1:08:8e:c3:03:d6:a2:ed:
8b:9f:55:19:68:01:89:56:71:f9:b0:b8:e6:13:05:
06:57:79:6d:74:3e:ff:d9:60:cb:5e:73:55:41:41:
dc:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:3B:51:BF:94:3F:D1:E6:48:63:BD:32:B7:38:A2:7F:79:4F:21:24
X509v3 Authority Key Identifier:
keyid:79:65:CD:15:03:04:83:D1:14:B0:04:19:C2:5B:99:34:00:58:D5:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eWXNFQMEg9EUsAQZwluZNABY1SA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/9c1f34-c52a-462e-b47e-f9a0f48c275a/1/NjtRv5Q_0eZIY70ytziif3lPISQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/9c1f34-c52a-462e-b47e-f9a0f48c275a/1/eWXNFQMEg9EUsAQZwluZNABY1SA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.166.124.0/22
Signature Algorithm: sha256WithRSAEncryption
56:c9:35:b9:fe:99:fb:c8:1e:b4:62:02:a2:bc:5a:7c:d7:d2:
22:ec:5e:cc:ce:ef:3f:ea:d9:69:10:3f:6d:fb:a1:1f:22:7b:
7c:1b:25:fb:5c:7b:11:d4:06:7b:dc:a1:fd:23:61:f4:57:10:
69:18:61:61:60:a9:87:57:69:29:be:b4:89:26:f0:f7:f2:6e:
58:3d:36:1c:7b:d4:ff:42:b2:ee:0b:63:fd:59:56:d3:a3:25:
90:b3:a7:54:89:34:88:23:d2:16:19:ca:6a:04:02:9f:67:a2:
62:70:e6:ab:c3:d4:5d:03:43:57:a7:cd:ae:40:e7:c9:9d:b7:
b1:a9:f0:2c:37:33:86:33:1c:9d:71:fd:39:aa:37:94:ae:b0:
81:aa:94:86:d7:e4:d1:e9:cd:af:16:f2:fa:2b:ff:b9:c1:07:
ef:d7:a0:fd:8d:ab:65:f3:55:31:bf:05:78:b4:25:18:d7:b4:
b7:81:3a:b6:f3:8f:e1:c7:48:fc:1c:e5:76:88:01:d3:72:e9:
b6:60:b3:c2:d6:4c:c0:54:52:70:d4:3e:96:2b:23:e7:f2:bc:
c2:22:1a:52:bb:e1:2c:11:e7:f4:5f:40:af:4c:74:eb:aa:65:
2d:f1:23:59:0d:13:a5:7a:93:33:77:dd:b4:38:70:03:f1:5d:
3d:7a:0f:ce
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi/BZLk93n9q7l53Kh4g6hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5NjVjZDE1MDMwNDgzZDExNGIwMDQxOWMyNWI5OTM0MDA1
OGQ1MjAwHhcNMjUwMTAxMTc0ODUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjNiNTFiZjk0M2ZkMWU2NDg2M2JkMzJiNzM4YTI3Zjc5NGYyMTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlfCR9aehTdM7/c6n9bn2eJ5IDtnK
BRJzGEDlVNGu2KCe+3Z2b8n4J2ZVaGLP2V8VxU2Y4nfP669JlZ9rwc/Mb9c/Wzhm
fFQvOXrgtY9cWBm5sMwhQxeGD7QFQtLD4JDws9sz6Uhr3QG8FiRbO7bgz6YufK0Z
GgpaY4cS4XdCd35IsQUVO48dBbk87Vh2aaMqNriurrEQ+FHBn1FoKcDXNcVHwF6g
HFfd5ohnsE2A8+LjbQ2RZFOdEtllHbnkudqOQfUOndlzViF84DvmobHZmzudFVfP
i6qh0QiOwwPWou2Ln1UZaAGJVnH5sLjmEwUGV3ltdD7/2WDLXnNVQUHcnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDY7Ub+UP9HmSGO9Mrc4on95TyEkMB8GA1UdIwQY
MBaAFHllzRUDBIPRFLAEGcJbmTQAWNUgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVdYTkZRTUVnOUVVc0FRWndsdVpOQUJZMVNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS85YzFmMzQtYzUyYS00NjJlLWI0N2Ut
ZjlhMGY0OGMyNzVhLzEvTmp0UnY1UV8wZVpJWTcweXR6aWlmM2xQSVNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS85YzFmMzQtYzUyYS00NjJlLWI0N2UtZjlhMGY0OGMyNzVh
LzEvZVdYTkZRTUVnOUVVc0FRWndsdVpOQUJZMVNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwKZ8MA0G
CSqGSIb3DQEBCwUAA4IBAQBWyTW5/pn7yB60YgKivFp819Ii7F7Mzu8/6tlpED9t
+6EfInt8GyX7XHsR1AZ73KH9I2H0VxBpGGFhYKmHV2kpvrSJJvD38m5YPTYce9T/
QrLuC2P9WVbToyWQs6dUiTSII9IWGcpqBAKfZ6JicOarw9RdA0NXp82uQOfJnbex
qfAsNzOGMxydcf05qjeUrrCBqpSG1+TR6c2vFvL6K/+5wQfv16D9jatl81UxvwV4
tCUY17S3gTq284/hx0j8HOV2iAHTcum2YLPC1kzAVFJw1D6WKyPn8rzCIhpSu+Es
Eef0X0CvTHTrqmUt8SNZDROlepMzd920OHAD8V09eg/O
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:53:58 2025 by rpki-client