Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/9db41a-8f1c-46c5-a2e1-8e23b026c6b5/1/14NM_hJ73U6vGuk5H4RP54-eZBY.roa
File: 14NM_hJ73U6vGuk5H4RP54-eZBY.roa (raw, json)
Hash identifier: lie+0t/dSukUm9OoNgztT3EnggVtNQOhf9gAShVS0rI=
Subject key identifier: D7:83:4C:FE:12:7B:DD:4E:AF:1A:E9:39:1F:84:4F:E7:8F:9E:64:16
Certificate issuer: /CN=75ab408aa9f71a81e883f8d14965f773538b5a40
Certificate serial: 0194266B381836E59B86A031D5CE3F2A14AD
Authority key identifier: 75:AB:40:8A:A9:F7:1A:81:E8:83:F8:D1:49:65:F7:73:53:8B:5A:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/datAiqn3GoHog_jRSWX3c1OLWkA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/9db41a-8f1c-46c5-a2e1-8e23b026c6b5/1/14NM_hJ73U6vGuk5H4RP54-eZBY.roa
Signing time: Thu 02 Jan 2025 09:49:08 +0000
ROA not before: Thu 02 Jan 2025 09:49:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2116
IP address blocks: 193.160.160.0/20 maxlen: 20
193.160.164.0/22 maxlen: 22
193.160.166.0/24 maxlen: 24
193.160.167.0/24 maxlen: 24
193.160.168.0/24 maxlen: 24
193.160.169.0/24 maxlen: 24
193.160.170.0/23 maxlen: 23
193.160.174.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/9db41a-8f1c-46c5-a2e1-8e23b026c6b5/1/datAiqn3GoHog_jRSWX3c1OLWkA.crl
rsync://rpki.ripe.net/repository/DEFAULT/56/9db41a-8f1c-46c5-a2e1-8e23b026c6b5/1/datAiqn3GoHog_jRSWX3c1OLWkA.mft
rsync://rpki.ripe.net/repository/DEFAULT/datAiqn3GoHog_jRSWX3c1OLWkA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:38:18:36:e5:9b:86:a0:31:d5:ce:3f:2a:14:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75ab408aa9f71a81e883f8d14965f773538b5a40
Validity
Not Before: Jan 2 09:49:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d7834cfe127bdd4eaf1ae9391f844fe78f9e6416
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:c3:aa:3c:c7:64:4d:28:ee:a9:48:db:b7:ac:
00:2b:b6:a8:dc:75:ef:a2:85:93:61:e9:30:72:18:
e5:01:86:bd:f8:2e:a7:3d:a2:8f:1f:7b:2f:81:dd:
1b:c9:4e:c6:6c:b2:be:64:45:f1:92:03:07:03:17:
20:1e:c0:72:51:5b:f4:39:eb:14:2c:5c:15:70:8f:
ae:74:6e:f9:d5:99:78:24:67:a2:54:59:13:da:a1:
c8:7d:db:96:90:dd:0b:4b:be:19:d6:8b:b8:dc:9d:
0b:07:42:7d:c6:14:ed:96:15:01:16:ff:99:9a:f5:
1f:c7:22:3c:1d:c5:37:76:47:7a:f5:85:4e:77:3c:
78:24:94:a4:b5:cf:5e:7b:90:80:38:96:53:8a:51:
82:71:23:ad:63:d3:a4:70:4e:b9:36:3f:02:68:0a:
ea:81:a7:9e:6a:45:08:c3:38:4a:51:3c:38:f2:fa:
98:62:31:34:79:d4:d5:79:fb:9f:d8:73:4b:89:81:
d9:d8:61:ca:d2:c5:f1:45:a6:ba:14:86:bd:75:45:
d0:d4:32:64:0a:7e:94:35:6b:ef:b2:f4:1d:f0:65:
c6:0f:eb:ad:f8:a3:b4:69:32:84:34:b8:1f:a8:62:
78:ca:c1:6c:23:ad:2f:ac:55:81:78:6c:c8:d4:a5:
ad:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:83:4C:FE:12:7B:DD:4E:AF:1A:E9:39:1F:84:4F:E7:8F:9E:64:16
X509v3 Authority Key Identifier:
keyid:75:AB:40:8A:A9:F7:1A:81:E8:83:F8:D1:49:65:F7:73:53:8B:5A:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/datAiqn3GoHog_jRSWX3c1OLWkA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/9db41a-8f1c-46c5-a2e1-8e23b026c6b5/1/14NM_hJ73U6vGuk5H4RP54-eZBY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/9db41a-8f1c-46c5-a2e1-8e23b026c6b5/1/datAiqn3GoHog_jRSWX3c1OLWkA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.160.160.0/20
Signature Algorithm: sha256WithRSAEncryption
89:10:1c:91:fc:f3:12:f8:e6:87:53:e6:c3:40:34:5f:66:46:
42:ea:b1:12:c2:a7:1d:a8:87:a8:45:10:4b:1d:e3:f0:f0:b1:
9d:ea:ee:74:e4:8d:77:c8:9a:f3:c0:c0:7c:cd:81:a1:e3:03:
0e:22:d4:5d:57:72:26:f4:90:eb:7f:71:09:30:13:3e:18:a5:
65:c4:df:27:de:1a:04:5d:96:84:79:99:dc:0d:38:21:25:2d:
8c:41:64:07:73:30:3f:62:4e:14:df:41:00:1f:f9:e3:d1:5f:
73:e1:0d:e9:b4:9b:32:ae:d8:b4:ca:48:1a:55:f6:e3:7f:aa:
fb:48:9f:bb:5c:0c:87:b8:63:9d:97:48:ad:5a:83:01:31:48:
6c:5c:8f:73:0d:17:c4:ba:d8:49:9f:63:8a:9c:da:3d:24:91:
36:24:d5:89:81:13:43:c4:7d:1b:63:30:ba:dc:8e:77:4f:c6:
51:9f:6d:dc:e0:c1:b0:fe:1b:16:90:27:16:6c:fa:6b:58:60:
34:9b:8c:e9:ac:05:7c:98:fb:07:a3:35:9c:9f:98:19:19:a3:
e7:b5:f1:bb:9c:6a:40:bb:e9:d4:dc:55:3b:86:aa:b0:ea:5e:
44:a6:dc:9a:35:9d:48:38:7c:d0:c9:34:46:a4:4f:85:24:0a:
a3:f6:68:86
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQmazgYNuWbhqAx1c4/KhStMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1YWI0MDhhYTlmNzFhODFlODgzZjhkMTQ5NjVmNzczNTM4
YjVhNDAwHhcNMjUwMTAyMDk0OTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzgzNGNmZTEyN2JkZDRlYWYxYWU5MzkxZjg0NGZlNzhmOWU2NDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx8OqPMdkTSjuqUjbt6wAK7ao3HXv
ooWTYekwchjlAYa9+C6nPaKPH3svgd0byU7GbLK+ZEXxkgMHAxcgHsByUVv0OesU
LFwVcI+udG751Zl4JGeiVFkT2qHIfduWkN0LS74Z1ou43J0LB0J9xhTtlhUBFv+Z
mvUfxyI8HcU3dkd69YVOdzx4JJSktc9ee5CAOJZTilGCcSOtY9OkcE65Nj8CaArq
gaeeakUIwzhKUTw48vqYYjE0edTVefuf2HNLiYHZ2GHK0sXxRaa6FIa9dUXQ1DJk
Cn6UNWvvsvQd8GXGD+ut+KO0aTKENLgfqGJ4ysFsI60vrFWBeGzI1KWtYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNeDTP4Se91OrxrpOR+ET+ePnmQWMB8GA1UdIwQY
MBaAFHWrQIqp9xqB6IP40Ull93NTi1pAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGF0QWlxbjNHb0hvZ19qUlNXWDNjMU9MV2tBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni85ZGI0MWEtOGYxYy00NmM1LWEyZTEt
OGUyM2IwMjZjNmI1LzEvMTROTV9oSjczVTZ2R3VrNUg0UlA1NC1lWkJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni85ZGI0MWEtOGYxYy00NmM1LWEyZTEtOGUyM2IwMjZjNmI1
LzEvZGF0QWlxbjNHb0hvZ19qUlNXWDNjMU9MV2tBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEwaCgMA0G
CSqGSIb3DQEBCwUAA4IBAQCJEByR/PMS+OaHU+bDQDRfZkZC6rESwqcdqIeoRRBL
HePw8LGd6u505I13yJrzwMB8zYGh4wMOItRdV3Im9JDrf3EJMBM+GKVlxN8n3hoE
XZaEeZncDTghJS2MQWQHczA/Yk4U30EAH/nj0V9z4Q3ptJsyrti0ykgaVfbjf6r7
SJ+7XAyHuGOdl0itWoMBMUhsXI9zDRfEuthJn2OKnNo9JJE2JNWJgRNDxH0bYzC6
3I53T8ZRn23c4MGw/hsWkCcWbPprWGA0m4zprAV8mPsHozWcn5gZGaPntfG7nGpA
u+nU3FU7hqqw6l5EptyaNZ1IOHzQyTRGpE+FJAqj9miG
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:46:34 2025 by rpki-client