Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/27e29e-c894-4d39-ac23-12e96ba235d8/1/ng125dUOqVaBw3danc1rOaXrcqk.roa
File: ng125dUOqVaBw3danc1rOaXrcqk.roa (raw, json)
Hash identifier: E63qId+nBBFGXNOzGBHEt5a6wlCWGVhiMwoeA9BRjGI=
Subject key identifier: 9E:0D:76:E5:D5:0E:A9:56:81:C3:77:5A:9D:CD:6B:39:A5:EB:72:A9
Certificate issuer: /CN=360a9d26dbb3ea5dfaae83b61908add8fc6dd36f
Certificate serial: 019424B3C4D78CEA32EDA2EF25AFA8D8A45F
Authority key identifier: 36:0A:9D:26:DB:B3:EA:5D:FA:AE:83:B6:19:08:AD:D8:FC:6D:D3:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NgqdJtuz6l36roO2GQit2Pxt028.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/27e29e-c894-4d39-ac23-12e96ba235d8/1/ng125dUOqVaBw3danc1rOaXrcqk.roa
Signing time: Thu 02 Jan 2025 01:49:08 +0000
ROA not before: Thu 02 Jan 2025 01:49:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25595
IP address blocks: 185.104.128.0/24 maxlen: 24
2a06:3080::/30 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/27e29e-c894-4d39-ac23-12e96ba235d8/1/NgqdJtuz6l36roO2GQit2Pxt028.crl
rsync://rpki.ripe.net/repository/DEFAULT/60/27e29e-c894-4d39-ac23-12e96ba235d8/1/NgqdJtuz6l36roO2GQit2Pxt028.mft
rsync://rpki.ripe.net/repository/DEFAULT/NgqdJtuz6l36roO2GQit2Pxt028.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Feb 2025 05:00:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:c4:d7:8c:ea:32:ed:a2:ef:25:af:a8:d8:a4:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=360a9d26dbb3ea5dfaae83b61908add8fc6dd36f
Validity
Not Before: Jan 2 01:49:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9e0d76e5d50ea95681c3775a9dcd6b39a5eb72a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:fd:5a:75:18:4b:33:87:11:eb:1c:21:08:ed:
6b:5a:c3:e2:dc:5f:2b:d9:78:32:6c:1f:66:0b:a8:
ce:bb:3b:de:d9:15:e6:e2:70:90:67:6e:92:78:24:
77:a3:49:6c:bb:fb:45:28:cc:1d:0c:c3:9a:66:74:
18:82:ff:8a:f6:20:12:18:28:a2:4f:28:64:de:f7:
a1:4f:41:f0:c4:f4:de:e3:4d:7a:0f:62:6d:8b:8b:
66:dd:d6:56:ab:82:fd:c7:8b:fa:dc:7a:24:0e:f1:
4a:63:6c:d6:a0:1e:91:13:b6:12:48:43:83:65:95:
e6:6d:93:e0:1e:cd:4f:fd:97:d0:aa:7b:fe:8e:21:
8c:2b:e9:db:6b:97:b3:ef:2d:77:86:d8:fc:1a:63:
3f:37:a3:2f:f4:47:da:e6:c3:f3:7a:15:8c:4e:25:
8c:23:22:4d:5f:5f:e4:56:f2:e1:8e:4e:78:83:7c:
48:6b:d5:43:33:03:af:4b:67:5c:0b:71:59:be:b7:
90:68:ec:f0:48:43:a9:32:71:a7:ef:b1:77:2d:5a:
6c:34:08:21:72:9f:67:d9:53:2a:34:20:8f:f2:6d:
f2:44:cc:77:ba:a1:eb:7f:da:19:e4:87:45:e7:3a:
34:33:c5:c7:07:40:08:d6:8a:92:3e:75:39:17:67:
02:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:0D:76:E5:D5:0E:A9:56:81:C3:77:5A:9D:CD:6B:39:A5:EB:72:A9
X509v3 Authority Key Identifier:
keyid:36:0A:9D:26:DB:B3:EA:5D:FA:AE:83:B6:19:08:AD:D8:FC:6D:D3:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NgqdJtuz6l36roO2GQit2Pxt028.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/27e29e-c894-4d39-ac23-12e96ba235d8/1/ng125dUOqVaBw3danc1rOaXrcqk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/27e29e-c894-4d39-ac23-12e96ba235d8/1/NgqdJtuz6l36roO2GQit2Pxt028.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.104.128.0/24
IPv6:
2a06:3080::/30
Signature Algorithm: sha256WithRSAEncryption
a7:d0:da:22:f2:de:a0:39:ae:78:9b:51:d3:e5:56:4b:6e:c6:
bb:72:54:5e:fa:f1:ea:94:a2:8c:b8:a8:3a:e7:e6:14:c0:04:
88:6a:82:bf:3e:d5:86:80:47:2a:22:47:6c:d1:3c:c9:6b:d8:
fb:e9:27:3f:73:dd:1a:ae:d4:ea:1a:3a:1c:6b:ab:69:de:64:
31:71:1d:f7:3e:55:b9:18:d8:87:dd:4c:8f:d6:ba:72:60:79:
4d:47:2c:12:c4:ac:f4:95:ce:fc:4f:49:9d:c7:78:a2:ca:db:
aa:7a:02:d0:13:c8:a6:40:7f:c2:20:ef:f3:7c:d5:58:c2:77:
27:2c:bf:30:43:df:d3:f2:8e:ee:8b:c6:e0:ed:f2:f8:c4:35:
85:a7:6a:e9:29:5a:32:b4:6c:1d:c8:22:5e:f1:40:cd:94:f9:
aa:ac:34:98:17:f3:4c:59:2f:25:dd:8d:cf:a3:5e:8f:a5:13:
dc:38:0e:63:97:2a:57:5f:57:4c:ff:69:17:88:6b:58:1f:c7:
8e:7f:46:92:72:0b:e8:07:c1:98:ca:22:79:71:e5:aa:ee:bb:
bc:43:5b:d8:f1:2f:b1:54:e2:03:e0:d1:29:35:30:68:dd:a2:
35:74:98:1d:f1:ea:bd:63:01:58:af:74:0d:ec:32:08:42:ff:
a0:33:b9:49
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQks8TXjOoy7aLvJa+o2KRfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MGE5ZDI2ZGJiM2VhNWRmYWFlODNiNjE5MDhhZGQ4ZmM2
ZGQzNmYwHhcNMjUwMTAyMDE0OTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTBkNzZlNWQ1MGVhOTU2ODFjMzc3NWE5ZGNkNmIzOWE1ZWI3MmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzf1adRhLM4cR6xwhCO1rWsPi3F8r
2XgybB9mC6jOuzve2RXm4nCQZ26SeCR3o0lsu/tFKMwdDMOaZnQYgv+K9iASGCii
Tyhk3vehT0HwxPTe4016D2Jti4tm3dZWq4L9x4v63HokDvFKY2zWoB6RE7YSSEOD
ZZXmbZPgHs1P/ZfQqnv+jiGMK+nba5ez7y13htj8GmM/N6Mv9Efa5sPzehWMTiWM
IyJNX1/kVvLhjk54g3xIa9VDMwOvS2dcC3FZvreQaOzwSEOpMnGn77F3LVpsNAgh
cp9n2VMqNCCP8m3yRMx3uqHrf9oZ5IdF5zo0M8XHB0AI1oqSPnU5F2cCdwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJ4NduXVDqlWgcN3Wp3Nazml63KpMB8GA1UdIwQY
MBaAFDYKnSbbs+pd+q6DthkIrdj8bdNvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmdxZEp0dXo2bDM2cm9PMkdRaXQyUHh0MDI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC8yN2UyOWUtYzg5NC00ZDM5LWFjMjMt
MTJlOTZiYTIzNWQ4LzEvbmcxMjVkVU9xVmFCdzNkYW5jMXJPYVhyY3FrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC8yN2UyOWUtYzg5NC00ZDM5LWFjMjMtMTJlOTZiYTIzNWQ4
LzEvTmdxZEp0dXo2bDM2cm9PMkdRaXQyUHh0MDI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuWiAMA0E
AgACMAcDBQIqBjCAMA0GCSqGSIb3DQEBCwUAA4IBAQCn0Noi8t6gOa54m1HT5VZL
bsa7clRe+vHqlKKMuKg65+YUwASIaoK/PtWGgEcqIkds0TzJa9j76Sc/c90artTq
Gjoca6tp3mQxcR33PlW5GNiH3UyP1rpyYHlNRywSxKz0lc78T0mdx3iiytuqegLQ
E8imQH/CIO/zfNVYwncnLL8wQ9/T8o7ui8bg7fL4xDWFp2rpKVoytGwdyCJe8UDN
lPmqrDSYF/NMWS8l3Y3Po16PpRPcOA5jlypXX1dM/2kXiGtYH8eOf0aScgvoB8GY
yiJ5ceWq7ru8Q1vY8S+xVOID4NEpNTBo3aI1dJgd8eq9YwFYr3QN7DIIQv+gM7lJ
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:44:33 2025 by rpki-client