Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/8d6c33-b2c1-48da-a609-8217a929fd8d/1/NRZRBzkHeQf0inm9C38j74IG3bQ.roa
File: NRZRBzkHeQf0inm9C38j74IG3bQ.roa (raw, json)
Hash identifier: IhzcvideV20rsOk9qK71z5e+p8/QDxcnP4qjNz1cRxM=
Subject key identifier: 35:16:51:07:39:07:79:07:F4:8A:79:BD:0B:7F:23:EF:82:06:DD:B4
Certificate issuer: /CN=b11a1f9770bab077515b7712cb8d49550b3138a1
Certificate serial: 019427480D7B3F4D8A4DF8F0D0ABBBA42118
Authority key identifier: B1:1A:1F:97:70:BA:B0:77:51:5B:77:12:CB:8D:49:55:0B:31:38:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sRofl3C6sHdRW3cSy41JVQsxOKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/8d6c33-b2c1-48da-a609-8217a929fd8d/1/NRZRBzkHeQf0inm9C38j74IG3bQ.roa
Signing time: Thu 02 Jan 2025 13:50:20 +0000
ROA not before: Thu 02 Jan 2025 13:50:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199725
IP address blocks: 185.48.216.0/22 maxlen: 24
2a04:b580::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/8d6c33-b2c1-48da-a609-8217a929fd8d/1/sRofl3C6sHdRW3cSy41JVQsxOKE.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/8d6c33-b2c1-48da-a609-8217a929fd8d/1/sRofl3C6sHdRW3cSy41JVQsxOKE.mft
rsync://rpki.ripe.net/repository/DEFAULT/sRofl3C6sHdRW3cSy41JVQsxOKE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:0d:7b:3f:4d:8a:4d:f8:f0:d0:ab:bb:a4:21:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b11a1f9770bab077515b7712cb8d49550b3138a1
Validity
Not Before: Jan 2 13:50:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3516510739077907f48a79bd0b7f23ef8206ddb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:a3:c3:4d:68:44:1a:35:ab:e1:87:e7:f3:5a:
f1:a1:73:cb:2c:c8:2e:a3:e4:09:08:fc:70:64:ea:
3b:0c:9c:7e:f0:74:d1:25:7e:87:6b:2a:90:df:a3:
e0:99:8b:1c:ba:81:eb:5c:1b:46:c9:db:a2:5c:a9:
30:6d:d6:56:c2:3a:12:ba:2c:53:b6:38:37:03:d2:
68:d1:30:65:7b:2f:5d:1a:5c:ae:63:99:0d:74:6c:
0d:e0:41:48:0f:e8:e7:4f:8c:89:c3:16:6c:cc:82:
8c:0d:81:9c:c7:9d:bb:0e:d1:d9:83:43:8c:30:df:
cb:d7:e6:26:92:67:63:c6:72:16:2c:78:31:ce:6e:
6b:7b:f8:e2:dc:7d:c6:9b:b1:a1:d2:19:0d:42:4a:
12:14:70:c7:83:80:9d:6b:1e:a4:6b:f5:ed:c3:72:
b1:58:57:79:77:c7:46:64:3d:cd:21:d0:c4:c1:17:
2f:89:36:a3:06:6a:c7:4a:e0:13:82:b6:0f:46:05:
1e:f4:fd:06:16:66:15:02:67:e0:1c:4d:4b:7a:67:
3b:16:fd:7c:41:36:8f:b5:f5:7f:17:92:0c:38:4c:
ad:31:79:df:3e:32:46:6c:cc:bb:bd:1d:6d:76:28:
b8:37:da:10:b7:b9:9b:00:b1:74:34:36:8e:c3:66:
0b:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:16:51:07:39:07:79:07:F4:8A:79:BD:0B:7F:23:EF:82:06:DD:B4
X509v3 Authority Key Identifier:
keyid:B1:1A:1F:97:70:BA:B0:77:51:5B:77:12:CB:8D:49:55:0B:31:38:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sRofl3C6sHdRW3cSy41JVQsxOKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/8d6c33-b2c1-48da-a609-8217a929fd8d/1/NRZRBzkHeQf0inm9C38j74IG3bQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/8d6c33-b2c1-48da-a609-8217a929fd8d/1/sRofl3C6sHdRW3cSy41JVQsxOKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.48.216.0/22
IPv6:
2a04:b580::/29
Signature Algorithm: sha256WithRSAEncryption
63:3f:63:c9:38:79:56:96:30:9e:d3:d7:e2:40:a3:14:13:8c:
da:7b:60:74:fe:75:0c:72:08:60:35:e0:31:08:4a:55:d6:14:
8f:ff:aa:bb:60:e6:df:12:70:bf:d7:9f:0d:29:9d:12:cb:62:
15:bc:ca:be:e7:18:17:fb:d3:5f:da:36:ea:0b:22:77:a3:b5:
84:a8:10:3c:a6:47:70:9a:aa:c7:d9:ce:71:3d:58:89:ec:cb:
66:b2:95:79:ec:3e:2d:9a:94:02:f8:44:bb:0a:d8:e5:9e:9f:
91:ad:ef:9b:11:58:56:c0:52:45:7c:58:87:ee:66:11:aa:11:
28:01:59:11:a8:3b:f3:de:0f:3c:cf:28:cd:b0:e1:f1:73:fc:
e3:7d:ad:e8:d0:eb:2a:25:d1:76:3e:ff:3f:95:aa:ca:1f:74:
54:09:be:67:1f:3e:24:c7:e3:45:43:64:3a:8a:79:2d:4f:b9:
ff:3e:c8:cf:07:58:86:e4:bc:7b:76:08:fe:c0:ac:25:b8:42:
41:fe:d5:28:43:60:66:ae:f4:f6:a8:a7:88:81:dd:9f:ae:e4:
cb:fc:28:b8:14:ab:f9:64:8d:0d:34:ea:88:1b:87:5f:08:1f:
10:f7:71:b9:99:00:63:ee:26:f3:0f:05:7a:83:20:b4:a9:7c:
35:4d:a9:fd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQnSA17P02KTfjw0Ku7pCEYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxMWExZjk3NzBiYWIwNzc1MTViNzcxMmNiOGQ0OTU1MGIz
MTM4YTEwHhcNMjUwMTAyMTM1MDIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTE2NTEwNzM5MDc3OTA3ZjQ4YTc5YmQwYjdmMjNlZjgyMDZkZGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhaPDTWhEGjWr4Yfn81rxoXPLLMgu
o+QJCPxwZOo7DJx+8HTRJX6HayqQ36PgmYscuoHrXBtGyduiXKkwbdZWwjoSuixT
tjg3A9Jo0TBley9dGlyuY5kNdGwN4EFID+jnT4yJwxZszIKMDYGcx527DtHZg0OM
MN/L1+YmkmdjxnIWLHgxzm5re/ji3H3Gm7Gh0hkNQkoSFHDHg4Cdax6ka/Xtw3Kx
WFd5d8dGZD3NIdDEwRcviTajBmrHSuATgrYPRgUe9P0GFmYVAmfgHE1Lemc7Fv18
QTaPtfV/F5IMOEytMXnfPjJGbMy7vR1tdii4N9oQt7mbALF0NDaOw2YLCQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDUWUQc5B3kH9Ip5vQt/I++CBt20MB8GA1UdIwQY
MBaAFLEaH5dwurB3UVt3EsuNSVULMTihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1JvZmwzQzZzSGRSVzNjU3k0MUpWUXN4T0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS84ZDZjMzMtYjJjMS00OGRhLWE2MDkt
ODIxN2E5MjlmZDhkLzEvTlJaUkJ6a0hlUWYwaW5tOUMzOGo3NElHM2JRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS84ZDZjMzMtYjJjMS00OGRhLWE2MDktODIxN2E5MjlmZDhk
LzEvc1JvZmwzQzZzSGRSVzNjU3k0MUpWUXN4T0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTDYMA0E
AgACMAcDBQMqBLWAMA0GCSqGSIb3DQEBCwUAA4IBAQBjP2PJOHlWljCe09fiQKMU
E4zae2B0/nUMcghgNeAxCEpV1hSP/6q7YObfEnC/158NKZ0Sy2IVvMq+5xgX+9Nf
2jbqCyJ3o7WEqBA8pkdwmqrH2c5xPViJ7MtmspV57D4tmpQC+ES7Ctjlnp+Rre+b
EVhWwFJFfFiH7mYRqhEoAVkRqDvz3g88zyjNsOHxc/zjfa3o0OsqJdF2Pv8/larK
H3RUCb5nHz4kx+NFQ2Q6inktT7n/PsjPB1iG5Lx7dgj+wKwluEJB/tUoQ2BmrvT2
qKeIgd2fruTL/Ci4FKv5ZI0NNOqIG4dfCB8Q93G5mQBj7ibzDwV6gyC0qXw1Tan9
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:21:14 2025 by rpki-client