Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/nnoCpFuaf4sq-8FsH9MZ9d2mzDE.roa
File: nnoCpFuaf4sq-8FsH9MZ9d2mzDE.roa (raw, json)
Hash identifier: E+2Rq6+bAbaU6VQAcQivy6A1olrAzcCNA92RamRQJoQ=
Subject key identifier: 9E:7A:02:A4:5B:9A:7F:8B:2A:FB:C1:6C:1F:D3:19:F5:DD:A6:CC:31
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 019428275AE1B7832ED8FAE78A4448807C23
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/nnoCpFuaf4sq-8FsH9MZ9d2mzDE.roa
Signing time: Thu 02 Jan 2025 17:54:15 +0000
ROA not before: Thu 02 Jan 2025 17:54:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44477
IP address blocks: 212.192.0.0/24 maxlen: 24
212.192.7.0/24 maxlen: 24
212.192.10.0/24 maxlen: 24
212.192.30.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.mft
rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:5a:e1:b7:83:2e:d8:fa:e7:8a:44:48:80:7c:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jan 2 17:54:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9e7a02a45b9a7f8b2afbc16c1fd319f5dda6cc31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:6a:dc:79:3c:fc:04:d8:7b:cb:95:55:66:2c:
b0:12:8e:42:48:95:54:cb:7f:3e:a7:07:ae:ee:40:
7c:6c:cd:bf:02:23:b8:08:f3:47:4f:dd:70:82:63:
85:bc:8d:42:b4:65:df:97:e2:ec:2a:7c:6a:e7:42:
33:ed:e5:41:cc:98:25:91:38:6e:b9:1b:7c:47:24:
05:93:96:3e:13:74:bb:9e:0d:8f:31:1e:21:2d:de:
8a:36:75:10:ad:0f:c0:37:63:b7:1c:0a:87:9b:a7:
26:cf:94:78:26:5e:59:db:96:03:25:aa:fc:12:09:
2b:10:9a:c9:ee:ef:99:3e:a8:6c:2a:02:c6:86:1b:
a3:ff:e4:7f:79:28:58:c0:2b:75:a9:f1:24:28:2f:
60:b4:84:e2:e6:94:b8:0d:76:2e:06:46:4b:38:06:
39:17:c8:ae:de:13:37:ac:8e:74:b5:ed:f8:30:df:
fb:c7:11:6a:3e:19:cb:90:8b:2d:32:9c:45:15:36:
2a:57:51:b7:3c:a4:32:7b:81:cc:c3:de:df:d1:e1:
b5:6a:69:b7:19:d9:99:a1:6d:1f:b7:e9:f5:52:67:
7b:34:fe:1a:ee:c4:ff:93:1c:58:31:9e:c6:ad:39:
2d:db:4d:a3:34:ef:e5:b0:54:e3:5c:7f:6d:11:30:
31:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:7A:02:A4:5B:9A:7F:8B:2A:FB:C1:6C:1F:D3:19:F5:DD:A6:CC:31
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/nnoCpFuaf4sq-8FsH9MZ9d2mzDE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.192.0.0/24
212.192.7.0/24
212.192.10.0/24
212.192.30.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:27:59:b9:e0:31:96:63:fe:f1:3d:3b:f6:2f:c6:55:6f:76:
4f:d6:84:07:ba:fe:53:df:0b:e9:a2:bc:18:da:84:5d:d0:bb:
b5:68:ab:d4:05:b3:0c:a2:5e:7b:33:36:77:8a:e7:87:a5:2a:
8d:d0:5a:cb:4f:cd:a7:89:ad:42:15:88:7f:6c:fa:44:bf:35:
8e:5a:51:14:3d:29:05:82:3c:33:8b:c3:04:00:81:b4:47:a6:
4c:86:52:5b:72:2f:0d:66:34:8c:7e:20:6f:7c:10:f3:75:b9:
88:bd:ed:95:c3:b6:db:5d:02:55:17:8f:9d:18:0c:87:64:ee:
21:8d:6c:24:be:e6:19:85:44:81:e7:c2:ed:36:78:d6:aa:de:
b1:f9:8e:31:fe:45:39:8a:9a:64:2b:05:be:89:23:b2:75:06:
c2:3b:fa:7d:36:44:57:ca:13:ce:a6:ef:c2:11:68:e8:dc:af:
5d:fd:49:33:11:6a:82:7c:75:87:58:4f:06:67:1e:fb:d2:1a:
f2:b3:5e:5d:13:a8:89:f5:c7:88:3e:a6:3d:a6:23:59:9b:35:
06:a0:c5:bf:a9:1b:1c:b0:e6:a3:92:6b:28:0f:c7:69:5b:32:
88:fe:95:ae:ad:66:52:bf:bc:11:28:c4:2e:80:0e:5d:aa:c8:
15:80:db:27
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQoJ1rht4Mu2PrnikRIgHwjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjUwMTAyMTc1NDE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTdhMDJhNDViOWE3ZjhiMmFmYmMxNmMxZmQzMTlmNWRkYTZjYzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmmrceTz8BNh7y5VVZiywEo5CSJVU
y38+pweu7kB8bM2/AiO4CPNHT91wgmOFvI1CtGXfl+LsKnxq50Iz7eVBzJglkThu
uRt8RyQFk5Y+E3S7ng2PMR4hLd6KNnUQrQ/AN2O3HAqHm6cmz5R4Jl5Z25YDJar8
EgkrEJrJ7u+ZPqhsKgLGhhuj/+R/eShYwCt1qfEkKC9gtITi5pS4DXYuBkZLOAY5
F8iu3hM3rI50te34MN/7xxFqPhnLkIstMpxFFTYqV1G3PKQye4HMw97f0eG1amm3
GdmZoW0ft+n1Umd7NP4a7sT/kxxYMZ7GrTkt202jNO/lsFTjXH9tETAx1QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJ56AqRbmn+LKvvBbB/TGfXdpswxMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvbm5vQ3BGdWFmNHNxLThGc0g5TVo5ZDJtekRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQA1MAAAwQA
1MAHAwQA1MAKAwQA1MAeMA0GCSqGSIb3DQEBCwUAA4IBAQAtJ1m54DGWY/7xPTv2
L8ZVb3ZP1oQHuv5T3wvporwY2oRd0Lu1aKvUBbMMol57MzZ3iueHpSqN0FrLT82n
ia1CFYh/bPpEvzWOWlEUPSkFgjwzi8MEAIG0R6ZMhlJbci8NZjSMfiBvfBDzdbmI
ve2Vw7bbXQJVF4+dGAyHZO4hjWwkvuYZhUSB58LtNnjWqt6x+Y4x/kU5ippkKwW+
iSOydQbCO/p9NkRXyhPOpu/CEWjo3K9d/UkzEWqCfHWHWE8GZx770hrys15dE6iJ
9ceIPqY9piNZmzUGoMW/qRscsOajkmsoD8dpWzKI/pWurWZSv7wRKMQugA5dqsgV
gNsn
-----END CERTIFICATE-----
Generated at Wed Feb 5 12:46:44 2025 by rpki-client