Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/19fcc9-cb33-4255-8883-fe027a034449/1/NwE-Q3U5NROLLw8YZo5SdVq6prU.roa
File: NwE-Q3U5NROLLw8YZo5SdVq6prU.roa (raw, json)
Hash identifier: 4nK8pCzkjFWGecL8LPoOkleHLxc20BBIlahc8LVNGkQ=
Subject key identifier: 37:01:3E:43:75:39:35:13:8B:2F:0F:18:66:8E:52:75:5A:BA:A6:B5
Certificate issuer: /CN=7e1340ed2323a9286e980f66469990a9a1e3075d
Certificate serial: 0194FDCCC3E8896CB8949F01153A4086D5DD
Authority key identifier: 7E:13:40:ED:23:23:A9:28:6E:98:0F:66:46:99:90:A9:A1:E3:07:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fhNA7SMjqShumA9mRpmQqaHjB10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/19fcc9-cb33-4255-8883-fe027a034449/1/NwE-Q3U5NROLLw8YZo5SdVq6prU.roa
Signing time: Thu 13 Feb 2025 05:34:02 +0000
ROA not before: Thu 13 Feb 2025 05:34:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213736
IP address blocks: 2a14:cc00:e001::/48 maxlen: 48
2a14:cc00:e002::/48 maxlen: 48
2a14:cc00:e003::/48 maxlen: 48
2a14:cc00:e004::/48 maxlen: 48
2a14:cc00:e005::/48 maxlen: 48
2a14:cc00:e006::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/79/19fcc9-cb33-4255-8883-fe027a034449/1/fhNA7SMjqShumA9mRpmQqaHjB10.crl
rsync://rpki.ripe.net/repository/DEFAULT/79/19fcc9-cb33-4255-8883-fe027a034449/1/fhNA7SMjqShumA9mRpmQqaHjB10.mft
rsync://rpki.ripe.net/repository/DEFAULT/fhNA7SMjqShumA9mRpmQqaHjB10.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 02:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:fd:cc:c3:e8:89:6c:b8:94:9f:01:15:3a:40:86:d5:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e1340ed2323a9286e980f66469990a9a1e3075d
Validity
Not Before: Feb 13 05:34:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=37013e43753935138b2f0f18668e52755abaa6b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:76:e3:f9:39:2f:de:25:8c:78:a1:f2:3b:8f:
dd:e7:b5:18:dc:8a:e6:79:67:1a:e2:45:06:00:86:
c9:58:d7:fe:59:c7:83:f9:1d:71:aa:3f:a8:4e:a2:
9a:75:2a:a8:b8:78:de:7d:7c:ed:8b:e7:4f:a8:16:
81:b6:d7:33:69:fc:12:41:0c:a1:24:38:dd:ca:17:
de:f0:78:f7:39:0c:4d:19:65:aa:4b:69:5b:dc:db:
b5:65:fe:39:79:03:21:5d:98:65:3b:62:6b:65:45:
46:bb:61:97:80:21:ff:7c:1c:44:2e:2b:51:58:22:
e1:13:cf:64:50:7c:b3:2c:c1:36:06:d3:92:2d:f2:
b6:db:7f:b0:03:3a:af:0f:6a:ad:3f:ea:f6:7f:5f:
73:66:8f:6b:9f:ec:22:e9:ee:04:ef:3a:76:d3:8c:
ee:33:32:99:0e:ff:cc:7f:e2:76:22:ce:42:13:cc:
e9:99:99:ba:2d:45:0f:42:df:d2:3f:2a:2c:9e:f9:
05:d3:3d:da:bb:89:29:b4:4f:81:3f:1f:53:cf:e6:
24:f0:59:6b:64:c8:e1:22:51:97:d7:94:59:da:df:
f2:56:00:30:ac:9b:12:d0:79:f1:33:5f:fb:40:40:
63:d6:9f:45:7b:78:02:60:a0:64:d4:91:09:2f:de:
af:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:01:3E:43:75:39:35:13:8B:2F:0F:18:66:8E:52:75:5A:BA:A6:B5
X509v3 Authority Key Identifier:
keyid:7E:13:40:ED:23:23:A9:28:6E:98:0F:66:46:99:90:A9:A1:E3:07:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fhNA7SMjqShumA9mRpmQqaHjB10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/19fcc9-cb33-4255-8883-fe027a034449/1/NwE-Q3U5NROLLw8YZo5SdVq6prU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/19fcc9-cb33-4255-8883-fe027a034449/1/fhNA7SMjqShumA9mRpmQqaHjB10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:cc00:e001::-2a14:cc00:e006:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
03:88:0f:5c:c4:24:17:72:0c:0f:4c:36:3b:52:5e:9e:2c:02:
fc:77:a1:19:4c:73:fb:cf:1e:34:15:1b:90:3f:6a:27:c3:f4:
5d:fd:78:3f:ad:ef:d7:c7:0d:83:e9:d6:02:90:cf:4f:88:50:
75:ee:52:59:1c:bd:f8:da:7d:ed:cd:1b:29:0e:a5:f7:c0:95:
94:15:27:ef:dd:db:1f:af:33:56:45:03:a3:7c:b9:9b:39:b7:
fd:90:56:a5:0d:e1:22:58:96:8a:17:7d:e6:39:2b:b8:4f:32:
99:cb:38:a3:d0:fe:39:28:57:9c:26:73:15:4b:13:0a:7b:2b:
21:9e:e3:ad:0c:fa:a2:53:8c:ac:f6:f7:9a:cb:f6:a4:1f:2b:
fe:6e:f9:56:cb:ea:6f:a7:46:a9:bf:9c:f6:15:67:89:50:75:
2c:41:d7:34:64:b3:83:a2:ac:81:65:34:47:b0:98:d5:02:c5:
46:e5:06:7f:5b:44:2e:1a:4b:12:cc:6b:83:29:c3:33:a8:28:
4d:3d:a8:c8:22:a6:29:86:93:f4:2f:3d:e2:98:89:ab:8d:aa:
5d:1e:27:28:f3:fb:f5:b2:43:b5:1d:c5:53:46:c0:6a:65:b4:
1c:a9:53:8a:82:89:12:7a:ba:87:ef:3e:78:1f:dc:be:6d:15:
91:da:0c:ee
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZT9zMPoiWy4lJ8BFTpAhtXdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMTM0MGVkMjMyM2E5Mjg2ZTk4MGY2NjQ2OTk5MGE5YTFl
MzA3NWQwHhcNMjUwMjEzMDUzNDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzAxM2U0Mzc1MzkzNTEzOGIyZjBmMTg2NjhlNTI3NTVhYmFhNmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA43bj+Tkv3iWMeKHyO4/d57UY3Irm
eWca4kUGAIbJWNf+WceD+R1xqj+oTqKadSqouHjefXzti+dPqBaBttczafwSQQyh
JDjdyhfe8Hj3OQxNGWWqS2lb3Nu1Zf45eQMhXZhlO2JrZUVGu2GXgCH/fBxELitR
WCLhE89kUHyzLME2BtOSLfK223+wAzqvD2qtP+r2f19zZo9rn+wi6e4E7zp204zu
MzKZDv/Mf+J2Is5CE8zpmZm6LUUPQt/SPyosnvkF0z3au4kptE+BPx9Tz+Yk8Flr
ZMjhIlGX15RZ2t/yVgAwrJsS0HnxM1/7QEBj1p9Fe3gCYKBk1JEJL96v9QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFDcBPkN1OTUTiy8PGGaOUnVauqa1MB8GA1UdIwQY
MBaAFH4TQO0jI6kobpgPZkaZkKmh4wddMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmhOQTdTTWpxU2h1bUE5bVJwbVFxYUhqQjEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS8xOWZjYzktY2IzMy00MjU1LTg4ODMt
ZmUwMjdhMDM0NDQ5LzEvTndFLVEzVTVOUk9MTHc4WVpvNVNkVnE2cHJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS8xOWZjYzktY2IzMy00MjU1LTg4ODMtZmUwMjdhMDM0NDQ5
LzEvZmhOQTdTTWpxU2h1bUE5bVJwbVFxYUhqQjEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwAqFMwA
4AEDBwAqFMwA4AYwDQYJKoZIhvcNAQELBQADggEBAAOID1zEJBdyDA9MNjtSXp4s
Avx3oRlMc/vPHjQVG5A/aifD9F39eD+t79fHDYPp1gKQz0+IUHXuUlkcvfjafe3N
GykOpffAlZQVJ+/d2x+vM1ZFA6N8uZs5t/2QVqUN4SJYlooXfeY5K7hPMpnLOKPQ
/jkoV5wmcxVLEwp7KyGe460M+qJTjKz295rL9qQfK/5u+VbL6m+nRqm/nPYVZ4lQ
dSxB1zRks4OirIFlNEewmNUCxUblBn9bRC4aSxLMa4MpwzOoKE09qMgipimGk/Qv
PeKYiauNql0eJyjz+/WyQ7UdxVNGwGpltBypU4qCiRJ6uofvPngf3L5tFZHaDO4=
-----END CERTIFICATE-----
Generated at Wed Apr 16 09:11:26 2025 by rpki-client