Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/4e5902-e283-4916-a33c-7226a8845e01/1/nEjiJB0-mMQQFPly2WwOZs3c7-g.roa
File: nEjiJB0-mMQQFPly2WwOZs3c7-g.roa (raw, json)
Hash identifier: h3cZJSMuoJivO2hCuquZpiVDcLYaby3om3eBFcGBGrw=
Subject key identifier: 9C:48:E2:24:1D:3E:98:C4:10:14:F9:72:D9:6C:0E:66:CD:DC:EF:E8
Certificate issuer: /CN=0f2f8b2b94721e928f6188b5cf15053144dedf8c
Certificate serial: 019425FC033491F180636FD9D7642FCF073B
Authority key identifier: 0F:2F:8B:2B:94:72:1E:92:8F:61:88:B5:CF:15:05:31:44:DE:DF:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Dy-LK5RyHpKPYYi1zxUFMUTe34w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/4e5902-e283-4916-a33c-7226a8845e01/1/nEjiJB0-mMQQFPly2WwOZs3c7-g.roa
Signing time: Thu 02 Jan 2025 07:47:40 +0000
ROA not before: Thu 02 Jan 2025 07:47:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202777
IP address blocks: 185.124.148.0/24 maxlen: 24
185.235.141.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/4e5902-e283-4916-a33c-7226a8845e01/1/Dy-LK5RyHpKPYYi1zxUFMUTe34w.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/4e5902-e283-4916-a33c-7226a8845e01/1/Dy-LK5RyHpKPYYi1zxUFMUTe34w.mft
rsync://rpki.ripe.net/repository/DEFAULT/Dy-LK5RyHpKPYYi1zxUFMUTe34w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 04:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:03:34:91:f1:80:63:6f:d9:d7:64:2f:cf:07:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f2f8b2b94721e928f6188b5cf15053144dedf8c
Validity
Not Before: Jan 2 07:47:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9c48e2241d3e98c41014f972d96c0e66cddcefe8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:48:a6:63:46:eb:94:a1:63:7c:23:33:56:c9:
1b:6d:21:28:ff:c4:29:1a:c2:88:81:79:07:e5:46:
4d:31:44:8e:8f:00:94:99:90:11:95:2b:ff:ad:3b:
ae:22:9f:38:67:47:02:31:23:fe:c7:4a:bb:30:50:
7f:e4:8c:cb:b0:5a:fb:d7:ac:9f:a4:33:12:12:0c:
70:24:8a:7f:0a:03:dc:2c:24:63:e1:a1:b7:ef:7b:
8c:3b:2a:8b:b6:b2:4b:a9:7d:ac:0d:a6:74:3d:c1:
54:ec:1f:f5:92:0b:f2:92:26:bb:a7:c9:73:61:fd:
82:c0:b5:74:21:4c:70:84:08:fb:ef:03:e6:58:30:
a0:4a:2a:49:3b:a1:c0:da:85:16:39:16:65:28:84:
32:5d:21:63:fe:1e:1d:ce:a3:9a:a2:26:fc:81:bf:
7c:54:31:58:67:4e:f6:9f:ae:0f:a6:86:b0:56:4a:
1d:27:3a:fd:cd:93:64:10:0a:e3:26:5a:59:04:93:
53:42:20:8f:a4:d3:9b:b5:9e:4b:43:90:d7:7d:2a:
2c:a9:34:3a:65:11:be:da:6e:2d:24:c9:93:22:89:
a0:64:18:6e:d1:02:c9:58:fe:aa:b7:5f:1e:e9:71:
03:a6:29:35:74:65:80:13:13:60:a4:22:51:76:f1:
28:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:48:E2:24:1D:3E:98:C4:10:14:F9:72:D9:6C:0E:66:CD:DC:EF:E8
X509v3 Authority Key Identifier:
keyid:0F:2F:8B:2B:94:72:1E:92:8F:61:88:B5:CF:15:05:31:44:DE:DF:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dy-LK5RyHpKPYYi1zxUFMUTe34w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/4e5902-e283-4916-a33c-7226a8845e01/1/nEjiJB0-mMQQFPly2WwOZs3c7-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/4e5902-e283-4916-a33c-7226a8845e01/1/Dy-LK5RyHpKPYYi1zxUFMUTe34w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.124.148.0/24
185.235.141.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:14:62:9b:43:0e:bd:1d:ef:b3:f7:f9:67:f5:53:96:db:74:
6c:ee:53:ed:a7:84:d7:f1:30:c5:ee:87:06:ad:33:d9:3b:fe:
33:f4:54:7c:7c:03:9e:12:a0:27:da:74:54:b8:39:5e:a5:18:
85:22:3a:72:a4:f2:dc:47:f5:e1:00:3d:1f:32:30:2a:28:f1:
8f:22:c9:5e:40:5c:30:8b:6f:9f:6a:27:f3:ad:75:6c:ce:27:
d3:fa:31:e7:cd:1b:a4:4a:ec:fd:4b:71:56:50:dd:04:51:f4:
55:ef:d5:da:84:f4:5f:ab:a8:bb:00:ef:65:ee:e9:cc:24:fc:
03:e0:8f:2d:7b:57:d8:d9:6b:6d:92:3f:fa:e0:31:df:c1:7f:
e6:5c:00:49:e6:67:74:29:bb:b5:d6:f5:3b:84:75:5b:32:47:
be:26:50:3f:ff:5b:3b:5b:bf:54:04:07:28:2c:55:b7:ca:32:
4c:91:bf:48:6d:bf:ca:0b:9b:b2:ac:97:3e:02:45:18:8d:aa:
b2:6e:98:5b:30:ff:bc:94:7c:2e:c9:85:e7:8b:e2:29:8e:c9:
d1:9c:88:41:1c:c0:b7:9e:e1:6b:dd:99:20:f0:d7:82:4a:f9:
c2:4c:16:b5:8b:23:f3:b4:d0:34:42:ed:3c:a7:db:a0:e5:05:
30:8b:2b:8e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQl/AM0kfGAY2/Z12Qvzwc7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmMmY4YjJiOTQ3MjFlOTI4ZjYxODhiNWNmMTUwNTMxNDRk
ZWRmOGMwHhcNMjUwMTAyMDc0NzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzQ4ZTIyNDFkM2U5OGM0MTAxNGY5NzJkOTZjMGU2NmNkZGNlZmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw0imY0brlKFjfCMzVskbbSEo/8Qp
GsKIgXkH5UZNMUSOjwCUmZARlSv/rTuuIp84Z0cCMSP+x0q7MFB/5IzLsFr716yf
pDMSEgxwJIp/CgPcLCRj4aG373uMOyqLtrJLqX2sDaZ0PcFU7B/1kgvykia7p8lz
Yf2CwLV0IUxwhAj77wPmWDCgSipJO6HA2oUWORZlKIQyXSFj/h4dzqOaoib8gb98
VDFYZ072n64PpoawVkodJzr9zZNkEArjJlpZBJNTQiCPpNObtZ5LQ5DXfSosqTQ6
ZRG+2m4tJMmTIomgZBhu0QLJWP6qt18e6XEDpik1dGWAExNgpCJRdvEoLwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJxI4iQdPpjEEBT5ctlsDmbN3O/oMB8GA1UdIwQY
MBaAFA8viyuUch6Sj2GItc8VBTFE3t+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHktTEs1UnlIcEtQWVlpMXp4VUZNVVRlMzR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi80ZTU5MDItZTI4My00OTE2LWEzM2Mt
NzIyNmE4ODQ1ZTAxLzEvbkVqaUpCMC1tTVFRRlBseTJXd09aczNjNy1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi80ZTU5MDItZTI4My00OTE2LWEzM2MtNzIyNmE4ODQ1ZTAx
LzEvRHktTEs1UnlIcEtQWVlpMXp4VUZNVVRlMzR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuXyUAwQA
ueuNMA0GCSqGSIb3DQEBCwUAA4IBAQBOFGKbQw69He+z9/ln9VOW23Rs7lPtp4TX
8TDF7ocGrTPZO/4z9FR8fAOeEqAn2nRUuDlepRiFIjpypPLcR/XhAD0fMjAqKPGP
IsleQFwwi2+faifzrXVszifT+jHnzRukSuz9S3FWUN0EUfRV79XahPRfq6i7AO9l
7unMJPwD4I8te1fY2Wttkj/64DHfwX/mXABJ5md0Kbu11vU7hHVbMke+JlA//1s7
W79UBAcoLFW3yjJMkb9Ibb/KC5uyrJc+AkUYjaqybphbMP+8lHwuyYXni+IpjsnR
nIhBHMC3nuFr3Zkg8NeCSvnCTBa1iyPztNA0Qu08p9ug5QUwiyuO
-----END CERTIFICATE-----
Generated at Sun Apr 13 14:10:34 2025 by rpki-client