Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/NleaA2dNW39O_bLmPG6btbUsU3Y.roa
File: NleaA2dNW39O_bLmPG6btbUsU3Y.roa (raw, json)
Hash identifier: sf3a501O0GUvM+JaIfyUft8SNLFrIk6yXA4pjHEA8yc=
Subject key identifier: 36:57:9A:03:67:4D:5B:7F:4E:FD:B2:E6:3C:6E:9B:B5:B5:2C:53:76
Certificate issuer: /CN=f98a02d20c6b7de357125f38b1735ca1b91f87b3
Certificate serial: 01941FFA59B34DAEE26321A8756B10E032BD
Authority key identifier: F9:8A:02:D2:0C:6B:7D:E3:57:12:5F:38:B1:73:5C:A1:B9:1F:87:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-YoC0gxrfeNXEl84sXNcobkfh7M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/NleaA2dNW39O_bLmPG6btbUsU3Y.roa
Signing time: Wed 01 Jan 2025 03:48:08 +0000
ROA not before: Wed 01 Jan 2025 03:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211970
IP address blocks: 131.117.230.0/24 maxlen: 24
131.117.231.0/24 maxlen: 24
131.117.233.0/24 maxlen: 24
185.21.136.0/24 maxlen: 24
185.21.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/1-YoC0gxrfeNXEl84sXNcobkfh7M.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/1-YoC0gxrfeNXEl84sXNcobkfh7M.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-YoC0gxrfeNXEl84sXNcobkfh7M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 12:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:59:b3:4d:ae:e2:63:21:a8:75:6b:10:e0:32:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f98a02d20c6b7de357125f38b1735ca1b91f87b3
Validity
Not Before: Jan 1 03:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=36579a03674d5b7f4efdb2e63c6e9bb5b52c5376
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:4f:45:0d:5d:57:aa:9d:65:a0:63:cf:23:a3:
4a:d4:c0:6f:1b:6c:18:73:84:9e:cb:07:32:2a:66:
12:f6:27:fc:30:19:28:ed:ec:3c:85:a9:9f:26:f4:
02:5e:77:2f:28:f1:e5:8e:9c:9e:b5:5d:cc:2a:0f:
6d:ba:07:60:e4:b8:88:11:c4:9d:b7:41:d0:cb:94:
3c:b6:bd:bb:94:60:f9:38:3f:85:f8:e1:56:a6:3b:
b6:36:92:4a:8d:d8:2f:bc:9d:bb:20:a9:1c:79:14:
75:6b:21:cb:14:71:24:da:63:78:ea:55:03:25:ab:
a0:55:6b:8b:bf:bc:a2:5b:79:d5:ed:c2:e2:05:3d:
9f:66:bd:e3:25:e9:23:9e:62:9b:15:43:16:8d:d0:
94:fe:98:ab:46:61:ab:bb:9d:f5:4f:bb:ac:a6:5f:
3e:a3:1e:d7:e3:cd:a3:a6:0b:a3:31:c0:8a:b0:cb:
78:74:09:a8:eb:d5:98:63:71:5e:bc:2f:85:11:78:
3f:b5:97:9a:d0:48:cc:58:bd:18:2d:bc:2a:1e:95:
b8:45:34:01:79:6e:0c:94:81:65:d5:f6:19:d5:37:
52:7a:73:d2:ea:5c:c2:8a:c6:bb:29:c2:d2:14:c9:
eb:11:14:2b:20:51:8f:3c:c4:31:f6:19:54:f2:c1:
30:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:57:9A:03:67:4D:5B:7F:4E:FD:B2:E6:3C:6E:9B:B5:B5:2C:53:76
X509v3 Authority Key Identifier:
keyid:F9:8A:02:D2:0C:6B:7D:E3:57:12:5F:38:B1:73:5C:A1:B9:1F:87:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-YoC0gxrfeNXEl84sXNcobkfh7M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/NleaA2dNW39O_bLmPG6btbUsU3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/1-YoC0gxrfeNXEl84sXNcobkfh7M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
131.117.230.0/23
131.117.233.0/24
185.21.136.0/24
185.21.139.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:6c:07:9c:1b:bd:7d:64:ec:60:0c:70:26:67:df:bc:9f:90:
54:1f:c6:51:d8:1c:18:d6:48:1d:0f:e5:0c:84:56:f5:d8:9b:
5d:de:8e:b2:62:e9:c7:d3:0b:2d:c3:75:f1:80:be:eb:37:9d:
bc:13:f3:d3:67:7d:2f:9f:ed:77:b6:ce:46:8f:df:a9:7d:95:
13:ca:66:df:c0:2b:dd:06:85:20:2f:4d:55:ef:4d:e7:03:aa:
c4:62:b5:68:16:48:09:cf:c1:7f:4c:23:ff:b3:be:41:57:d0:
b7:86:11:60:da:cf:5e:10:03:9f:98:c7:b4:59:38:5f:18:2b:
d6:ca:05:eb:ea:d6:c7:d4:bc:85:5b:65:71:db:97:cb:4c:09:
b8:2f:4d:87:c2:83:15:d0:f2:42:e7:fd:cb:1a:2c:ca:98:4a:
bf:75:8a:77:c1:b0:9f:63:1c:71:a5:f9:0f:05:a3:2d:df:14:
63:f4:5d:68:d2:24:e8:3b:69:23:c5:22:60:aa:b8:01:77:8e:
db:01:07:44:f5:63:09:7e:be:30:64:d0:6b:91:c1:3e:c0:eb:
6f:65:a5:e9:6a:fe:93:ac:ac:2d:6e:a7:c2:83:8d:86:8b:84:
83:d6:fe:d1:6a:e9:71:8b:7a:06:1e:de:10:38:b1:c9:a7:0e:
51:04:8b:d4
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQf+lmzTa7iYyGodWsQ4DK9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5OGEwMmQyMGM2YjdkZTM1NzEyNWYzOGIxNzM1Y2ExYjkx
Zjg3YjMwHhcNMjUwMTAxMDM0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjU3OWEwMzY3NGQ1YjdmNGVmZGIyZTYzYzZlOWJiNWI1MmM1Mzc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyU9FDV1Xqp1loGPPI6NK1MBvG2wY
c4SeywcyKmYS9if8MBko7ew8hamfJvQCXncvKPHljpyetV3MKg9tugdg5LiIEcSd
t0HQy5Q8tr27lGD5OD+F+OFWpju2NpJKjdgvvJ27IKkceRR1ayHLFHEk2mN46lUD
JaugVWuLv7yiW3nV7cLiBT2fZr3jJekjnmKbFUMWjdCU/pirRmGru531T7uspl8+
ox7X482jpgujMcCKsMt4dAmo69WYY3FevC+FEXg/tZea0EjMWL0YLbwqHpW4RTQB
eW4MlIFl1fYZ1TdSenPS6lzCisa7KcLSFMnrERQrIFGPPMQx9hlU8sEwZQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFDZXmgNnTVt/Tv2y5jxum7W1LFN2MB8GA1UdIwQY
MBaAFPmKAtIMa33jVxJfOLFzXKG5H4ezMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1Zb0MwZ3hyZmVOWEVsODRzWE5jb2JrZmg3TS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2IvYTkyMDZlLWMxZTEtNGMxNS05NTMz
LWFjZTNkNjc1ZDNjZC8xL05sZWFBMmROVzM5T19iTG1QRzZidGJVc1UzWS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvN2IvYTkyMDZlLWMxZTEtNGMxNS05NTMzLWFjZTNkNjc1ZDNj
ZC8xLzEtWW9DMGd4cmZlTlhFbDg0c1hOY29ia2ZoN00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBAGDdeYD
BACDdekDBAC5FYgDBAC5FYswDQYJKoZIhvcNAQELBQADggEBAKRsB5wbvX1k7GAM
cCZn37yfkFQfxlHYHBjWSB0P5QyEVvXYm13ejrJi6cfTCy3DdfGAvus3nbwT89Nn
fS+f7Xe2zkaP36l9lRPKZt/AK90GhSAvTVXvTecDqsRitWgWSAnPwX9MI/+zvkFX
0LeGEWDaz14QA5+Yx7RZOF8YK9bKBevq1sfUvIVbZXHbl8tMCbgvTYfCgxXQ8kLn
/csaLMqYSr91infBsJ9jHHGl+Q8Foy3fFGP0XWjSJOg7aSPFImCquAF3jtsBB0T1
Ywl+vjBk0GuRwT7A629lpelq/pOsrC1up8KDjYaLhIPW/tFq6XGLegYe3hA4scmn
DlEEi9Q=
-----END CERTIFICATE-----
Generated at Wed Apr 16 15:14:33 2025 by rpki-client