Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/efd094-4bc0-4ad0-aba3-49c95eeac812/1/NDvYoDRKvIsz-6V9rVmhTDCa2sQ.roa
File: NDvYoDRKvIsz-6V9rVmhTDCa2sQ.roa (raw, json)
Hash identifier: dhgjcITIcU0jzfd0xbGSpC/kzQFCv6MxYX9SO45zGFg=
Subject key identifier: 34:3B:D8:A0:34:4A:BC:8B:33:FB:A5:7D:AD:59:A1:4C:30:9A:DA:C4
Certificate issuer: /CN=41763db1ed334a7c5280ab9854742914ae0c4c52
Certificate serial: 019425FCCC8947216847957751E59E16FD2D
Authority key identifier: 41:76:3D:B1:ED:33:4A:7C:52:80:AB:98:54:74:29:14:AE:0C:4C:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QXY9se0zSnxSgKuYVHQpFK4MTFI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/efd094-4bc0-4ad0-aba3-49c95eeac812/1/NDvYoDRKvIsz-6V9rVmhTDCa2sQ.roa
Signing time: Thu 02 Jan 2025 07:48:31 +0000
ROA not before: Thu 02 Jan 2025 07:48:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15924
IP address blocks: 195.142.200.0/24 maxlen: 24
195.142.201.0/24 maxlen: 24
195.142.202.0/24 maxlen: 24
195.142.203.0/24 maxlen: 24
195.142.244.0/24 maxlen: 24
195.142.245.0/24 maxlen: 24
195.142.246.0/24 maxlen: 24
195.142.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/efd094-4bc0-4ad0-aba3-49c95eeac812/1/QXY9se0zSnxSgKuYVHQpFK4MTFI.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/efd094-4bc0-4ad0-aba3-49c95eeac812/1/QXY9se0zSnxSgKuYVHQpFK4MTFI.mft
rsync://rpki.ripe.net/repository/DEFAULT/QXY9se0zSnxSgKuYVHQpFK4MTFI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:cc:89:47:21:68:47:95:77:51:e5:9e:16:fd:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41763db1ed334a7c5280ab9854742914ae0c4c52
Validity
Not Before: Jan 2 07:48:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=343bd8a0344abc8b33fba57dad59a14c309adac4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:2a:92:ee:af:48:56:a8:9e:42:fb:c2:8c:54:
19:2c:47:23:0f:4f:e0:a2:50:4b:85:6c:01:ca:80:
6f:2c:7a:59:ab:b8:ad:34:0f:ca:55:23:2e:f7:f4:
79:f4:78:52:c8:83:20:9e:94:1e:1d:8b:62:f4:f3:
fe:6b:7e:1b:d2:24:b5:89:ee:1e:9c:38:1c:aa:27:
fa:e4:ea:07:d5:b6:0f:03:d3:64:0e:8b:76:cb:1b:
af:5c:cc:72:7a:4c:39:dc:ae:08:5f:29:58:9d:60:
68:17:ed:fd:ee:2f:9e:09:fa:a3:21:12:52:ee:9b:
3c:f0:03:cd:cf:02:b7:0e:e8:25:c0:cd:64:7b:5d:
37:eb:51:4a:14:b2:3b:ed:37:e6:a5:ea:2e:7b:6b:
a6:a8:f6:f9:c2:c3:de:87:bd:c6:2a:80:02:5f:1c:
79:67:ad:47:ee:a0:6f:3b:b7:5a:cf:ae:40:5f:41:
fc:fe:9b:16:01:dd:22:8a:4b:da:c7:fc:73:53:dd:
71:3f:1c:b2:8e:e4:f5:40:8c:62:48:41:68:52:11:
31:a2:83:d1:64:48:1c:e1:40:64:2c:35:7b:f2:dd:
eb:cb:a4:76:ad:78:62:9e:cb:5d:da:2a:44:b0:ca:
3f:8e:68:7e:a2:ae:4d:32:dd:17:58:a4:a7:c1:86:
3c:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:3B:D8:A0:34:4A:BC:8B:33:FB:A5:7D:AD:59:A1:4C:30:9A:DA:C4
X509v3 Authority Key Identifier:
keyid:41:76:3D:B1:ED:33:4A:7C:52:80:AB:98:54:74:29:14:AE:0C:4C:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QXY9se0zSnxSgKuYVHQpFK4MTFI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/efd094-4bc0-4ad0-aba3-49c95eeac812/1/NDvYoDRKvIsz-6V9rVmhTDCa2sQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/efd094-4bc0-4ad0-aba3-49c95eeac812/1/QXY9se0zSnxSgKuYVHQpFK4MTFI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.142.200.0/22
195.142.244.0/22
Signature Algorithm: sha256WithRSAEncryption
58:3a:a3:15:83:bc:5a:7a:18:8f:62:86:3d:31:5f:f5:e0:4e:
13:bf:88:40:28:25:96:88:d1:05:84:5c:f3:1d:57:1c:40:bb:
ac:b9:93:be:73:fb:47:bc:1e:7c:5a:da:d3:c7:a0:04:91:1a:
4d:e6:4f:9f:65:a0:fd:fe:a2:b9:64:27:b8:75:81:ba:5d:5e:
6b:51:0b:49:10:69:db:0a:7e:cf:9a:d4:e5:cf:2b:3c:9a:a1:
03:b5:b7:dc:08:30:64:84:6a:45:db:3e:ff:4e:7e:42:49:0e:
4e:15:62:13:f3:56:55:d4:9f:f6:bf:a1:23:b7:22:e2:44:df:
2e:9c:67:f3:e4:e5:e0:d2:0b:4d:38:09:68:99:f7:18:9f:38:
6c:c7:71:65:df:1f:6e:a7:7e:1c:59:49:a4:69:37:a5:d8:38:
c8:cb:11:ea:44:b4:24:e5:b7:90:2c:33:d0:d3:b5:7c:6e:c2:
1e:ac:39:7a:ab:69:99:55:c6:54:fc:38:8d:93:3c:89:a2:19:
b5:ed:16:81:a2:82:82:eb:c0:cc:b7:d2:81:b4:31:07:07:12:
9c:81:a9:f7:b5:88:29:e3:8c:8f:ce:16:84:24:51:93:f4:0d:
7b:7c:01:a4:61:72:4c:3b:3d:3f:aa:33:e1:f3:96:f0:52:d3:
b9:bd:e4:6d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQl/MyJRyFoR5V3UeWeFv0tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxNzYzZGIxZWQzMzRhN2M1MjgwYWI5ODU0NzQyOTE0YWUw
YzRjNTIwHhcNMjUwMTAyMDc0ODMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDNiZDhhMDM0NGFiYzhiMzNmYmE1N2RhZDU5YTE0YzMwOWFkYWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAryqS7q9IVqieQvvCjFQZLEcjD0/g
olBLhWwByoBvLHpZq7itNA/KVSMu9/R59HhSyIMgnpQeHYti9PP+a34b0iS1ie4e
nDgcqif65OoH1bYPA9NkDot2yxuvXMxyekw53K4IXylYnWBoF+397i+eCfqjIRJS
7ps88APNzwK3DuglwM1ke10361FKFLI77Tfmpeoue2umqPb5wsPeh73GKoACXxx5
Z61H7qBvO7daz65AX0H8/psWAd0iikvax/xzU91xPxyyjuT1QIxiSEFoUhExooPR
ZEgc4UBkLDV78t3ry6R2rXhinstd2ipEsMo/jmh+oq5NMt0XWKSnwYY8RQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDQ72KA0SryLM/ulfa1ZoUwwmtrEMB8GA1UdIwQY
MBaAFEF2PbHtM0p8UoCrmFR0KRSuDExSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVhZOXNlMHpTbnhTZ0t1WVZIUXBGSzRNVEZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9lZmQwOTQtNGJjMC00YWQwLWFiYTMt
NDljOTVlZWFjODEyLzEvTkR2WW9EUkt2SXN6LTZWOXJWbWhURENhMnNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9lZmQwOTQtNGJjMC00YWQwLWFiYTMtNDljOTVlZWFjODEy
LzEvUVhZOXNlMHpTbnhTZ0t1WVZIUXBGSzRNVEZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCw47IAwQC
w470MA0GCSqGSIb3DQEBCwUAA4IBAQBYOqMVg7xaehiPYoY9MV/14E4Tv4hAKCWW
iNEFhFzzHVccQLusuZO+c/tHvB58WtrTx6AEkRpN5k+fZaD9/qK5ZCe4dYG6XV5r
UQtJEGnbCn7PmtTlzys8mqEDtbfcCDBkhGpF2z7/Tn5CSQ5OFWIT81ZV1J/2v6Ej
tyLiRN8unGfz5OXg0gtNOAlomfcYnzhsx3Fl3x9up34cWUmkaTel2DjIyxHqRLQk
5beQLDPQ07V8bsIerDl6q2mZVcZU/DiNkzyJohm17RaBooKC68DMt9KBtDEHBxKc
gan3tYgp44yPzhaEJFGT9A17fAGkYXJMOz0/qjPh85bwUtO5veRt
-----END CERTIFICATE-----
Generated at Thu Mar 13 08:15:15 2025 by rpki-client