Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/NPu1mabdl_5RCCby0BlAt-Rb9gM.roa
File: NPu1mabdl_5RCCby0BlAt-Rb9gM.roa (raw, json)
Hash identifier: GJeVgLldezJzsDz9/7yXU7qgjN2FVnodM1cfSM8JyFY=
Subject key identifier: 34:FB:B5:99:A6:DD:97:FE:51:08:26:F2:D0:19:40:B7:E4:5B:F6:03
Certificate issuer: /CN=7d149f62447853689c12fb288afeb6b681cfebc1
Certificate serial: 0194CB4CA928CD6B1C8E4D3640BBC7EC576E
Authority key identifier: 7D:14:9F:62:44:78:53:68:9C:12:FB:28:8A:FE:B6:B6:81:CF:EB:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fRSfYkR4U2icEvsoiv62toHP68E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/NPu1mabdl_5RCCby0BlAt-Rb9gM.roa
Signing time: Mon 03 Feb 2025 10:13:06 +0000
ROA not before: Mon 03 Feb 2025 10:13:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56740
IP address blocks: 87.252.234.0/24 maxlen: 24
87.252.237.0/24 maxlen: 24
87.252.238.0/24 maxlen: 24
91.149.167.0/24 maxlen: 24
93.125.18.0/24 maxlen: 24
93.125.60.0/23 maxlen: 23
93.125.114.0/24 maxlen: 24
178.172.164.0/24 maxlen: 24
178.172.165.0/24 maxlen: 24
178.172.212.0/24 maxlen: 24
178.172.220.0/24 maxlen: 24
178.172.247.0/24 maxlen: 24
178.172.251.0/24 maxlen: 24
178.172.255.0/24 maxlen: 24
213.184.236.0/24 maxlen: 24
213.184.240.0/24 maxlen: 24
217.21.44.0/24 maxlen: 24
217.21.52.0/24 maxlen: 24
217.21.53.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/fRSfYkR4U2icEvsoiv62toHP68E.crl
rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/fRSfYkR4U2icEvsoiv62toHP68E.mft
rsync://rpki.ripe.net/repository/DEFAULT/fRSfYkR4U2icEvsoiv62toHP68E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:cb:4c:a9:28:cd:6b:1c:8e:4d:36:40:bb:c7:ec:57:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d149f62447853689c12fb288afeb6b681cfebc1
Validity
Not Before: Feb 3 10:13:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=34fbb599a6dd97fe510826f2d01940b7e45bf603
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:b2:bd:18:c7:69:01:40:76:6e:06:46:25:a5:
05:05:c8:08:b2:6e:8e:fd:46:9c:6f:9e:83:8c:69:
a8:a5:32:49:a9:db:d7:ac:65:d7:bc:d4:5b:f4:1f:
d2:47:ed:8c:45:97:2a:92:db:cc:f7:3c:92:f4:38:
71:db:79:3f:71:88:63:bb:bd:95:98:ca:8c:18:36:
81:93:65:9d:03:27:29:d1:ea:87:2f:4a:99:9c:c1:
9c:82:bc:48:ec:67:ef:f3:07:55:75:59:75:95:6e:
bd:6e:60:c2:dc:b4:17:48:4e:eb:15:8d:32:2e:d4:
ec:0d:ff:0c:9f:1c:fa:7d:ec:98:6b:db:81:79:9d:
e5:bf:7a:a9:cf:c8:98:37:20:8b:a2:99:70:05:2b:
6a:6a:50:d3:4f:91:99:3d:09:35:ab:e8:39:1a:60:
1c:eb:c3:f6:67:8a:0b:0c:98:4f:b0:2c:b9:8f:8c:
5d:6c:de:dc:7f:f5:fa:11:0e:4d:a5:d9:c2:ab:38:
51:c6:79:b1:9a:51:ab:cb:ca:19:32:62:e4:1d:d7:
aa:f8:66:7d:70:7e:46:f2:74:0f:ff:a8:f0:45:04:
f4:d3:fb:43:1a:56:94:3a:0e:27:f9:e2:3e:87:b4:
9c:0c:1a:18:41:0d:69:6d:08:da:e1:7d:bc:27:1c:
2d:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:FB:B5:99:A6:DD:97:FE:51:08:26:F2:D0:19:40:B7:E4:5B:F6:03
X509v3 Authority Key Identifier:
keyid:7D:14:9F:62:44:78:53:68:9C:12:FB:28:8A:FE:B6:B6:81:CF:EB:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fRSfYkR4U2icEvsoiv62toHP68E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/NPu1mabdl_5RCCby0BlAt-Rb9gM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/fRSfYkR4U2icEvsoiv62toHP68E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.252.234.0/24
87.252.237.0-87.252.238.255
91.149.167.0/24
93.125.18.0/24
93.125.60.0/23
93.125.114.0/24
178.172.164.0/23
178.172.212.0/24
178.172.220.0/24
178.172.247.0/24
178.172.251.0/24
178.172.255.0/24
213.184.236.0/24
213.184.240.0/24
217.21.44.0/24
217.21.52.0/23
Signature Algorithm: sha256WithRSAEncryption
1a:50:fd:e8:42:96:1a:50:84:23:5a:30:29:75:f9:c8:18:23:
f6:c2:49:d6:c9:0c:5c:c5:d3:2c:6e:e8:be:a4:f5:3f:2f:85:
95:92:b7:69:c0:18:ac:b3:0a:34:51:cf:34:06:1d:da:1e:1a:
ab:e3:16:fc:50:48:7f:a2:07:e2:4e:31:91:30:c7:58:c7:f0:
1d:8d:86:7b:eb:d1:63:ef:0a:51:ad:93:3c:1b:dd:cf:c9:4a:
2f:0f:4f:2c:e6:ee:3e:4c:93:47:8a:1e:8d:32:d7:ac:0f:fb:
0b:8c:cb:a8:68:99:2f:8f:21:42:a1:51:59:c8:8d:97:ae:f1:
98:e2:4f:17:c8:18:db:19:94:56:74:da:26:e2:9d:54:57:b1:
6e:62:bf:3a:e6:75:1e:b7:2b:d9:f1:c8:15:83:53:53:0e:26:
8c:75:3e:b0:e2:c6:ce:f5:39:07:d2:38:f9:9b:6d:02:07:aa:
4f:87:de:d6:2c:54:b8:13:4f:a3:c4:6a:70:ef:3e:ee:0e:63:
71:1e:78:81:8d:08:23:41:fe:83:8e:51:26:59:a5:ea:d2:e0:
8c:0c:c3:aa:79:4c:6b:ea:91:b5:72:19:bf:a4:4f:2c:70:de:
9f:27:84:cf:44:d3:44:2a:e9:e2:2d:07:1d:b6:a3:49:d7:0e:
91:b8:16:97
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAZTLTKkozWscjk02QLvH7FduMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMTQ5ZjYyNDQ3ODUzNjg5YzEyZmIyODhhZmViNmI2ODFj
ZmViYzEwHhcNMjUwMjAzMTAxMzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGZiYjU5OWE2ZGQ5N2ZlNTEwODI2ZjJkMDE5NDBiN2U0NWJmNjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy7K9GMdpAUB2bgZGJaUFBcgIsm6O
/Uacb56DjGmopTJJqdvXrGXXvNRb9B/SR+2MRZcqktvM9zyS9Dhx23k/cYhju72V
mMqMGDaBk2WdAycp0eqHL0qZnMGcgrxI7Gfv8wdVdVl1lW69bmDC3LQXSE7rFY0y
LtTsDf8Mnxz6feyYa9uBeZ3lv3qpz8iYNyCLoplwBStqalDTT5GZPQk1q+g5GmAc
68P2Z4oLDJhPsCy5j4xdbN7cf/X6EQ5NpdnCqzhRxnmxmlGry8oZMmLkHdeq+GZ9
cH5G8nQP/6jwRQT00/tDGlaUOg4n+eI+h7ScDBoYQQ1pbQja4X28JxwtEwIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFDT7tZmm3Zf+UQgm8tAZQLfkW/YDMB8GA1UdIwQY
MBaAFH0Un2JEeFNonBL7KIr+traBz+vBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlJTZllrUjRVMmljRXZzb2l2NjJ0b0hQNjhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC82YTU0YmYtZjAwZi00NjdhLWJmNTct
YWFiMGU0MTRjYzYzLzEvTlB1MW1hYmRsXzVSQ0NieTBCbEF0LVJiOWdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC82YTU0YmYtZjAwZi00NjdhLWJmNTctYWFiMGU0MTRjYzYz
LzEvZlJTZllrUjRVMmljRXZzb2l2NjJ0b0hQNjhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwbgQCAAEwaAMEAFf86jAM
AwQAV/ztAwQAV/zuAwQAW5WnAwQAXX0SAwQBXX08AwQAXX1yAwQBsqykAwQAsqzU
AwQAsqzcAwQAsqz3AwQAsqz7AwQAsqz/AwQA1bjsAwQA1bjwAwQA2RUsAwQB2RU0
MA0GCSqGSIb3DQEBCwUAA4IBAQAaUP3oQpYaUIQjWjApdfnIGCP2wknWyQxcxdMs
bui+pPU/L4WVkrdpwBisswo0Uc80Bh3aHhqr4xb8UEh/ogfiTjGRMMdYx/AdjYZ7
69Fj7wpRrZM8G93PyUovD08s5u4+TJNHih6NMtesD/sLjMuoaJkvjyFCoVFZyI2X
rvGY4k8XyBjbGZRWdNom4p1UV7FuYr865nUetyvZ8cgVg1NTDiaMdT6w4sbO9TkH
0jj5m20CB6pPh97WLFS4E0+jxGpw7z7uDmNxHniBjQgjQf6DjlEmWaXq0uCMDMOq
eUxr6pG1chm/pE8scN6fJ4TPRNNEKuniLQcdtqNJ1w6RuBaX
-----END CERTIFICATE-----
Generated at Wed Apr 16 21:54:39 2025 by rpki-client