Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/NC7D8Hmm914sjNLfCTcfL5kMLvQ.roa
File: NC7D8Hmm914sjNLfCTcfL5kMLvQ.roa (raw, json)
Hash identifier: FYj4bChmgrNI7JWrINmD8cN5TpaK+TI/vsLBCh2ZzZo=
Subject key identifier: 34:2E:C3:F0:79:A6:F7:5E:2C:8C:D2:DF:09:37:1F:2F:99:0C:2E:F4
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 01942444901213645BD70124E90E03CB0B43
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/NC7D8Hmm914sjNLfCTcfL5kMLvQ.roa
Signing time: Wed 01 Jan 2025 23:47:40 +0000
ROA not before: Wed 01 Jan 2025 23:47:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47553
IP address blocks: 185.213.150.0/24 maxlen: 24
185.254.72.0/24 maxlen: 24
194.104.145.0/24 maxlen: 24
194.114.137.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.mft
rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 22:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:90:12:13:64:5b:d7:01:24:e9:0e:03:cb:0b:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Jan 1 23:47:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=342ec3f079a6f75e2c8cd2df09371f2f990c2ef4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:27:78:13:25:42:ba:37:a5:08:e6:59:30:9b:
e4:c5:29:a5:82:18:0b:ec:0b:f6:83:6d:84:91:03:
49:0b:ca:23:42:d4:12:b0:8a:4e:2f:a1:fe:4d:8f:
11:97:94:36:ed:a7:dd:48:30:a7:4b:39:68:39:4e:
ed:df:eb:30:4c:aa:0b:5a:8f:1e:31:bb:7d:ef:98:
cc:e7:cb:48:93:87:35:b0:57:b1:33:de:23:73:f8:
54:93:1e:fe:ca:4f:dd:3c:59:0a:a9:0c:35:c2:c7:
b4:aa:db:a3:bd:a6:7d:b2:69:d8:e4:8b:e3:85:b7:
ba:c1:90:42:c8:3b:65:a2:18:d8:5c:dc:6b:e3:92:
36:56:e3:97:9e:2f:35:ca:d8:f8:da:58:57:46:d0:
c3:8a:0e:1c:65:f9:d6:77:e9:6f:54:6a:e3:f1:d9:
08:2c:76:54:f0:09:bd:ce:17:fe:79:bb:c3:a0:92:
17:b2:3d:e1:1e:82:03:e5:21:2f:fb:5a:3f:16:39:
e9:76:20:45:69:53:0f:76:51:45:a8:1d:c9:ac:28:
c4:cf:c9:a1:2a:10:be:30:08:12:68:06:00:fa:d8:
47:69:64:8c:35:1b:ff:af:e8:85:aa:54:b4:8a:9d:
4e:b3:f0:a6:a1:eb:25:45:da:97:cb:e1:a6:da:76:
fe:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:2E:C3:F0:79:A6:F7:5E:2C:8C:D2:DF:09:37:1F:2F:99:0C:2E:F4
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/NC7D8Hmm914sjNLfCTcfL5kMLvQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.150.0/24
185.254.72.0/24
194.104.145.0/24
194.114.137.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:19:03:5c:4e:73:c8:dc:d5:27:ba:e5:2e:d6:d4:d8:9d:f1:
7c:e9:2f:e5:a0:79:fd:bf:6a:b1:4c:97:6c:91:57:69:73:ca:
44:ab:b2:44:e2:a2:4b:8c:10:6f:c4:b6:25:eb:c6:82:2d:b4:
d0:2a:48:91:71:d0:9c:58:e9:03:9b:88:4c:48:bf:93:a8:1e:
eb:cc:5a:d3:a5:b0:bf:2a:ea:70:58:3a:eb:39:80:3b:df:00:
25:30:d5:6a:98:b5:03:74:dc:5e:d9:0e:54:f7:32:d8:32:13:
28:a4:79:90:4c:48:d0:85:7c:89:c7:bc:75:09:4b:1b:53:cf:
47:a6:31:5b:0c:73:23:4b:05:db:ce:c6:ea:2c:10:03:38:da:
0b:29:12:49:ed:40:29:b9:65:31:8c:46:cf:fe:99:48:1e:63:
6f:af:f5:52:23:3f:f8:05:b3:ee:6a:72:be:96:e0:c3:56:9b:
1c:ea:fb:9a:44:b5:84:b1:ac:3d:00:14:f9:a5:b2:1f:5f:19:
e7:f9:fe:54:76:b6:61:3b:c4:7d:a3:ee:94:24:ca:00:4c:ec:
f6:37:d5:b9:0c:23:e3:9c:97:67:e3:40:82:c0:e7:04:bd:48:
c2:7d:75:7d:b2:88:7f:e6:bc:80:06:5f:d0:e9:cc:af:9f:d4:
8f:c5:00:65
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQkRJASE2Rb1wEk6Q4DywtDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjUwMTAxMjM0NzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDJlYzNmMDc5YTZmNzVlMmM4Y2QyZGYwOTM3MWYyZjk5MGMyZWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCd4EyVCujelCOZZMJvkxSmlghgL
7Av2g22EkQNJC8ojQtQSsIpOL6H+TY8Rl5Q27afdSDCnSzloOU7t3+swTKoLWo8e
Mbt975jM58tIk4c1sFexM94jc/hUkx7+yk/dPFkKqQw1wse0qtujvaZ9smnY5Ivj
hbe6wZBCyDtlohjYXNxr45I2VuOXni81ytj42lhXRtDDig4cZfnWd+lvVGrj8dkI
LHZU8Am9zhf+ebvDoJIXsj3hHoID5SEv+1o/FjnpdiBFaVMPdlFFqB3JrCjEz8mh
KhC+MAgSaAYA+thHaWSMNRv/r+iFqlS0ip1Os/CmoeslRdqXy+Gm2nb+NwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDQuw/B5pvdeLIzS3wk3Hy+ZDC70MB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvTkM3RDhIbW05MTRzak5MZkNUY2ZMNWtNTHZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAudWWAwQA
uf5IAwQAwmiRAwQAwnKJMA0GCSqGSIb3DQEBCwUAA4IBAQAKGQNcTnPI3NUnuuUu
1tTYnfF86S/loHn9v2qxTJdskVdpc8pEq7JE4qJLjBBvxLYl68aCLbTQKkiRcdCc
WOkDm4hMSL+TqB7rzFrTpbC/KupwWDrrOYA73wAlMNVqmLUDdNxe2Q5U9zLYMhMo
pHmQTEjQhXyJx7x1CUsbU89HpjFbDHMjSwXbzsbqLBADONoLKRJJ7UApuWUxjEbP
/plIHmNvr/VSIz/4BbPuanK+luDDVpsc6vuaRLWEsaw9ABT5pbIfXxnn+f5UdrZh
O8R9o+6UJMoATOz2N9W5DCPjnJdn40CCwOcEvUjCfXV9soh/5ryABl/Q6cyvn9SP
xQBl
-----END CERTIFICATE-----
Generated at Sun Apr 6 06:07:49 2025 by rpki-client