Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/nX--MwdOlyc-7ExsG_bUQL9gedg.roa
File: nX--MwdOlyc-7ExsG_bUQL9gedg.roa (raw, json)
Hash identifier: wSeR0bR0UVJwlxSe2+6xRfr2F+UCbWawt9In9fL1/FE=
Subject key identifier: 9D:7F:BE:33:07:4E:97:27:3E:EC:4C:6C:1B:F6:D4:40:BF:60:79:D8
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0194BD8525C4A58D3C577AE2CB210BB7650E
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/nX--MwdOlyc-7ExsG_bUQL9gedg.roa
Signing time: Fri 31 Jan 2025 18:00:07 +0000
ROA not before: Fri 31 Jan 2025 18:00:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21738
IP address blocks: 37.202.204.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:bd:85:25:c4:a5:8d:3c:57:7a:e2:cb:21:0b:b7:65:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jan 31 18:00:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9d7fbe33074e97273eec4c6c1bf6d440bf6079d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:bd:6e:20:5c:52:dd:fa:f4:a3:11:1b:40:92:
a3:b7:a3:ba:a3:6e:79:85:1a:0b:e5:be:ca:a6:04:
c1:08:69:db:0f:19:70:d2:57:2e:8c:de:40:9b:b1:
7b:77:b8:8f:a8:4b:71:fb:db:f2:d0:94:93:9b:db:
ed:58:56:66:f7:b1:9e:a2:a5:3b:69:1a:7c:08:cc:
c3:ff:f6:c7:ba:5e:67:27:7b:8c:77:93:08:be:38:
f7:33:0b:e5:c0:af:f8:e5:09:fc:35:73:e3:b9:22:
12:42:dd:88:88:bb:c5:33:70:6a:28:7d:01:fc:5e:
a1:a8:45:17:af:65:8d:3b:8f:e9:3c:06:51:6c:3c:
f4:2d:8a:a8:8e:f6:5f:c2:b4:dd:5c:52:e7:10:b5:
b2:0e:75:d1:3c:0a:3c:6f:43:e7:f8:0a:43:5c:91:
e9:77:8a:66:28:61:4c:b1:fc:d5:52:7d:e8:71:25:
ab:b3:bc:cd:b1:aa:4f:d8:25:c8:73:f6:85:52:9b:
53:d2:a0:a1:5f:6b:af:f6:cc:b3:10:42:a3:92:09:
48:12:e4:ae:81:25:5b:d3:ac:4d:56:41:d9:fe:29:
c0:46:01:8b:b2:2f:b0:55:2c:fd:ed:4c:11:66:ad:
84:91:d6:37:78:f6:f3:32:6a:4d:cc:65:d5:5f:8a:
4b:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:7F:BE:33:07:4E:97:27:3E:EC:4C:6C:1B:F6:D4:40:BF:60:79:D8
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/nX--MwdOlyc-7ExsG_bUQL9gedg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.204.0/24
Signature Algorithm: sha256WithRSAEncryption
15:ab:ad:d9:52:5f:e8:82:f4:47:0f:13:28:df:dc:ef:0f:05:
68:d8:7c:c7:83:27:77:45:2b:eb:9e:8c:66:94:0e:47:fd:6d:
f6:ba:f1:5a:0e:af:e1:24:fc:dc:5c:4c:45:23:09:6e:4e:af:
38:a8:b1:be:6b:11:d1:6a:dd:90:76:ae:87:99:8f:db:cd:32:
c4:22:f7:e1:2a:34:c1:f3:6b:87:3d:cb:63:cc:7f:17:df:96:
88:74:e3:e3:ff:94:56:5d:cf:02:29:dd:8c:8d:ef:45:4d:23:
f5:5c:4a:57:35:d8:2d:97:27:8b:c8:6f:e4:73:9a:35:20:c3:
4b:9f:36:50:e6:40:bf:a0:18:db:ca:95:87:4c:e4:dc:4d:19:
b9:11:b8:eb:2e:e6:9f:71:f8:ac:51:84:1b:99:b8:6b:a1:2d:
11:41:1d:2b:a8:39:13:78:65:d7:37:fc:34:81:3e:ba:c9:b8:
7a:3d:3f:e9:bd:f5:14:c6:eb:77:13:cf:b6:e3:43:22:b4:20:
c4:85:f9:14:35:5b:ca:c3:c3:6a:6d:d1:be:8f:c0:72:78:10:
31:24:16:74:c5:a3:7a:3b:e7:e9:26:11:cd:22:32:8c:0e:b0:
5e:84:d4:f6:53:dd:8d:d8:8d:1f:09:bb:18:b4:0b:0b:c8:35:
dd:12:4f:9f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZS9hSXEpY08V3riyyELt2UOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwMTMxMTgwMDA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDdmYmUzMzA3NGU5NzI3M2VlYzRjNmMxYmY2ZDQ0MGJmNjA3OWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2L1uIFxS3fr0oxEbQJKjt6O6o255
hRoL5b7KpgTBCGnbDxlw0lcujN5Am7F7d7iPqEtx+9vy0JSTm9vtWFZm97GeoqU7
aRp8CMzD//bHul5nJ3uMd5MIvjj3MwvlwK/45Qn8NXPjuSISQt2IiLvFM3BqKH0B
/F6hqEUXr2WNO4/pPAZRbDz0LYqojvZfwrTdXFLnELWyDnXRPAo8b0Pn+ApDXJHp
d4pmKGFMsfzVUn3ocSWrs7zNsapP2CXIc/aFUptT0qChX2uv9syzEEKjkglIEuSu
gSVb06xNVkHZ/inARgGLsi+wVSz97UwRZq2EkdY3ePbzMmpNzGXVX4pL8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ1/vjMHTpcnPuxMbBv21EC/YHnYMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvblgtLU13ZE9seWMtN0V4c0dfYlVRTDlnZWRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJcrMMA0G
CSqGSIb3DQEBCwUAA4IBAQAVq63ZUl/ogvRHDxMo39zvDwVo2HzHgyd3RSvrnoxm
lA5H/W32uvFaDq/hJPzcXExFIwluTq84qLG+axHRat2Qdq6HmY/bzTLEIvfhKjTB
82uHPctjzH8X35aIdOPj/5RWXc8CKd2Mje9FTSP1XEpXNdgtlyeLyG/kc5o1IMNL
nzZQ5kC/oBjbypWHTOTcTRm5EbjrLuafcfisUYQbmbhroS0RQR0rqDkTeGXXN/w0
gT66ybh6PT/pvfUUxut3E8+240MitCDEhfkUNVvKw8NqbdG+j8ByeBAxJBZ0xaN6
O+fpJhHNIjKMDrBehNT2U92N2I0fCbsYtAsLyDXdEk+f
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:56:10 2025 by rpki-client