Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/776747-624a-494e-94b2-323d34defc8a/1/N9uVt8-2z0dXmjID6iR9e9MgbVk.roa
File: N9uVt8-2z0dXmjID6iR9e9MgbVk.roa (raw, json)
Hash identifier: n9sIL4/YW67/qBoixPSCi+GKHMtO0JV9xlXo1RPhaOU=
Subject key identifier: 37:DB:95:B7:CF:B6:CF:47:57:9A:32:03:EA:24:7D:7B:D3:20:6D:59
Certificate issuer: /CN=e87ce7df23140c0005125a61aad721531e681f0e
Certificate serial: 0194228E20A11A27FE6CFEB8A6BE565C29D7
Authority key identifier: E8:7C:E7:DF:23:14:0C:00:05:12:5A:61:AA:D7:21:53:1E:68:1F:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6Hzn3yMUDAAFElphqtchUx5oHw4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/776747-624a-494e-94b2-323d34defc8a/1/N9uVt8-2z0dXmjID6iR9e9MgbVk.roa
Signing time: Wed 01 Jan 2025 15:48:47 +0000
ROA not before: Wed 01 Jan 2025 15:48:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47160
IP address blocks: 31.14.68.0/22 maxlen: 24
45.112.120.0/23 maxlen: 24
45.112.122.0/24 maxlen: 24
185.126.228.0/22 maxlen: 24
2a06:c480::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/94/776747-624a-494e-94b2-323d34defc8a/1/6Hzn3yMUDAAFElphqtchUx5oHw4.crl
rsync://rpki.ripe.net/repository/DEFAULT/94/776747-624a-494e-94b2-323d34defc8a/1/6Hzn3yMUDAAFElphqtchUx5oHw4.mft
rsync://rpki.ripe.net/repository/DEFAULT/6Hzn3yMUDAAFElphqtchUx5oHw4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:20:a1:1a:27:fe:6c:fe:b8:a6:be:56:5c:29:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e87ce7df23140c0005125a61aad721531e681f0e
Validity
Not Before: Jan 1 15:48:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=37db95b7cfb6cf47579a3203ea247d7bd3206d59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:33:88:90:d6:6e:7c:2d:48:cd:1c:34:a4:38:
df:30:8b:32:28:19:a1:53:99:df:f8:ac:76:7d:ad:
95:01:98:05:d5:34:58:2e:09:47:12:52:01:c9:7a:
aa:29:9e:6a:cb:08:b9:32:01:80:76:70:09:6a:f0:
23:09:45:a9:18:fa:33:66:7e:da:ef:f0:87:89:2f:
9f:32:c6:0e:f9:17:e8:50:09:c5:9a:e8:3a:2f:15:
d6:61:98:25:2c:55:aa:4c:92:2b:81:a8:22:8a:bf:
24:48:e3:29:70:90:1a:98:15:fd:21:ba:29:58:5b:
d3:4b:6f:99:5e:44:ee:1b:e2:66:89:91:fc:34:84:
c1:49:8c:81:36:a0:da:b1:d9:31:94:f8:b7:3f:c2:
99:ad:d7:68:2d:21:a1:2d:79:d1:81:d9:5f:d6:8f:
03:b7:94:83:44:da:b4:17:ab:e0:b4:5d:6e:f7:9a:
fe:cb:1d:7f:eb:8f:a1:da:f8:9a:c9:35:93:ba:a0:
c6:77:31:32:b8:69:44:46:ee:97:6d:73:d9:de:f3:
e9:94:3c:b7:14:5e:c6:bd:98:8e:aa:8a:74:be:20:
67:7a:cd:d4:96:fc:3d:34:2c:6b:2d:51:66:12:d5:
bf:ec:f1:07:0c:2d:e2:74:fc:72:27:85:0d:ff:b2:
a7:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:DB:95:B7:CF:B6:CF:47:57:9A:32:03:EA:24:7D:7B:D3:20:6D:59
X509v3 Authority Key Identifier:
keyid:E8:7C:E7:DF:23:14:0C:00:05:12:5A:61:AA:D7:21:53:1E:68:1F:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6Hzn3yMUDAAFElphqtchUx5oHw4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/776747-624a-494e-94b2-323d34defc8a/1/N9uVt8-2z0dXmjID6iR9e9MgbVk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/776747-624a-494e-94b2-323d34defc8a/1/6Hzn3yMUDAAFElphqtchUx5oHw4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.68.0/22
45.112.120.0-45.112.122.255
185.126.228.0/22
IPv6:
2a06:c480::/29
Signature Algorithm: sha256WithRSAEncryption
57:37:c8:34:1b:73:6c:c4:47:aa:c0:fa:d0:70:d3:34:e8:7d:
0b:4c:d3:7f:0b:2f:26:5f:41:1a:9d:08:88:c1:32:65:33:b9:
13:39:ca:0b:c4:9f:8d:64:d3:c5:5b:ef:2c:f7:e1:e6:b9:3e:
58:41:d7:3b:e3:86:83:bb:a2:9c:c6:16:5e:be:68:77:0f:6a:
e5:6e:21:c8:34:a5:fb:d4:26:47:39:eb:e7:d0:9c:de:68:95:
64:3a:0a:85:ba:0f:2f:e1:48:af:51:08:7b:d7:f9:da:d0:63:
35:fa:37:87:97:fa:4d:b7:78:13:43:36:ff:03:67:fd:8d:21:
7e:82:92:df:fc:cb:0b:c2:70:46:3d:ab:17:7f:73:fe:36:61:
a7:ad:a9:07:9f:8a:15:09:3e:f9:17:69:be:b8:0a:23:cd:ad:
c5:2b:5d:5e:19:83:43:7d:fa:46:fe:c3:90:61:a9:92:c8:43:
41:9d:55:ad:5a:9f:9a:1b:b8:01:cd:af:1c:dd:49:12:31:e6:
71:8f:4d:bc:d6:02:9f:d5:07:08:18:55:d6:dc:02:c3:7d:37:
5b:72:bf:fa:81:02:8f:f2:b3:c9:a5:e0:86:a0:56:6b:87:a4:
84:04:15:86:6e:76:c7:a3:7f:ba:45:a8:a6:d8:d1:72:e7:f7:
b1:ad:38:0e
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZQijiChGif+bP64pr5WXCnXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4N2NlN2RmMjMxNDBjMDAwNTEyNWE2MWFhZDcyMTUzMWU2
ODFmMGUwHhcNMjUwMTAxMTU0ODQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2RiOTViN2NmYjZjZjQ3NTc5YTMyMDNlYTI0N2Q3YmQzMjA2ZDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxDOIkNZufC1IzRw0pDjfMIsyKBmh
U5nf+Kx2fa2VAZgF1TRYLglHElIByXqqKZ5qywi5MgGAdnAJavAjCUWpGPozZn7a
7/CHiS+fMsYO+RfoUAnFmug6LxXWYZglLFWqTJIrgagiir8kSOMpcJAamBX9Ibop
WFvTS2+ZXkTuG+JmiZH8NITBSYyBNqDasdkxlPi3P8KZrddoLSGhLXnRgdlf1o8D
t5SDRNq0F6vgtF1u95r+yx1/64+h2viayTWTuqDGdzEyuGlERu6XbXPZ3vPplDy3
FF7GvZiOqop0viBnes3Ulvw9NCxrLVFmEtW/7PEHDC3idPxyJ4UN/7Kn4QIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFDfblbfPts9HV5oyA+okfXvTIG1ZMB8GA1UdIwQY
MBaAFOh8598jFAwABRJaYarXIVMeaB8OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkh6bjN5TVVEQUFGRWxwaHF0Y2hVeDVvSHc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC83NzY3NDctNjI0YS00OTRlLTk0YjIt
MzIzZDM0ZGVmYzhhLzEvTjl1VnQ4LTJ6MGRYbWpJRDZpUjllOU1nYlZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC83NzY3NDctNjI0YS00OTRlLTk0YjItMzIzZDM0ZGVmYzhh
LzEvNkh6bjN5TVVEQUFGRWxwaHF0Y2hVeDVvSHc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQCHw5EMAwD
BAMtcHgDBAAtcHoDBAK5fuQwDQQCAAIwBwMFAyoGxIAwDQYJKoZIhvcNAQELBQAD
ggEBAFc3yDQbc2zER6rA+tBw0zTofQtM038LLyZfQRqdCIjBMmUzuRM5ygvEn41k
08Vb7yz34ea5PlhB1zvjhoO7opzGFl6+aHcPauVuIcg0pfvUJkc56+fQnN5olWQ6
CoW6Dy/hSK9RCHvX+drQYzX6N4eX+k23eBNDNv8DZ/2NIX6Ckt/8ywvCcEY9qxd/
c/42YaetqQefihUJPvkXab64CiPNrcUrXV4Zg0N9+kb+w5BhqZLIQ0GdVa1an5ob
uAHNrxzdSRIx5nGPTbzWAp/VBwgYVdbcAsN9N1tyv/qBAo/ys8ml4IagVmuHpIQE
FYZudsejf7pFqKbY0XLn97GtOA4=
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:35:46 2025 by rpki-client