Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/ecd1bb-fbda-4dd9-9ef9-3ac7d9623291/1/NPvM3xVxkQ_LMP_9_lAVPXggEPY.roa
File: NPvM3xVxkQ_LMP_9_lAVPXggEPY.roa (raw, json)
Hash identifier: WMRbhoyDgXHVdgSvk5Bk4s0agvzfv3IFLc0hFCDdwCk=
Subject key identifier: 34:FB:CC:DF:15:71:91:0F:CB:30:FF:FD:FE:50:15:3D:78:20:10:F6
Certificate issuer: /CN=ee4c3fc0122d831fbea8abb20a4e9b65c54039b2
Certificate serial: 0194236A14948B2A4A16A0BCB35C9AB96627
Authority key identifier: EE:4C:3F:C0:12:2D:83:1F:BE:A8:AB:B2:0A:4E:9B:65:C5:40:39:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7kw_wBItgx--qKuyCk6bZcVAObI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/ecd1bb-fbda-4dd9-9ef9-3ac7d9623291/1/NPvM3xVxkQ_LMP_9_lAVPXggEPY.roa
Signing time: Wed 01 Jan 2025 19:49:02 +0000
ROA not before: Wed 01 Jan 2025 19:49:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197425
IP address blocks: 136.163.0.0/16 maxlen: 24
139.58.0.0/16 maxlen: 24
147.13.0.0/16 maxlen: 24
148.2.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9d/ecd1bb-fbda-4dd9-9ef9-3ac7d9623291/1/7kw_wBItgx--qKuyCk6bZcVAObI.crl
rsync://rpki.ripe.net/repository/DEFAULT/9d/ecd1bb-fbda-4dd9-9ef9-3ac7d9623291/1/7kw_wBItgx--qKuyCk6bZcVAObI.mft
rsync://rpki.ripe.net/repository/DEFAULT/7kw_wBItgx--qKuyCk6bZcVAObI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 08:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:14:94:8b:2a:4a:16:a0:bc:b3:5c:9a:b9:66:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee4c3fc0122d831fbea8abb20a4e9b65c54039b2
Validity
Not Before: Jan 1 19:49:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=34fbccdf1571910fcb30fffdfe50153d782010f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:b7:d0:21:fd:4e:d4:24:ab:86:a7:75:52:77:
b2:e9:af:63:7b:65:42:f6:d0:5c:6f:b9:70:ba:f8:
63:d5:46:72:05:f3:13:e6:d4:96:78:4f:75:8f:7a:
2a:b0:7d:82:72:7a:76:49:40:9e:32:45:33:ad:9c:
30:de:4d:79:21:4c:fd:70:e8:9d:37:ce:77:50:b2:
67:a6:53:16:00:c6:f7:14:88:73:ae:fe:8f:62:08:
ad:7f:80:bc:a6:90:22:33:eb:69:0d:8f:20:a6:1e:
0a:d2:f3:41:fc:20:c7:57:b3:be:61:98:06:6e:8f:
a7:c4:f7:e0:06:a9:c6:c1:47:f3:2f:ad:78:fa:eb:
84:67:0e:79:0b:c7:14:dd:94:ed:63:3b:53:98:ac:
b5:be:6e:bd:19:c9:78:fd:14:8e:27:ab:c4:19:57:
20:f0:55:17:ea:fc:33:15:58:30:af:b6:2b:af:ce:
fb:d8:7f:04:41:0f:80:d6:4b:94:40:80:5b:02:d2:
10:2b:47:65:23:70:10:47:7d:c1:04:25:06:6d:3d:
e4:f3:99:ee:64:3f:47:7d:c6:eb:9e:fd:4a:dd:6f:
b9:88:b9:65:b1:e6:7d:c9:11:a6:33:4e:c0:2b:9d:
29:a3:f6:d5:3b:9a:ba:94:32:e2:2d:02:88:c1:d5:
9f:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:FB:CC:DF:15:71:91:0F:CB:30:FF:FD:FE:50:15:3D:78:20:10:F6
X509v3 Authority Key Identifier:
keyid:EE:4C:3F:C0:12:2D:83:1F:BE:A8:AB:B2:0A:4E:9B:65:C5:40:39:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7kw_wBItgx--qKuyCk6bZcVAObI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/ecd1bb-fbda-4dd9-9ef9-3ac7d9623291/1/NPvM3xVxkQ_LMP_9_lAVPXggEPY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/ecd1bb-fbda-4dd9-9ef9-3ac7d9623291/1/7kw_wBItgx--qKuyCk6bZcVAObI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
136.163.0.0/16
139.58.0.0/16
147.13.0.0/16
148.2.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0c:58:e9:2e:55:75:73:6d:75:d7:ea:83:e5:8d:1b:85:52:8b:
7a:c9:0c:36:6f:a3:d0:7e:66:fc:99:fd:8d:92:50:8d:ab:44:
d9:ec:4a:5a:ba:e1:3a:81:4e:55:47:ad:aa:07:5e:18:e8:27:
c1:98:55:52:77:ba:13:43:08:d6:1a:af:8a:fc:18:cc:10:8e:
ce:97:22:09:93:29:df:08:7d:a4:2c:e9:0b:a1:21:5b:28:75:
12:5e:71:9a:c6:68:74:b4:6a:dc:2f:31:81:9c:7e:e2:1f:1e:
48:6f:e5:38:92:77:5d:c5:57:37:73:2a:79:2f:25:d7:c9:37:
7a:83:1b:14:6d:97:e9:41:5e:d7:9d:f9:ae:c9:0d:7a:6f:a8:
d5:9c:3c:fe:cf:1a:5e:bb:db:ad:4f:d5:2e:40:21:8a:50:75:
f3:92:10:bc:ae:3f:69:d5:de:47:de:3c:51:54:67:a5:e8:2d:
51:e6:c6:2d:ce:4a:b3:f2:b6:cb:fa:ef:cb:72:0a:04:c7:d7:
2c:2a:cd:77:09:cf:e3:8d:0f:3c:4c:56:39:3d:2b:82:76:a5:
84:1a:b5:e8:19:cb:1f:a2:98:61:27:47:02:0d:ea:91:59:f3:
59:4d:ad:fc:64:ab:26:4d:13:47:13:5f:f2:d8:ba:16:7f:d6:
d5:cd:14:18
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQjahSUiypKFqC8s1yauWYnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlNGMzZmMwMTIyZDgzMWZiZWE4YWJiMjBhNGU5YjY1YzU0
MDM5YjIwHhcNMjUwMTAxMTk0OTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGZiY2NkZjE1NzE5MTBmY2IzMGZmZmRmZTUwMTUzZDc4MjAxMGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn7fQIf1O1CSrhqd1Uney6a9je2VC
9tBcb7lwuvhj1UZyBfMT5tSWeE91j3oqsH2Ccnp2SUCeMkUzrZww3k15IUz9cOid
N853ULJnplMWAMb3FIhzrv6PYgitf4C8ppAiM+tpDY8gph4K0vNB/CDHV7O+YZgG
bo+nxPfgBqnGwUfzL614+uuEZw55C8cU3ZTtYztTmKy1vm69Gcl4/RSOJ6vEGVcg
8FUX6vwzFVgwr7Yrr8772H8EQQ+A1kuUQIBbAtIQK0dlI3AQR33BBCUGbT3k85nu
ZD9Hfcbrnv1K3W+5iLllseZ9yRGmM07AK50po/bVO5q6lDLiLQKIwdWffwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFDT7zN8VcZEPyzD//f5QFT14IBD2MB8GA1UdIwQY
MBaAFO5MP8ASLYMfvqirsgpOm2XFQDmyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2t3X3dCSXRneC0tcUt1eUNrNmJaY1ZBT2JJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC9lY2QxYmItZmJkYS00ZGQ5LTllZjkt
M2FjN2Q5NjIzMjkxLzEvTlB2TTN4VnhrUV9MTVBfOV9sQVZQWGdnRVBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC9lY2QxYmItZmJkYS00ZGQ5LTllZjktM2FjN2Q5NjIzMjkx
LzEvN2t3X3dCSXRneC0tcUt1eUNrNmJaY1ZBT2JJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwMAiKMDAwCL
OgMDAJMNAwMAlAIwDQYJKoZIhvcNAQELBQADggEBAAxY6S5VdXNtddfqg+WNG4VS
i3rJDDZvo9B+ZvyZ/Y2SUI2rRNnsSlq64TqBTlVHraoHXhjoJ8GYVVJ3uhNDCNYa
r4r8GMwQjs6XIgmTKd8IfaQs6QuhIVsodRJecZrGaHS0atwvMYGcfuIfHkhv5TiS
d13FVzdzKnkvJdfJN3qDGxRtl+lBXted+a7JDXpvqNWcPP7PGl67261P1S5AIYpQ
dfOSELyuP2nV3kfePFFUZ6XoLVHmxi3OSrPytsv678tyCgTH1ywqzXcJz+ONDzxM
Vjk9K4J2pYQategZyx+imGEnRwIN6pFZ81lNrfxkqyZNE0cTX/LYuhZ/1tXNFBg=
-----END CERTIFICATE-----
Generated at Sun Apr 13 12:21:09 2025 by rpki-client