Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/9e2bc2-5bc2-4b6f-81a7-47783e23fb59/1/npLLh9RrcQH8xkykt9enwrNvhXQ.roa
File: npLLh9RrcQH8xkykt9enwrNvhXQ.roa (raw, json)
Hash identifier: +AU9dB6ggcPcc7d+ifQcSn4cZAw7WXAjX0hF7llZTBc=
Subject key identifier: 9E:92:CB:87:D4:6B:71:01:FC:C6:4C:A4:B7:D7:A7:C2:B3:6F:85:74
Certificate issuer: /CN=4a5c86f5ce3b70b5db5315d6aa9d57a001bcd686
Certificate serial: 019424B38D281A0EF613B5245D072250EDDD
Authority key identifier: 4A:5C:86:F5:CE:3B:70:B5:DB:53:15:D6:AA:9D:57:A0:01:BC:D6:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SlyG9c47cLXbUxXWqp1XoAG81oY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/9e2bc2-5bc2-4b6f-81a7-47783e23fb59/1/npLLh9RrcQH8xkykt9enwrNvhXQ.roa
Signing time: Thu 02 Jan 2025 01:48:54 +0000
ROA not before: Thu 02 Jan 2025 01:48:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211157
IP address blocks: 91.105.192.0/23 maxlen: 23
185.76.151.0/24 maxlen: 24
2a0a:f280:203::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/9e2bc2-5bc2-4b6f-81a7-47783e23fb59/1/SlyG9c47cLXbUxXWqp1XoAG81oY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/9e2bc2-5bc2-4b6f-81a7-47783e23fb59/1/SlyG9c47cLXbUxXWqp1XoAG81oY.mft
rsync://rpki.ripe.net/repository/DEFAULT/SlyG9c47cLXbUxXWqp1XoAG81oY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:8d:28:1a:0e:f6:13:b5:24:5d:07:22:50:ed:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a5c86f5ce3b70b5db5315d6aa9d57a001bcd686
Validity
Not Before: Jan 2 01:48:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9e92cb87d46b7101fcc64ca4b7d7a7c2b36f8574
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:1d:65:40:47:b7:b8:8b:77:f9:24:8f:5f:e5:
fa:9e:63:c6:bd:b7:12:ba:2f:ed:5d:ac:0e:6c:c8:
eb:fe:cb:39:20:dd:eb:84:b1:97:fc:5e:f6:c8:ba:
c1:7e:02:b7:3c:80:84:da:33:aa:b3:a1:18:a4:7c:
77:50:58:04:59:ce:6e:b0:51:5a:d7:d3:0c:a2:44:
e4:2c:f3:d9:d2:35:8a:34:f8:fe:38:59:53:8b:77:
1b:1d:b8:08:c6:19:8d:8e:94:9e:15:bb:09:c2:89:
f3:0f:ad:56:69:40:85:ec:df:34:28:56:cc:8d:8a:
0a:0b:16:8b:9c:98:a9:86:58:e4:32:b6:83:5f:e7:
6b:72:5a:94:3b:5a:22:78:89:de:fc:30:6f:a0:26:
a5:dd:c7:68:53:65:33:fd:dc:1c:f2:bb:80:06:9a:
15:08:4e:e5:37:b4:65:54:b8:6d:a0:fd:91:07:ac:
c5:99:cc:da:20:f1:74:53:55:b0:1a:04:49:ab:0f:
25:44:4a:82:04:eb:21:25:1d:80:58:d2:77:6c:21:
ae:d9:22:3b:ce:b6:d8:65:2c:b0:18:b3:8a:ce:2b:
c3:3d:5f:60:60:ad:2f:af:86:40:92:87:d2:c8:f7:
4b:50:6e:78:7e:65:de:77:5a:24:f0:3f:3f:d9:3e:
ff:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:92:CB:87:D4:6B:71:01:FC:C6:4C:A4:B7:D7:A7:C2:B3:6F:85:74
X509v3 Authority Key Identifier:
keyid:4A:5C:86:F5:CE:3B:70:B5:DB:53:15:D6:AA:9D:57:A0:01:BC:D6:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SlyG9c47cLXbUxXWqp1XoAG81oY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9e2bc2-5bc2-4b6f-81a7-47783e23fb59/1/npLLh9RrcQH8xkykt9enwrNvhXQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9e2bc2-5bc2-4b6f-81a7-47783e23fb59/1/SlyG9c47cLXbUxXWqp1XoAG81oY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.105.192.0/23
185.76.151.0/24
IPv6:
2a0a:f280:203::/48
Signature Algorithm: sha256WithRSAEncryption
2a:bf:d9:fc:98:85:e1:4b:df:cd:51:91:8b:b0:15:57:0f:85:
0d:e1:63:a3:dd:29:ef:ed:9b:bd:fc:4e:cc:32:f4:2f:b2:25:
a0:ec:63:20:fc:04:e1:a2:77:59:ab:57:ee:23:84:3e:e3:05:
8e:e1:f7:e9:2b:f9:2e:27:63:cb:3e:92:be:c0:42:b9:e2:80:
32:2b:85:5d:38:7d:9d:8a:c4:dd:15:44:7b:c8:d1:42:2a:08:
d2:c0:c6:a8:39:27:d6:f2:b3:22:d0:4e:33:85:23:15:54:ab:
ca:e7:99:e7:8f:ca:98:f5:0b:82:8b:a7:ad:df:4f:87:83:19:
0b:61:43:09:96:fd:e2:67:7d:60:c9:4f:8c:14:c6:5f:db:f5:
90:c9:d0:72:cb:c5:f9:ff:1a:15:04:45:f2:f8:07:00:c1:37:
1f:60:4a:dd:f8:78:b8:a4:e3:af:58:59:e1:24:6a:41:0f:af:
46:5c:c7:91:94:9b:05:8b:fd:8d:f3:5e:20:b2:a0:78:a3:29:
77:5d:a1:be:c3:ee:43:8e:89:83:90:13:20:a4:36:73:ea:82:
da:5e:20:36:42:90:45:0e:43:49:a3:18:dc:ff:ba:04:72:05:
82:3b:de:f6:6d:1b:7d:31:68:75:55:18:65:98:36:3a:25:c7:
db:43:e4:51
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQks40oGg72E7UkXQciUO3dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNWM4NmY1Y2UzYjcwYjVkYjUzMTVkNmFhOWQ1N2EwMDFi
Y2Q2ODYwHhcNMjUwMTAyMDE0ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTkyY2I4N2Q0NmI3MTAxZmNjNjRjYTRiN2Q3YTdjMmIzNmY4NTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3h1lQEe3uIt3+SSPX+X6nmPGvbcS
ui/tXawObMjr/ss5IN3rhLGX/F72yLrBfgK3PICE2jOqs6EYpHx3UFgEWc5usFFa
19MMokTkLPPZ0jWKNPj+OFlTi3cbHbgIxhmNjpSeFbsJwonzD61WaUCF7N80KFbM
jYoKCxaLnJiphljkMraDX+drclqUO1oieIne/DBvoCal3cdoU2Uz/dwc8ruABpoV
CE7lN7RlVLhtoP2RB6zFmczaIPF0U1WwGgRJqw8lREqCBOshJR2AWNJ3bCGu2SI7
zrbYZSywGLOKzivDPV9gYK0vr4ZAkofSyPdLUG54fmXed1ok8D8/2T7/3QIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFJ6Sy4fUa3EB/MZMpLfXp8Kzb4V0MB8GA1UdIwQY
MBaAFEpchvXOO3C121MV1qqdV6ABvNaGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2x5RzljNDdjTFhiVXhYV3FwMVhvQUc4MW9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi85ZTJiYzItNWJjMi00YjZmLTgxYTct
NDc3ODNlMjNmYjU5LzEvbnBMTGg5UnJjUUg4eGt5a3Q5ZW53ck52aFhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi85ZTJiYzItNWJjMi00YjZmLTgxYTctNDc3ODNlMjNmYjU5
LzEvU2x5RzljNDdjTFhiVXhYV3FwMVhvQUc4MW9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBW2nAAwQA
uUyXMA8EAgACMAkDBwAqCvKAAgMwDQYJKoZIhvcNAQELBQADggEBACq/2fyYheFL
381RkYuwFVcPhQ3hY6PdKe/tm738Tswy9C+yJaDsYyD8BOGid1mrV+4jhD7jBY7h
9+kr+S4nY8s+kr7AQrnigDIrhV04fZ2KxN0VRHvI0UIqCNLAxqg5J9bysyLQTjOF
IxVUq8rnmeePypj1C4KLp63fT4eDGQthQwmW/eJnfWDJT4wUxl/b9ZDJ0HLLxfn/
GhUERfL4BwDBNx9gSt34eLik469YWeEkakEPr0Zcx5GUmwWL/Y3zXiCyoHijKXdd
ob7D7kOOiYOQEyCkNnPqgtpeIDZCkEUOQ0mjGNz/ugRyBYI73vZtG30xaHVVGGWY
Njolx9tD5FE=
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:47:41 2025 by rpki-client