Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/499df3-bd4f-4e40-8f82-a3855505ea2e/1/NnS9tE0Wd3GJX8d4rDN6hefth0k.roa
File: NnS9tE0Wd3GJX8d4rDN6hefth0k.roa (raw, json)
Hash identifier: iMULd1rU9nLxXdG6/iod6VTsBhibbUWJ3DwkFA8v85s=
Subject key identifier: 36:74:BD:B4:4D:16:77:71:89:5F:C7:78:AC:33:7A:85:E7:ED:87:49
Certificate issuer: /CN=71a2739b20c259c5d1b388d1453f6f1799f28f6c
Certificate serial: 019425FDAC4389E3BC0E5E134ABD862F944E
Authority key identifier: 71:A2:73:9B:20:C2:59:C5:D1:B3:88:D1:45:3F:6F:17:99:F2:8F:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/caJzmyDCWcXRs4jRRT9vF5nyj2w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/499df3-bd4f-4e40-8f82-a3855505ea2e/1/NnS9tE0Wd3GJX8d4rDN6hefth0k.roa
Signing time: Thu 02 Jan 2025 07:49:29 +0000
ROA not before: Thu 02 Jan 2025 07:49:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61084
IP address blocks: 84.54.13.0/24 maxlen: 24
176.98.41.0/24 maxlen: 24
193.31.116.0/24 maxlen: 24
213.226.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/499df3-bd4f-4e40-8f82-a3855505ea2e/1/caJzmyDCWcXRs4jRRT9vF5nyj2w.crl
rsync://rpki.ripe.net/repository/DEFAULT/ad/499df3-bd4f-4e40-8f82-a3855505ea2e/1/caJzmyDCWcXRs4jRRT9vF5nyj2w.mft
rsync://rpki.ripe.net/repository/DEFAULT/caJzmyDCWcXRs4jRRT9vF5nyj2w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 12:01:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:ac:43:89:e3:bc:0e:5e:13:4a:bd:86:2f:94:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71a2739b20c259c5d1b388d1453f6f1799f28f6c
Validity
Not Before: Jan 2 07:49:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3674bdb44d167771895fc778ac337a85e7ed8749
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:69:49:78:85:c9:a5:b9:7c:94:b9:21:7b:ff:
c4:6d:6c:95:cb:ac:51:c8:58:dd:8d:b7:51:3b:ec:
0a:01:fa:80:46:fe:eb:0f:6e:18:9a:93:a3:61:48:
38:c2:fb:66:e9:96:2e:b4:ba:69:dc:25:62:99:3a:
e9:72:43:30:ac:55:42:9c:ee:fc:37:e0:d0:e9:be:
91:f2:03:e0:e1:e9:2b:b9:54:38:f9:0a:44:1e:4d:
0e:19:c7:b0:3b:ac:66:91:ca:7a:3d:c2:40:fd:33:
b7:55:e8:d8:60:c6:9a:55:c9:de:e3:42:3e:64:0f:
17:49:ff:b7:97:4f:6f:8d:f7:b9:fc:a1:f2:ed:76:
54:0f:46:20:17:99:15:39:ee:fe:a4:44:cf:2e:78:
bc:90:9d:9f:07:2e:73:13:ba:c2:8e:0b:fd:f4:69:
b0:93:81:c8:3e:ee:65:82:8d:b4:21:5b:e1:4a:0e:
a3:f9:76:f8:cd:02:e0:ff:14:b9:02:1f:4f:b0:94:
77:4a:0c:af:49:26:67:3a:70:94:07:6c:1a:36:94:
c2:20:3e:c9:03:31:4a:4d:88:ee:5d:71:8c:c8:b1:
94:20:21:98:fb:44:d7:35:e7:b9:e1:91:92:13:d4:
ee:8b:d4:ff:ac:06:78:c3:ad:0d:d5:ad:c9:29:a1:
7e:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:74:BD:B4:4D:16:77:71:89:5F:C7:78:AC:33:7A:85:E7:ED:87:49
X509v3 Authority Key Identifier:
keyid:71:A2:73:9B:20:C2:59:C5:D1:B3:88:D1:45:3F:6F:17:99:F2:8F:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/caJzmyDCWcXRs4jRRT9vF5nyj2w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/499df3-bd4f-4e40-8f82-a3855505ea2e/1/NnS9tE0Wd3GJX8d4rDN6hefth0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/499df3-bd4f-4e40-8f82-a3855505ea2e/1/caJzmyDCWcXRs4jRRT9vF5nyj2w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.54.13.0/24
176.98.41.0/24
193.31.116.0/24
213.226.119.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:4f:1f:50:ca:6a:48:a8:21:b5:ce:dc:33:ed:5e:6b:d3:7a:
bb:2c:69:68:8d:7a:c6:62:a4:18:ec:50:c0:c8:7b:11:61:ee:
a3:5d:12:90:a3:66:9d:53:e4:a9:da:83:7b:5c:70:b6:68:c0:
76:49:15:81:52:11:b5:c5:46:51:bb:b5:08:68:2d:be:02:62:
84:bc:85:2c:ad:e9:27:c0:fa:24:41:00:09:02:49:8e:a3:55:
5b:b4:52:13:e5:9e:f4:f7:8e:40:06:72:a7:82:5e:c9:80:6d:
31:d4:f8:1c:db:48:ff:b2:43:64:b0:42:56:ab:e4:03:72:fc:
64:05:10:ff:87:38:bf:3c:70:da:dc:67:9e:f0:e1:b3:17:2b:
c0:66:75:1a:ec:2f:d0:af:3c:54:56:b5:29:ee:8f:e1:d3:e2:
f8:fa:51:57:ac:75:28:74:d6:95:54:d0:f5:de:87:4f:1e:91:
a2:fd:b7:21:37:21:4a:49:63:21:18:41:68:75:89:aa:74:44:
83:c0:aa:92:02:da:a2:9e:86:7c:5e:f5:bf:ec:a8:13:49:d5:
78:ae:e0:00:35:1f:d4:a2:24:2b:f8:61:34:55:11:95:15:d5:
56:94:a6:eb:9d:1f:82:3c:0f:06:ec:e2:a4:dd:50:93:86:74:
65:4a:d1:ec
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQl/axDieO8Dl4TSr2GL5ROMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYTI3MzliMjBjMjU5YzVkMWIzODhkMTQ1M2Y2ZjE3OTlm
MjhmNmMwHhcNMjUwMTAyMDc0OTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjc0YmRiNDRkMTY3NzcxODk1ZmM3NzhhYzMzN2E4NWU3ZWQ4NzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt2lJeIXJpbl8lLkhe//EbWyVy6xR
yFjdjbdRO+wKAfqARv7rD24YmpOjYUg4wvtm6ZYutLpp3CVimTrpckMwrFVCnO78
N+DQ6b6R8gPg4ekruVQ4+QpEHk0OGcewO6xmkcp6PcJA/TO3VejYYMaaVcne40I+
ZA8XSf+3l09vjfe5/KHy7XZUD0YgF5kVOe7+pETPLni8kJ2fBy5zE7rCjgv99Gmw
k4HIPu5lgo20IVvhSg6j+Xb4zQLg/xS5Ah9PsJR3SgyvSSZnOnCUB2waNpTCID7J
AzFKTYjuXXGMyLGUICGY+0TXNee54ZGSE9Tui9T/rAZ4w60N1a3JKaF+1QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDZ0vbRNFndxiV/HeKwzeoXn7YdJMB8GA1UdIwQY
MBaAFHGic5sgwlnF0bOI0UU/bxeZ8o9sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2FKem15RENXY1hSczRqUlJUOXZGNW55ajJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC80OTlkZjMtYmQ0Zi00ZTQwLThmODIt
YTM4NTU1MDVlYTJlLzEvTm5TOXRFMFdkM0dKWDhkNHJETjZoZWZ0aDBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC80OTlkZjMtYmQ0Zi00ZTQwLThmODItYTM4NTU1MDVlYTJl
LzEvY2FKem15RENXY1hSczRqUlJUOXZGNW55ajJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVDYNAwQA
sGIpAwQAwR90AwQA1eJ3MA0GCSqGSIb3DQEBCwUAA4IBAQA+Tx9QympIqCG1ztwz
7V5r03q7LGlojXrGYqQY7FDAyHsRYe6jXRKQo2adU+Sp2oN7XHC2aMB2SRWBUhG1
xUZRu7UIaC2+AmKEvIUsreknwPokQQAJAkmOo1VbtFIT5Z70945ABnKngl7JgG0x
1Pgc20j/skNksEJWq+QDcvxkBRD/hzi/PHDa3Gee8OGzFyvAZnUa7C/QrzxUVrUp
7o/h0+L4+lFXrHUodNaVVND13odPHpGi/bchNyFKSWMhGEFodYmqdESDwKqSAtqi
noZ8XvW/7KgTSdV4ruAANR/UoiQr+GE0VRGVFdVWlKbrnR+CPA8G7OKk3VCThnRl
StHs
-----END CERTIFICATE-----
Generated at Mon Apr 7 19:58:14 2025 by rpki-client