Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/nrBcJclJWWQmSFgHdkkN2rl4iMo.roa
File: nrBcJclJWWQmSFgHdkkN2rl4iMo.roa (raw, json)
Hash identifier: LHzeWYsmA5iX5RkIBuodpJrYuHeqFeRrX4/36Bp1azQ=
Subject key identifier: 9E:B0:5C:25:C9:49:59:64:26:48:58:07:76:49:0D:DA:B9:78:88:CA
Certificate issuer: /CN=ae7f747df5f24353154dc4d4bf70d2ddcb53e900
Certificate serial: 01942067EA62D33027A99BE52053D5588331
Authority key identifier: AE:7F:74:7D:F5:F2:43:53:15:4D:C4:D4:BF:70:D2:DD:CB:53:E9:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rn90ffXyQ1MVTcTUv3DS3ctT6QA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/nrBcJclJWWQmSFgHdkkN2rl4iMo.roa
Signing time: Wed 01 Jan 2025 05:47:48 +0000
ROA not before: Wed 01 Jan 2025 05:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50427
IP address blocks: 109.226.248.0/24 maxlen: 24
185.84.174.0/23 maxlen: 23
185.84.174.0/24 maxlen: 24
185.84.175.0/24 maxlen: 24
193.106.168.0/22 maxlen: 22
193.106.168.0/24 maxlen: 24
193.106.169.0/24 maxlen: 24
193.106.170.0/24 maxlen: 24
193.106.171.0/24 maxlen: 24
2a05:7400:8000::/34 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/rn90ffXyQ1MVTcTUv3DS3ctT6QA.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/rn90ffXyQ1MVTcTUv3DS3ctT6QA.mft
rsync://rpki.ripe.net/repository/DEFAULT/rn90ffXyQ1MVTcTUv3DS3ctT6QA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 17:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:ea:62:d3:30:27:a9:9b:e5:20:53:d5:58:83:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae7f747df5f24353154dc4d4bf70d2ddcb53e900
Validity
Not Before: Jan 1 05:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9eb05c25c94959642648580776490ddab97888ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:e3:9e:b1:ee:4e:d2:c8:35:09:fd:82:f8:a7:
72:82:7d:02:de:c8:46:5c:eb:c5:4c:18:a9:04:1f:
23:56:88:81:02:ed:e6:ef:61:50:1e:17:61:7f:8f:
06:2e:b3:fb:e6:9c:b5:74:ac:5f:c9:f1:b4:dc:ef:
5f:2e:f0:58:4d:26:43:f9:04:b0:cf:27:a8:17:dc:
dd:d2:d5:52:44:9c:92:0f:db:29:18:f3:b3:74:85:
12:2e:98:17:9f:9a:6f:d2:c2:f7:95:26:ec:a7:1d:
77:d5:5c:e6:5f:ca:a9:41:e3:c5:e3:70:19:87:8a:
86:4a:cb:af:be:62:62:87:e0:2d:1a:85:a5:44:f6:
d1:fc:c3:6d:80:6b:45:19:84:c9:76:3e:5c:df:1c:
50:ba:7b:58:db:7a:14:16:0a:15:24:9f:49:f6:96:
db:33:4e:e4:67:17:22:78:a0:c0:61:53:51:65:35:
2d:a9:74:d8:66:0e:0f:5d:0d:f6:a4:bc:fd:d4:ca:
45:e8:7e:3b:e1:b9:87:db:a0:fd:03:f3:d7:58:ff:
41:49:67:dd:2f:4c:44:2b:b4:ba:c3:7b:95:6c:b3:
fb:cb:0b:8c:17:47:66:75:eb:db:bf:3b:01:6c:26:
75:81:51:0c:1d:63:9e:fa:74:8c:47:d5:fd:fe:0e:
c4:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:B0:5C:25:C9:49:59:64:26:48:58:07:76:49:0D:DA:B9:78:88:CA
X509v3 Authority Key Identifier:
keyid:AE:7F:74:7D:F5:F2:43:53:15:4D:C4:D4:BF:70:D2:DD:CB:53:E9:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rn90ffXyQ1MVTcTUv3DS3ctT6QA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/nrBcJclJWWQmSFgHdkkN2rl4iMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/rn90ffXyQ1MVTcTUv3DS3ctT6QA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.226.248.0/24
185.84.174.0/23
193.106.168.0/22
IPv6:
2a05:7400:8000::/34
Signature Algorithm: sha256WithRSAEncryption
a4:a7:20:eb:f1:e9:6d:45:b6:f7:69:0d:8a:15:cc:f3:3b:41:
93:24:6b:39:38:84:89:b6:be:19:df:ea:00:34:56:7d:48:8e:
f8:3c:eb:d3:d3:69:9d:99:42:81:d2:5f:e3:be:7b:2a:58:49:
d2:67:8a:af:c7:f1:61:a8:c9:ad:04:40:01:1f:43:df:7e:d9:
ea:be:4b:be:dd:15:d0:85:ba:8a:72:18:b7:af:a2:40:07:e5:
74:58:71:58:38:02:01:85:ec:03:a6:e4:72:f4:a5:3a:a4:6e:
b9:3d:fd:54:e1:f6:0f:7a:bf:d2:2e:e9:72:bf:25:2d:37:ce:
98:99:aa:5c:53:0a:bc:39:d9:4c:ec:d0:59:5d:70:29:ef:75:
cd:55:13:0e:6c:ab:0c:2f:b2:f6:ad:28:a8:bb:54:bf:77:a4:
77:63:8c:4e:96:5a:27:97:ec:68:41:b7:d4:c2:36:e6:c9:bf:
e4:93:91:de:27:90:c5:db:e5:ec:c9:d0:64:94:75:83:bf:97:
c3:06:5b:f1:37:ce:96:0d:56:2a:a8:c2:73:a4:8a:5e:7f:d4:
13:ed:d4:18:30:07:81:d5:dd:89:9f:48:ed:05:86:ae:32:2c:
ea:d6:23:4c:35:c4:3c:fa:4b:7b:51:3b:4f:95:67:75:41:84:
90:2e:37:bc
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQgZ+pi0zAnqZvlIFPVWIMxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlN2Y3NDdkZjVmMjQzNTMxNTRkYzRkNGJmNzBkMmRkY2I1
M2U5MDAwHhcNMjUwMTAxMDU0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWIwNWMyNWM5NDk1OTY0MjY0ODU4MDc3NjQ5MGRkYWI5Nzg4OGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxOOese5O0sg1Cf2C+Kdygn0C3shG
XOvFTBipBB8jVoiBAu3m72FQHhdhf48GLrP75py1dKxfyfG03O9fLvBYTSZD+QSw
zyeoF9zd0tVSRJySD9spGPOzdIUSLpgXn5pv0sL3lSbspx131VzmX8qpQePF43AZ
h4qGSsuvvmJih+AtGoWlRPbR/MNtgGtFGYTJdj5c3xxQuntY23oUFgoVJJ9J9pbb
M07kZxcieKDAYVNRZTUtqXTYZg4PXQ32pLz91MpF6H474bmH26D9A/PXWP9BSWfd
L0xEK7S6w3uVbLP7ywuMF0dmdevbvzsBbCZ1gVEMHWOe+nSMR9X9/g7ElwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFJ6wXCXJSVlkJkhYB3ZJDdq5eIjKMB8GA1UdIwQY
MBaAFK5/dH318kNTFU3E1L9w0t3LU+kAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm45MGZmWHlRMU1WVGNUVXYzRFMzY3RUNlFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi81OGFmMjQtYzQ1NC00NGIwLWE3Y2Et
YzZmMWU2YWM5YmE5LzEvbnJCY0pjbEpXV1FtU0ZnSGRra04ycmw0aU1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi81OGFmMjQtYzQ1NC00NGIwLWE3Y2EtYzZmMWU2YWM5YmE5
LzEvcm45MGZmWHlRMU1WVGNUVXYzRFMzY3RUNlFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAYBAIAATASAwQAbeL4AwQB
uVSuAwQCwWqoMA4EAgACMAgDBgYqBXQAgDANBgkqhkiG9w0BAQsFAAOCAQEApKcg
6/HpbUW292kNihXM8ztBkyRrOTiEiba+Gd/qADRWfUiO+Dzr09NpnZlCgdJf4757
KlhJ0meKr8fxYajJrQRAAR9D337Z6r5Lvt0V0IW6inIYt6+iQAfldFhxWDgCAYXs
A6bkcvSlOqRuuT39VOH2D3q/0i7pcr8lLTfOmJmqXFMKvDnZTOzQWV1wKe91zVUT
DmyrDC+y9q0oqLtUv3ekd2OMTpZaJ5fsaEG31MI25sm/5JOR3ieQxdvl7MnQZJR1
g7+XwwZb8TfOlg1WKqjCc6SKXn/UE+3UGDAHgdXdiZ9I7QWGrjIs6tYjTDXEPPpL
e1E7T5VndUGEkC43vA==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:52:33 2025 by rpki-client