Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/84179d-4c65-44b8-b30b-5dabb4e47abb/1/cNzBuZews7ZdR62Aog1WuWIa_Vc.roa
File: cNzBuZews7ZdR62Aog1WuWIa_Vc.roa (raw, json)
Hash identifier: QJxazJXAbp+Y08ZTXOoocYGXg/oCHOcrCqlhmHqJgf8=
Subject key identifier: 70:DC:C1:B9:97:B0:B3:B6:5D:47:AD:80:A2:0D:56:B9:62:1A:FD:57
Certificate issuer: /CN=37689eaacbaf68af35d3fafb9674de48a6fc0978
Certificate serial: 019421443E7D99BE884B62C50DAD22F09E00
Authority key identifier: 37:68:9E:AA:CB:AF:68:AF:35:D3:FA:FB:96:74:DE:48:A6:FC:09:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N2ieqsuvaK810_r7lnTeSKb8CXg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/84179d-4c65-44b8-b30b-5dabb4e47abb/1/cNzBuZews7ZdR62Aog1WuWIa_Vc.roa
Signing time: Wed 01 Jan 2025 09:48:27 +0000
ROA not before: Wed 01 Jan 2025 09:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210482
IP address blocks: 141.80.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/84179d-4c65-44b8-b30b-5dabb4e47abb/1/N2ieqsuvaK810_r7lnTeSKb8CXg.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/84179d-4c65-44b8-b30b-5dabb4e47abb/1/N2ieqsuvaK810_r7lnTeSKb8CXg.mft
rsync://rpki.ripe.net/repository/DEFAULT/N2ieqsuvaK810_r7lnTeSKb8CXg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:3e:7d:99:be:88:4b:62:c5:0d:ad:22:f0:9e:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37689eaacbaf68af35d3fafb9674de48a6fc0978
Validity
Not Before: Jan 1 09:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=70dcc1b997b0b3b65d47ad80a20d56b9621afd57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:25:d6:38:d0:a9:aa:01:c6:97:99:2f:c1:e6:
5a:0b:6c:3f:00:74:a3:a6:f1:e0:6c:8e:34:f9:93:
98:fc:e2:b3:73:73:b1:4e:ec:83:dd:36:37:58:aa:
7e:05:be:68:db:bf:aa:05:17:d9:ee:71:32:ae:0b:
a3:61:e2:c6:f7:a7:99:d8:ca:90:e0:25:38:d7:b6:
af:a1:25:64:38:f2:03:fe:89:41:f6:cc:39:96:f0:
12:ca:19:1a:3e:59:9c:62:30:5f:64:de:eb:f5:0f:
16:9b:0b:94:4c:41:71:20:55:1b:aa:10:71:96:3f:
30:72:e3:0f:8d:23:48:87:5c:ae:a3:5a:ee:f6:38:
dc:a4:ad:fc:20:bd:b9:b5:fb:e4:46:d5:48:d5:40:
fa:78:11:9d:25:0b:ed:94:3c:da:4b:ee:ca:9e:8c:
75:18:a1:94:f3:b8:78:95:f4:72:61:b2:8d:7c:5f:
b6:f7:4f:9b:63:ff:9d:6e:a7:3e:26:23:ed:0d:a7:
51:68:82:23:77:b6:af:0c:b8:9b:ba:c6:63:2e:07:
63:7f:a3:96:1a:5d:87:77:84:2e:c4:7b:9d:cf:94:
43:1c:86:dc:e6:70:88:8d:82:ed:cc:94:4e:28:eb:
2f:67:88:37:64:9a:ac:35:89:2e:1f:6b:ff:b3:36:
44:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:DC:C1:B9:97:B0:B3:B6:5D:47:AD:80:A2:0D:56:B9:62:1A:FD:57
X509v3 Authority Key Identifier:
keyid:37:68:9E:AA:CB:AF:68:AF:35:D3:FA:FB:96:74:DE:48:A6:FC:09:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N2ieqsuvaK810_r7lnTeSKb8CXg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/84179d-4c65-44b8-b30b-5dabb4e47abb/1/cNzBuZews7ZdR62Aog1WuWIa_Vc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/84179d-4c65-44b8-b30b-5dabb4e47abb/1/N2ieqsuvaK810_r7lnTeSKb8CXg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.80.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1c:e2:39:b9:96:6c:de:c2:c8:1c:5e:63:ca:7a:b4:eb:39:49:
4f:a3:ff:8f:a5:8d:c8:69:d5:4b:46:66:9e:a2:e5:50:1d:da:
63:28:3c:c6:8a:43:8c:ca:b8:2d:56:87:bc:ce:2a:83:9d:33:
60:39:7e:c5:25:c9:c7:23:6c:75:82:4e:cf:86:68:64:fe:10:
ca:73:1a:e5:87:81:7a:47:5c:99:3e:41:3e:5a:6b:80:ba:96:
26:14:e9:05:81:49:ec:21:cc:6a:f5:73:a6:30:bf:5d:6d:77:
55:67:23:59:25:90:69:87:eb:62:2b:4e:fd:d6:64:66:1d:e3:
f9:d6:58:55:20:49:ac:d2:fb:0f:66:39:b0:e5:1e:06:18:c6:
87:f9:66:16:46:31:8b:f0:51:33:3d:f3:a3:b3:91:c7:10:77:
57:9b:45:12:84:88:49:7d:2d:d5:79:56:19:bf:26:a6:c4:80:
13:6c:01:a2:f4:78:a9:80:e8:7c:52:8c:0b:83:34:0c:9f:d2:
72:fb:44:7c:a4:11:90:eb:ee:dd:61:18:d1:45:cf:bf:f1:57:
28:e1:d7:cc:dc:e9:5e:00:de:78:cc:8a:8b:9a:73:4a:89:3d:
d0:8b:8e:93:6c:53:52:8e:24:bb:27:6a:1f:81:66:eb:54:a4:
40:66:3a:b4
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZQhRD59mb6IS2LFDa0i8J4AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3Njg5ZWFhY2JhZjY4YWYzNWQzZmFmYjk2NzRkZTQ4YTZm
YzA5NzgwHhcNMjUwMTAxMDk0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGRjYzFiOTk3YjBiM2I2NWQ0N2FkODBhMjBkNTZiOTYyMWFmZDU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAySXWONCpqgHGl5kvweZaC2w/AHSj
pvHgbI40+ZOY/OKzc3OxTuyD3TY3WKp+Bb5o27+qBRfZ7nEyrgujYeLG96eZ2MqQ
4CU417avoSVkOPID/olB9sw5lvASyhkaPlmcYjBfZN7r9Q8WmwuUTEFxIFUbqhBx
lj8wcuMPjSNIh1yuo1ru9jjcpK38IL25tfvkRtVI1UD6eBGdJQvtlDzaS+7Knox1
GKGU87h4lfRyYbKNfF+290+bY/+dbqc+JiPtDadRaIIjd7avDLibusZjLgdjf6OW
Gl2Hd4QuxHudz5RDHIbc5nCIjYLtzJROKOsvZ4g3ZJqsNYkuH2v/szZEWQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFHDcwbmXsLO2XUetgKINVrliGv1XMB8GA1UdIwQY
MBaAFDdonqrLr2ivNdP6+5Z03kim/Al4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjJpZXFzdXZhSzgxMF9yN2xuVGVTS2I4Q1hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS84NDE3OWQtNGM2NS00NGI4LWIzMGIt
NWRhYmI0ZTQ3YWJiLzEvY056QnVaZXdzN1pkUjYyQW9nMVd1V0lhX1ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS84NDE3OWQtNGM2NS00NGI4LWIzMGItNWRhYmI0ZTQ3YWJi
LzEvTjJpZXFzdXZhSzgxMF9yN2xuVGVTS2I4Q1hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAjVAwDQYJ
KoZIhvcNAQELBQADggEBABziObmWbN7CyBxeY8p6tOs5SU+j/4+ljchp1UtGZp6i
5VAd2mMoPMaKQ4zKuC1Wh7zOKoOdM2A5fsUlyccjbHWCTs+GaGT+EMpzGuWHgXpH
XJk+QT5aa4C6liYU6QWBSewhzGr1c6Ywv11td1VnI1klkGmH62IrTv3WZGYd4/nW
WFUgSazS+w9mObDlHgYYxof5ZhZGMYvwUTM986OzkccQd1ebRRKEiEl9LdV5Vhm/
JqbEgBNsAaL0eKmA6HxSjAuDNAyf0nL7RHykEZDr7t1hGNFFz7/xVyjh18zc6V4A
3njMiouac0qJPdCLjpNsU1KOJLsnah+BZutUpEBmOrQ=
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:47:25 2025 by rpki-client