Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1-N_gRB87woYa0m_oRPib9Fy_kGI.roa
File: 1-N_gRB87woYa0m_oRPib9Fy_kGI.roa (raw, json)
Hash identifier: A4ETyUDZM2c/wODHtcj6avGf3zx/7h20tPY61e6EYWk=
Subject key identifier: F8:DF:E0:44:1F:3B:C2:86:1A:D2:6F:E8:44:F8:9B:F4:5C:BF:90:62
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0194222019066905ACF9B1782360E712904D
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1-N_gRB87woYa0m_oRPib9Fy_kGI.roa
Signing time: Wed 01 Jan 2025 13:48:36 +0000
ROA not before: Wed 01 Jan 2025 13:48:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42831
IP address blocks: 89.40.92.0/24 maxlen: 24
178.239.198.0/24 maxlen: 24
178.239.204.0/24 maxlen: 24
185.192.70.0/24 maxlen: 24
185.228.225.0/24 maxlen: 24
194.32.120.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:19:06:69:05:ac:f9:b1:78:23:60:e7:12:90:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 1 13:48:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f8dfe0441f3bc2861ad26fe844f89bf45cbf9062
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:0b:2a:1b:2e:72:59:07:d4:d7:12:f4:ac:af:
bd:2c:50:1f:c1:50:f6:d9:49:91:02:68:7c:d8:13:
a7:d1:9b:2a:7c:79:7f:67:50:12:00:4a:32:26:93:
c4:5e:bb:28:21:93:c0:71:00:36:8b:b8:11:59:6a:
93:c4:82:98:d6:20:20:97:4f:dc:7d:ca:a9:c6:92:
1c:c3:fb:c3:b0:a5:7a:4b:e7:41:08:41:1f:cd:62:
cc:f6:16:f3:72:4f:c3:6a:e3:ed:04:e1:11:23:7c:
9b:ad:e0:bd:ad:57:2b:e3:a3:23:a5:4e:64:3f:30:
91:8c:c2:64:66:1e:be:cc:01:82:21:42:bc:72:8b:
1d:c6:eb:99:0a:58:cc:85:f1:f9:df:74:ac:1e:e4:
98:85:60:fa:29:2f:20:53:1e:eb:3e:96:6b:05:9e:
98:90:a3:84:f0:32:51:b6:bb:e5:d0:d0:cd:c3:bd:
88:ad:fb:fc:12:f5:f7:9a:3f:f4:5a:6e:20:0c:f3:
67:01:3d:27:46:8c:9c:1f:bd:85:9e:1f:22:db:4e:
36:1d:86:b8:e6:43:76:c8:cc:9b:d8:bc:c4:0c:9e:
02:a5:13:66:7e:cf:86:dc:ed:e3:fd:1f:c5:93:e5:
78:17:13:18:44:bb:43:2e:af:40:1c:74:6a:34:af:
6c:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:DF:E0:44:1F:3B:C2:86:1A:D2:6F:E8:44:F8:9B:F4:5C:BF:90:62
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1-N_gRB87woYa0m_oRPib9Fy_kGI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.40.92.0/24
178.239.198.0/24
178.239.204.0/24
185.192.70.0/24
185.228.225.0/24
194.32.120.0/24
Signature Algorithm: sha256WithRSAEncryption
04:af:f8:ef:fd:ad:83:fc:a7:44:ab:23:de:4a:cb:66:8b:e8:
19:0b:60:77:66:1f:25:16:15:74:e2:93:3c:09:8c:c0:41:8a:
78:26:c5:b3:85:9e:63:77:e5:7a:f4:e5:e7:c9:4f:68:ed:7e:
0d:7d:be:5a:89:8b:4f:2c:8d:2e:77:8a:fa:54:0f:26:b4:64:
fe:98:8a:64:ab:a9:c8:24:36:a1:a8:b7:d2:d0:4e:e3:c9:e9:
9d:7f:a9:5e:ad:6b:3c:34:be:9f:b8:9e:b2:fb:76:4b:9f:21:
73:26:bb:00:38:e1:6a:73:bd:08:2e:ff:8b:f6:4f:ae:20:23:
31:6e:4d:c5:85:46:2a:0e:80:ce:30:36:46:7a:f6:43:72:dc:
08:75:98:83:ec:e7:8d:db:61:10:bd:59:ec:05:2e:76:d9:4c:
10:e6:ba:6f:dd:7a:68:9a:6a:f3:d0:ce:26:11:2a:1e:a8:08:
b0:ee:0b:7e:8d:1d:ba:c0:6c:29:85:e3:ad:f9:75:f7:cb:0f:
5e:f3:c6:53:0d:89:94:5d:50:a0:10:5e:49:e4:b2:b9:a4:9e:
ea:a9:6f:5e:6f:a4:d3:47:3c:b5:be:ac:b5:78:ee:2a:d2:17:
30:b4:d9:f4:aa:41:39:5a:f8:0f:b8:e1:84:41:2a:33:fc:b7:
58:33:70:18
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAZQiIBkGaQWs+bF4I2DnEpBNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjUwMTAxMTM0ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGRmZTA0NDFmM2JjMjg2MWFkMjZmZTg0NGY4OWJmNDVjYmY5MDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAswsqGy5yWQfU1xL0rK+9LFAfwVD2
2UmRAmh82BOn0ZsqfHl/Z1ASAEoyJpPEXrsoIZPAcQA2i7gRWWqTxIKY1iAgl0/c
fcqpxpIcw/vDsKV6S+dBCEEfzWLM9hbzck/DauPtBOERI3ybreC9rVcr46MjpU5k
PzCRjMJkZh6+zAGCIUK8cosdxuuZCljMhfH533SsHuSYhWD6KS8gUx7rPpZrBZ6Y
kKOE8DJRtrvl0NDNw72Irfv8EvX3mj/0Wm4gDPNnAT0nRoycH72Fnh8i2042HYa4
5kN2yMyb2LzEDJ4CpRNmfs+G3O3j/R/Fk+V4FxMYRLtDLq9AHHRqNK9scwIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFPjf4EQfO8KGGtJv6ET4m/Rcv5BiMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvMS1OX2dSQjg3d29ZYTBtX29SUGliOUZ5X2tHSS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYmMvOGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1
OC8xL05zS2t0OVhYUEZ0WEJHSWp2ekRyWlRBRnNPSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA9BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAFkoXAME
ALLvxgMEALLvzAMEALnARgMEALnk4QMEAMIgeDANBgkqhkiG9w0BAQsFAAOCAQEA
BK/47/2tg/ynRKsj3krLZovoGQtgd2YfJRYVdOKTPAmMwEGKeCbFs4WeY3flevTl
58lPaO1+DX2+WomLTyyNLneK+lQPJrRk/piKZKupyCQ2oai30tBO48npnX+pXq1r
PDS+n7iesvt2S58hcya7ADjhanO9CC7/i/ZPriAjMW5NxYVGKg6AzjA2Rnr2Q3Lc
CHWYg+znjdthEL1Z7AUudtlMEOa6b916aJpq89DOJhEqHqgIsO4Lfo0dusBsKYXj
rfl198sPXvPGUw2JlF1QoBBeSeSyuaSe6qlvXm+k00c8tb6stXjuKtIXMLTZ9KpB
OVr4D7jhhEEqM/y3WDNwGA==
-----END CERTIFICATE-----
Generated at Wed Feb 5 07:48:56 2025 by rpki-client