Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/nq598Y-mH7WXt-wp7oTFReqn5JI.roa
File: nq598Y-mH7WXt-wp7oTFReqn5JI.roa (raw, json)
Hash identifier: Lm1lMb1JelLgN0kxz8OzEijA9ElHx0kaIfvRfFoPkz8=
Subject key identifier: 9E:AE:7D:F1:8F:A6:1F:B5:97:B7:EC:29:EE:84:C5:45:EA:A7:E4:92
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 01941F8CBCAC8799E55625DE4A7E7B4C44FC
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/nq598Y-mH7WXt-wp7oTFReqn5JI.roa
Signing time: Wed 01 Jan 2025 01:48:24 +0000
ROA not before: Wed 01 Jan 2025 01:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204463
IP address blocks: 91.221.76.0/23 maxlen: 24
91.221.86.0/23 maxlen: 24
185.185.52.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.mft
rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:bc:ac:87:99:e5:56:25:de:4a:7e:7b:4c:44:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Jan 1 01:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9eae7df18fa61fb597b7ec29ee84c545eaa7e492
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:53:41:8a:e3:ae:1d:c1:c7:16:83:a4:29:b7:
c0:d1:19:98:1c:cd:1a:35:c2:73:2b:88:ef:f9:99:
23:f9:52:93:01:31:5f:c6:19:91:09:06:6d:d8:fd:
6f:43:38:b9:49:35:ef:ce:c1:89:0d:c8:25:5a:af:
f8:67:92:87:e0:72:48:1e:46:7d:dd:d9:be:61:e2:
5e:9d:2c:c7:00:54:b2:02:50:c9:35:80:3b:a8:a0:
c3:f2:43:4b:37:66:1b:fb:69:fc:fc:43:2a:71:4c:
6a:18:9b:be:7a:bf:b1:b4:cc:8c:fb:3f:21:86:e7:
e4:2c:50:c5:8c:9a:49:eb:83:e8:ba:ed:e8:69:98:
da:b9:28:2b:4c:18:67:26:56:dd:b9:33:95:2d:9e:
67:b0:02:6c:58:d3:e5:ad:fa:91:da:57:ad:66:40:
3d:39:a9:5c:62:3e:7a:b8:67:ba:a1:98:b5:cd:4c:
fc:35:59:db:95:56:e9:bc:05:92:27:af:91:e1:ad:
6a:4b:aa:ab:00:b8:01:2f:43:48:15:18:01:80:9d:
7a:f5:1e:66:b3:67:89:6b:d8:4d:4c:db:33:82:0b:
fd:c3:35:fd:37:7d:5f:96:a0:c8:e3:00:54:40:b6:
6f:fc:b2:b2:76:04:4a:48:f5:e5:8c:25:aa:30:fd:
9f:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:AE:7D:F1:8F:A6:1F:B5:97:B7:EC:29:EE:84:C5:45:EA:A7:E4:92
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/nq598Y-mH7WXt-wp7oTFReqn5JI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.221.76.0/23
91.221.86.0/23
185.185.52.0/22
Signature Algorithm: sha256WithRSAEncryption
65:9a:d5:83:9d:b0:63:72:84:06:3d:3d:ef:a6:e8:c6:18:6d:
71:96:2c:77:4c:35:55:a2:c2:eb:d7:10:ff:8e:da:f7:a1:9a:
c3:40:12:3e:c4:df:d6:fb:77:39:b2:c4:18:0e:57:12:78:ce:
6c:80:ad:3e:c0:27:df:03:7f:43:33:cb:c2:97:5b:46:45:3c:
74:9d:84:4b:50:a9:40:23:17:03:51:7a:b0:62:4b:8f:50:87:
b5:93:14:d2:20:e9:a7:98:4f:25:f3:9c:f7:17:4c:16:dd:ac:
ad:90:11:d9:8a:04:a5:46:43:e9:68:7b:d9:6a:8b:99:7b:37:
94:fa:04:39:a0:7b:0a:d8:a3:10:a8:96:9f:b4:c2:d6:66:66:
74:cf:d1:dd:49:eb:fa:f0:16:44:29:e5:4a:d8:ec:f5:41:7d:
e7:03:2d:c5:7b:22:32:52:04:25:62:3f:e0:db:a0:14:c7:1f:
07:90:da:25:46:3a:4d:7e:79:a9:fb:27:01:e7:61:5d:50:08:
b5:84:85:eb:ac:73:d1:7e:61:85:d1:8f:c0:8c:bf:7a:01:99:
98:3b:d3:10:61:b9:82:a0:a3:18:f8:eb:13:0d:d6:49:18:06:
bd:cc:46:b8:78:39:e6:c1:08:1d:f9:1e:7e:71:66:4c:ba:fb:
29:b3:14:8f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQfjLysh5nlViXeSn57TET8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjUwMTAxMDE0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWFlN2RmMThmYTYxZmI1OTdiN2VjMjllZTg0YzU0NWVhYTdlNDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVNBiuOuHcHHFoOkKbfA0RmYHM0a
NcJzK4jv+Zkj+VKTATFfxhmRCQZt2P1vQzi5STXvzsGJDcglWq/4Z5KH4HJIHkZ9
3dm+YeJenSzHAFSyAlDJNYA7qKDD8kNLN2Yb+2n8/EMqcUxqGJu+er+xtMyM+z8h
hufkLFDFjJpJ64Pouu3oaZjauSgrTBhnJlbduTOVLZ5nsAJsWNPlrfqR2letZkA9
OalcYj56uGe6oZi1zUz8NVnblVbpvAWSJ6+R4a1qS6qrALgBL0NIFRgBgJ169R5m
s2eJa9hNTNszggv9wzX9N31flqDI4wBUQLZv/LKydgRKSPXljCWqMP2f0QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJ6uffGPph+1l7fsKe6ExUXqp+SSMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvbnE1OThZLW1IN1dYdC13cDdvVEZSZXFuNUpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBW91MAwQB
W91WAwQCubk0MA0GCSqGSIb3DQEBCwUAA4IBAQBlmtWDnbBjcoQGPT3vpujGGG1x
lix3TDVVosLr1xD/jtr3oZrDQBI+xN/W+3c5ssQYDlcSeM5sgK0+wCffA39DM8vC
l1tGRTx0nYRLUKlAIxcDUXqwYkuPUIe1kxTSIOmnmE8l85z3F0wW3aytkBHZigSl
RkPpaHvZaouZezeU+gQ5oHsK2KMQqJaftMLWZmZ0z9HdSev68BZEKeVK2Oz1QX3n
Ay3FeyIyUgQlYj/g26AUxx8HkNolRjpNfnmp+ycB52FdUAi1hIXrrHPRfmGF0Y/A
jL96AZmYO9MQYbmCoKMY+OsTDdZJGAa9zEa4eDnmwQgd+R5+cWZMuvspsxSP
-----END CERTIFICATE-----
Generated at Wed Apr 16 06:40:19 2025 by rpki-client