Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/e57503-f658-43e2-93a9-2af067a130aa/1/nRz9AftCLig4OmS0E1eBTIrPa5M.roa
File: nRz9AftCLig4OmS0E1eBTIrPa5M.roa (raw, json)
Hash identifier: ea2h97J02X030CkXXWTZE1BGZvnjhrqY95EK1+tYFdY=
Subject key identifier: 9D:1C:FD:01:FB:42:2E:28:38:3A:64:B4:13:57:81:4C:8A:CF:6B:93
Certificate issuer: /CN=0ab36668893a8244d553efca4688d0f1019e4e25
Certificate serial: 01941F8C5C48F0EA45E4ECB2F4C4B1B3175F
Authority key identifier: 0A:B3:66:68:89:3A:82:44:D5:53:EF:CA:46:88:D0:F1:01:9E:4E:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CrNmaIk6gkTVU-_KRojQ8QGeTiU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/e57503-f658-43e2-93a9-2af067a130aa/1/nRz9AftCLig4OmS0E1eBTIrPa5M.roa
Signing time: Wed 01 Jan 2025 01:47:59 +0000
ROA not before: Wed 01 Jan 2025 01:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24921
IP address blocks: 5.252.168.0/22 maxlen: 22
45.140.32.0/22 maxlen: 22
45.149.160.0/22 maxlen: 22
80.89.72.0/21 maxlen: 21
80.89.72.0/22 maxlen: 22
80.89.76.0/22 maxlen: 22
185.65.160.0/23 maxlen: 23
185.65.162.0/23 maxlen: 23
185.147.56.0/22 maxlen: 22
185.147.56.0/24 maxlen: 24
185.147.57.0/24 maxlen: 24
185.147.58.0/24 maxlen: 24
185.147.59.0/24 maxlen: 24
193.108.29.0/24 maxlen: 24
212.3.192.0/19 maxlen: 19
212.3.192.0/21 maxlen: 21
212.3.192.0/23 maxlen: 23
212.3.194.0/23 maxlen: 23
212.3.196.0/23 maxlen: 23
212.3.198.0/23 maxlen: 23
212.3.201.0/24 maxlen: 24
212.3.204.0/22 maxlen: 22
212.3.208.0/23 maxlen: 23
212.3.210.0/23 maxlen: 23
212.3.221.0/24 maxlen: 24
212.93.97.0/24 maxlen: 24
212.93.100.0/22 maxlen: 22
212.93.104.0/23 maxlen: 23
212.93.106.0/24 maxlen: 24
212.93.107.0/24 maxlen: 24
212.93.108.0/23 maxlen: 23
212.93.110.0/23 maxlen: 23
212.93.112.0/24 maxlen: 24
212.93.113.0/24 maxlen: 24
212.93.114.0/24 maxlen: 24
212.93.115.0/24 maxlen: 24
212.93.116.0/23 maxlen: 23
212.93.118.0/23 maxlen: 23
212.93.120.0/23 maxlen: 23
212.93.122.0/23 maxlen: 23
212.93.127.0/24 maxlen: 24
2a03:ec00:b000::/48 maxlen: 48
2a03:ec00:b008::/48 maxlen: 48
2a03:ec00:b100::/40 maxlen: 40
2a03:ec00:b100::/42 maxlen: 42
2a03:ec00:b140::/42 maxlen: 42
2a03:ec00:b180::/42 maxlen: 42
2a03:ec00:b300::/40 maxlen: 40
2a03:ec00:b400::/40 maxlen: 40
2a03:ec00:b900::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c9/e57503-f658-43e2-93a9-2af067a130aa/1/CrNmaIk6gkTVU-_KRojQ8QGeTiU.crl
rsync://rpki.ripe.net/repository/DEFAULT/c9/e57503-f658-43e2-93a9-2af067a130aa/1/CrNmaIk6gkTVU-_KRojQ8QGeTiU.mft
rsync://rpki.ripe.net/repository/DEFAULT/CrNmaIk6gkTVU-_KRojQ8QGeTiU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 22:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:5c:48:f0:ea:45:e4:ec:b2:f4:c4:b1:b3:17:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ab36668893a8244d553efca4688d0f1019e4e25
Validity
Not Before: Jan 1 01:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9d1cfd01fb422e28383a64b41357814c8acf6b93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:98:2f:51:9e:28:c6:7b:31:08:a7:4b:61:c2:
8b:59:e9:a3:09:01:76:c6:2e:74:95:32:5f:01:31:
ed:bf:be:95:fc:6a:a4:e6:dd:e8:7f:82:b5:35:c7:
73:09:0e:2d:91:c4:30:6c:c0:ec:b4:ee:27:a8:17:
25:7b:74:dd:94:00:5c:63:50:3d:06:6e:55:d7:c0:
fa:d1:ef:f6:16:92:dc:c3:9a:46:86:93:9a:56:68:
14:a6:36:c7:26:66:66:0c:2f:13:30:c7:c0:3e:39:
02:b9:73:0b:9b:92:72:67:c9:31:f0:6a:57:10:60:
fa:ae:01:60:28:ec:08:32:c3:da:ed:e0:a9:92:90:
d4:98:bc:1e:31:ec:59:97:19:48:08:74:34:48:3e:
8b:a9:b3:03:2b:70:59:bf:46:15:21:16:78:4e:9e:
9d:68:d5:95:4e:5f:3f:b9:c9:cf:16:75:d8:9a:b2:
b7:69:8a:3e:4b:35:7e:f5:1f:90:a5:f1:4b:4e:22:
ea:e1:43:73:57:d9:59:59:45:4c:35:2a:03:62:4f:
5c:67:94:d1:a4:70:03:85:8c:7c:76:ca:3c:da:c3:
30:22:5c:d4:b3:6d:ce:87:a4:0f:5c:cb:ca:d3:da:
b2:e0:82:c9:21:df:87:82:04:27:20:2a:ab:6c:42:
4d:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:1C:FD:01:FB:42:2E:28:38:3A:64:B4:13:57:81:4C:8A:CF:6B:93
X509v3 Authority Key Identifier:
keyid:0A:B3:66:68:89:3A:82:44:D5:53:EF:CA:46:88:D0:F1:01:9E:4E:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CrNmaIk6gkTVU-_KRojQ8QGeTiU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/e57503-f658-43e2-93a9-2af067a130aa/1/nRz9AftCLig4OmS0E1eBTIrPa5M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/e57503-f658-43e2-93a9-2af067a130aa/1/CrNmaIk6gkTVU-_KRojQ8QGeTiU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.168.0/22
45.140.32.0/22
45.149.160.0/22
80.89.72.0/21
185.65.160.0/22
185.147.56.0/22
193.108.29.0/24
212.3.192.0/19
212.93.97.0/24
212.93.100.0-212.93.123.255
212.93.127.0/24
IPv6:
2a03:ec00:b000::/48
2a03:ec00:b008::/48
2a03:ec00:b100::/40
2a03:ec00:b300::-2a03:ec00:b4ff:ffff:ffff:ffff:ffff:ffff
2a03:ec00:b900::/40
Signature Algorithm: sha256WithRSAEncryption
80:87:4e:58:4b:61:99:a1:d6:a4:e3:c2:04:f1:a9:6b:85:07:
b6:6d:d8:9d:1f:79:08:53:e4:54:c3:e1:69:1a:af:39:85:6a:
09:d8:0a:d7:56:ef:20:69:de:9f:7c:de:0b:b7:2c:e2:3c:c9:
c3:cf:63:05:03:fa:66:bb:64:17:2c:eb:23:79:fc:6e:f7:f6:
41:4e:cb:14:59:9a:f0:ac:87:f8:d3:6a:9d:1e:35:8c:c6:14:
99:d8:91:01:d3:be:7a:46:23:a5:2b:9b:85:3d:4a:f0:11:60:
37:70:d1:87:10:02:7a:8f:6e:c0:af:ce:35:0b:58:69:5f:ba:
32:8b:42:73:56:4f:d6:77:c1:eb:0e:fc:49:d1:43:48:fa:a0:
f6:b7:57:4f:28:b9:df:d8:81:26:b9:ac:5c:36:ef:d9:44:71:
16:13:f3:49:a9:57:9a:41:17:9f:b5:35:48:1f:6d:4c:77:a8:
61:a8:8f:50:a9:b1:f0:a0:16:f5:6a:60:bb:7d:e1:b0:37:4d:
91:0c:4d:a5:3f:2c:42:05:6d:18:89:5a:a1:01:d9:48:bb:c5:
bf:10:38:71:72:a2:35:68:51:e2:19:88:77:b1:55:8f:28:13:
a8:95:01:3e:fd:90:42:7b:f1:b2:62:5a:2e:3a:be:4b:fa:f3:
a3:54:39:fe
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAZQfjFxI8OpF5Oyy9MSxsxdfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhYjM2NjY4ODkzYTgyNDRkNTUzZWZjYTQ2ODhkMGYxMDE5
ZTRlMjUwHhcNMjUwMTAxMDE0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDFjZmQwMWZiNDIyZTI4MzgzYTY0YjQxMzU3ODE0YzhhY2Y2YjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxJgvUZ4oxnsxCKdLYcKLWemjCQF2
xi50lTJfATHtv76V/Gqk5t3of4K1NcdzCQ4tkcQwbMDstO4nqBcle3TdlABcY1A9
Bm5V18D60e/2FpLcw5pGhpOaVmgUpjbHJmZmDC8TMMfAPjkCuXMLm5JyZ8kx8GpX
EGD6rgFgKOwIMsPa7eCpkpDUmLweMexZlxlICHQ0SD6LqbMDK3BZv0YVIRZ4Tp6d
aNWVTl8/ucnPFnXYmrK3aYo+SzV+9R+QpfFLTiLq4UNzV9lZWUVMNSoDYk9cZ5TR
pHADhYx8dso82sMwIlzUs23Oh6QPXMvK09qy4ILJId+HggQnICqrbEJN3QIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFJ0c/QH7Qi4oODpktBNXgUyKz2uTMB8GA1UdIwQY
MBaAFAqzZmiJOoJE1VPvykaI0PEBnk4lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3JObWFJazZna1RWVS1fS1JvalE4UUdlVGlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS9lNTc1MDMtZjY1OC00M2UyLTkzYTkt
MmFmMDY3YTEzMGFhLzEvblJ6OUFmdENMaWc0T21TMEUxZUJUSXJQYTVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS9lNTc1MDMtZjY1OC00M2UyLTkzYTktMmFmMDY3YTEzMGFh
LzEvQ3JObWFJazZna1RWVS1fS1JvalE4UUdlVGlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjBQBAIAATBKAwQCBfyo
AwQCLYwgAwQCLZWgAwQDUFlIAwQCuUGgAwQCuZM4AwQAwWwdAwQF1APAAwQA1F1h
MAwDBALUXWQDBALUXXgDBADUXX8wOgQCAAIwNAMHACoD7ACwAAMHACoD7ACwCAMG
ACoD7ACxMBADBgAqA+wAswMGACoD7AC0AwYAKgPsALkwDQYJKoZIhvcNAQELBQAD
ggEBAICHTlhLYZmh1qTjwgTxqWuFB7Zt2J0feQhT5FTD4WkarzmFagnYCtdW7yBp
3p983gu3LOI8ycPPYwUD+ma7ZBcs6yN5/G739kFOyxRZmvCsh/jTap0eNYzGFJnY
kQHTvnpGI6Urm4U9SvARYDdw0YcQAnqPbsCvzjULWGlfujKLQnNWT9Z3wesO/EnR
Q0j6oPa3V08oud/YgSa5rFw279lEcRYT80mpV5pBF5+1NUgfbUx3qGGoj1CpsfCg
FvVqYLt94bA3TZEMTaU/LEIFbRiJWqEB2Ui7xb8QOHFyojVoUeIZiHexVY8oE6iV
AT79kEJ78bJiWi46vkv686NUOf4=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:45:11 2025 by rpki-client