Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/48cbcb-50de-4838-a887-7e451c80d56f/1/n9Z7JdCiSwjT4oRDZi35t5PUbJI.roa
File: n9Z7JdCiSwjT4oRDZi35t5PUbJI.roa (raw, json)
Hash identifier: qS+ofqB65um0Ldb5tVFufC3+3rS3esOr1eXB8SyF6xk=
Subject key identifier: 9F:D6:7B:25:D0:A2:4B:08:D3:E2:84:43:66:2D:F9:B7:93:D4:6C:92
Certificate issuer: /CN=0330d772ba83225bed588ccd1c5c96af03b3770f
Certificate serial: 0195052800F90198B5650434266E8DB7642F
Authority key identifier: 03:30:D7:72:BA:83:22:5B:ED:58:8C:CD:1C:5C:96:AF:03:B3:77:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AzDXcrqDIlvtWIzNHFyWrwOzdw8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/48cbcb-50de-4838-a887-7e451c80d56f/1/n9Z7JdCiSwjT4oRDZi35t5PUbJI.roa
Signing time: Fri 14 Feb 2025 15:51:02 +0000
ROA not before: Fri 14 Feb 2025 15:51:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50920
IP address blocks: 81.16.24.0/22 maxlen: 24
92.39.160.0/20 maxlen: 24
185.64.60.0/22 maxlen: 24
193.28.91.0/24 maxlen: 24
193.28.229.0/24 maxlen: 24
193.151.60.0/22 maxlen: 24
2a04:f680::/29 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/48cbcb-50de-4838-a887-7e451c80d56f/1/AzDXcrqDIlvtWIzNHFyWrwOzdw8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/48cbcb-50de-4838-a887-7e451c80d56f/1/AzDXcrqDIlvtWIzNHFyWrwOzdw8.mft
rsync://rpki.ripe.net/repository/DEFAULT/AzDXcrqDIlvtWIzNHFyWrwOzdw8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 21:00:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:05:28:00:f9:01:98:b5:65:04:34:26:6e:8d:b7:64:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0330d772ba83225bed588ccd1c5c96af03b3770f
Validity
Not Before: Feb 14 15:51:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9fd67b25d0a24b08d3e28443662df9b793d46c92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:c4:c8:fb:ae:7b:68:68:45:2e:5e:4d:82:f3:
d2:c6:94:af:b8:fe:79:09:fb:ee:01:af:d4:f7:ae:
7a:d5:a2:22:b1:44:af:57:53:18:f1:d1:62:3c:6a:
f7:d3:c4:fa:98:2c:98:cc:33:98:88:e5:21:5b:e6:
61:dc:ce:0b:15:62:59:3b:80:09:88:9a:15:0b:c2:
e6:8b:79:34:c5:fa:02:98:ef:94:02:86:da:32:92:
9d:07:37:b4:31:f2:f9:71:63:42:a4:0c:c2:49:df:
a8:e3:78:59:c3:e9:5f:4d:00:49:36:24:ed:38:db:
41:45:e7:b1:32:b2:9c:dc:ee:4a:91:f2:23:b5:27:
4f:1b:4d:9f:91:70:f1:c4:00:34:e9:b7:2d:c1:bb:
ed:6f:7e:d8:aa:2d:8e:13:fd:fe:86:f9:c2:d3:51:
44:fc:dd:ee:ae:77:f0:71:a8:ea:03:9e:52:f8:72:
7c:f9:6f:62:e8:3b:81:8f:71:80:6c:ab:e2:f0:91:
45:0d:4e:19:ca:77:f6:61:c1:e0:0e:94:51:ff:84:
8c:dc:4b:1d:54:53:52:c8:67:53:c3:5d:f9:27:ef:
0f:bf:19:03:a4:06:d3:f4:9c:dd:39:1e:ba:df:b3:
a3:e9:b0:df:fb:0f:04:d9:7f:0e:88:88:e7:77:6e:
d3:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:D6:7B:25:D0:A2:4B:08:D3:E2:84:43:66:2D:F9:B7:93:D4:6C:92
X509v3 Authority Key Identifier:
keyid:03:30:D7:72:BA:83:22:5B:ED:58:8C:CD:1C:5C:96:AF:03:B3:77:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AzDXcrqDIlvtWIzNHFyWrwOzdw8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/48cbcb-50de-4838-a887-7e451c80d56f/1/n9Z7JdCiSwjT4oRDZi35t5PUbJI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/48cbcb-50de-4838-a887-7e451c80d56f/1/AzDXcrqDIlvtWIzNHFyWrwOzdw8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.16.24.0/22
92.39.160.0/20
185.64.60.0/22
193.28.91.0/24
193.28.229.0/24
193.151.60.0/22
IPv6:
2a04:f680::/29
Signature Algorithm: sha256WithRSAEncryption
d6:bf:6c:6d:1b:c5:f4:91:23:fb:12:32:0e:7e:b1:60:72:5a:
2a:78:2c:04:63:9d:bf:68:6a:47:02:d9:09:44:ac:c5:1c:2d:
c0:0d:a0:7a:d3:2f:58:f5:e0:bc:78:61:24:b6:e1:e1:93:56:
24:f6:31:ca:2a:0e:aa:ee:72:08:80:65:92:0f:bc:a1:47:ee:
58:3d:3c:cb:0e:7b:2f:79:47:16:85:45:dc:cd:ea:52:b2:8f:
aa:92:dd:88:4a:f1:e3:9c:d6:c1:79:54:a3:46:73:31:38:f3:
3c:be:e8:98:d7:a5:5f:70:ed:bc:26:bc:18:22:4c:8d:f3:8c:
f1:99:d4:1b:46:2f:0a:7d:95:9b:b0:80:f4:19:eb:a9:6b:ee:
ff:1b:ab:71:84:f5:c1:4c:80:67:83:b3:74:48:08:d6:68:0e:
64:63:8a:37:8b:2e:92:80:c9:2b:fc:3f:df:ac:a2:d2:40:4d:
ea:ea:d4:34:a6:bc:09:88:36:5d:bb:12:62:04:98:21:17:01:
50:fc:ab:5f:8a:da:01:51:9e:f4:97:09:ef:2b:5a:7b:67:09:
db:72:4d:ac:fc:89:97:f9:e7:08:53:07:95:7b:31:7f:fa:8a:
1a:18:37:62:93:0c:1a:33:a2:10:7b:81:b1:ef:bc:d1:ec:70:
c8:fc:f2:33
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZUFKAD5AZi1ZQQ0Jm6Nt2QvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzMzBkNzcyYmE4MzIyNWJlZDU4OGNjZDFjNWM5NmFmMDNi
Mzc3MGYwHhcNMjUwMjE0MTU1MTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmQ2N2IyNWQwYTI0YjA4ZDNlMjg0NDM2NjJkZjliNzkzZDQ2YzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtMTI+657aGhFLl5NgvPSxpSvuP55
CfvuAa/U96561aIisUSvV1MY8dFiPGr308T6mCyYzDOYiOUhW+Zh3M4LFWJZO4AJ
iJoVC8Lmi3k0xfoCmO+UAobaMpKdBze0MfL5cWNCpAzCSd+o43hZw+lfTQBJNiTt
ONtBReexMrKc3O5KkfIjtSdPG02fkXDxxAA06bctwbvtb37Yqi2OE/3+hvnC01FE
/N3urnfwcajqA55S+HJ8+W9i6DuBj3GAbKvi8JFFDU4Zynf2YcHgDpRR/4SM3Esd
VFNSyGdTw135J+8PvxkDpAbT9JzdOR6637Oj6bDf+w8E2X8OiIjnd27TyQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFJ/WeyXQoksI0+KEQ2Yt+beT1GySMB8GA1UdIwQY
MBaAFAMw13K6gyJb7ViMzRxclq8Ds3cPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXpEWGNycURJbHZ0V0l6TkhGeVdyd096ZHc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS80OGNiY2ItNTBkZS00ODM4LWE4ODct
N2U0NTFjODBkNTZmLzEvbjlaN0pkQ2lTd2pUNG9SRFppMzV0NVBVYkpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS80OGNiY2ItNTBkZS00ODM4LWE4ODctN2U0NTFjODBkNTZm
LzEvQXpEWGNycURJbHZ0V0l6TkhGeVdyd096ZHc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCURAYAwQE
XCegAwQCuUA8AwQAwRxbAwQAwRzlAwQCwZc8MA0EAgACMAcDBQMqBPaAMA0GCSqG
SIb3DQEBCwUAA4IBAQDWv2xtG8X0kSP7EjIOfrFgcloqeCwEY52/aGpHAtkJRKzF
HC3ADaB60y9Y9eC8eGEktuHhk1Yk9jHKKg6q7nIIgGWSD7yhR+5YPTzLDnsveUcW
hUXczepSso+qkt2ISvHjnNbBeVSjRnMxOPM8vuiY16VfcO28JrwYIkyN84zxmdQb
Ri8KfZWbsID0Geupa+7/G6txhPXBTIBng7N0SAjWaA5kY4o3iy6SgMkr/D/frKLS
QE3q6tQ0prwJiDZduxJiBJghFwFQ/KtfitoBUZ70lwnvK1p7Zwnbck2s/ImX+ecI
UweVezF/+ooaGDdikwwaM6IQe4Gx77zR7HDI/PIz
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:32:32 2025 by rpki-client