Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/A-nxqnmn-GaxAt871uspVTl8Lvk.roa
File: A-nxqnmn-GaxAt871uspVTl8Lvk.roa (raw, json)
Hash identifier: BRmVLtqHChJpqmkh3UmPnd5z//Ckfe565hY1FMozbwk=
Subject key identifier: 03:E9:F1:AA:79:A7:F8:66:B1:02:DF:3B:D6:EB:29:55:39:7C:2E:F9
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 019427486BF02D9154C0F4254F4F4C703DDC
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/A-nxqnmn-GaxAt871uspVTl8Lvk.roa
Signing time: Thu 02 Jan 2025 13:50:45 +0000
ROA not before: Thu 02 Jan 2025 13:50:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200018
IP address blocks: 194.103.112.0/24 maxlen: 24
194.103.118.0/24 maxlen: 24
194.103.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:6b:f0:2d:91:54:c0:f4:25:4f:4f:4c:70:3d:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 13:50:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=03e9f1aa79a7f866b102df3bd6eb2955397c2ef9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:14:41:56:49:a3:7d:a8:bd:bd:56:eb:2b:81:
d6:97:05:6f:eb:73:2b:4b:79:7d:9a:01:cc:4a:1b:
c2:4e:d5:2d:c4:8c:e4:25:83:f1:4b:5a:00:75:bf:
b5:9a:8f:53:9b:8d:65:9d:8f:3e:1d:af:16:29:4c:
5d:b2:10:8a:45:c7:eb:bd:59:d9:4c:87:4b:41:03:
2d:f3:3a:7d:d9:36:18:6a:f2:84:45:eb:08:74:36:
b1:1b:9e:6e:97:3c:06:ae:10:43:4f:a1:18:cf:b8:
80:e5:75:ce:2a:ee:d9:a9:fc:e4:b5:0c:b3:ca:c6:
b6:e1:05:d7:dc:a5:a7:a4:dc:4d:8e:e5:26:97:99:
d1:f2:90:71:53:4e:af:30:19:2c:00:bf:d7:06:48:
aa:a5:de:c1:c5:6d:1c:ee:81:71:a7:c0:0d:bb:a8:
d4:4a:7b:e9:6d:d9:cd:eb:a2:48:d5:4e:bd:98:d1:
df:ce:53:bf:f8:43:d2:f7:69:06:b7:0f:b7:af:f9:
77:91:2e:00:76:ca:33:a1:fb:fb:31:80:40:1c:1b:
e5:af:5b:c0:98:16:df:b5:33:2a:2f:57:c5:b8:04:
88:18:d6:2f:8b:02:a7:af:af:5c:e1:c2:b4:8b:e0:
58:92:bf:7e:2c:7f:ae:3f:45:b1:b3:b9:de:4c:84:
7d:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:E9:F1:AA:79:A7:F8:66:B1:02:DF:3B:D6:EB:29:55:39:7C:2E:F9
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/A-nxqnmn-GaxAt871uspVTl8Lvk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.103.112.0/24
194.103.118.0/23
Signature Algorithm: sha256WithRSAEncryption
80:57:44:ad:93:90:66:de:84:01:31:35:d9:20:b5:39:3b:43:
7b:69:21:f6:a8:41:3b:51:d1:09:d7:dc:0a:b6:fe:6b:ca:be:
9f:82:a5:eb:dc:04:67:70:7c:49:5d:57:8a:3f:d5:c7:59:40:
78:0c:e5:ca:be:9d:52:9a:71:11:6c:fa:d9:3f:d7:81:d3:44:
99:bf:f5:fb:e6:20:f3:9f:39:fd:21:7b:fe:3a:19:93:bc:38:
01:44:67:fe:b1:8b:21:04:19:08:40:02:ec:a0:89:3c:27:7d:
53:7d:84:56:4f:f4:b6:7d:d2:50:0f:9f:a6:d0:07:ce:9d:41:
15:92:e0:79:cf:1e:7e:8c:c1:2a:a0:0e:a8:29:58:ef:5e:0f:
bb:bf:f3:73:46:bd:36:9d:17:ae:6a:3d:0f:86:62:ba:fb:e5:
a8:6c:4e:91:b3:9e:59:37:fe:88:8b:58:a9:55:95:c7:7b:d2:
48:8b:7a:72:66:75:81:c7:ee:85:e0:58:7f:db:6f:94:d6:32:
11:b0:03:26:0b:9c:44:bc:8d:08:b6:d3:57:34:59:79:5e:a8:
4a:b3:a9:87:09:bc:40:52:7a:aa:e5:4a:cb:62:53:a3:e7:0a:
22:ce:6c:2c:38:ae:13:4b:de:77:7c:34:3f:2d:61:c1:a9:6d:
ae:b5:86:ce
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQnSGvwLZFUwPQlT09McD3cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwMTAyMTM1MDQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2U5ZjFhYTc5YTdmODY2YjEwMmRmM2JkNmViMjk1NTM5N2MyZWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkBRBVkmjfai9vVbrK4HWlwVv63Mr
S3l9mgHMShvCTtUtxIzkJYPxS1oAdb+1mo9Tm41lnY8+Ha8WKUxdshCKRcfrvVnZ
TIdLQQMt8zp92TYYavKEResIdDaxG55ulzwGrhBDT6EYz7iA5XXOKu7ZqfzktQyz
ysa24QXX3KWnpNxNjuUml5nR8pBxU06vMBksAL/XBkiqpd7BxW0c7oFxp8ANu6jU
SnvpbdnN66JI1U69mNHfzlO/+EPS92kGtw+3r/l3kS4Adsozofv7MYBAHBvlr1vA
mBbftTMqL1fFuASIGNYviwKnr69c4cK0i+BYkr9+LH+uP0Wxs7neTIR9nwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAPp8ap5p/hmsQLfO9brKVU5fC75MB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvQS1ueHFubW4tR2F4QXQ4NzF1c3BWVGw4THZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwmdwAwQB
wmd2MA0GCSqGSIb3DQEBCwUAA4IBAQCAV0Stk5Bm3oQBMTXZILU5O0N7aSH2qEE7
UdEJ19wKtv5ryr6fgqXr3ARncHxJXVeKP9XHWUB4DOXKvp1SmnERbPrZP9eB00SZ
v/X75iDznzn9IXv+OhmTvDgBRGf+sYshBBkIQALsoIk8J31TfYRWT/S2fdJQD5+m
0AfOnUEVkuB5zx5+jMEqoA6oKVjvXg+7v/NzRr02nReuaj0PhmK6++WobE6Rs55Z
N/6Ii1ipVZXHe9JIi3pyZnWBx+6F4Fh/22+U1jIRsAMmC5xEvI0IttNXNFl5XqhK
s6mHCbxAUnqq5UrLYlOj5woizmwsOK4TS953fDQ/LWHBqW2utYbO
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:10:08 2025 by rpki-client