Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/hNPAJBJQcRtE-SJjyoGEKsljmXA.roa
File: hNPAJBJQcRtE-SJjyoGEKsljmXA.roa (raw, json)
Hash identifier: cxILOvyPqMN2Kz+W/9LGBBCgK1NOKrZ4exJ0ZNKhTeQ=
Subject key identifier: 84:D3:C0:24:12:50:71:1B:44:F9:22:63:CA:81:84:2A:C9:63:99:70
Certificate issuer: /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial: 019427476B762E9912F6BDB1078D69354FFD
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/hNPAJBJQcRtE-SJjyoGEKsljmXA.roa
Signing time: Thu 02 Jan 2025 13:49:39 +0000
ROA not before: Thu 02 Jan 2025 13:49:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 137409
IP address blocks: 87.254.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 11:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:6b:76:2e:99:12:f6:bd:b1:07:8d:69:35:4f:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Validity
Not Before: Jan 2 13:49:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=84d3c0241250711b44f92263ca81842ac9639970
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:8f:2e:05:be:c1:2f:34:0c:51:71:e0:ca:84:
f6:43:39:39:19:c5:12:fe:b0:11:7e:3b:49:a4:da:
dd:91:2a:1e:c7:90:57:f2:5b:6e:44:6d:2e:f7:f5:
21:92:1b:57:c6:ce:2b:8a:67:de:50:c6:51:8f:ed:
8d:12:e8:34:81:b2:c3:36:ea:b3:fe:c3:69:ac:e2:
2a:f4:22:af:17:83:02:7c:5f:c1:46:44:88:0f:c3:
62:7a:d7:2e:09:ce:6c:8a:08:41:49:f3:7b:18:7e:
59:17:b8:a4:fa:88:30:70:ed:d8:38:7e:58:eb:63:
87:e5:0f:9d:2c:c3:a9:ec:bc:a4:48:6e:22:2a:7b:
74:ed:be:a7:e7:2c:82:ee:02:54:19:c2:cb:15:cc:
b4:78:0c:a9:b4:28:8b:08:78:0f:89:67:c6:e9:0d:
f4:1e:a5:08:f1:b3:c7:94:f4:8a:d6:1f:f6:7a:32:
0a:f4:8c:84:e0:00:f3:1a:91:bd:d2:82:a1:15:b2:
a0:a3:04:89:69:0f:f2:4e:57:f3:ca:35:96:fc:50:
cf:47:f5:7d:bc:3c:8a:74:ac:18:85:c5:85:f3:a1:
9f:46:20:3b:8c:97:3c:fd:f3:17:03:7d:ec:7e:fa:
34:6f:3f:79:64:87:61:58:61:09:3e:9b:b5:5e:5b:
68:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:D3:C0:24:12:50:71:1B:44:F9:22:63:CA:81:84:2A:C9:63:99:70
X509v3 Authority Key Identifier:
keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/hNPAJBJQcRtE-SJjyoGEKsljmXA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.254.3.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:80:c3:6f:59:6f:ce:9a:08:f7:5f:2a:56:9d:f5:c6:7c:5b:
fc:96:57:e0:fa:6f:48:30:11:de:4d:9b:43:bf:c6:7a:f0:27:
41:b2:31:41:25:84:00:43:16:ff:7b:68:4b:e7:53:59:91:25:
2d:81:cb:9a:96:16:36:f3:ab:14:37:36:b1:25:44:b5:0a:61:
61:ce:b0:36:c4:a1:2c:8e:bc:a7:a3:15:d9:38:2d:6d:75:f7:
b1:a2:ab:29:c8:fe:8d:01:cf:ef:d6:5b:6c:08:04:09:71:10:
b2:8d:61:99:8a:2f:fb:92:cf:99:ea:70:0a:35:28:da:bc:32:
6c:b5:97:df:f5:b1:31:b4:de:35:58:2b:a6:0d:3a:b7:23:41:
fa:15:d1:6e:17:03:87:85:cb:f5:76:e3:18:b8:80:58:3e:da:
88:2f:7f:2f:62:96:ff:39:ec:31:51:83:f7:4e:03:ce:5c:20:
c9:32:b2:31:90:bf:69:4a:e9:50:a7:30:27:45:95:07:ea:29:
d9:27:25:04:80:92:9c:c6:d6:f0:50:8e:c4:5f:a2:36:54:bd:
97:a2:21:ac:58:8f:0e:52:9f:73:32:ca:ef:c1:2a:6a:cd:44:
8c:b8:15:a8:1e:59:51:1c:bf:e0:5f:79:aa:a4:2f:d9:85:cb:
f1:49:d5:0e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnR2t2LpkS9r2xB41pNU/9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjUwMTAyMTM0OTM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGQzYzAyNDEyNTA3MTFiNDRmOTIyNjNjYTgxODQyYWM5NjM5OTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw48uBb7BLzQMUXHgyoT2Qzk5GcUS
/rARfjtJpNrdkSoex5BX8ltuRG0u9/UhkhtXxs4rimfeUMZRj+2NEug0gbLDNuqz
/sNprOIq9CKvF4MCfF/BRkSID8NietcuCc5sighBSfN7GH5ZF7ik+ogwcO3YOH5Y
62OH5Q+dLMOp7LykSG4iKnt07b6n5yyC7gJUGcLLFcy0eAyptCiLCHgPiWfG6Q30
HqUI8bPHlPSK1h/2ejIK9IyE4ADzGpG90oKhFbKgowSJaQ/yTlfzyjWW/FDPR/V9
vDyKdKwYhcWF86GfRiA7jJc8/fMXA33sfvo0bz95ZIdhWGEJPpu1XltolwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFITTwCQSUHEbRPkiY8qBhCrJY5lwMB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEvaE5QQUpCSlFjUnRFLVNKanlvR0VLc2xqbVhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV/4DMA0G
CSqGSIb3DQEBCwUAA4IBAQA+gMNvWW/Omgj3XypWnfXGfFv8llfg+m9IMBHeTZtD
v8Z68CdBsjFBJYQAQxb/e2hL51NZkSUtgcualhY286sUNzaxJUS1CmFhzrA2xKEs
jrynoxXZOC1tdfexoqspyP6NAc/v1ltsCAQJcRCyjWGZii/7ks+Z6nAKNSjavDJs
tZff9bExtN41WCumDTq3I0H6FdFuFwOHhcv1duMYuIBYPtqIL38vYpb/OewxUYP3
TgPOXCDJMrIxkL9pSulQpzAnRZUH6inZJyUEgJKcxtbwUI7EX6I2VL2XoiGsWI8O
Up9zMsrvwSpqzUSMuBWoHllRHL/gX3mqpC/ZhcvxSdUO
-----END CERTIFICATE-----
Generated at Wed Feb 5 18:59:37 2025 by rpki-client