Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/nh1DAdGlkCnqMoRCOw5nSf1eUrE.roa
File: nh1DAdGlkCnqMoRCOw5nSf1eUrE.roa (raw, json)
Hash identifier: 6CL3sDa/YSgMH6T3lPf7wvZWcq37OdDdy32xWrUSt1w=
Subject key identifier: 9E:1D:43:01:D1:A5:90:29:EA:32:84:42:3B:0E:67:49:FD:5E:52:B1
Certificate issuer: /CN=7ce68daf5f089456c0e1d02245393531ac5b8fcb
Certificate serial: 0194258F828F1A8BBDAC57D599FB71019A90
Authority key identifier: 7C:E6:8D:AF:5F:08:94:56:C0:E1:D0:22:45:39:35:31:AC:5B:8F:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fOaNr18IlFbA4dAiRTk1Maxbj8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/nh1DAdGlkCnqMoRCOw5nSf1eUrE.roa
Signing time: Thu 02 Jan 2025 05:49:09 +0000
ROA not before: Thu 02 Jan 2025 05:49:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8070
IP address blocks: 51.54.0.0/15 maxlen: 15
62.10.0.0/15 maxlen: 15
194.41.16.0/24 maxlen: 24
194.41.17.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/fOaNr18IlFbA4dAiRTk1Maxbj8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/fOaNr18IlFbA4dAiRTk1Maxbj8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/fOaNr18IlFbA4dAiRTk1Maxbj8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 08:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:82:8f:1a:8b:bd:ac:57:d5:99:fb:71:01:9a:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ce68daf5f089456c0e1d02245393531ac5b8fcb
Validity
Not Before: Jan 2 05:49:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9e1d4301d1a59029ea3284423b0e6749fd5e52b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:a3:02:97:5f:75:28:23:98:11:21:44:78:b2:
54:ff:7e:c5:ab:1b:ac:bd:0d:20:2e:ad:a9:3f:82:
ff:59:e0:fb:44:e3:12:a8:eb:89:97:12:a5:ee:79:
9f:f1:e2:fe:15:3e:d3:e8:a1:c5:7d:85:49:ff:9d:
44:e5:dd:d8:34:56:31:43:be:89:13:c5:08:0c:e5:
bb:b1:07:3d:c5:3e:b3:03:34:39:21:41:45:68:c4:
3d:06:9c:a6:b8:bb:fb:50:6d:c4:42:1d:30:a3:ce:
75:e1:52:68:2c:9e:95:46:11:0f:12:e4:82:07:aa:
df:2f:a3:91:63:64:90:5f:42:4e:e7:cd:03:38:0c:
cf:a9:88:22:81:56:b7:f0:09:ee:d2:db:93:0f:9c:
d3:83:1f:eb:49:8f:44:2e:47:22:3c:57:48:b1:5a:
d7:e2:ad:d6:d3:9d:46:8d:52:cc:d3:fd:9a:fa:d3:
16:99:13:e1:56:22:80:67:50:84:01:e9:5b:a6:f0:
20:cc:d5:bc:51:22:43:49:94:ad:92:0a:13:87:84:
fd:cc:64:cf:e1:80:9a:13:11:d0:04:fd:b9:d1:e8:
cb:33:a7:6a:8b:2b:98:b0:90:30:77:d9:20:bd:65:
7b:6e:d6:6f:a6:83:8c:72:b7:a4:7b:92:88:97:28:
6f:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:1D:43:01:D1:A5:90:29:EA:32:84:42:3B:0E:67:49:FD:5E:52:B1
X509v3 Authority Key Identifier:
keyid:7C:E6:8D:AF:5F:08:94:56:C0:E1:D0:22:45:39:35:31:AC:5B:8F:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fOaNr18IlFbA4dAiRTk1Maxbj8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/nh1DAdGlkCnqMoRCOw5nSf1eUrE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/fOaNr18IlFbA4dAiRTk1Maxbj8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.54.0.0/15
62.10.0.0/15
194.41.16.0/23
Signature Algorithm: sha256WithRSAEncryption
48:f4:72:0f:45:23:d0:91:81:5b:ef:22:78:3f:2a:57:6a:1d:
11:5d:3d:ae:fb:35:84:dc:0e:20:9e:b0:ad:dd:6b:86:47:6e:
49:b8:84:2d:31:e5:57:89:9f:b2:d0:4f:49:ad:c1:34:12:5c:
37:cd:ec:40:cf:11:e2:35:7c:39:35:b5:c8:b3:6a:90:e5:51:
da:3a:cd:8e:19:71:87:d4:30:38:7f:9d:f2:44:38:54:d9:c5:
ed:98:bb:29:08:23:15:14:86:fd:8f:75:95:55:1e:c2:1a:87:
f7:16:63:8b:97:b4:4b:7f:a7:28:e8:e7:8e:05:9b:72:0c:98:
a9:f3:26:88:e7:8e:18:a7:e0:dc:9f:7f:a3:b0:06:8a:21:5b:
af:08:ad:ef:50:76:d5:97:c9:a5:b9:2b:b3:6b:fe:87:d8:5c:
44:85:9c:cc:c9:fc:f6:1d:62:a5:68:47:5c:95:bc:bf:fe:0b:
32:a6:5d:18:17:29:c4:14:14:95:5e:6f:ab:01:55:d6:d4:9c:
9d:0b:60:6b:24:58:ca:17:8f:b8:bd:2f:67:5f:f0:4a:87:df:
81:32:c7:94:9a:bc:31:f9:8f:ff:15:7a:8f:f9:d3:a5:1a:50:
70:0e:98:cd:5d:bc:0c:48:34:8a:38:2c:59:1d:ea:71:36:f2:
25:36:b2:8d
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAZQlj4KPGou9rFfVmftxAZqQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjZTY4ZGFmNWYwODk0NTZjMGUxZDAyMjQ1MzkzNTMxYWM1
YjhmY2IwHhcNMjUwMTAyMDU0OTA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTFkNDMwMWQxYTU5MDI5ZWEzMjg0NDIzYjBlNjc0OWZkNWU1MmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhaMCl191KCOYESFEeLJU/37Fqxus
vQ0gLq2pP4L/WeD7ROMSqOuJlxKl7nmf8eL+FT7T6KHFfYVJ/51E5d3YNFYxQ76J
E8UIDOW7sQc9xT6zAzQ5IUFFaMQ9BpymuLv7UG3EQh0wo8514VJoLJ6VRhEPEuSC
B6rfL6ORY2SQX0JO580DOAzPqYgigVa38Anu0tuTD5zTgx/rSY9ELkciPFdIsVrX
4q3W051GjVLM0/2a+tMWmRPhViKAZ1CEAelbpvAgzNW8USJDSZStkgoTh4T9zGTP
4YCaExHQBP250ejLM6dqiyuYsJAwd9kgvWV7btZvpoOMcreke5KIlyhvsQIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFJ4dQwHRpZAp6jKEQjsOZ0n9XlKxMB8GA1UdIwQY
MBaAFHzmja9fCJRWwOHQIkU5NTGsW4/LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZk9hTnIxOElsRmJBNGRBaVJUazFNYXhiajhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9lYzBiODktMWU2OC00NWEwLThiOTMt
MTNhMDZhMjY5YWE4LzEvbmgxREFkR2xrQ25xTW9SQ093NW5TZjFlVXJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9lYzBiODktMWU2OC00NWEwLThiOTMtMTNhMDZhMjY5YWE4
LzEvZk9hTnIxOElsRmJBNGRBaVJUazFNYXhiajhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAATAQAwMBMzYDAwE+
CgMEAcIpEDANBgkqhkiG9w0BAQsFAAOCAQEASPRyD0Uj0JGBW+8ieD8qV2odEV09
rvs1hNwOIJ6wrd1rhkduSbiELTHlV4mfstBPSa3BNBJcN83sQM8R4jV8OTW1yLNq
kOVR2jrNjhlxh9QwOH+d8kQ4VNnF7Zi7KQgjFRSG/Y91lVUewhqH9xZji5e0S3+n
KOjnjgWbcgyYqfMmiOeOGKfg3J9/o7AGiiFbrwit71B21ZfJpbkrs2v+h9hcRIWc
zMn89h1ipWhHXJW8v/4LMqZdGBcpxBQUlV5vqwFV1tScnQtgayRYyhePuL0vZ1/w
SoffgTLHlJq8MfmP/xV6j/nTpRpQcA6YzV28DEg0ijgsWR3qcTbyJTayjQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 18:26:33 2025 by rpki-client