Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/22e1d1-9984-4158-8d18-cf818c7c451a/1/NpWg16tSB0bbGWCf98-f1HysUn0.roa
File: NpWg16tSB0bbGWCf98-f1HysUn0.roa (raw, json)
Hash identifier: UHlOnF4x1qLBxz+eemzBJIEm+L3e+yuVLdeMDUxm9Ec=
Subject key identifier: 36:95:A0:D7:AB:52:07:46:DB:19:60:9F:F7:CF:9F:D4:7C:AC:52:7D
Certificate issuer: /CN=0d72fe2c805ed63afc9c89e9324ac94d30939aab
Certificate serial: 0194228D4D4E63EEE05446900E750C74B6E7
Authority key identifier: 0D:72:FE:2C:80:5E:D6:3A:FC:9C:89:E9:32:4A:C9:4D:30:93:9A:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXL-LIBe1jr8nInpMkrJTTCTmqs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/22e1d1-9984-4158-8d18-cf818c7c451a/1/NpWg16tSB0bbGWCf98-f1HysUn0.roa
Signing time: Wed 01 Jan 2025 15:47:53 +0000
ROA not before: Wed 01 Jan 2025 15:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197423
IP address blocks: 109.106.226.0/24 maxlen: 24
109.106.229.0/24 maxlen: 24
109.106.230.0/24 maxlen: 24
109.106.233.0/24 maxlen: 24
109.106.234.0/24 maxlen: 24
109.106.235.0/24 maxlen: 24
109.106.236.0/24 maxlen: 24
109.106.237.0/24 maxlen: 24
109.245.55.0/24 maxlen: 24
109.245.56.0/24 maxlen: 24
109.245.57.0/24 maxlen: 24
109.245.61.0/24 maxlen: 24
109.245.62.0/24 maxlen: 24
109.245.63.0/24 maxlen: 24
109.245.216.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/22e1d1-9984-4158-8d18-cf818c7c451a/1/DXL-LIBe1jr8nInpMkrJTTCTmqs.crl
rsync://rpki.ripe.net/repository/DEFAULT/ed/22e1d1-9984-4158-8d18-cf818c7c451a/1/DXL-LIBe1jr8nInpMkrJTTCTmqs.mft
rsync://rpki.ripe.net/repository/DEFAULT/DXL-LIBe1jr8nInpMkrJTTCTmqs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 23:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:4d:4e:63:ee:e0:54:46:90:0e:75:0c:74:b6:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d72fe2c805ed63afc9c89e9324ac94d30939aab
Validity
Not Before: Jan 1 15:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3695a0d7ab520746db19609ff7cf9fd47cac527d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:51:a3:c8:2f:fa:c3:15:4d:a0:a9:df:82:fe:
9a:28:9f:b4:ba:a3:a2:59:06:98:aa:f2:ea:f7:09:
8f:cc:50:27:b0:a8:4b:c4:85:f3:7c:f7:b0:18:b8:
2e:05:b5:a0:7b:fb:b1:ea:d0:be:ca:85:f3:f1:bb:
b4:7f:2a:2f:da:b7:3a:88:e6:99:a8:c0:ea:86:ad:
98:39:fb:cc:6a:9b:7b:29:ca:d7:62:82:8a:00:a4:
04:46:18:90:1d:eb:7b:9b:8b:51:35:c9:d0:da:cd:
db:83:9a:20:2e:be:eb:2c:21:34:8f:f8:d5:53:47:
94:af:fe:64:b0:e9:1f:c6:09:89:9e:a7:8d:50:a7:
9f:4f:11:43:5f:1d:ec:f3:34:ec:4e:ae:91:bb:33:
89:3b:e0:b5:f1:86:45:18:68:66:6e:f1:48:99:9b:
ad:e4:67:35:30:2a:86:7c:6a:8f:59:ac:38:4b:d5:
20:64:cf:68:17:41:3d:ef:7f:25:f9:24:ab:87:f2:
d5:6c:88:a9:00:9e:ba:31:64:4a:07:11:f8:93:50:
f9:b9:d8:60:ce:1a:a7:fa:a0:65:4f:22:ab:21:a1:
db:2f:01:d8:69:e5:c0:f1:eb:e4:24:9a:3b:29:ad:
f4:eb:ed:ec:f4:fb:46:1b:31:2c:b3:24:fd:79:00:
53:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:95:A0:D7:AB:52:07:46:DB:19:60:9F:F7:CF:9F:D4:7C:AC:52:7D
X509v3 Authority Key Identifier:
keyid:0D:72:FE:2C:80:5E:D6:3A:FC:9C:89:E9:32:4A:C9:4D:30:93:9A:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXL-LIBe1jr8nInpMkrJTTCTmqs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/22e1d1-9984-4158-8d18-cf818c7c451a/1/NpWg16tSB0bbGWCf98-f1HysUn0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/22e1d1-9984-4158-8d18-cf818c7c451a/1/DXL-LIBe1jr8nInpMkrJTTCTmqs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.106.226.0/24
109.106.229.0-109.106.230.255
109.106.233.0-109.106.237.255
109.245.55.0-109.245.57.255
109.245.61.0-109.245.63.255
109.245.216.0/24
Signature Algorithm: sha256WithRSAEncryption
29:9c:e4:d7:4d:ab:5c:82:0c:46:b6:48:36:20:60:c7:a1:b9:
68:3b:18:c2:17:f7:55:8e:a8:54:db:29:36:2c:c2:ee:bc:43:
f2:ff:57:db:01:22:29:a7:17:a9:23:23:40:33:c8:65:3e:9b:
04:54:e4:00:6e:c2:ef:42:e7:ff:54:0e:65:ef:09:8e:23:99:
ee:5a:2b:c6:5c:ab:91:db:bb:85:c9:e0:02:59:f8:93:5a:f5:
59:a2:3c:59:49:d4:b3:4a:63:c7:b8:fa:a7:49:00:a3:d7:c7:
98:9a:4f:5e:ea:a5:3c:62:4d:d1:c6:37:d2:a7:30:a7:d5:3b:
77:23:13:3c:82:1e:14:05:61:0e:c5:7e:0a:73:90:84:1d:5c:
f4:e3:4a:5e:f7:d5:f1:71:63:8b:82:c4:9f:d7:f2:19:c7:4f:
73:b2:fd:2a:4c:09:de:81:ce:cc:7a:bc:11:fb:bd:53:cf:39:
1e:63:6e:ee:5b:8b:93:2b:89:45:93:81:89:70:f2:0d:f2:77:
e3:b2:ea:24:cb:74:a7:36:a6:27:e2:22:9f:c6:4a:8f:0a:00:
87:56:8c:7f:bb:11:65:d4:6a:85:f0:6e:41:b7:5b:06:0b:ae:
79:95:f2:ef:2a:c5:7e:8f:c0:29:ff:02:e4:b9:55:f4:ee:d6:
f3:d7:ec:df
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZQijU1OY+7gVEaQDnUMdLbnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzJmZTJjODA1ZWQ2M2FmYzljODllOTMyNGFjOTRkMzA5
MzlhYWIwHhcNMjUwMTAxMTU0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjk1YTBkN2FiNTIwNzQ2ZGIxOTYwOWZmN2NmOWZkNDdjYWM1MjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3lGjyC/6wxVNoKnfgv6aKJ+0uqOi
WQaYqvLq9wmPzFAnsKhLxIXzfPewGLguBbWge/ux6tC+yoXz8bu0fyov2rc6iOaZ
qMDqhq2YOfvMapt7KcrXYoKKAKQERhiQHet7m4tRNcnQ2s3bg5ogLr7rLCE0j/jV
U0eUr/5ksOkfxgmJnqeNUKefTxFDXx3s8zTsTq6RuzOJO+C18YZFGGhmbvFImZut
5Gc1MCqGfGqPWaw4S9UgZM9oF0E9738l+SSrh/LVbIipAJ66MWRKBxH4k1D5udhg
zhqn+qBlTyKrIaHbLwHYaeXA8evkJJo7Ka306+3s9PtGGzEssyT9eQBTJwIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFDaVoNerUgdG2xlgn/fPn9R8rFJ9MB8GA1UdIwQY
MBaAFA1y/iyAXtY6/JyJ6TJKyU0wk5qrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhMLUxJQmUxanI4bklucE1rckpUVENUbXFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC8yMmUxZDEtOTk4NC00MTU4LThkMTgt
Y2Y4MThjN2M0NTFhLzEvTnBXZzE2dFNCMGJiR1dDZjk4LWYxSHlzVW4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC8yMmUxZDEtOTk4NC00MTU4LThkMTgtY2Y4MThjN2M0NTFh
LzEvRFhMLUxJQmUxanI4bklucE1rckpUVENUbXFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQAbWriMAwD
BABtauUDBABtauYwDAMEAG1q6QMEAW1q7DAMAwQAbfU3AwQBbfU4MAwDBABt9T0D
BAZt9QADBABt9dgwDQYJKoZIhvcNAQELBQADggEBACmc5NdNq1yCDEa2SDYgYMeh
uWg7GMIX91WOqFTbKTYswu68Q/L/V9sBIimnF6kjI0AzyGU+mwRU5ABuwu9C5/9U
DmXvCY4jme5aK8Zcq5Hbu4XJ4AJZ+JNa9VmiPFlJ1LNKY8e4+qdJAKPXx5iaT17q
pTxiTdHGN9KnMKfVO3cjEzyCHhQFYQ7FfgpzkIQdXPTjSl731fFxY4uCxJ/X8hnH
T3Oy/SpMCd6Bzsx6vBH7vVPPOR5jbu5bi5MriUWTgYlw8g3yd+Oy6iTLdKc2pifi
Ip/GSo8KAIdWjH+7EWXUaoXwbkG3WwYLrnmV8u8qxX6PwCn/AuS5VfTu1vPX7N8=
-----END CERTIFICATE-----
Generated at Sun Apr 13 10:07:41 2025 by rpki-client