Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/nixExACdBLCd220KvniRCymvm-E.roa
File: nixExACdBLCd220KvniRCymvm-E.roa (raw, json)
Hash identifier: BQGvtG/tYieBk5aA9d8MX/EP0n7wVkNtLzSLD3pl8LU=
Subject key identifier: 9E:2C:44:C4:00:9D:04:B0:9D:DB:6D:0A:BE:78:91:0B:29:AF:9B:E1
Certificate issuer: /CN=24cc6b9c37faa0da3b412007c0b10b2c5bf2cf4e
Certificate serial: 0191E137FEC1E947AB7B3D6E987763F03B88
Authority key identifier: 24:CC:6B:9C:37:FA:A0:DA:3B:41:20:07:C0:B1:0B:2C:5B:F2:CF:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JMxrnDf6oNo7QSAHwLELLFvyz04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/nixExACdBLCd220KvniRCymvm-E.roa
Signing time: Wed 11 Sep 2024 13:13:48 +0000
ROA not before: Wed 11 Sep 2024 13:13:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202
IP address blocks: 149.250.0.0/16 maxlen: 16
192.109.236.0/24 maxlen: 24
195.203.0.0/17 maxlen: 17
195.203.128.0/17 maxlen: 17
195.203.152.0/23 maxlen: 23
195.203.156.0/22 maxlen: 22
217.27.0.0/23 maxlen: 23
217.27.2.0/23 maxlen: 23
217.27.4.0/24 maxlen: 24
217.27.6.0/24 maxlen: 24
217.27.7.0/24 maxlen: 24
2a03:5000:1::/48 maxlen: 48
2a03:5000:2::/48 maxlen: 48
2a03:5000:11::/48 maxlen: 48
2a03:5000:12::/48 maxlen: 48
2a03:5000:20::/48 maxlen: 48
2a03:5000:21::/48 maxlen: 48
2a03:5000:22::/48 maxlen: 48
2a03:5000:30::/48 maxlen: 48
2a03:5000:31::/48 maxlen: 48
2a03:5000:32::/48 maxlen: 48
2a03:5000:41::/48 maxlen: 48
2a03:5000:42::/48 maxlen: 48
2a03:5000:51::/48 maxlen: 48
2a03:5000:52::/48 maxlen: 48
2a03:5000:61::/48 maxlen: 48
2a03:5000:62::/48 maxlen: 48
2a03:5000:71::/48 maxlen: 48
2a03:5000:72::/48 maxlen: 48
2a03:5000:81::/48 maxlen: 48
2a03:5000:82::/48 maxlen: 48
2a03:5000:91::/48 maxlen: 48
2a03:5000:92::/48 maxlen: 48
2a03:5000:101::/48 maxlen: 48
2a03:5000:102::/48 maxlen: 48
2a03:5000:111::/48 maxlen: 48
2a03:5000:112::/48 maxlen: 48
2a03:5000:121::/48 maxlen: 48
2a03:5000:122::/48 maxlen: 48
2a03:5000:131::/48 maxlen: 48
2a03:5000:132::/48 maxlen: 48
2a03:5000:141::/48 maxlen: 48
2a03:5000:142::/48 maxlen: 48
2a03:5000:151::/48 maxlen: 48
2a03:5000:152::/48 maxlen: 48
2a03:5000:161::/48 maxlen: 48
2a03:5000:162::/48 maxlen: 48
2a03:5000:171::/48 maxlen: 48
2a03:5000:172::/48 maxlen: 48
2a03:5000:181::/48 maxlen: 48
2a03:5000:182::/48 maxlen: 48
2a03:5000:191::/48 maxlen: 48
2a03:5000:192::/48 maxlen: 48
2a03:5000:201::/48 maxlen: 48
2a03:5000:202::/48 maxlen: 48
2a03:5000:211::/48 maxlen: 48
2a03:5000:212::/48 maxlen: 48
2a03:5000:221::/48 maxlen: 48
2a03:5000:222::/48 maxlen: 48
2a03:5000:231::/48 maxlen: 48
2a03:5000:232::/48 maxlen: 48
2a03:5000:241::/48 maxlen: 48
2a03:5000:242::/48 maxlen: 48
2a03:5000:251::/48 maxlen: 48
2a03:5000:252::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/JMxrnDf6oNo7QSAHwLELLFvyz04.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/JMxrnDf6oNo7QSAHwLELLFvyz04.mft
rsync://rpki.ripe.net/repository/DEFAULT/JMxrnDf6oNo7QSAHwLELLFvyz04.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e1:37:fe:c1:e9:47:ab:7b:3d:6e:98:77:63:f0:3b:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24cc6b9c37faa0da3b412007c0b10b2c5bf2cf4e
Validity
Not Before: Sep 11 13:13:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9e2c44c4009d04b09ddb6d0abe78910b29af9be1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:ae:4f:00:41:97:bd:f9:6b:59:99:4b:c9:8c:
85:06:63:99:84:e5:a8:99:dd:f5:60:b6:33:07:4e:
33:fd:3b:f2:f0:65:62:77:4d:2c:21:9f:ef:5b:69:
a3:36:8d:82:bc:3b:4f:42:34:05:cf:32:d3:47:0e:
80:5f:12:5d:20:3b:42:b4:32:27:37:86:45:41:96:
3e:f0:77:c8:a1:2c:20:82:5b:3d:86:c8:98:84:57:
c3:2c:67:34:cd:97:94:77:b3:98:ac:27:ae:ce:16:
15:48:5c:d3:5b:5c:57:f2:34:1f:29:3c:39:24:ce:
b9:b6:d7:63:53:05:88:f5:9a:75:06:bc:2e:94:cb:
91:07:86:a6:4f:e9:32:a6:98:de:65:ae:35:5e:07:
70:7a:9f:9f:31:de:fb:2d:8c:fb:79:20:4f:6f:af:
9c:b6:f0:db:b0:e6:57:ee:ce:78:57:f9:63:37:4a:
6e:60:e7:82:59:2f:3b:b7:1b:9b:0e:87:c3:9a:76:
44:de:61:d5:4e:dd:f8:c7:00:b2:89:6f:dd:f6:30:
9c:68:14:76:ea:06:80:cd:7d:60:f0:99:2a:13:bc:
14:7a:63:4c:05:c8:a7:a1:f5:97:e5:4b:03:64:07:
14:a7:f8:1a:70:b0:c4:a9:68:1c:ea:f0:22:31:16:
dd:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:2C:44:C4:00:9D:04:B0:9D:DB:6D:0A:BE:78:91:0B:29:AF:9B:E1
X509v3 Authority Key Identifier:
keyid:24:CC:6B:9C:37:FA:A0:DA:3B:41:20:07:C0:B1:0B:2C:5B:F2:CF:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JMxrnDf6oNo7QSAHwLELLFvyz04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/nixExACdBLCd220KvniRCymvm-E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/JMxrnDf6oNo7QSAHwLELLFvyz04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.250.0.0/16
192.109.236.0/24
195.203.0.0/16
217.27.0.0-217.27.4.255
217.27.6.0/23
IPv6:
2a03:5000:1::-2a03:5000:2:ffff:ffff:ffff:ffff:ffff
2a03:5000:11::-2a03:5000:12:ffff:ffff:ffff:ffff:ffff
2a03:5000:20::-2a03:5000:22:ffff:ffff:ffff:ffff:ffff
2a03:5000:30::-2a03:5000:32:ffff:ffff:ffff:ffff:ffff
2a03:5000:41::-2a03:5000:42:ffff:ffff:ffff:ffff:ffff
2a03:5000:51::-2a03:5000:52:ffff:ffff:ffff:ffff:ffff
2a03:5000:61::-2a03:5000:62:ffff:ffff:ffff:ffff:ffff
2a03:5000:71::-2a03:5000:72:ffff:ffff:ffff:ffff:ffff
2a03:5000:81::-2a03:5000:82:ffff:ffff:ffff:ffff:ffff
2a03:5000:91::-2a03:5000:92:ffff:ffff:ffff:ffff:ffff
2a03:5000:101::-2a03:5000:102:ffff:ffff:ffff:ffff:ffff
2a03:5000:111::-2a03:5000:112:ffff:ffff:ffff:ffff:ffff
2a03:5000:121::-2a03:5000:122:ffff:ffff:ffff:ffff:ffff
2a03:5000:131::-2a03:5000:132:ffff:ffff:ffff:ffff:ffff
2a03:5000:141::-2a03:5000:142:ffff:ffff:ffff:ffff:ffff
2a03:5000:151::-2a03:5000:152:ffff:ffff:ffff:ffff:ffff
2a03:5000:161::-2a03:5000:162:ffff:ffff:ffff:ffff:ffff
2a03:5000:171::-2a03:5000:172:ffff:ffff:ffff:ffff:ffff
2a03:5000:181::-2a03:5000:182:ffff:ffff:ffff:ffff:ffff
2a03:5000:191::-2a03:5000:192:ffff:ffff:ffff:ffff:ffff
2a03:5000:201::-2a03:5000:202:ffff:ffff:ffff:ffff:ffff
2a03:5000:211::-2a03:5000:212:ffff:ffff:ffff:ffff:ffff
2a03:5000:221::-2a03:5000:222:ffff:ffff:ffff:ffff:ffff
2a03:5000:231::-2a03:5000:232:ffff:ffff:ffff:ffff:ffff
2a03:5000:241::-2a03:5000:242:ffff:ffff:ffff:ffff:ffff
2a03:5000:251::-2a03:5000:252:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
5a:8f:2e:1f:96:99:60:4f:7e:0e:63:88:b9:05:5b:ae:53:a9:
92:84:b8:74:1d:22:ef:76:de:64:29:6e:f3:21:15:f4:c4:1d:
34:ed:e7:03:e8:aa:8d:1b:93:1b:4e:7c:e4:85:70:d3:6c:d4:
59:06:19:66:d0:3b:f6:f4:cb:be:3b:a2:9b:c0:20:4f:fb:bf:
6d:5e:a6:51:1f:b4:15:9e:b0:ab:6b:ba:9b:7b:1c:b7:26:83:
e4:ca:4d:d5:2b:44:33:01:e2:ca:97:44:e9:0f:18:c5:4f:19:
57:bc:ce:5f:2e:09:a7:4e:00:26:99:f2:d5:56:a9:ef:73:95:
f8:23:4b:df:20:d1:4e:3f:4c:4a:49:c5:c1:a6:c5:22:c4:54:
99:f7:bf:e9:11:fa:02:9a:07:30:f7:a3:1b:f1:2d:f0:f3:f5:
93:36:51:84:42:4f:b5:fd:e0:e1:0d:4d:16:5e:5b:2e:30:cc:
59:6c:9a:0e:55:91:6a:34:07:12:e6:8a:f6:c1:42:71:81:13:
97:8d:33:00:f4:55:b2:76:fb:83:9a:d3:ee:88:c6:e3:74:c3:
da:18:9c:51:bf:b4:cc:f1:49:36:fe:0b:c1:c4:7d:bc:63:3a:
81:e4:71:53:07:a2:fd:7e:b9:6c:fa:14:92:09:51:df:52:e3:
01:9f:ec:2f
-----BEGIN CERTIFICATE-----
MIIHNDCCBhygAwIBAgISAZHhN/7B6Uerez1umHdj8DuIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0Y2M2YjljMzdmYWEwZGEzYjQxMjAwN2MwYjEwYjJjNWJm
MmNmNGUwHhcNMjQwOTExMTMxMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTJjNDRjNDAwOWQwNGIwOWRkYjZkMGFiZTc4OTEwYjI5YWY5YmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyK5PAEGXvflrWZlLyYyFBmOZhOWo
md31YLYzB04z/Tvy8GVid00sIZ/vW2mjNo2CvDtPQjQFzzLTRw6AXxJdIDtCtDIn
N4ZFQZY+8HfIoSwggls9hsiYhFfDLGc0zZeUd7OYrCeuzhYVSFzTW1xX8jQfKTw5
JM65ttdjUwWI9Zp1BrwulMuRB4amT+kyppjeZa41Xgdwep+fMd77LYz7eSBPb6+c
tvDbsOZX7s54V/ljN0puYOeCWS87txubDofDmnZE3mHVTt34xwCyiW/d9jCcaBR2
6gaAzX1g8JkqE7wUemNMBcinofWX5UsDZAcUp/gacLDEqWgc6vAiMRbdTQIDAQAB
o4IEQDCCBDwwHQYDVR0OBBYEFJ4sRMQAnQSwndttCr54kQspr5vhMB8GA1UdIwQY
MBaAFCTMa5w3+qDaO0EgB8CxCyxb8s9OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSk14cm5EZjZvTm83UVNBSHdMRUxMRnZ5ejA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8wZmY0NDktYWQ5OC00ODJkLWFjNzUt
ODY0MjM4YmMwNDliLzEvbml4RXhBQ2RCTENkMjIwS3ZuaVJDeW12bS1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC8wZmY0NDktYWQ5OC00ODJkLWFjNzUtODY0MjM4YmMwNDli
LzEvSk14cm5EZjZvTm83UVNBSHdMRUxMRnZ5ejA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICVAYIKwYBBQUHAQcBAf8EggJDMIICPzApBAIAATAjAwMA
lfoDBADAbewDAwDDyzALAwMA2RsDBADZGwQDBAHZGwYwggIQBAIAAjCCAggwEgMH
ACoDUAAAAQMHACoDUAAAAjASAwcAKgNQAAARAwcAKgNQAAASMBIDBwUqA1AAACAD
BwAqA1AAACIwEgMHBCoDUAAAMAMHACoDUAAAMjASAwcAKgNQAABBAwcAKgNQAABC
MBIDBwAqA1AAAFEDBwAqA1AAAFIwEgMHACoDUAAAYQMHACoDUAAAYjASAwcAKgNQ
AABxAwcAKgNQAAByMBIDBwAqA1AAAIEDBwAqA1AAAIIwEgMHACoDUAAAkQMHACoD
UAAAkjASAwcAKgNQAAEBAwcAKgNQAAECMBIDBwAqA1AAAREDBwAqA1AAARIwEgMH
ACoDUAABIQMHACoDUAABIjASAwcAKgNQAAExAwcAKgNQAAEyMBIDBwAqA1AAAUED
BwAqA1AAAUIwEgMHACoDUAABUQMHACoDUAABUjASAwcAKgNQAAFhAwcAKgNQAAFi
MBIDBwAqA1AAAXEDBwAqA1AAAXIwEgMHACoDUAABgQMHACoDUAABgjASAwcAKgNQ
AAGRAwcAKgNQAAGSMBIDBwAqA1AAAgEDBwAqA1AAAgIwEgMHACoDUAACEQMHACoD
UAACEjASAwcAKgNQAAIhAwcAKgNQAAIiMBIDBwAqA1AAAjEDBwAqA1AAAjIwEgMH
ACoDUAACQQMHACoDUAACQjASAwcAKgNQAAJRAwcAKgNQAAJSMA0GCSqGSIb3DQEB
CwUAA4IBAQBajy4flplgT34OY4i5BVuuU6mShLh0HSLvdt5kKW7zIRX0xB007ecD
6KqNG5MbTnzkhXDTbNRZBhlm0Dv29Mu+O6KbwCBP+79tXqZRH7QVnrCra7qbexy3
JoPkyk3VK0QzAeLKl0TpDxjFTxlXvM5fLgmnTgAmmfLVVqnvc5X4I0vfINFOP0xK
ScXBpsUixFSZ97/pEfoCmgcw96Mb8S3w8/WTNlGEQk+1/eDhDU0WXlsuMMxZbJoO
VZFqNAcS5or2wUJxgROXjTMA9FWydvuDmtPuiMbjdMPaGJxRv7TM8Uk2/gvBxH28
YzqB5HFTB6L9frls+hSSCVHfUuMBn+wv
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:53:35 2024 by rpki-client on console-fra.rpki-client.org