Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/b025bc-bc73-4d3c-a430-00394b610a34/1/nggdnA4mAiKLiw6UHtzESJ0klE0.roa
File: nggdnA4mAiKLiw6UHtzESJ0klE0.roa (raw, json)
Hash identifier: pHSsRZvm29dKmGcn5inpqu8Q9t703aQ9huVnyG7i37U=
Subject key identifier: 9E:08:1D:9C:0E:26:02:22:8B:8B:0E:94:1E:DC:C4:48:9D:24:94:4D
Certificate issuer: /CN=4940cf778dd9817657cd8d4feedd423d46d1a965
Certificate serial: 01941F8C4BD719FF37F36220490F5EC7BB78
Authority key identifier: 49:40:CF:77:8D:D9:81:76:57:CD:8D:4F:EE:DD:42:3D:46:D1:A9:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SUDPd43ZgXZXzY1P7t1CPUbRqWU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/b025bc-bc73-4d3c-a430-00394b610a34/1/nggdnA4mAiKLiw6UHtzESJ0klE0.roa
Signing time: Wed 01 Jan 2025 01:47:55 +0000
ROA not before: Wed 01 Jan 2025 01:47:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210201
IP address blocks: 194.34.96.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/b025bc-bc73-4d3c-a430-00394b610a34/1/SUDPd43ZgXZXzY1P7t1CPUbRqWU.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/b025bc-bc73-4d3c-a430-00394b610a34/1/SUDPd43ZgXZXzY1P7t1CPUbRqWU.mft
rsync://rpki.ripe.net/repository/DEFAULT/SUDPd43ZgXZXzY1P7t1CPUbRqWU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:4b:d7:19:ff:37:f3:62:20:49:0f:5e:c7:bb:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4940cf778dd9817657cd8d4feedd423d46d1a965
Validity
Not Before: Jan 1 01:47:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9e081d9c0e2602228b8b0e941edcc4489d24944d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:d1:87:37:82:a1:61:69:6a:7d:32:02:87:74:
6c:13:58:f5:df:d8:98:8a:82:a8:fa:51:8a:74:9a:
1d:e5:1b:38:d6:db:b4:95:7f:09:49:bb:10:c6:e4:
07:a8:53:4f:09:5b:ae:3c:b2:a5:6e:89:a6:cd:89:
34:6e:8e:fc:0c:f5:8c:7c:ff:dc:68:d0:53:fc:ff:
10:dd:17:f6:6c:ad:d3:ef:aa:b8:49:33:5d:73:b6:
f4:bb:e7:0d:08:87:ff:d9:d9:5e:36:e3:99:fc:d6:
0b:52:dc:23:80:6e:3b:fd:77:7a:2a:a9:f9:ec:d0:
e4:da:9a:65:20:5e:ea:46:e5:81:04:fe:0e:62:dd:
a2:5f:4c:8a:95:7e:b4:ab:c8:62:6e:a7:10:39:88:
3f:f7:3a:e5:12:1a:5b:cc:5b:b1:ea:8c:05:50:39:
b9:dc:92:fa:d0:8d:d2:f1:b7:53:e6:b9:44:8a:57:
ad:d9:04:45:54:44:4b:1b:16:1e:9e:8c:ee:e3:96:
e9:dc:75:8e:37:d7:67:bd:aa:6f:10:11:29:d3:e1:
92:e1:f3:57:e7:96:64:d2:1f:c5:7d:2c:1f:6b:c9:
06:d4:0a:01:e8:5d:96:4b:97:cb:38:cb:bc:fc:29:
35:9d:3d:88:db:fa:58:22:5d:38:7c:4d:ab:d8:c8:
4e:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:08:1D:9C:0E:26:02:22:8B:8B:0E:94:1E:DC:C4:48:9D:24:94:4D
X509v3 Authority Key Identifier:
keyid:49:40:CF:77:8D:D9:81:76:57:CD:8D:4F:EE:DD:42:3D:46:D1:A9:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SUDPd43ZgXZXzY1P7t1CPUbRqWU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/b025bc-bc73-4d3c-a430-00394b610a34/1/nggdnA4mAiKLiw6UHtzESJ0klE0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/b025bc-bc73-4d3c-a430-00394b610a34/1/SUDPd43ZgXZXzY1P7t1CPUbRqWU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.34.96.0/23
Signature Algorithm: sha256WithRSAEncryption
32:78:70:56:91:3b:a2:b5:10:c6:24:61:8a:61:b6:42:f7:c9:
64:25:08:2d:0e:2d:63:77:0d:c8:79:6f:9b:59:c5:39:b5:92:
f3:9f:8d:c6:7f:00:8c:44:ab:e0:23:a3:cc:4d:38:77:f4:9b:
5b:12:e8:91:bb:7d:ca:3a:83:cd:36:6a:1e:14:21:c2:2b:b4:
15:92:7d:27:69:65:a0:cd:cd:24:b5:4b:60:a5:51:0f:82:ea:
03:83:80:3b:4b:b2:05:c4:e1:ae:54:8c:23:37:e3:dd:04:42:
66:fa:66:ca:0a:47:3d:4b:3d:fd:3a:52:c4:98:57:55:3d:4d:
0d:59:fe:54:0c:19:64:77:85:39:de:39:7c:e7:f0:6f:97:d0:
5e:c6:b2:c7:86:4f:b1:52:a7:0d:78:a8:7f:7e:b6:64:d2:7d:
b4:7a:e2:e5:50:58:44:40:14:5d:7e:31:3b:09:e5:ec:fc:aa:
53:a5:13:6c:b6:fe:47:f6:e2:b3:ed:cb:07:d0:0d:08:4a:31:
a1:27:16:a0:c5:e1:4c:41:f2:30:55:89:c7:e7:87:a1:b4:7a:
7d:8f:d4:dc:c1:96:5f:6b:6d:e0:3e:25:fb:bd:a6:98:bc:6c:
d4:4e:24:a8:f7:14:bf:0a:e2:1f:ae:5e:ec:8d:d8:60:db:43:
af:a2:77:8b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjEvXGf8382IgSQ9ex7t4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5NDBjZjc3OGRkOTgxNzY1N2NkOGQ0ZmVlZGQ0MjNkNDZk
MWE5NjUwHhcNMjUwMTAxMDE0NzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTA4MWQ5YzBlMjYwMjIyOGI4YjBlOTQxZWRjYzQ0ODlkMjQ5NDRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNGHN4KhYWlqfTICh3RsE1j139iY
ioKo+lGKdJod5Rs41tu0lX8JSbsQxuQHqFNPCVuuPLKlbommzYk0bo78DPWMfP/c
aNBT/P8Q3Rf2bK3T76q4STNdc7b0u+cNCIf/2dleNuOZ/NYLUtwjgG47/Xd6Kqn5
7NDk2pplIF7qRuWBBP4OYt2iX0yKlX60q8hibqcQOYg/9zrlEhpbzFux6owFUDm5
3JL60I3S8bdT5rlEilet2QRFVERLGxYenozu45bp3HWON9dnvapvEBEp0+GS4fNX
55Zk0h/FfSwfa8kG1AoB6F2WS5fLOMu8/Ck1nT2I2/pYIl04fE2r2MhO/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ4IHZwOJgIii4sOlB7cxEidJJRNMB8GA1UdIwQY
MBaAFElAz3eN2YF2V82NT+7dQj1G0allMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1VEUGQ0M1pnWFpYelkxUDd0MUNQVWJScVdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS9iMDI1YmMtYmM3My00ZDNjLWE0MzAt
MDAzOTRiNjEwYTM0LzEvbmdnZG5BNG1BaUtMaXc2VUh0ekVTSjBrbEUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS9iMDI1YmMtYmM3My00ZDNjLWE0MzAtMDAzOTRiNjEwYTM0
LzEvU1VEUGQ0M1pnWFpYelkxUDd0MUNQVWJScVdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwiJgMA0G
CSqGSIb3DQEBCwUAA4IBAQAyeHBWkTuitRDGJGGKYbZC98lkJQgtDi1jdw3IeW+b
WcU5tZLzn43GfwCMRKvgI6PMTTh39JtbEuiRu33KOoPNNmoeFCHCK7QVkn0naWWg
zc0ktUtgpVEPguoDg4A7S7IFxOGuVIwjN+PdBEJm+mbKCkc9Sz39OlLEmFdVPU0N
Wf5UDBlkd4U53jl85/Bvl9BexrLHhk+xUqcNeKh/frZk0n20euLlUFhEQBRdfjE7
CeXs/KpTpRNstv5H9uKz7csH0A0ISjGhJxagxeFMQfIwVYnH54ehtHp9j9TcwZZf
a23gPiX7vaaYvGzUTiSo9xS/CuIfrl7sjdhg20OvoneL
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:07:33 2025 by rpki-client