Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/2084c5-4eba-4457-a8ec-32471c5908a2/1/NtH1vO7ll_U5_pqKHtqzA0Hc2jg.roa
File: NtH1vO7ll_U5_pqKHtqzA0Hc2jg.roa (raw, json)
Hash identifier: HhdnUZonzxIQju7AN7jqFbyBFzlOs+8aln7of8ZODwc=
Subject key identifier: 36:D1:F5:BC:EE:E5:97:F5:39:FE:9A:8A:1E:DA:B3:03:41:DC:DA:38
Certificate issuer: /CN=081cb333913cf413bbafd9277937b3061a61817c
Certificate serial: 019425FC92FFC780B470B9C3329788773955
Authority key identifier: 08:1C:B3:33:91:3C:F4:13:BB:AF:D9:27:79:37:B3:06:1A:61:81:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CByzM5E89BO7r9kneTezBhphgXw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/2084c5-4eba-4457-a8ec-32471c5908a2/1/NtH1vO7ll_U5_pqKHtqzA0Hc2jg.roa
Signing time: Thu 02 Jan 2025 07:48:17 +0000
ROA not before: Thu 02 Jan 2025 07:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44939
IP address blocks: 193.142.196.0/22 maxlen: 24
2a0d:2740::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/2084c5-4eba-4457-a8ec-32471c5908a2/1/CByzM5E89BO7r9kneTezBhphgXw.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/2084c5-4eba-4457-a8ec-32471c5908a2/1/CByzM5E89BO7r9kneTezBhphgXw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CByzM5E89BO7r9kneTezBhphgXw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 07:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:92:ff:c7:80:b4:70:b9:c3:32:97:88:77:39:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=081cb333913cf413bbafd9277937b3061a61817c
Validity
Not Before: Jan 2 07:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=36d1f5bceee597f539fe9a8a1edab30341dcda38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:e4:9e:6d:79:5d:15:f7:64:fa:3b:c9:37:7f:
3a:5f:c4:f5:90:75:81:15:93:85:4c:0d:19:93:ae:
0f:b2:92:60:87:d8:43:3c:fe:90:f5:e1:80:81:ab:
ab:b0:a2:b2:60:25:ff:96:fe:ea:9a:95:d0:0f:65:
25:8c:18:ac:ad:6a:4b:17:9f:cf:0a:61:ef:fd:c1:
15:50:24:03:c9:9f:d1:1d:41:08:5d:7e:73:ea:b9:
ab:d5:4d:64:60:9a:0e:56:44:75:1b:7a:3e:94:01:
ff:2e:0c:89:f3:b3:d8:45:bc:48:e8:9e:7b:34:53:
0d:4e:2c:e0:8f:62:8f:d8:63:36:75:7a:a1:29:27:
ca:6b:e2:5d:3a:ff:0e:5f:38:54:75:01:e5:2c:e3:
de:c3:a2:f8:18:ed:67:f6:b0:30:7b:1f:bd:72:d7:
d7:45:23:6a:c0:71:be:1f:da:b3:f9:48:c5:0e:b8:
d8:ba:85:02:81:ea:0e:0f:54:e3:5c:f0:a0:d3:b5:
d9:be:c5:19:b0:81:4a:71:3c:44:f1:1a:18:09:13:
d4:e5:a9:32:be:3d:c2:19:69:cb:04:8c:9e:26:b0:
aa:71:96:63:50:4c:56:9f:cd:26:d6:80:e0:be:b4:
0f:83:af:42:42:91:8c:4d:f8:cd:68:fe:c2:50:09:
c3:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:D1:F5:BC:EE:E5:97:F5:39:FE:9A:8A:1E:DA:B3:03:41:DC:DA:38
X509v3 Authority Key Identifier:
keyid:08:1C:B3:33:91:3C:F4:13:BB:AF:D9:27:79:37:B3:06:1A:61:81:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CByzM5E89BO7r9kneTezBhphgXw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/2084c5-4eba-4457-a8ec-32471c5908a2/1/NtH1vO7ll_U5_pqKHtqzA0Hc2jg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/2084c5-4eba-4457-a8ec-32471c5908a2/1/CByzM5E89BO7r9kneTezBhphgXw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.142.196.0/22
IPv6:
2a0d:2740::/29
Signature Algorithm: sha256WithRSAEncryption
b9:38:7f:bd:ff:9e:57:e9:1d:51:c9:4b:fe:53:4c:9e:fc:c3:
c9:56:f7:f5:87:2d:bf:19:53:2c:fa:b8:22:d6:ed:45:52:80:
89:ac:2e:29:d8:b7:93:5e:ce:f0:1f:25:dd:ea:91:e9:ae:71:
6e:79:93:3d:68:67:95:5e:5b:bb:97:2e:86:0f:88:ba:72:8b:
c7:38:7e:6d:55:da:96:ad:17:cd:b1:26:d9:cd:19:54:24:7a:
9a:21:e0:da:8b:ac:2b:e2:47:89:c6:72:c3:cd:5d:80:64:93:
ac:88:07:2a:74:a7:8b:ba:77:2a:73:f2:06:82:30:df:c2:11:
17:ff:a8:5c:b9:6c:5e:6d:12:89:a5:ce:6c:6f:d7:e0:e2:b7:
ed:9d:0a:f0:d5:ee:0b:c9:01:6d:37:6f:27:e6:b1:4b:66:40:
7c:c9:9f:d9:1b:1d:4d:68:46:07:35:4b:d1:6c:12:50:00:89:
1e:20:88:96:86:8f:20:03:b8:94:bf:67:78:0c:09:20:f1:1e:
7d:14:c8:ad:43:92:42:9e:3a:39:dd:3d:dc:00:7e:ed:c1:01:
b4:d2:3c:ac:62:03:b4:6f:d5:e8:55:61:ef:00:fe:5f:41:39:
fc:49:82:14:bf:80:44:bc:76:ce:92:18:87:d7:0d:0a:41:0d:
51:84:dd:56
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQl/JL/x4C0cLnDMpeIdzlVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MWNiMzMzOTEzY2Y0MTNiYmFmZDkyNzc5MzdiMzA2MWE2
MTgxN2MwHhcNMjUwMTAyMDc0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmQxZjViY2VlZTU5N2Y1MzlmZTlhOGExZWRhYjMwMzQxZGNkYTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtOSebXldFfdk+jvJN386X8T1kHWB
FZOFTA0Zk64PspJgh9hDPP6Q9eGAgaursKKyYCX/lv7qmpXQD2UljBisrWpLF5/P
CmHv/cEVUCQDyZ/RHUEIXX5z6rmr1U1kYJoOVkR1G3o+lAH/LgyJ87PYRbxI6J57
NFMNTizgj2KP2GM2dXqhKSfKa+JdOv8OXzhUdQHlLOPew6L4GO1n9rAwex+9ctfX
RSNqwHG+H9qz+UjFDrjYuoUCgeoOD1TjXPCg07XZvsUZsIFKcTxE8RoYCRPU5aky
vj3CGWnLBIyeJrCqcZZjUExWn80m1oDgvrQPg69CQpGMTfjNaP7CUAnDUQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDbR9bzu5Zf1Of6aih7aswNB3No4MB8GA1UdIwQY
MBaAFAgcszORPPQTu6/ZJ3k3swYaYYF8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0J5ek01RTg5Qk83cjlrbmVUZXpCaHBoZ1h3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC8yMDg0YzUtNGViYS00NDU3LWE4ZWMt
MzI0NzFjNTkwOGEyLzEvTnRIMXZPN2xsX1U1X3BxS0h0cXpBMEhjMmpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC8yMDg0YzUtNGViYS00NDU3LWE4ZWMtMzI0NzFjNTkwOGEy
LzEvQ0J5ek01RTg5Qk83cjlrbmVUZXpCaHBoZ1h3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwY7EMA0E
AgACMAcDBQMqDSdAMA0GCSqGSIb3DQEBCwUAA4IBAQC5OH+9/55X6R1RyUv+U0ye
/MPJVvf1hy2/GVMs+rgi1u1FUoCJrC4p2LeTXs7wHyXd6pHprnFueZM9aGeVXlu7
ly6GD4i6covHOH5tVdqWrRfNsSbZzRlUJHqaIeDai6wr4keJxnLDzV2AZJOsiAcq
dKeLuncqc/IGgjDfwhEX/6hcuWxebRKJpc5sb9fg4rftnQrw1e4LyQFtN28n5rFL
ZkB8yZ/ZGx1NaEYHNUvRbBJQAIkeIIiWho8gA7iUv2d4DAkg8R59FMitQ5JCnjo5
3T3cAH7twQG00jysYgO0b9XoVWHvAP5fQTn8SYIUv4BEvHbOkhiH1w0KQQ1RhN1W
-----END CERTIFICATE-----
Generated at Thu Apr 17 09:52:07 2025 by rpki-client