Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/O-CShtLdSt3NF8G2Z7T1N_nia9o.roa
File: O-CShtLdSt3NF8G2Z7T1N_nia9o.roa (raw, json)
Hash identifier: 59NEsF6JHmuxcm1mEjfBbQOPNeL7ojObOahO9rwjC1w=
Subject key identifier: 3B:E0:92:86:D2:DD:4A:DD:CD:17:C1:B6:67:B4:F5:37:F9:E2:6B:DA
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 0194266C6A8A156BC72CC0CA4E92F7A5BE2E
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/O-CShtLdSt3NF8G2Z7T1N_nia9o.roa
Signing time: Thu 02 Jan 2025 09:50:26 +0000
ROA not before: Thu 02 Jan 2025 09:50:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29069
IP address blocks: 77.87.112.0/21 maxlen: 21
77.87.112.0/24 maxlen: 24
95.215.96.0/21 maxlen: 21
185.13.112.0/22 maxlen: 22
185.13.112.0/25 maxlen: 25
185.13.112.128/25 maxlen: 25
195.128.56.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:6a:8a:15:6b:c7:2c:c0:ca:4e:92:f7:a5:be:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jan 2 09:50:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3be09286d2dd4addcd17c1b667b4f537f9e26bda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:3c:03:d5:eb:9b:af:be:10:2f:af:bc:dd:db:
9e:c0:b0:e7:4c:70:8c:1a:7d:6f:e0:47:92:d5:07:
6b:83:28:b1:cc:81:9f:5c:59:69:36:6e:ac:28:33:
ea:04:af:ce:f7:69:7b:85:94:24:86:59:c3:7a:77:
1c:00:bf:72:36:4c:fa:14:2d:55:9b:20:aa:91:e6:
10:80:4c:63:3e:f2:e6:21:02:73:8b:61:fb:8e:91:
dc:0b:a8:ae:58:49:57:0c:7f:e8:c1:e5:1c:0e:40:
43:e0:44:70:a8:cd:4f:00:d1:97:45:96:b3:4d:08:
9a:46:58:3d:68:d7:1b:71:9a:53:e3:e4:55:74:39:
f8:d9:c7:d4:d8:a3:c1:bc:c5:0b:f9:61:04:26:81:
49:6f:33:59:3c:5b:48:26:24:f9:e4:88:da:15:ef:
65:c6:81:a2:71:65:30:99:bb:bc:3b:d7:30:c8:c5:
35:cf:73:a5:2b:fc:a0:9d:16:af:ff:b9:28:78:ea:
cb:a2:0e:63:a1:7e:1b:43:fb:45:1a:ad:48:94:28:
1b:e0:03:82:36:18:95:95:a2:c8:1a:98:2a:44:2e:
18:9b:20:72:84:a4:1d:2d:4b:59:4b:2d:89:b3:1a:
8d:19:e6:bf:30:75:c1:6e:a2:a7:5c:b2:41:e1:b4:
2a:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:E0:92:86:D2:DD:4A:DD:CD:17:C1:B6:67:B4:F5:37:F9:E2:6B:DA
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/O-CShtLdSt3NF8G2Z7T1N_nia9o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.87.112.0/21
95.215.96.0/21
185.13.112.0/22
195.128.56.0/21
Signature Algorithm: sha256WithRSAEncryption
5e:34:46:aa:16:1c:0c:01:88:02:93:2b:cc:78:04:66:0d:72:
02:4d:28:ad:a2:78:27:80:0d:4c:e1:e5:35:1e:95:c6:41:94:
74:ef:cd:7c:09:2e:52:31:24:e2:c7:d0:73:7f:ce:e3:21:29:
eb:e6:8d:0a:f2:fb:ef:a6:fa:f1:4b:e0:2d:b2:e8:45:a8:d1:
d7:35:68:66:ea:93:99:8a:22:41:04:5d:8f:c0:b6:1b:10:f8:
dc:3a:23:ce:b3:52:f6:44:8a:ce:2e:9d:d4:a3:10:d7:7e:b9:
f0:49:5c:75:c0:66:0b:2c:7c:e6:3a:5c:cb:d1:9d:86:62:1e:
1b:9f:8c:8c:5b:92:d7:40:a3:91:28:02:bc:d1:93:4a:ba:f6:
23:2c:f4:7d:9d:bb:36:71:48:f8:e0:26:7f:82:52:f5:82:90:
84:63:7e:9b:32:9d:9d:d6:79:88:ad:0d:e7:19:6f:51:2e:3e:
76:c1:72:26:29:e9:40:13:96:df:8e:df:4e:3a:21:1c:d6:a0:
25:c3:c1:ed:c5:02:98:09:ca:20:83:56:50:4b:cc:83:e4:75:
ba:e4:73:cc:de:da:7d:89:fa:69:05:ce:8f:c4:c4:d2:c5:18:
8c:9e:e7:71:b8:7c:36:77:ea:57:b3:02:95:33:d3:f6:4e:73:
9e:fd:48:99
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQmbGqKFWvHLMDKTpL3pb4uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjUwMTAyMDk1MDI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmUwOTI4NmQyZGQ0YWRkY2QxN2MxYjY2N2I0ZjUzN2Y5ZTI2YmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoDwD1eubr74QL6+83duewLDnTHCM
Gn1v4EeS1QdrgyixzIGfXFlpNm6sKDPqBK/O92l7hZQkhlnDenccAL9yNkz6FC1V
myCqkeYQgExjPvLmIQJzi2H7jpHcC6iuWElXDH/oweUcDkBD4ERwqM1PANGXRZaz
TQiaRlg9aNcbcZpT4+RVdDn42cfU2KPBvMUL+WEEJoFJbzNZPFtIJiT55IjaFe9l
xoGicWUwmbu8O9cwyMU1z3OlK/ygnRav/7koeOrLog5joX4bQ/tFGq1IlCgb4AOC
NhiVlaLIGpgqRC4YmyByhKQdLUtZSy2JsxqNGea/MHXBbqKnXLJB4bQqcwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDvgkobS3UrdzRfBtme09Tf54mvaMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvTy1DU2h0TGRTdDNORjhHMlo3VDFOX25pYTlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDTVdwAwQD
X9dgAwQCuQ1wAwQDw4A4MA0GCSqGSIb3DQEBCwUAA4IBAQBeNEaqFhwMAYgCkyvM
eARmDXICTSitongngA1M4eU1HpXGQZR07818CS5SMSTix9Bzf87jISnr5o0K8vvv
pvrxS+AtsuhFqNHXNWhm6pOZiiJBBF2PwLYbEPjcOiPOs1L2RIrOLp3UoxDXfrnw
SVx1wGYLLHzmOlzL0Z2GYh4bn4yMW5LXQKORKAK80ZNKuvYjLPR9nbs2cUj44CZ/
glL1gpCEY36bMp2d1nmIrQ3nGW9RLj52wXImKelAE5bfjt9OOiEc1qAlw8HtxQKY
Ccogg1ZQS8yD5HW65HPM3tp9ifppBc6PxMTSxRiMnudxuHw2d+pXswKVM9P2TnOe
/UiZ
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:35:58 2025 by rpki-client