Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/NP-nZYWNfLECtv0CKEzsF8IgDJw.roa
File: NP-nZYWNfLECtv0CKEzsF8IgDJw.roa (raw, json)
Hash identifier: qjjM+wtgH54DJzP+JxnpxKk4qde6Hf4P9ImKC020KxU=
Subject key identifier: 34:FF:A7:65:85:8D:7C:B1:02:B6:FD:02:28:4C:EC:17:C2:20:0C:9C
Certificate issuer: /CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Certificate serial: 0196644B2D3D47856B1F0F04B289D9E5F7B1
Authority key identifier: 26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/NP-nZYWNfLECtv0CKEzsF8IgDJw.roa
Signing time: Wed 23 Apr 2025 20:16:10 +0000
ROA not before: Wed 23 Apr 2025 20:16:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204490
IP address blocks: 2a0e:c4c3::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/JgsrxFR3yB13TaoMKKtEt3S6CSA.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/JgsrxFR3yB13TaoMKKtEt3S6CSA.mft
rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 14:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:64:4b:2d:3d:47:85:6b:1f:0f:04:b2:89:d9:e5:f7:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Validity
Not Before: Apr 23 20:16:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=34ffa765858d7cb102b6fd02284cec17c2200c9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:c1:64:5f:e9:f6:81:86:ee:11:6c:c1:6d:ca:
ca:49:04:ff:23:17:ac:d6:30:bd:69:c3:b6:a1:ff:
c8:d2:53:e7:8b:61:8a:c5:16:b2:da:74:fa:04:93:
ba:d9:0e:b7:61:b4:36:01:06:16:dd:71:3f:6f:99:
9b:f4:d9:c4:82:8f:37:cf:6d:29:7d:ff:ab:e7:a7:
ba:48:1b:4a:32:b1:af:cd:ae:f8:2f:2e:1b:90:da:
10:46:fc:db:84:96:a4:6a:a8:2c:3c:e1:f6:d2:75:
cd:c6:6a:d2:35:3e:5c:52:9b:95:39:33:4c:b7:f7:
e4:94:88:f7:4a:7f:ae:1c:66:57:de:58:a5:6f:0d:
6f:2b:11:25:51:eb:c7:a1:54:3c:53:cc:49:37:3b:
a4:3c:6b:ca:ec:8d:81:b6:1b:3b:13:e1:d4:78:68:
52:72:cd:2e:0d:9e:4a:2e:88:8d:1b:cf:9a:10:39:
29:5f:74:56:c2:45:d1:2c:45:0d:94:ff:9e:af:f4:
55:5d:6e:3d:c1:10:8f:5d:76:36:16:e9:9d:2e:44:
02:bf:f5:cf:31:01:e1:4b:70:f9:e2:be:ac:27:8c:
09:a5:3a:0c:13:4e:93:7d:cc:61:1e:11:2a:d1:a9:
06:22:07:33:99:c2:17:4e:c8:2e:08:ef:e4:ae:5b:
5b:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:FF:A7:65:85:8D:7C:B1:02:B6:FD:02:28:4C:EC:17:C2:20:0C:9C
X509v3 Authority Key Identifier:
keyid:26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/NP-nZYWNfLECtv0CKEzsF8IgDJw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/JgsrxFR3yB13TaoMKKtEt3S6CSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:c4c3::/32
Signature Algorithm: sha256WithRSAEncryption
08:57:90:0c:db:4f:3f:6c:0d:01:8c:8f:18:1f:28:f9:75:01:
2d:06:c5:06:d7:cd:1a:5c:73:23:c5:8e:6e:b8:a4:32:24:4a:
9f:30:ec:b3:83:b4:2f:df:f1:0d:2a:09:b0:ce:c0:0d:95:0a:
0f:29:80:6e:e9:74:e3:76:71:78:60:04:75:c4:1a:4d:09:90:
7d:02:f5:e2:5a:a7:fb:74:56:42:86:82:de:af:07:f7:36:41:
81:09:ff:b8:f9:08:01:62:b3:11:dd:2b:93:aa:f8:0c:cc:07:
1e:53:08:88:41:3c:41:11:8e:d1:eb:05:1c:77:85:fa:1c:a3:
1f:f1:b0:08:1b:c1:29:19:12:10:d6:14:92:e7:8e:27:99:ff:
7e:6a:5c:c1:94:9e:36:b3:74:a4:cb:ab:cb:f4:38:a1:f7:de:
a1:bc:a7:6a:f5:b3:4b:57:dd:9e:21:bc:fc:c5:0d:d6:da:0c:
75:37:9c:35:9e:c6:0e:11:ad:5f:7a:0d:7a:85:64:de:4a:db:
aa:7b:a5:cc:7a:75:53:d5:9a:a8:80:cf:31:71:93:62:bc:dc:
e4:8f:c6:0a:e5:76:06:3a:d7:f3:1a:87:4c:a1:e0:16:32:29:
1c:e9:98:dd:1a:7e:00:51:de:bd:0a:c8:fe:c1:0b:bf:cc:b0:
60:aa:1a:9a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZZkSy09R4VrHw8EsonZ5fexMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MGIyYmM0NTQ3N2M4MWQ3NzRkYWEwYzI4YWI0NGI3NzRi
YTA5MjAwHhcNMjUwNDIzMjAxNjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGZmYTc2NTg1OGQ3Y2IxMDJiNmZkMDIyODRjZWMxN2MyMjAwYzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7cFkX+n2gYbuEWzBbcrKSQT/Ixes
1jC9acO2of/I0lPni2GKxRay2nT6BJO62Q63YbQ2AQYW3XE/b5mb9NnEgo83z20p
ff+r56e6SBtKMrGvza74Ly4bkNoQRvzbhJakaqgsPOH20nXNxmrSNT5cUpuVOTNM
t/fklIj3Sn+uHGZX3lilbw1vKxElUevHoVQ8U8xJNzukPGvK7I2Bths7E+HUeGhS
cs0uDZ5KLoiNG8+aEDkpX3RWwkXRLEUNlP+er/RVXW49wRCPXXY2FumdLkQCv/XP
MQHhS3D54r6sJ4wJpToME06TfcxhHhEq0akGIgczmcIXTsguCO/krltb2wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDT/p2WFjXyxArb9AihM7BfCIAycMB8GA1UdIwQY
MBaAFCYLK8RUd8gdd02qDCirRLd0ugkgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQt
MTdlNjZjMWZkM2QxLzEvTlAtblpZV05mTEVDdHYwQ0tFenNGOElnREp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQtMTdlNjZjMWZkM2Qx
LzEvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg7EwzAN
BgkqhkiG9w0BAQsFAAOCAQEACFeQDNtPP2wNAYyPGB8o+XUBLQbFBtfNGlxzI8WO
brikMiRKnzDss4O0L9/xDSoJsM7ADZUKDymAbul043ZxeGAEdcQaTQmQfQL14lqn
+3RWQoaC3q8H9zZBgQn/uPkIAWKzEd0rk6r4DMwHHlMIiEE8QRGO0esFHHeF+hyj
H/GwCBvBKRkSENYUkueOJ5n/fmpcwZSeNrN0pMury/Q4offeobynavWzS1fdniG8
/MUN1toMdTecNZ7GDhGtX3oNeoVk3krbqnulzHp1U9WaqIDPMXGTYrzc5I/GCuV2
BjrX8xqHTKHgFjIpHOmY3Rp+AFHevQrI/sELv8ywYKoamg==
-----END CERTIFICATE-----
Generated at Sun Apr 27 19:05:10 2025 by rpki-client