Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/4508c4-332b-403c-9f56-db905913cb87/1/nTzt_7yObYF91YEfJlGe8rhCQyE.roa
File: nTzt_7yObYF91YEfJlGe8rhCQyE.roa (raw, json)
Hash identifier: UZJuy0N8FDFUyDPS/6Vsx+tptqpEF0jDlmMqyvXeZZc=
Subject key identifier: 9D:3C:ED:FF:BC:8E:6D:81:7D:D5:81:1F:26:51:9E:F2:B8:42:43:21
Certificate issuer: /CN=e93ee9a6d1404c61eb19b02b02d74da83a6633da
Certificate serial: 019652F5D7E36A5914FBCEE990AAC6AAB8C6
Authority key identifier: E9:3E:E9:A6:D1:40:4C:61:EB:19:B0:2B:02:D7:4D:A8:3A:66:33:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6T7pptFATGHrGbArAtdNqDpmM9o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/4508c4-332b-403c-9f56-db905913cb87/1/nTzt_7yObYF91YEfJlGe8rhCQyE.roa
Signing time: Sun 20 Apr 2025 11:29:25 +0000
ROA not before: Sun 20 Apr 2025 11:29:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49556
IP address blocks: 185.249.10.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/4508c4-332b-403c-9f56-db905913cb87/1/6T7pptFATGHrGbArAtdNqDpmM9o.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/4508c4-332b-403c-9f56-db905913cb87/1/6T7pptFATGHrGbArAtdNqDpmM9o.mft
rsync://rpki.ripe.net/repository/DEFAULT/6T7pptFATGHrGbArAtdNqDpmM9o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:52:f5:d7:e3:6a:59:14:fb:ce:e9:90:aa:c6:aa:b8:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e93ee9a6d1404c61eb19b02b02d74da83a6633da
Validity
Not Before: Apr 20 11:29:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9d3cedffbc8e6d817dd5811f26519ef2b8424321
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:a5:fb:f9:5e:38:2f:78:f2:7d:8d:fc:21:ad:
b4:14:76:e9:aa:ee:a5:b0:b0:b5:67:e5:8f:91:dc:
50:f6:6d:c8:4b:65:5d:ca:e3:96:6d:9a:fd:cb:b0:
94:fc:cb:8b:9e:b0:ee:08:18:30:2f:b5:bb:12:c8:
b0:25:a8:88:62:cb:7f:0a:26:a6:16:8b:c6:7d:d4:
9c:38:f4:d8:12:6b:cd:fe:bc:7b:cb:e7:51:46:9d:
fd:f9:33:3a:bd:c3:ce:da:2c:8f:97:c2:a5:87:1a:
6d:a7:49:ee:7f:3b:76:51:70:4a:c8:2a:96:ed:d1:
ab:df:50:f0:34:43:2f:65:02:01:55:88:06:39:f7:
25:4e:71:e5:2b:94:46:6c:a7:42:a7:7f:36:6e:9f:
37:c5:9b:4b:f3:6f:fa:37:50:81:58:e6:94:5c:6f:
35:6f:60:72:be:f6:38:a5:52:99:f3:60:3f:70:38:
79:20:dd:45:eb:8b:c4:38:47:fd:03:e5:7c:4b:14:
08:47:7e:5e:cd:44:59:ec:26:4e:fe:88:85:7e:d5:
65:b6:c4:3b:a9:52:8d:a7:f9:49:1a:42:5b:a0:61:
df:47:df:4e:66:35:f3:03:4e:38:f1:50:a0:c9:9c:
22:00:e6:bb:83:88:9f:72:07:82:fa:b0:d9:a3:66:
ee:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:3C:ED:FF:BC:8E:6D:81:7D:D5:81:1F:26:51:9E:F2:B8:42:43:21
X509v3 Authority Key Identifier:
keyid:E9:3E:E9:A6:D1:40:4C:61:EB:19:B0:2B:02:D7:4D:A8:3A:66:33:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6T7pptFATGHrGbArAtdNqDpmM9o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/4508c4-332b-403c-9f56-db905913cb87/1/nTzt_7yObYF91YEfJlGe8rhCQyE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/4508c4-332b-403c-9f56-db905913cb87/1/6T7pptFATGHrGbArAtdNqDpmM9o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.249.10.0/24
Signature Algorithm: sha256WithRSAEncryption
13:c0:e1:0d:61:d3:55:1e:8f:51:10:e2:86:1f:14:49:f5:42:
1a:b1:d9:1b:e5:f9:fd:11:d7:ca:ce:48:2d:32:dc:36:2a:20:
1d:08:30:fe:4e:f5:af:76:01:b3:ad:7b:f5:bc:5d:60:9b:8c:
63:1e:31:26:a6:4e:9a:94:73:33:14:60:ef:ff:75:22:e9:84:
f6:6d:28:3f:e8:e3:17:ed:e8:30:6d:b3:b5:3f:e4:8c:5b:e8:
4f:69:69:e5:92:2b:ed:43:f6:fa:ea:fe:36:66:eb:ed:2e:53:
ea:88:87:c8:f2:55:81:4c:a2:26:53:a2:8b:42:29:54:15:42:
0b:50:e6:de:91:f2:8a:0c:37:4d:25:76:f9:95:97:23:3f:5a:
e0:de:b3:26:23:e9:a3:d1:80:3c:8f:a2:42:28:30:25:01:22:
2c:c4:8a:d4:2c:a1:76:2f:27:0e:e2:54:9e:00:d9:3a:44:62:
5c:cf:05:db:e0:78:b5:cc:2f:99:10:7a:f8:ae:2a:1a:d6:04:
b8:92:00:d7:8f:80:42:3b:c4:b2:83:61:bf:bd:5a:e4:a5:62:
f8:58:64:cc:ac:5e:ab:9c:7a:4b:db:83:6e:a9:9f:ee:a4:4e:
d0:bd:77:5a:13:43:0f:c7:94:d6:00:e0:57:07:f7:70:22:d4:
c4:76:a5:f4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZZS9dfjalkU+87pkKrGqrjGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5M2VlOWE2ZDE0MDRjNjFlYjE5YjAyYjAyZDc0ZGE4M2E2
NjMzZGEwHhcNMjUwNDIwMTEyOTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDNjZWRmZmJjOGU2ZDgxN2RkNTgxMWYyNjUxOWVmMmI4NDI0MzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl6X7+V44L3jyfY38Ia20FHbpqu6l
sLC1Z+WPkdxQ9m3IS2VdyuOWbZr9y7CU/MuLnrDuCBgwL7W7EsiwJaiIYst/Ciam
FovGfdScOPTYEmvN/rx7y+dRRp39+TM6vcPO2iyPl8Klhxptp0nufzt2UXBKyCqW
7dGr31DwNEMvZQIBVYgGOfclTnHlK5RGbKdCp382bp83xZtL82/6N1CBWOaUXG81
b2ByvvY4pVKZ82A/cDh5IN1F64vEOEf9A+V8SxQIR35ezURZ7CZO/oiFftVltsQ7
qVKNp/lJGkJboGHfR99OZjXzA0448VCgyZwiAOa7g4ifcgeC+rDZo2butwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ087f+8jm2BfdWBHyZRnvK4QkMhMB8GA1UdIwQY
MBaAFOk+6abRQExh6xmwKwLXTag6ZjPaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlQ3cHB0RkFUR0hyR2JBckF0ZE5xRHBtTTlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC80NTA4YzQtMzMyYi00MDNjLTlmNTYt
ZGI5MDU5MTNjYjg3LzEvblR6dF83eU9iWUY5MVlFZkpsR2U4cmhDUXlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC80NTA4YzQtMzMyYi00MDNjLTlmNTYtZGI5MDU5MTNjYjg3
LzEvNlQ3cHB0RkFUR0hyR2JBckF0ZE5xRHBtTTlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufkKMA0G
CSqGSIb3DQEBCwUAA4IBAQATwOENYdNVHo9REOKGHxRJ9UIasdkb5fn9EdfKzkgt
Mtw2KiAdCDD+TvWvdgGzrXv1vF1gm4xjHjEmpk6alHMzFGDv/3Ui6YT2bSg/6OMX
7egwbbO1P+SMW+hPaWnlkivtQ/b66v42ZuvtLlPqiIfI8lWBTKImU6KLQilUFUIL
UObekfKKDDdNJXb5lZcjP1rg3rMmI+mj0YA8j6JCKDAlASIsxIrULKF2LycO4lSe
ANk6RGJczwXb4Hi1zC+ZEHr4rioa1gS4kgDXj4BCO8Syg2G/vVrkpWL4WGTMrF6r
nHpL24NuqZ/upE7QvXdaE0MPx5TWAOBXB/dwItTEdqX0
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:51:54 2025 by rpki-client