Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/9nddskg5eza0HQ3Ckj_0kazezG4.roa
File: 9nddskg5eza0HQ3Ckj_0kazezG4.roa (raw, json)
Hash identifier: v+zD0OWw5P+vUDPPfTqxcnpeHsHwmY3/FYCT9AmxEXE=
Subject key identifier: F6:77:5D:B2:48:39:7B:36:B4:1D:0D:C2:92:3F:F4:91:AC:DE:CC:6E
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0196F35630123CBBBA690947F042B10B4EED
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/9nddskg5eza0HQ3Ckj_0kazezG4.roa
Signing time: Wed 21 May 2025 14:53:53 +0000
ROA not before: Wed 21 May 2025 14:53:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29076
IP address blocks: 193.124.158.0/23 maxlen: 23
193.124.158.0/24 maxlen: 24
193.124.159.0/24 maxlen: 24
195.133.200.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 09:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f3:56:30:12:3c:bb:ba:69:09:47:f0:42:b1:0b:4e:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: May 21 14:53:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f6775db248397b36b41d0dc2923ff491acdecc6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:32:60:88:10:4f:91:b9:e7:90:ab:ef:55:fe:
8e:60:87:f9:d6:88:cd:ba:48:e5:a8:f6:51:7e:f6:
07:79:b4:44:94:c3:54:f3:a9:b5:2a:9f:ee:43:78:
41:30:3f:33:7a:2a:fa:11:2c:12:6d:90:63:c1:e2:
cd:18:f8:05:b0:ba:94:02:4f:c2:7c:92:d3:49:0c:
88:09:cd:81:0c:a7:98:2b:9d:73:d6:fb:95:5a:a9:
92:39:5d:90:65:af:c7:69:94:78:cb:d7:5c:6c:c6:
6c:81:c8:47:95:36:75:c5:05:a9:99:d3:19:6e:15:
75:91:69:03:1e:d7:80:c4:ec:77:3a:75:61:d9:58:
66:8b:9a:54:3c:25:97:fa:de:f7:b0:d8:f9:67:a2:
0a:9a:6b:f0:aa:7b:d8:84:86:c8:9f:7b:98:46:0e:
e6:ea:a9:c1:0f:fb:be:b4:a7:1b:44:e7:9e:fa:78:
04:d0:b1:e4:77:30:41:e5:d5:a0:9d:64:77:73:29:
a7:81:44:6a:6c:cb:62:57:89:81:55:5d:96:cc:07:
c7:f6:93:75:13:e3:25:13:a8:e1:ed:6f:c2:66:dd:
d0:de:21:11:1f:bc:92:b9:84:cb:c8:be:be:d9:99:
e4:3f:67:0d:83:c8:ad:aa:87:81:ce:19:86:ab:cb:
f8:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:77:5D:B2:48:39:7B:36:B4:1D:0D:C2:92:3F:F4:91:AC:DE:CC:6E
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/9nddskg5eza0HQ3Ckj_0kazezG4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.158.0/23
195.133.200.0/24
Signature Algorithm: sha256WithRSAEncryption
81:8a:a6:a3:8f:a8:12:35:a8:b9:d6:91:41:c8:0d:07:e8:fc:
23:91:75:28:36:5b:c5:bf:f3:15:b0:f3:7d:6e:a6:b1:6f:46:
10:96:c6:98:98:c7:24:55:b2:37:e4:d9:e5:5f:d2:9e:e0:6e:
e2:a1:c5:4f:99:b9:84:f8:da:90:f3:f5:52:20:42:70:9b:84:
d3:d8:70:d8:08:41:69:9e:cb:75:31:bb:14:33:84:d4:34:8b:
3c:98:65:9c:99:74:26:43:bb:24:a5:a2:54:f6:81:02:ff:ff:
a7:b9:0d:7c:1c:e4:69:69:4d:83:ed:d7:35:7e:da:d5:6b:91:
38:20:b8:c6:ad:4c:e8:6c:16:2b:b0:3d:fb:8a:71:07:e0:98:
e5:eb:34:aa:5f:e7:40:d7:36:91:8e:32:a0:11:a6:81:6d:64:
bb:35:5d:ef:00:5a:77:a4:e7:09:5d:cb:fb:69:e9:93:e1:ed:
db:c7:e0:a8:5d:86:95:b0:d1:e0:ad:57:8c:1a:46:09:d5:37:
6d:bb:ce:c8:79:f8:55:7e:98:13:18:33:9c:80:c8:99:60:39:
62:42:bb:d1:05:89:19:b3:c8:8e:2a:a9:a8:84:35:9a:eb:fc:
1c:c0:98:47:2c:87:34:f6:61:be:c4:91:74:99:b8:2c:c2:b5:
0f:93:6c:2f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZbzVjASPLu6aQlH8EKxC07tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwNTIxMTQ1MzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjc3NWRiMjQ4Mzk3YjM2YjQxZDBkYzI5MjNmZjQ5MWFjZGVjYzZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDJgiBBPkbnnkKvvVf6OYIf51ojN
ukjlqPZRfvYHebRElMNU86m1Kp/uQ3hBMD8zeir6ESwSbZBjweLNGPgFsLqUAk/C
fJLTSQyICc2BDKeYK51z1vuVWqmSOV2QZa/HaZR4y9dcbMZsgchHlTZ1xQWpmdMZ
bhV1kWkDHteAxOx3OnVh2Vhmi5pUPCWX+t73sNj5Z6IKmmvwqnvYhIbIn3uYRg7m
6qnBD/u+tKcbROee+ngE0LHkdzBB5dWgnWR3cymngURqbMtiV4mBVV2WzAfH9pN1
E+MlE6jh7W/CZt3Q3iERH7ySuYTLyL6+2ZnkP2cNg8itqoeBzhmGq8v4ZwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPZ3XbJIOXs2tB0NwpI/9JGs3sxuMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvOW5kZHNrZzVlemEwSFEzQ2tqXzBrYXplekc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwXyeAwQA
w4XIMA0GCSqGSIb3DQEBCwUAA4IBAQCBiqajj6gSNai51pFByA0H6PwjkXUoNlvF
v/MVsPN9bqaxb0YQlsaYmMckVbI35NnlX9Ke4G7iocVPmbmE+NqQ8/VSIEJwm4TT
2HDYCEFpnst1MbsUM4TUNIs8mGWcmXQmQ7skpaJU9oEC//+nuQ18HORpaU2D7dc1
ftrVa5E4ILjGrUzobBYrsD37inEH4Jjl6zSqX+dA1zaRjjKgEaaBbWS7NV3vAFp3
pOcJXcv7aemT4e3bx+CoXYaVsNHgrVeMGkYJ1Tdtu87IefhVfpgTGDOcgMiZYDli
QrvRBYkZs8iOKqmohDWa6/wcwJhHLIc09mG+xJF0mbgswrUPk2wv
-----END CERTIFICATE-----
Generated at Sat Jun 7 17:58:27 2025 by rpki-client