Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/1NC-EmvGcQ269ttORyWnfaLioJU.roa
File: 1NC-EmvGcQ269ttORyWnfaLioJU.roa (raw, json)
Hash identifier: WHso5R39+ZKcp5JnvmwOf6tWmaRVE2+dRYDOA9ywMcE=
Subject key identifier: D4:D0:BE:12:6B:C6:71:0D:BA:F6:DB:4E:47:25:A7:7D:A2:E2:A0:95
Certificate issuer: /CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Certificate serial: 0199111EA1E60CE2A6F2CED9ADAC80F20AE2
Authority key identifier: AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/1NC-EmvGcQ269ttORyWnfaLioJU.roa
Signing time: Wed 03 Sep 2025 19:47:24 +0000
ROA not before: Wed 03 Sep 2025 19:47:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208185
IP address blocks: 185.174.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.mft
rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 04:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:11:1e:a1:e6:0c:e2:a6:f2:ce:d9:ad:ac:80:f2:0a:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Validity
Not Before: Sep 3 19:47:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d4d0be126bc6710dbaf6db4e4725a77da2e2a095
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:57:3d:e7:22:b9:e1:bf:8a:3f:41:e9:ee:1d:
3c:da:ca:02:5e:7f:1f:f1:97:ad:74:08:25:65:58:
61:b9:e0:bd:d0:e7:5e:c2:0d:70:a0:45:4b:4c:bb:
d8:9b:01:14:24:98:a4:d7:1a:0c:4b:55:87:63:44:
b4:e1:7b:f6:ef:be:b4:89:81:d0:e7:f3:63:c1:da:
68:9d:3c:41:3a:89:42:ac:14:30:0d:af:f6:52:e1:
a8:4c:40:c0:2f:0c:b6:0b:f7:cf:93:c6:fe:78:f7:
48:2a:a5:95:a9:10:74:51:b9:67:40:4c:9e:8f:a8:
3e:2e:35:db:ca:a8:cd:67:86:cd:ff:43:c1:66:77:
ca:cd:d3:60:13:bd:40:17:61:ae:e2:a3:1d:6e:74:
6e:bf:cf:75:34:63:ba:49:97:a3:cb:bb:1e:74:fe:
ab:d2:85:14:89:5e:a1:c3:6e:21:d2:a7:b1:0f:e8:
2e:46:a0:59:be:e4:21:f2:e2:60:7c:07:dc:d5:f0:
3b:e5:1c:b4:9a:1a:4d:e7:92:d9:3e:3f:2e:95:3b:
04:e1:a7:60:18:50:ee:6b:17:8d:3d:81:40:28:5f:
c8:8c:b4:b1:32:5d:4e:bf:d8:79:a5:1f:e5:46:59:
5a:dc:c6:65:c1:aa:b2:78:36:0a:ac:32:46:71:9e:
39:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:D0:BE:12:6B:C6:71:0D:BA:F6:DB:4E:47:25:A7:7D:A2:E2:A0:95
X509v3 Authority Key Identifier:
keyid:AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/1NC-EmvGcQ269ttORyWnfaLioJU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.174.23.0/24
Signature Algorithm: sha256WithRSAEncryption
72:93:ad:87:e3:09:9b:d2:2c:9f:fb:a5:62:80:5a:c9:e8:f0:
1b:68:b4:4f:c8:ed:45:94:20:be:7e:f6:4f:ba:6f:9c:5d:9f:
43:a1:53:90:8f:f2:a0:61:39:c7:3b:cd:7d:c7:fd:8c:8c:15:
24:e7:6d:f8:85:4c:45:61:cd:48:e8:51:db:51:51:d2:6f:fc:
af:55:b3:22:f0:7c:05:aa:d8:ed:e0:6a:06:bb:6a:0c:4e:59:
f9:ea:a7:5b:f5:0d:66:b5:ae:e8:94:4f:a6:52:06:77:b1:74:
4c:4d:0c:27:08:45:f2:89:b1:90:17:ca:24:e1:09:ec:55:80:
e1:24:bf:dd:34:d2:1c:e6:37:7c:6c:7c:8e:84:d0:e7:7b:2d:
d5:47:42:c7:88:d9:06:f7:ff:b1:06:38:a3:c4:2d:0f:0a:1b:
38:be:05:5f:6b:a4:a8:15:0c:fb:c1:4f:50:b0:ca:4f:64:18:
55:90:f9:0d:b2:f2:b8:92:fd:68:0e:d5:12:19:e1:31:f7:18:
82:0a:66:b9:c6:24:d1:7d:4f:1c:a6:2d:11:eb:22:f9:f0:63:
aa:ab:4d:b8:85:6a:71:1c:73:51:e9:01:d4:a1:6b:4b:13:b5:
b9:72:39:a9:44:e9:fa:df:cd:8e:5f:f6:ee:ba:d0:75:90:25:
f4:ba:ec:8e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZkRHqHmDOKm8s7ZrayA8griMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMGRhNDNiNGE1ZDNkYjc4YmEzZjc3NGU1YjMxYjc3MDM3
MjAyZDUwHhcNMjUwOTAzMTk0NzI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGQwYmUxMjZiYzY3MTBkYmFmNmRiNGU0NzI1YTc3ZGEyZTJhMDk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzlc95yK54b+KP0Hp7h082soCXn8f
8ZetdAglZVhhueC90Odewg1woEVLTLvYmwEUJJik1xoMS1WHY0S04Xv27760iYHQ
5/NjwdponTxBOolCrBQwDa/2UuGoTEDALwy2C/fPk8b+ePdIKqWVqRB0UblnQEye
j6g+LjXbyqjNZ4bN/0PBZnfKzdNgE71AF2Gu4qMdbnRuv891NGO6SZejy7sedP6r
0oUUiV6hw24h0qexD+guRqBZvuQh8uJgfAfc1fA75Ry0mhpN55LZPj8ulTsE4adg
GFDuaxeNPYFAKF/IjLSxMl1Ov9h5pR/lRlla3MZlwaqyeDYKrDJGcZ45YQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNTQvhJrxnENuvbbTkclp32i4qCVMB8GA1UdIwQY
MBaAFK0NpDtKXT23i6P3dOWzG3cDcgLVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTct
YzUxNWYzNTRjYzVhLzEvMU5DLUVtdkdjUTI2OXR0T1J5V25mYUxpb0pVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTctYzUxNWYzNTRjYzVh
LzEvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAua4XMA0G
CSqGSIb3DQEBCwUAA4IBAQByk62H4wmb0iyf+6VigFrJ6PAbaLRPyO1FlCC+fvZP
um+cXZ9DoVOQj/KgYTnHO819x/2MjBUk5234hUxFYc1I6FHbUVHSb/yvVbMi8HwF
qtjt4GoGu2oMTln56qdb9Q1mta7olE+mUgZ3sXRMTQwnCEXyibGQF8ok4QnsVYDh
JL/dNNIc5jd8bHyOhNDney3VR0LHiNkG9/+xBjijxC0PChs4vgVfa6SoFQz7wU9Q
sMpPZBhVkPkNsvK4kv1oDtUSGeEx9xiCCma5xiTRfU8cpi0R6yL58GOqq024hWpx
HHNR6QHUoWtLE7W5cjmpROn6382OX/buutB1kCX0uuyO
-----END CERTIFICATE-----
Generated at Sat Sep 6 14:23:18 2025 by rpki-client