Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/820e72-5706-4620-a990-20a3218b98cd/1/n3osC5rKdM6iHPZx6MqCr3JTQWc.roa
File: n3osC5rKdM6iHPZx6MqCr3JTQWc.roa (raw, json)
Hash identifier: suRQqEpXKgoazuJMwgkEGufz4KYSCm9sjlRmUwQJnrg=
Subject key identifier: 9F:7A:2C:0B:9A:CA:74:CE:A2:1C:F6:71:E8:CA:82:AF:72:53:41:67
Certificate issuer: /CN=0b90e376944d30294dea41f21fb7f1e1ca368a93
Certificate serial: 0197B06472B089301A6C8F2464007CF253D9
Authority key identifier: 0B:90:E3:76:94:4D:30:29:4D:EA:41:F2:1F:B7:F1:E1:CA:36:8A:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C5DjdpRNMClN6kHyH7fx4co2ipM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/820e72-5706-4620-a990-20a3218b98cd/1/n3osC5rKdM6iHPZx6MqCr3JTQWc.roa
Signing time: Fri 27 Jun 2025 07:57:42 +0000
ROA not before: Fri 27 Jun 2025 07:57:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210736
IP address blocks: 93.123.45.0/24 maxlen: 24
2a14:e580::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/820e72-5706-4620-a990-20a3218b98cd/1/C5DjdpRNMClN6kHyH7fx4co2ipM.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/820e72-5706-4620-a990-20a3218b98cd/1/C5DjdpRNMClN6kHyH7fx4co2ipM.mft
rsync://rpki.ripe.net/repository/DEFAULT/C5DjdpRNMClN6kHyH7fx4co2ipM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Jul 2025 02:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b0:64:72:b0:89:30:1a:6c:8f:24:64:00:7c:f2:53:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b90e376944d30294dea41f21fb7f1e1ca368a93
Validity
Not Before: Jun 27 07:57:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9f7a2c0b9aca74cea21cf671e8ca82af72534167
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:ae:ec:c8:c6:bd:17:d0:01:e2:dc:f0:52:02:
fc:54:eb:46:e5:1c:e7:a3:f1:37:bb:99:3f:95:4f:
7a:5c:cb:af:13:51:17:8f:21:da:ea:e1:d1:18:73:
6f:cb:16:71:15:b8:82:d9:7b:1a:bf:b3:bd:fb:9f:
8b:9f:b2:74:d6:cb:cb:51:02:93:f7:66:02:53:a2:
5d:b7:ec:45:bb:36:41:aa:55:3a:2e:f1:2f:65:ba:
ef:ba:07:7e:5b:4f:a2:bf:73:70:83:f1:88:4b:45:
20:72:2b:1f:72:a7:97:a8:85:47:bd:ad:a5:2a:41:
16:39:9f:8d:c3:0a:f5:5d:fe:f4:f0:1b:6e:41:08:
21:f5:b5:c0:eb:b9:ba:8c:f0:92:89:6e:c4:e6:0d:
0f:f4:b4:fa:e9:55:fe:1a:00:bd:2e:73:53:29:2a:
a8:63:90:61:2b:98:a8:e4:09:32:f2:9d:09:5c:a9:
8e:2b:ef:71:e6:48:49:e2:f9:4d:98:e4:55:62:69:
f7:67:fe:91:fd:16:07:52:cd:a2:d3:cf:b2:80:d2:
65:2e:56:70:cf:22:6f:a4:c5:bf:ac:1c:f2:1b:47:
ca:a5:4a:48:b8:2f:76:a0:69:e6:86:8d:93:0e:5b:
d1:79:37:3e:e8:ac:8a:3a:5b:5b:da:99:14:6c:d5:
98:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:7A:2C:0B:9A:CA:74:CE:A2:1C:F6:71:E8:CA:82:AF:72:53:41:67
X509v3 Authority Key Identifier:
keyid:0B:90:E3:76:94:4D:30:29:4D:EA:41:F2:1F:B7:F1:E1:CA:36:8A:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C5DjdpRNMClN6kHyH7fx4co2ipM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/820e72-5706-4620-a990-20a3218b98cd/1/n3osC5rKdM6iHPZx6MqCr3JTQWc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/820e72-5706-4620-a990-20a3218b98cd/1/C5DjdpRNMClN6kHyH7fx4co2ipM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.123.45.0/24
IPv6:
2a14:e580::/29
Signature Algorithm: sha256WithRSAEncryption
4e:2f:73:58:d2:6c:46:a7:ca:25:b8:11:62:20:fb:4d:db:89:
56:bb:b2:31:90:5f:7f:59:52:77:18:83:af:12:56:dc:65:0c:
4d:b8:a0:ab:23:11:02:0d:dd:0a:cd:74:e8:b2:e7:d3:fa:7c:
3c:f8:ff:a1:f9:10:7b:44:c8:c2:58:16:dc:79:6c:9d:40:11:
ef:0d:37:7d:2f:ff:1c:f4:07:bd:d0:07:f2:01:08:b7:20:65:
05:1f:23:f2:df:a0:b8:65:a6:29:63:60:1b:dc:86:43:3d:32:
d9:1a:28:d5:c5:31:1e:33:52:49:ef:02:0d:96:d2:43:e2:3e:
68:96:52:26:5e:c3:31:4b:82:db:7c:7e:d5:e2:df:07:63:c3:
13:fe:92:3c:55:f1:6b:6f:39:c7:a8:05:bd:16:b4:72:90:66:
c6:5a:a5:62:a6:85:a0:50:32:a2:8f:96:4e:7b:4c:20:91:06:
41:b0:15:66:f4:95:76:7a:35:04:57:4b:bf:73:90:1c:03:71:
19:86:d4:83:cd:0e:20:48:1e:36:1b:0a:d0:05:52:5c:4d:54:
9f:b7:f9:a4:aa:e9:03:bc:1c:c0:33:df:b9:6a:96:0a:f8:75:
6d:bd:fb:5f:c2:6a:da:54:c0:a6:f1:98:73:02:cc:59:8d:0e:
b3:d6:c5:5b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZewZHKwiTAabI8kZAB88lPZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiOTBlMzc2OTQ0ZDMwMjk0ZGVhNDFmMjFmYjdmMWUxY2Ez
NjhhOTMwHhcNMjUwNjI3MDc1NzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjdhMmMwYjlhY2E3NGNlYTIxY2Y2NzFlOGNhODJhZjcyNTM0MTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzK7syMa9F9AB4tzwUgL8VOtG5Rzn
o/E3u5k/lU96XMuvE1EXjyHa6uHRGHNvyxZxFbiC2Xsav7O9+5+Ln7J01svLUQKT
92YCU6Jdt+xFuzZBqlU6LvEvZbrvugd+W0+iv3Nwg/GIS0UgcisfcqeXqIVHva2l
KkEWOZ+Nwwr1Xf708BtuQQgh9bXA67m6jPCSiW7E5g0P9LT66VX+GgC9LnNTKSqo
Y5BhK5io5Aky8p0JXKmOK+9x5khJ4vlNmORVYmn3Z/6R/RYHUs2i08+ygNJlLlZw
zyJvpMW/rBzyG0fKpUpIuC92oGnmho2TDlvReTc+6KyKOltb2pkUbNWYjwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJ96LAuaynTOohz2cejKgq9yU0FnMB8GA1UdIwQY
MBaAFAuQ43aUTTApTepB8h+38eHKNoqTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzVEamRwUk5NQ2xONmtIeUg3Zng0Y28yaXBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy84MjBlNzItNTcwNi00NjIwLWE5OTAt
MjBhMzIxOGI5OGNkLzEvbjNvc0M1cktkTTZpSFBaeDZNcUNyM0pUUVdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy84MjBlNzItNTcwNi00NjIwLWE5OTAtMjBhMzIxOGI5OGNk
LzEvQzVEamRwUk5NQ2xONmtIeUg3Zng0Y28yaXBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAXXstMA0E
AgACMAcDBQMqFOWAMA0GCSqGSIb3DQEBCwUAA4IBAQBOL3NY0mxGp8oluBFiIPtN
24lWu7IxkF9/WVJ3GIOvElbcZQxNuKCrIxECDd0KzXTosufT+nw8+P+h+RB7RMjC
WBbceWydQBHvDTd9L/8c9Ae90AfyAQi3IGUFHyPy36C4ZaYpY2Ab3IZDPTLZGijV
xTEeM1JJ7wINltJD4j5ollImXsMxS4LbfH7V4t8HY8MT/pI8VfFrbznHqAW9FrRy
kGbGWqVipoWgUDKij5ZOe0wgkQZBsBVm9JV2ejUEV0u/c5AcA3EZhtSDzQ4gSB42
GwrQBVJcTVSft/mkqukDvBzAM9+5apYK+HVtvftfwmraVMCm8ZhzAsxZjQ6z1sVb
-----END CERTIFICATE-----
Generated at Sat Jul 5 05:37:37 2025 by rpki-client