Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/Nrh6okvWv1yN_KZFHsZsHDtqbtI.roa
File: Nrh6okvWv1yN_KZFHsZsHDtqbtI.roa (raw, json)
Hash identifier: 6sLIjurIBaiMYC+z1gJ2bI2x+pmhaa28cD0DKZJfVow=
Subject key identifier: 36:B8:7A:A2:4B:D6:BF:5C:8D:FC:A6:45:1E:C6:6C:1C:3B:6A:6E:D2
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 01954113AB5C13DBE1842234C80062EEBE22
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/Nrh6okvWv1yN_KZFHsZsHDtqbtI.roa
Signing time: Wed 26 Feb 2025 07:06:02 +0000
ROA not before: Wed 26 Feb 2025 07:06:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 400529
IP address blocks: 80.244.15.0/24 maxlen: 24
94.103.187.0/24 maxlen: 24
176.118.33.0/24 maxlen: 24
185.244.106.0/24 maxlen: 24
194.69.160.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 02:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:41:13:ab:5c:13:db:e1:84:22:34:c8:00:62:ee:be:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Feb 26 07:06:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=36b87aa24bd6bf5c8dfca6451ec66c1c3b6a6ed2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:eb:53:25:63:01:54:af:42:52:92:25:25:66:
4c:6c:c0:c4:8b:55:12:88:98:61:7e:27:50:40:b8:
71:e9:78:c7:cb:65:65:eb:62:07:2f:76:b2:93:36:
ab:72:6d:f2:dd:59:92:d1:84:9e:b1:40:57:98:5c:
67:a9:86:d9:e7:e3:98:64:18:04:9a:d3:69:84:2d:
77:d3:b8:2c:a7:8f:a1:9d:5d:95:18:2b:59:c6:09:
42:32:5f:bc:39:7e:67:63:9e:e5:49:41:2d:8d:1f:
97:72:21:d7:e3:84:fb:20:7a:4b:1a:18:38:73:9b:
bd:ac:2b:27:c2:b5:26:0d:51:e2:7d:51:79:98:89:
65:90:dc:e5:d3:c4:db:4f:e3:89:9f:79:e4:78:ec:
35:37:bf:ca:71:b0:50:0b:f0:d0:75:da:b6:ca:03:
5f:2b:36:91:b8:07:22:21:76:4d:db:0b:63:5d:f5:
43:da:65:69:66:df:96:05:3a:f3:1d:a7:74:78:62:
14:f2:f5:f3:66:e5:34:f4:aa:5b:77:fe:6a:9a:bc:
ac:dd:75:57:54:1e:5d:d0:d4:67:16:5f:8b:74:e7:
df:a0:2f:06:10:9a:ef:f0:41:47:d8:39:6e:75:45:
d4:67:7a:98:80:89:84:9d:4b:68:cc:71:2f:35:9f:
32:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:B8:7A:A2:4B:D6:BF:5C:8D:FC:A6:45:1E:C6:6C:1C:3B:6A:6E:D2
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/Nrh6okvWv1yN_KZFHsZsHDtqbtI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.244.15.0/24
94.103.187.0/24
176.118.33.0/24
185.244.106.0/24
194.69.160.0/24
Signature Algorithm: sha256WithRSAEncryption
58:80:03:8e:0b:28:97:9c:a8:ad:8e:20:4d:40:56:92:e4:84:
2a:11:9d:d9:5b:31:34:a7:9b:91:9c:fd:fd:c4:10:ef:6c:6b:
42:fd:81:e2:64:58:1c:0a:cb:f5:47:83:e8:27:06:44:27:d9:
b7:ed:63:4b:c4:6c:b7:c1:15:81:0f:68:9b:8f:7e:a4:73:70:
ad:07:1d:95:a0:8f:ef:22:5f:67:dd:98:4d:94:cd:6b:42:63:
4b:39:c0:6e:19:1c:95:95:6f:c6:b6:24:1f:4b:09:5f:4c:12:
96:89:8f:f5:01:73:56:87:ed:db:57:2b:6e:fc:64:98:dd:44:
f4:11:b1:27:0e:98:83:f0:50:af:4d:30:a2:8d:eb:74:dc:9a:
b9:76:6e:0d:da:0f:82:2f:e3:56:cc:10:37:be:df:29:b0:80:
ed:b5:30:c5:5a:09:d1:7c:e8:6f:97:9f:8e:69:5d:85:07:cd:
8b:a5:47:fd:80:5f:72:1b:ca:85:f5:aa:12:ca:73:2b:5a:9e:
65:61:1a:87:a4:b4:89:91:29:98:c2:b4:4f:b5:6f:68:e4:a9:
be:cb:45:5c:6f:30:46:36:fd:35:1e:cb:1f:72:57:ee:a5:03:
c9:dc:4f:ba:ba:e2:b2:27:40:7f:78:b3:ae:24:a5:ac:8e:4e:
b7:aa:b1:24
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZVBE6tcE9vhhCI0yABi7r4iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwMjI2MDcwNjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmI4N2FhMjRiZDZiZjVjOGRmY2E2NDUxZWM2NmMxYzNiNmE2ZWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2etTJWMBVK9CUpIlJWZMbMDEi1US
iJhhfidQQLhx6XjHy2Vl62IHL3aykzarcm3y3VmS0YSesUBXmFxnqYbZ5+OYZBgE
mtNphC1307gsp4+hnV2VGCtZxglCMl+8OX5nY57lSUEtjR+XciHX44T7IHpLGhg4
c5u9rCsnwrUmDVHifVF5mIllkNzl08TbT+OJn3nkeOw1N7/KcbBQC/DQddq2ygNf
KzaRuAciIXZN2wtjXfVD2mVpZt+WBTrzHad0eGIU8vXzZuU09Kpbd/5qmrys3XVX
VB5d0NRnFl+LdOffoC8GEJrv8EFH2DludUXUZ3qYgImEnUtozHEvNZ8yXQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDa4eqJL1r9cjfymRR7GbBw7am7SMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvTnJoNm9rdld2MXlOX0taRkhzWnNIRHRxYnRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAUPQPAwQA
Xme7AwQAsHYhAwQAufRqAwQAwkWgMA0GCSqGSIb3DQEBCwUAA4IBAQBYgAOOCyiX
nKitjiBNQFaS5IQqEZ3ZWzE0p5uRnP39xBDvbGtC/YHiZFgcCsv1R4PoJwZEJ9m3
7WNLxGy3wRWBD2ibj36kc3CtBx2VoI/vIl9n3ZhNlM1rQmNLOcBuGRyVlW/GtiQf
SwlfTBKWiY/1AXNWh+3bVytu/GSY3UT0EbEnDpiD8FCvTTCijet03Jq5dm4N2g+C
L+NWzBA3vt8psIDttTDFWgnRfOhvl5+OaV2FB82LpUf9gF9yG8qF9aoSynMrWp5l
YRqHpLSJkSmYwrRPtW9o5Km+y0VcbzBGNv01HssfclfupQPJ3E+6uuKyJ0B/eLOu
JKWsjk63qrEk
-----END CERTIFICATE-----
Generated at Fri Apr 11 09:16:43 2025 by rpki-client