Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/4d9bad-d2ac-4179-8945-94bb83a20029/1/Nq6xP1ML7pMOmt1I4z-fGnkBjbQ.roa
File: Nq6xP1ML7pMOmt1I4z-fGnkBjbQ.roa (raw, json)
Hash identifier: eP8YWZy4BtRcpeOrILokYjbMpuSFUnV4sCVcpAqWhwM=
Subject key identifier: 36:AE:B1:3F:53:0B:EE:93:0E:9A:DD:48:E3:3F:9F:1A:79:01:8D:B4
Certificate issuer: /CN=ab6f6a36ec2960d4d05f3d9dcb187b9b904ea59b
Certificate serial: 0194AD482161D9373E99424BB6E555B1C3BD
Authority key identifier: AB:6F:6A:36:EC:29:60:D4:D0:5F:3D:9D:CB:18:7B:9B:90:4E:A5:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q29qNuwpYNTQXz2dyxh7m5BOpZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/4d9bad-d2ac-4179-8945-94bb83a20029/1/Nq6xP1ML7pMOmt1I4z-fGnkBjbQ.roa
Signing time: Tue 28 Jan 2025 14:19:33 +0000
ROA not before: Tue 28 Jan 2025 14:19:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197882
IP address blocks: 31.25.136.0/24 maxlen: 24
31.25.137.0/24 maxlen: 24
31.25.138.0/24 maxlen: 24
31.25.139.0/24 maxlen: 24
31.25.140.0/24 maxlen: 24
31.25.141.0/24 maxlen: 24
130.255.92.0/24 maxlen: 24
130.255.93.0/24 maxlen: 24
130.255.94.0/24 maxlen: 24
130.255.95.0/24 maxlen: 24
159.255.160.0/22 maxlen: 22
159.255.160.0/24 maxlen: 24
159.255.161.0/24 maxlen: 24
159.255.162.0/24 maxlen: 24
159.255.163.0/24 maxlen: 24
159.255.164.0/24 maxlen: 24
185.14.248.0/23 maxlen: 23
185.14.250.0/24 maxlen: 24
185.101.236.0/24 maxlen: 24
185.101.237.0/24 maxlen: 24
185.101.238.0/24 maxlen: 24
185.101.239.0/24 maxlen: 24
185.184.198.0/24 maxlen: 24
185.184.199.0/24 maxlen: 24
185.212.33.0/24 maxlen: 24
2a03:bcc0:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/4d9bad-d2ac-4179-8945-94bb83a20029/1/q29qNuwpYNTQXz2dyxh7m5BOpZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/4d9bad-d2ac-4179-8945-94bb83a20029/1/q29qNuwpYNTQXz2dyxh7m5BOpZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/q29qNuwpYNTQXz2dyxh7m5BOpZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ad:48:21:61:d9:37:3e:99:42:4b:b6:e5:55:b1:c3:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab6f6a36ec2960d4d05f3d9dcb187b9b904ea59b
Validity
Not Before: Jan 28 14:19:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=36aeb13f530bee930e9add48e33f9f1a79018db4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:99:88:60:8b:bc:6d:78:a2:0b:eb:ed:8e:b1:
89:3d:11:f5:d3:18:93:73:97:14:57:74:d7:3a:3f:
b0:d4:52:47:c7:d4:11:46:76:65:a7:16:d1:7d:6f:
7e:af:61:ce:c0:22:fe:39:de:a9:95:31:86:b0:cd:
3a:6a:5e:d9:5b:2f:36:70:0a:7c:b7:e1:31:8c:80:
c2:5c:c5:8f:48:f6:4d:79:06:84:57:39:f6:c9:05:
b3:86:08:d5:ef:1b:81:bf:d1:09:62:1b:b1:89:4b:
b9:22:00:2a:03:f5:77:7a:b3:0f:4a:2a:1c:a0:99:
c4:ed:bf:8a:66:c6:2b:41:0b:65:9b:52:35:86:48:
8a:e7:17:59:86:ea:c1:18:ce:22:f2:ff:9a:d2:bf:
de:6c:0d:8c:cd:36:e0:48:85:50:92:fb:e9:cd:f5:
8e:a7:0c:52:87:4a:21:22:14:4d:15:28:80:8b:b1:
c4:67:c9:68:45:ab:ed:23:9c:24:47:ec:9a:fb:d7:
e1:1e:25:2e:73:7a:2d:c7:33:ec:fb:10:a6:3b:f6:
06:cf:29:ff:74:a6:8e:b3:82:9b:15:94:07:4a:bf:
ad:02:91:90:ab:9d:29:3d:8b:43:92:01:3c:36:09:
9f:56:40:8d:ac:d0:4c:34:76:17:ab:c4:c6:be:80:
d8:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:AE:B1:3F:53:0B:EE:93:0E:9A:DD:48:E3:3F:9F:1A:79:01:8D:B4
X509v3 Authority Key Identifier:
keyid:AB:6F:6A:36:EC:29:60:D4:D0:5F:3D:9D:CB:18:7B:9B:90:4E:A5:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q29qNuwpYNTQXz2dyxh7m5BOpZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/4d9bad-d2ac-4179-8945-94bb83a20029/1/Nq6xP1ML7pMOmt1I4z-fGnkBjbQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/4d9bad-d2ac-4179-8945-94bb83a20029/1/q29qNuwpYNTQXz2dyxh7m5BOpZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.136.0-31.25.141.255
130.255.92.0/22
159.255.160.0-159.255.164.255
185.14.248.0-185.14.250.255
185.101.236.0/22
185.184.198.0/23
185.212.33.0/24
IPv6:
2a03:bcc0:1::/48
Signature Algorithm: sha256WithRSAEncryption
1b:01:0d:46:b6:e2:01:a0:b5:ff:74:09:eb:2a:9b:80:19:b2:
e9:d3:3e:e2:84:94:f8:97:69:f5:e4:c7:98:e3:5a:4a:31:6d:
cc:72:02:96:4a:ee:d7:2a:9c:41:9e:19:8d:17:5a:5f:48:b2:
0a:c9:9d:de:8a:9f:1c:59:69:92:7a:ab:cc:77:6e:ef:6d:26:
16:8b:b9:73:73:1c:a8:d9:7e:13:fb:83:4d:78:fc:f6:a1:a3:
73:3f:f7:d9:1c:18:60:20:fa:7a:83:a3:42:a7:a7:61:2d:5f:
8f:97:27:e2:df:00:48:f3:31:f7:3d:98:d4:20:22:6d:f6:14:
18:39:13:78:bd:54:38:03:82:1a:0a:19:6a:80:5f:25:84:90:
eb:04:dc:0d:4c:82:e1:4d:6f:aa:13:e7:c8:e6:cf:5b:45:1c:
63:4f:1d:2d:f9:0b:a4:5a:65:ff:c4:f0:c2:c8:ef:e0:b8:c6:
78:1c:8e:04:49:cc:c3:68:99:3c:6b:88:06:76:87:4f:99:80:
5e:38:12:0d:2a:ca:e8:4a:fc:50:2b:b4:36:4f:f7:56:6f:2a:
29:7f:c4:b2:2f:8f:38:de:3c:89:f3:01:7a:5a:35:9b:ea:fb:
4d:23:bf:40:3a:cd:9d:23:bc:72:42:60:f6:96:10:3e:57:00:
17:bd:f0:15
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAZStSCFh2Tc+mUJLtuVVscO9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiNmY2YTM2ZWMyOTYwZDRkMDVmM2Q5ZGNiMTg3YjliOTA0
ZWE1OWIwHhcNMjUwMTI4MTQxOTMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmFlYjEzZjUzMGJlZTkzMGU5YWRkNDhlMzNmOWYxYTc5MDE4ZGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3ZmIYIu8bXiiC+vtjrGJPRH10xiT
c5cUV3TXOj+w1FJHx9QRRnZlpxbRfW9+r2HOwCL+Od6plTGGsM06al7ZWy82cAp8
t+ExjIDCXMWPSPZNeQaEVzn2yQWzhgjV7xuBv9EJYhuxiUu5IgAqA/V3erMPSioc
oJnE7b+KZsYrQQtlm1I1hkiK5xdZhurBGM4i8v+a0r/ebA2MzTbgSIVQkvvpzfWO
pwxSh0ohIhRNFSiAi7HEZ8loRavtI5wkR+ya+9fhHiUuc3otxzPs+xCmO/YGzyn/
dKaOs4KbFZQHSr+tApGQq50pPYtDkgE8NgmfVkCNrNBMNHYXq8TGvoDYjQIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFDausT9TC+6TDprdSOM/nxp5AY20MB8GA1UdIwQY
MBaAFKtvajbsKWDU0F89ncsYe5uQTqWbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTI5cU51d3BZTlRRWHoyZHl4aDdtNUJPcFpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy80ZDliYWQtZDJhYy00MTc5LTg5NDUt
OTRiYjgzYTIwMDI5LzEvTnE2eFAxTUw3cE1PbXQxSTR6LWZHbmtCamJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy80ZDliYWQtZDJhYy00MTc5LTg5NDUtOTRiYjgzYTIwMDI5
LzEvcTI5cU51d3BZTlRRWHoyZHl4aDdtNUJPcFpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzBIBAIAATBCMAwDBAMfGYgD
BAEfGYwDBAKC/1wwDAMEBZ//oAMEAJ//pDAMAwQDuQ74AwQAuQ76AwQCuWXsAwQB
ubjGAwQAudQhMA8EAgACMAkDBwAqA7zAAAEwDQYJKoZIhvcNAQELBQADggEBABsB
DUa24gGgtf90Cesqm4AZsunTPuKElPiXafXkx5jjWkoxbcxyApZK7tcqnEGeGY0X
Wl9IsgrJnd6KnxxZaZJ6q8x3bu9tJhaLuXNzHKjZfhP7g014/Paho3M/99kcGGAg
+nqDo0Knp2EtX4+XJ+LfAEjzMfc9mNQgIm32FBg5E3i9VDgDghoKGWqAXyWEkOsE
3A1MguFNb6oT58jmz1tFHGNPHS35C6RaZf/E8MLI7+C4xngcjgRJzMNomTxriAZ2
h0+ZgF44Eg0qyuhK/FArtDZP91ZvKil/xLIvjzjePInzAXpaNZvq+00jv0A6zZ0j
vHJCYPaWED5XABe98BU=
-----END CERTIFICATE-----
Generated at Thu Mar 13 07:04:18 2025 by rpki-client