Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/75025d-061a-4d96-a7d2-f589f8c032ca/1/NDyL4QmyZMdWfVseu9H3PyESraU.roa
File: NDyL4QmyZMdWfVseu9H3PyESraU.roa (raw, json)
Hash identifier: 2KgZJolbNaz+51AuiNXbaQEgEsCh7UoocaNukepjnzw=
Subject key identifier: 34:3C:8B:E1:09:B2:64:C7:56:7D:5B:1E:BB:D1:F7:3F:21:12:AD:A5
Certificate issuer: /CN=24e940db190b692cd1b0d583edb6d8c361124569
Certificate serial: 01973E83D9A5CABAEC431F49BD21ED821EDE
Authority key identifier: 24:E9:40:DB:19:0B:69:2C:D1:B0:D5:83:ED:B6:D8:C3:61:12:45:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JOlA2xkLaSzRsNWD7bbYw2ESRWk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/75025d-061a-4d96-a7d2-f589f8c032ca/1/NDyL4QmyZMdWfVseu9H3PyESraU.roa
Signing time: Thu 05 Jun 2025 05:15:17 +0000
ROA not before: Thu 05 Jun 2025 05:15:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13117
IP address blocks: 185.114.164.0/22 maxlen: 24
185.114.164.0/24 maxlen: 24
185.114.165.0/24 maxlen: 24
185.114.166.0/24 maxlen: 24
185.114.167.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/75025d-061a-4d96-a7d2-f589f8c032ca/1/JOlA2xkLaSzRsNWD7bbYw2ESRWk.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/75025d-061a-4d96-a7d2-f589f8c032ca/1/JOlA2xkLaSzRsNWD7bbYw2ESRWk.mft
rsync://rpki.ripe.net/repository/DEFAULT/JOlA2xkLaSzRsNWD7bbYw2ESRWk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 03:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3e:83:d9:a5:ca:ba:ec:43:1f:49:bd:21:ed:82:1e:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24e940db190b692cd1b0d583edb6d8c361124569
Validity
Not Before: Jun 5 05:15:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=343c8be109b264c7567d5b1ebbd1f73f2112ada5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:0b:57:0d:46:db:b4:d8:46:5c:82:f7:2f:b6:
20:0e:ff:7c:b4:4c:27:fc:43:2c:26:a9:52:12:9e:
33:6c:50:50:4c:13:ee:9d:6c:e7:a1:67:00:a3:4f:
ae:f6:86:86:2b:2d:8a:54:34:e1:0b:d4:14:fe:b0:
27:c5:2c:17:a5:e6:b9:99:73:f1:a7:89:4e:6e:71:
30:29:06:c5:9e:6f:02:5d:cc:a1:d1:e9:c1:7f:1b:
cc:df:b2:98:16:09:ed:32:37:2a:f7:57:2e:54:f7:
eb:cd:c4:19:d5:a1:a9:5e:15:dc:28:55:ea:cc:15:
b8:e3:11:9a:9d:24:aa:a7:a4:8b:c5:9c:2c:df:2d:
4b:d9:c8:bc:ac:6b:d6:5b:8f:e0:06:72:77:b7:0a:
ab:15:31:4a:37:23:77:3a:89:34:b1:10:ac:b7:7b:
6f:87:be:07:25:16:14:b8:22:15:3b:7b:94:7f:6d:
09:7e:68:e5:1a:5d:f1:a8:08:b3:f5:3c:c1:68:4c:
ee:40:93:18:9b:af:7b:b6:80:f4:dd:6b:ae:a0:dd:
02:38:43:9a:c8:d6:13:0f:d6:14:5f:d6:6b:3b:52:
51:7d:91:c9:a5:3c:74:b1:c9:89:94:64:7b:98:53:
85:00:b9:5c:f5:4b:5b:5d:63:aa:91:a0:5b:b4:e4:
df:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:3C:8B:E1:09:B2:64:C7:56:7D:5B:1E:BB:D1:F7:3F:21:12:AD:A5
X509v3 Authority Key Identifier:
keyid:24:E9:40:DB:19:0B:69:2C:D1:B0:D5:83:ED:B6:D8:C3:61:12:45:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JOlA2xkLaSzRsNWD7bbYw2ESRWk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/75025d-061a-4d96-a7d2-f589f8c032ca/1/NDyL4QmyZMdWfVseu9H3PyESraU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/75025d-061a-4d96-a7d2-f589f8c032ca/1/JOlA2xkLaSzRsNWD7bbYw2ESRWk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.114.164.0/22
Signature Algorithm: sha256WithRSAEncryption
a2:ec:6a:cf:13:65:7c:6e:04:73:56:a2:d9:ad:5d:85:b2:47:
ee:58:a9:08:9f:99:0a:1e:46:c8:57:53:fc:9b:0f:2a:84:20:
80:f4:66:5e:94:83:40:b3:e7:02:8b:e7:4a:01:2f:27:e6:72:
88:a7:8e:02:9d:f9:d6:9a:70:2d:75:5f:37:a8:27:3c:4d:ab:
12:de:5f:8b:9c:97:c3:fb:ff:0d:9a:de:ed:d3:63:a3:e8:06:
db:d3:a0:1d:b3:fc:75:83:85:65:ae:fb:ff:3c:d4:60:fb:25:
43:06:35:12:2c:37:b8:90:f5:84:9e:cf:9e:78:23:4c:79:e0:
84:0b:d2:eb:34:50:c4:8a:a9:1d:3a:c9:2e:3e:66:12:df:e2:
ec:9e:a5:e6:99:de:9f:fa:44:7a:22:6e:32:85:50:25:74:98:
44:a1:6d:17:72:19:6a:a5:e7:cf:27:70:25:57:bf:5d:00:7e:
be:73:1a:9c:30:16:16:34:03:9d:c7:76:69:4d:64:c4:45:f5:
01:1b:a6:41:bc:ed:11:ea:74:a8:65:20:87:91:39:cd:19:01:
ad:12:53:43:f4:dc:f8:80:82:e8:5b:44:76:05:ba:30:f9:06:
c2:9b:56:a3:d3:c9:bf:f1:52:96:ea:b0:29:fb:fe:94:7d:14:
d3:f3:c2:72
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZc+g9mlyrrsQx9JvSHtgh7eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0ZTk0MGRiMTkwYjY5MmNkMWIwZDU4M2VkYjZkOGMzNjEx
MjQ1NjkwHhcNMjUwNjA1MDUxNTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDNjOGJlMTA5YjI2NGM3NTY3ZDViMWViYmQxZjczZjIxMTJhZGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjgtXDUbbtNhGXIL3L7YgDv98tEwn
/EMsJqlSEp4zbFBQTBPunWznoWcAo0+u9oaGKy2KVDThC9QU/rAnxSwXpea5mXPx
p4lObnEwKQbFnm8CXcyh0enBfxvM37KYFgntMjcq91cuVPfrzcQZ1aGpXhXcKFXq
zBW44xGanSSqp6SLxZws3y1L2ci8rGvWW4/gBnJ3twqrFTFKNyN3Ook0sRCst3tv
h74HJRYUuCIVO3uUf20JfmjlGl3xqAiz9TzBaEzuQJMYm697toD03WuuoN0COEOa
yNYTD9YUX9ZrO1JRfZHJpTx0scmJlGR7mFOFALlc9UtbXWOqkaBbtOTfoQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDQ8i+EJsmTHVn1bHrvR9z8hEq2lMB8GA1UdIwQY
MBaAFCTpQNsZC2ks0bDVg+222MNhEkVpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSk9sQTJ4a0xhU3pSc05XRDdiYll3MkVTUldrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi83NTAyNWQtMDYxYS00ZDk2LWE3ZDIt
ZjU4OWY4YzAzMmNhLzEvTkR5TDRRbXlaTWRXZlZzZXU5SDNQeUVTcmFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi83NTAyNWQtMDYxYS00ZDk2LWE3ZDItZjU4OWY4YzAzMmNh
LzEvSk9sQTJ4a0xhU3pSc05XRDdiYll3MkVTUldrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXKkMA0G
CSqGSIb3DQEBCwUAA4IBAQCi7GrPE2V8bgRzVqLZrV2FskfuWKkIn5kKHkbIV1P8
mw8qhCCA9GZelINAs+cCi+dKAS8n5nKIp44CnfnWmnAtdV83qCc8TasS3l+LnJfD
+/8Nmt7t02Oj6Abb06Ads/x1g4Vlrvv/PNRg+yVDBjUSLDe4kPWEns+eeCNMeeCE
C9LrNFDEiqkdOskuPmYS3+LsnqXmmd6f+kR6Im4yhVAldJhEoW0XchlqpefPJ3Al
V79dAH6+cxqcMBYWNAOdx3ZpTWTERfUBG6ZBvO0R6nSoZSCHkTnNGQGtElND9Nz4
gILoW0R2Bbow+QbCm1aj08m/8VKW6rAp+/6UfRTT88Jy
-----END CERTIFICATE-----
Generated at Sun Jun 8 09:32:53 2025 by rpki-client