Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/89962e-b11c-4e69-b413-ab63d45f4b6a/1/NC9FKYs1BXFgd8eBRdSLNG0ab1E.roa
File: NC9FKYs1BXFgd8eBRdSLNG0ab1E.roa (raw, json)
Hash identifier: AdbbA0DHP1eCkTNHXLT0EO4D6DCGT9CWxG1DEmumay0=
Subject key identifier: 34:2F:45:29:8B:35:05:71:60:77:C7:81:45:D4:8B:34:6D:1A:6F:51
Certificate issuer: /CN=4f9131775b3260b11a16240d1d8e76891d7f3732
Certificate serial: 0196163D3429E654F6AD416C206F391DE984
Authority key identifier: 4F:91:31:77:5B:32:60:B1:1A:16:24:0D:1D:8E:76:89:1D:7F:37:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5Exd1syYLEaFiQNHY52iR1_NzI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/89962e-b11c-4e69-b413-ab63d45f4b6a/1/NC9FKYs1BXFgd8eBRdSLNG0ab1E.roa
Signing time: Tue 08 Apr 2025 16:30:31 +0000
ROA not before: Tue 08 Apr 2025 16:30:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16276
IP address blocks: 43.226.0.0/23 maxlen: 23
46.17.217.0/24 maxlen: 24
63.251.117.0/24 maxlen: 24
64.95.150.0/23 maxlen: 23
64.225.244.0/23 maxlen: 23
91.198.19.0/24 maxlen: 24
91.246.38.0/24 maxlen: 24
103.94.60.0/22 maxlen: 22
103.199.80.0/24 maxlen: 24
103.206.156.0/23 maxlen: 23
104.225.253.0/24 maxlen: 24
117.18.104.0/24 maxlen: 24
123.100.227.0/24 maxlen: 24
148.222.40.0/22 maxlen: 22
167.234.38.0/24 maxlen: 24
198.49.103.0/24 maxlen: 24
202.2.60.0/22 maxlen: 22
202.92.214.0/23 maxlen: 23
203.27.201.0/24 maxlen: 24
216.183.120.0/24 maxlen: 24
216.203.15.0/24 maxlen: 24
217.11.174.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/89962e-b11c-4e69-b413-ab63d45f4b6a/1/T5Exd1syYLEaFiQNHY52iR1_NzI.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/89962e-b11c-4e69-b413-ab63d45f4b6a/1/T5Exd1syYLEaFiQNHY52iR1_NzI.mft
rsync://rpki.ripe.net/repository/DEFAULT/T5Exd1syYLEaFiQNHY52iR1_NzI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 07:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:16:3d:34:29:e6:54:f6:ad:41:6c:20:6f:39:1d:e9:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9131775b3260b11a16240d1d8e76891d7f3732
Validity
Not Before: Apr 8 16:30:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=342f45298b3505716077c78145d48b346d1a6f51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:1d:be:9f:fe:73:73:42:1d:af:e5:cc:f9:bc:
1a:4a:6e:50:d7:7d:0a:d8:c4:4b:3d:6a:93:dd:ec:
84:43:c7:15:01:0a:70:1d:10:c8:15:19:ff:db:7c:
b0:f5:6e:ca:68:d3:00:03:2d:54:0c:22:be:c5:50:
74:f0:f2:9c:fc:2c:80:01:c9:1d:54:47:4a:47:66:
7b:be:0e:ec:98:8f:4b:6c:f2:16:90:68:b5:51:c4:
4c:ae:1e:72:41:1c:84:e3:a2:23:fb:bd:17:05:f1:
6b:1b:d6:f6:c4:17:fa:be:e2:80:f2:3d:69:f0:38:
43:28:76:98:bf:ab:97:0c:1a:a9:74:7e:7c:e1:f1:
92:6e:ce:d2:f0:89:87:3b:f3:b9:dc:8a:8a:e2:ba:
64:fa:cd:e3:e9:d6:e8:d2:b7:aa:c0:90:bf:e0:7a:
d3:e5:67:58:17:56:5c:e3:b1:85:a5:18:d5:0a:5e:
80:b4:c9:a6:6b:89:cf:1e:cb:f7:ef:61:c8:f5:e5:
a0:23:e7:db:cc:4c:e4:e5:19:0f:b3:c7:65:cb:9a:
31:4f:aa:ab:54:93:23:de:d2:3b:05:76:f8:68:68:
0e:38:62:5a:24:74:94:04:80:f8:c7:c6:29:e3:84:
a9:64:cc:4d:16:87:08:81:d4:86:0b:2f:9e:e8:e6:
e6:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:2F:45:29:8B:35:05:71:60:77:C7:81:45:D4:8B:34:6D:1A:6F:51
X509v3 Authority Key Identifier:
keyid:4F:91:31:77:5B:32:60:B1:1A:16:24:0D:1D:8E:76:89:1D:7F:37:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5Exd1syYLEaFiQNHY52iR1_NzI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/89962e-b11c-4e69-b413-ab63d45f4b6a/1/NC9FKYs1BXFgd8eBRdSLNG0ab1E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/89962e-b11c-4e69-b413-ab63d45f4b6a/1/T5Exd1syYLEaFiQNHY52iR1_NzI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.226.0.0/23
46.17.217.0/24
63.251.117.0/24
64.95.150.0/23
64.225.244.0/23
91.198.19.0/24
91.246.38.0/24
103.94.60.0/22
103.199.80.0/24
103.206.156.0/23
104.225.253.0/24
117.18.104.0/24
123.100.227.0/24
148.222.40.0/22
167.234.38.0/24
198.49.103.0/24
202.2.60.0/22
202.92.214.0/23
203.27.201.0/24
216.183.120.0/24
216.203.15.0/24
217.11.174.0/24
Signature Algorithm: sha256WithRSAEncryption
e3:88:e0:dd:db:65:5b:f7:83:74:22:48:22:7d:7c:da:e3:a0:
8a:6e:d0:19:6f:cb:c7:fc:90:dd:3f:c7:a5:58:12:d1:3e:67:
6f:c4:b7:6f:ab:7e:1a:49:10:9f:10:c3:d0:60:03:b1:fc:9e:
15:be:79:34:de:a8:b3:c9:a9:cb:08:db:b4:27:b7:4d:f1:4f:
26:21:e9:bf:ea:7f:ea:51:15:2a:7c:15:49:4d:c6:95:ff:eb:
84:be:4b:13:8a:c6:b8:80:40:1f:4b:aa:53:b1:5b:34:2b:1d:
11:8d:0b:75:b2:5e:67:32:54:d2:dd:91:b6:80:82:cb:d1:67:
71:53:8d:5d:5c:2f:86:72:13:c0:d2:83:43:55:0e:87:bf:b9:
c2:13:3d:61:bc:d6:20:c5:55:cc:c9:0c:41:e8:65:92:03:92:
74:cb:9c:85:63:a9:ff:53:69:20:a2:82:c5:6b:e9:d0:c5:aa:
03:2a:b1:e4:c7:8b:4f:84:50:bd:15:94:38:df:34:55:11:64:
90:0e:65:dd:2a:58:17:e0:eb:a7:99:a4:f2:a6:72:b7:a3:9d:
c9:08:75:f3:0d:3a:61:60:29:93:01:da:b4:b4:93:6a:6f:85:
ec:53:52:ea:76:b5:e5:2f:77:ec:28:df:74:56:46:9a:41:1a:
fd:d1:cc:4f
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAZYWPTQp5lT2rUFsIG85HemEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTEzMTc3NWIzMjYwYjExYTE2MjQwZDFkOGU3Njg5MWQ3
ZjM3MzIwHhcNMjUwNDA4MTYzMDMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDJmNDUyOThiMzUwNTcxNjA3N2M3ODE0NWQ0OGIzNDZkMWE2ZjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsB2+n/5zc0Idr+XM+bwaSm5Q130K
2MRLPWqT3eyEQ8cVAQpwHRDIFRn/23yw9W7KaNMAAy1UDCK+xVB08PKc/CyAAckd
VEdKR2Z7vg7smI9LbPIWkGi1UcRMrh5yQRyE46Ij+70XBfFrG9b2xBf6vuKA8j1p
8DhDKHaYv6uXDBqpdH584fGSbs7S8ImHO/O53IqK4rpk+s3j6dbo0reqwJC/4HrT
5WdYF1Zc47GFpRjVCl6AtMmma4nPHsv372HI9eWgI+fbzEzk5RkPs8dly5oxT6qr
VJMj3tI7BXb4aGgOOGJaJHSUBID4x8Yp44SpZMxNFocIgdSGCy+e6Obm+wIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFDQvRSmLNQVxYHfHgUXUizRtGm9RMB8GA1UdIwQY
MBaAFE+RMXdbMmCxGhYkDR2OdokdfzcyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVFeGQxc3lZTEVhRmlRTkhZNTJpUjFfTnpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi84OTk2MmUtYjExYy00ZTY5LWI0MTMt
YWI2M2Q0NWY0YjZhLzEvTkM5RktZczFCWEZnZDhlQlJkU0xORzBhYjFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi84OTk2MmUtYjExYy00ZTY5LWI0MTMtYWI2M2Q0NWY0YjZh
LzEvVDVFeGQxc3lZTEVhRmlRTkhZNTJpUjFfTnpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjCBiwQCAAEwgYQDBAEr
4gADBAAuEdkDBAA/+3UDBAFAX5YDBAFA4fQDBABbxhMDBABb9iYDBAJnXjwDBABn
x1ADBAFnzpwDBABo4f0DBAB1EmgDBAB7ZOMDBAKU3igDBACn6iYDBADGMWcDBALK
AjwDBAHKXNYDBADLG8kDBADYt3gDBADYyw8DBADZC64wDQYJKoZIhvcNAQELBQAD
ggEBAOOI4N3bZVv3g3QiSCJ9fNrjoIpu0Blvy8f8kN0/x6VYEtE+Z2/Et2+rfhpJ
EJ8Qw9BgA7H8nhW+eTTeqLPJqcsI27Qnt03xTyYh6b/qf+pRFSp8FUlNxpX/64S+
SxOKxriAQB9LqlOxWzQrHRGNC3WyXmcyVNLdkbaAgsvRZ3FTjV1cL4ZyE8DSg0NV
Doe/ucITPWG81iDFVczJDEHoZZIDknTLnIVjqf9TaSCigsVr6dDFqgMqseTHi0+E
UL0VlDjfNFURZJAOZd0qWBfg66eZpPKmcrejnckIdfMNOmFgKZMB2rS0k2pvhexT
Uup2teUvd+wo33RWRppBGv3RzE8=
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:13:31 2025 by rpki-client