Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/5-NSO-oosPy2Fnqe9ZLLQ4qlSEk.roa
File: 5-NSO-oosPy2Fnqe9ZLLQ4qlSEk.roa (raw, json)
Hash identifier: 59DVuXqICUgWxnrab+B36HpZ0Fh3PgDU9mH3qJl2eMU=
Subject key identifier: E7:E3:52:3B:EA:28:B0:FC:B6:16:7A:9E:F5:92:CB:43:8A:A5:48:49
Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial: 0194266BA8AF4B0F781372AE02DDC66F5E86
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/5-NSO-oosPy2Fnqe9ZLLQ4qlSEk.roa
Signing time: Thu 02 Jan 2025 09:49:37 +0000
ROA not before: Thu 02 Jan 2025 09:49:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51765
IP address blocks: 37.72.141.0/24 maxlen: 24
45.159.21.0/24 maxlen: 24
45.159.22.0/24 maxlen: 24
46.253.131.0/24 maxlen: 24
62.204.49.0/24 maxlen: 24
77.83.24.0/22 maxlen: 24
83.97.116.0/22 maxlen: 24
88.218.45.0/24 maxlen: 24
88.218.47.0/24 maxlen: 24
91.246.51.0/24 maxlen: 24
91.247.163.0/24 maxlen: 24
94.154.113.0/24 maxlen: 24
146.19.39.0/24 maxlen: 24
146.19.44.0/24 maxlen: 24
176.126.104.0/24 maxlen: 24
178.20.28.0/22 maxlen: 24
185.202.108.0/24 maxlen: 24
185.212.115.0/24 maxlen: 24
193.31.126.0/24 maxlen: 24
193.151.189.0/24 maxlen: 24
193.151.190.0/24 maxlen: 24
193.151.191.0/24 maxlen: 24
193.163.89.0/24 maxlen: 24
193.163.92.0/24 maxlen: 24
193.163.207.0/24 maxlen: 24
194.70.234.0/24 maxlen: 24
194.99.24.0/24 maxlen: 24
194.99.26.0/24 maxlen: 24
212.18.113.0/24 maxlen: 24
212.18.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.mft
rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 13:43:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:a8:af:4b:0f:78:13:72:ae:02:dd:c6:6f:5e:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Validity
Not Before: Jan 2 09:49:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e7e3523bea28b0fcb6167a9ef592cb438aa54849
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:2a:89:e2:a6:2f:b0:65:73:ba:de:c0:f5:14:
05:83:27:8d:91:05:75:ba:15:5e:1e:c8:77:0c:54:
92:f5:bf:b4:d7:5b:6c:97:19:52:30:f3:fc:28:25:
d4:3f:1b:fb:bd:c7:c9:c9:43:f8:df:06:c1:ae:a6:
55:35:19:7a:01:29:0f:5a:fb:d9:24:de:8c:4d:63:
ce:bf:dc:08:ac:42:cf:c8:d7:ed:f0:27:14:2f:11:
af:d7:6f:33:94:e3:bd:7e:9b:97:1e:79:38:7a:c0:
1b:f8:95:29:8a:fc:c0:b9:ac:00:58:8d:9a:2b:f9:
dd:df:ba:9b:df:aa:15:67:a4:33:49:d0:e5:e0:ea:
27:1d:6a:27:6e:f8:5e:bc:b3:29:ee:22:35:ec:4c:
b6:13:29:70:da:fd:99:87:a4:00:00:44:8b:cc:cb:
72:c5:6e:03:5f:91:cb:2e:7e:8e:26:cf:01:3e:68:
03:cb:35:4b:aa:06:6f:7f:f0:d6:d7:a0:07:d2:9e:
82:72:37:75:be:65:77:c5:d1:49:55:02:f9:af:0c:
ef:7d:2b:67:1e:40:42:7f:28:ba:ba:f7:78:33:30:
c9:77:0f:41:da:f7:4b:51:ee:59:68:3a:07:c5:94:
70:e1:f6:8f:4a:06:cd:d5:d1:a5:f3:d2:c4:61:c7:
de:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:E3:52:3B:EA:28:B0:FC:B6:16:7A:9E:F5:92:CB:43:8A:A5:48:49
X509v3 Authority Key Identifier:
keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/5-NSO-oosPy2Fnqe9ZLLQ4qlSEk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.72.141.0/24
45.159.21.0-45.159.22.255
46.253.131.0/24
62.204.49.0/24
77.83.24.0/22
83.97.116.0/22
88.218.45.0/24
88.218.47.0/24
91.246.51.0/24
91.247.163.0/24
94.154.113.0/24
146.19.39.0/24
146.19.44.0/24
176.126.104.0/24
178.20.28.0/22
185.202.108.0/24
185.212.115.0/24
193.31.126.0/24
193.151.189.0-193.151.191.255
193.163.89.0/24
193.163.92.0/24
193.163.207.0/24
194.70.234.0/24
194.99.24.0/24
194.99.26.0/24
212.18.113.0/24
212.18.127.0/24
Signature Algorithm: sha256WithRSAEncryption
12:68:51:b9:16:86:02:e6:ff:65:ee:a9:5b:98:dd:61:6f:1a:
e8:eb:39:1a:e2:23:e9:24:5e:62:3e:6f:91:7f:11:74:9d:14:
67:41:06:f0:de:67:8b:3c:d5:13:e2:2f:08:a9:86:b7:4b:cb:
de:4e:c8:97:c0:8f:5b:b3:08:d0:63:1b:64:81:74:e1:14:19:
f4:90:88:90:02:ca:09:7e:22:9c:ab:e9:0f:b6:79:7d:38:56:
be:0b:24:6a:24:be:56:1d:3a:cc:0c:8b:44:a2:8e:be:4e:c6:
42:98:3e:03:0f:84:8a:6e:23:86:99:3f:10:d4:7e:e6:fb:c4:
9b:c8:94:af:d5:c4:06:1c:32:15:6e:d7:0d:8d:4a:40:8f:3b:
3c:d4:f3:51:75:fa:13:fe:e0:cb:c3:a5:3c:b5:22:23:d7:b1:
4d:4e:01:5e:19:08:84:7c:ca:0b:26:07:96:47:df:38:db:13:
95:50:23:7b:b2:99:58:e2:e3:78:4a:62:a8:13:3e:dd:3b:6b:
79:96:71:41:69:b8:12:43:b6:1f:a2:9c:18:75:de:1b:f7:2d:
af:84:eb:3c:4c:ec:08:ed:e7:3a:1a:fe:05:55:bd:2b:07:84:
dc:60:ba:a8:9b:b3:6d:8c:25:a8:1a:f4:7d:ca:91:6f:1b:71:
33:e8:54:3f
-----BEGIN CERTIFICATE-----
MIIFrjCCBJagAwIBAgISAZQma6ivSw94E3KuAt3Gb16GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjUwMTAyMDk0OTM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2UzNTIzYmVhMjhiMGZjYjYxNjdhOWVmNTkyY2I0MzhhYTU0ODQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1iqJ4qYvsGVzut7A9RQFgyeNkQV1
uhVeHsh3DFSS9b+011tslxlSMPP8KCXUPxv7vcfJyUP43wbBrqZVNRl6ASkPWvvZ
JN6MTWPOv9wIrELPyNft8CcULxGv128zlOO9fpuXHnk4esAb+JUpivzAuawAWI2a
K/nd37qb36oVZ6QzSdDl4OonHWonbvhevLMp7iI17Ey2Eylw2v2Zh6QAAESLzMty
xW4DX5HLLn6OJs8BPmgDyzVLqgZvf/DW16AH0p6Ccjd1vmV3xdFJVQL5rwzvfStn
HkBCfyi6uvd4MzDJdw9B2vdLUe5ZaDoHxZRw4faPSgbN1dGl89LEYcfefwIDAQAB
o4ICujCCArYwHQYDVR0OBBYEFOfjUjvqKLD8thZ6nvWSy0OKpUhJMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvNS1OU08tb29zUHkyRm5xZTlaTExRNHFsU0VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHPBggrBgEFBQcBBwEB/wSBvzCBvDCBuQQCAAEwgbIDBAAl
SI0wDAMEAC2fFQMEAC2fFgMEAC79gwMEAD7MMQMEAk1TGAMEAlNhdAMEAFjaLQME
AFjaLwMEAFv2MwMEAFv3owMEAF6acQMEAJITJwMEAJITLAMEALB+aAMEArIUHAME
ALnKbAMEALnUcwMEAMEffjAMAwQAwZe9AwQGwZeAAwQAwaNZAwQAwaNcAwQAwaPP
AwQAwkbqAwQAwmMYAwQAwmMaAwQA1BJxAwQA1BJ/MA0GCSqGSIb3DQEBCwUAA4IB
AQASaFG5FoYC5v9l7qlbmN1hbxro6zka4iPpJF5iPm+RfxF0nRRnQQbw3meLPNUT
4i8IqYa3S8veTsiXwI9bswjQYxtkgXThFBn0kIiQAsoJfiKcq+kPtnl9OFa+CyRq
JL5WHTrMDItEoo6+TsZCmD4DD4SKbiOGmT8Q1H7m+8SbyJSv1cQGHDIVbtcNjUpA
jzs81PNRdfoT/uDLw6U8tSIj17FNTgFeGQiEfMoLJgeWR9842xOVUCN7splY4uN4
SmKoEz7dO2t5lnFBabgSQ7YfopwYdd4b9y2vhOs8TOwI7ec6Gv4FVb0rB4TcYLqo
m7NtjCWoGvR9ypFvG3Ez6FQ/
-----END CERTIFICATE-----
Generated at Tue Apr 8 17:07:04 2025 by rpki-client