Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/be5fff-c911-457c-95fc-d30b7e25ae0b/1/N4n5sfqwVKR0MtRKu60VkuVT8t8.roa
File: N4n5sfqwVKR0MtRKu60VkuVT8t8.roa (raw, json)
Hash identifier: 7oA83Z9SKqiyh1q+LTyv1yKzsMJNh3uvhrwtOfQSMtU=
Subject key identifier: 37:89:F9:B1:FA:B0:54:A4:74:32:D4:4A:BB:AD:15:92:E5:53:F2:DF
Certificate issuer: /CN=db929dec5c0f23add9baeeea7bb39ac87a729083
Certificate serial: 01941F8C5A0AA48BE91C979B8AF1559D25C4
Authority key identifier: DB:92:9D:EC:5C:0F:23:AD:D9:BA:EE:EA:7B:B3:9A:C8:7A:72:90:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/25Kd7FwPI63Zuu7qe7OayHpykIM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/be5fff-c911-457c-95fc-d30b7e25ae0b/1/N4n5sfqwVKR0MtRKu60VkuVT8t8.roa
Signing time: Wed 01 Jan 2025 01:47:59 +0000
ROA not before: Wed 01 Jan 2025 01:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47988
IP address blocks: 195.114.13.0/24 maxlen: 24
2001:678:ac8::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/be5fff-c911-457c-95fc-d30b7e25ae0b/1/25Kd7FwPI63Zuu7qe7OayHpykIM.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/be5fff-c911-457c-95fc-d30b7e25ae0b/1/25Kd7FwPI63Zuu7qe7OayHpykIM.mft
rsync://rpki.ripe.net/repository/DEFAULT/25Kd7FwPI63Zuu7qe7OayHpykIM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 10:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:5a:0a:a4:8b:e9:1c:97:9b:8a:f1:55:9d:25:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db929dec5c0f23add9baeeea7bb39ac87a729083
Validity
Not Before: Jan 1 01:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3789f9b1fab054a47432d44abbad1592e553f2df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:ee:ee:9f:91:c3:fc:09:83:a9:a8:98:f1:47:
3c:af:68:2a:b3:5b:27:8a:b6:0c:e1:42:a5:8b:9f:
1e:49:f1:59:70:fb:30:bc:2c:98:85:e5:ee:cd:6d:
dc:98:dd:e7:d0:a9:72:a5:46:80:1e:b8:a9:bd:af:
e5:93:23:17:4c:cb:96:b9:9f:32:3a:0d:4f:7a:6a:
f5:86:d1:09:cb:f9:d8:45:d9:9b:3e:bd:03:a2:55:
f6:b7:67:a7:68:19:b3:20:03:b7:32:12:ff:6e:67:
78:59:96:c2:cc:e9:cb:94:20:54:8c:dd:ee:d1:5f:
bb:80:c9:90:5b:65:34:63:6f:08:3a:7c:77:bc:77:
1d:55:88:83:0b:b4:a2:62:77:56:77:8a:81:08:b0:
ec:33:51:6a:28:2d:cc:9e:63:ce:3a:91:c1:29:25:
e1:02:2d:13:98:c4:ed:65:fb:49:27:47:e4:c9:9d:
e9:d5:f9:9b:f8:e4:23:1a:df:bb:c2:8e:05:05:75:
80:6a:a1:2a:6c:9f:4a:02:ac:9c:5b:19:2c:46:38:
ce:2b:20:d0:11:79:19:f7:97:7d:16:9c:00:97:1b:
5b:47:cf:11:04:0a:48:e5:85:da:52:9f:21:19:a3:
73:51:b1:1b:fc:08:08:7d:dd:1c:54:d1:bd:d1:47:
8c:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:89:F9:B1:FA:B0:54:A4:74:32:D4:4A:BB:AD:15:92:E5:53:F2:DF
X509v3 Authority Key Identifier:
keyid:DB:92:9D:EC:5C:0F:23:AD:D9:BA:EE:EA:7B:B3:9A:C8:7A:72:90:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/25Kd7FwPI63Zuu7qe7OayHpykIM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/be5fff-c911-457c-95fc-d30b7e25ae0b/1/N4n5sfqwVKR0MtRKu60VkuVT8t8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/be5fff-c911-457c-95fc-d30b7e25ae0b/1/25Kd7FwPI63Zuu7qe7OayHpykIM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.114.13.0/24
IPv6:
2001:678:ac8::/48
Signature Algorithm: sha256WithRSAEncryption
31:a0:97:54:38:9d:cd:10:9d:8d:62:eb:f9:64:9a:16:54:5c:
5e:6b:37:f7:2d:64:c6:6b:75:84:bb:19:b9:71:b7:95:36:84:
c3:af:6a:1d:da:1b:2f:72:48:cf:80:c4:ea:81:b3:5f:d4:89:
ca:07:7e:75:09:3a:ef:d9:20:87:ae:37:bf:b1:2a:28:db:8a:
29:3a:d3:d5:49:ad:ec:7c:ea:00:f1:14:c2:60:36:a9:92:77:
d8:8b:88:b9:d6:df:27:ba:4d:86:5c:b3:48:16:39:f4:7a:19:
7c:ba:1b:f6:f6:2b:d7:e6:0b:69:4c:bc:d4:5a:d3:30:3a:c7:
8d:67:71:9a:bd:c5:5d:7c:4f:13:da:82:7e:ed:cc:90:5b:2f:
2e:e1:04:5f:a6:d3:be:37:37:10:b8:a4:fe:08:86:0f:8d:e0:
c9:be:ee:cc:04:c9:90:2b:9d:0f:ae:71:41:d8:de:d4:6b:d8:
90:18:cf:c2:3a:39:6d:ea:cf:0b:67:12:e8:ce:3d:e7:f2:bd:
3b:f7:1b:0b:69:f1:f6:93:3e:bc:97:0c:de:46:02:37:c1:73:
69:04:30:89:8c:7f:27:7f:9e:bb:2f:0e:86:58:14:56:ae:1f:
62:06:d2:31:09:41:96:61:95:81:1d:ef:9e:23:70:dd:d3:cf:
79:b1:2c:6d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQfjFoKpIvpHJebivFVnSXEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiOTI5ZGVjNWMwZjIzYWRkOWJhZWVlYTdiYjM5YWM4N2E3
MjkwODMwHhcNMjUwMTAxMDE0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzg5ZjliMWZhYjA1NGE0NzQzMmQ0NGFiYmFkMTU5MmU1NTNmMmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmO7un5HD/AmDqaiY8Uc8r2gqs1sn
irYM4UKli58eSfFZcPswvCyYheXuzW3cmN3n0KlypUaAHripva/lkyMXTMuWuZ8y
Og1Pemr1htEJy/nYRdmbPr0DolX2t2enaBmzIAO3MhL/bmd4WZbCzOnLlCBUjN3u
0V+7gMmQW2U0Y28IOnx3vHcdVYiDC7SiYndWd4qBCLDsM1FqKC3MnmPOOpHBKSXh
Ai0TmMTtZftJJ0fkyZ3p1fmb+OQjGt+7wo4FBXWAaqEqbJ9KAqycWxksRjjOKyDQ
EXkZ95d9FpwAlxtbR88RBApI5YXaUp8hGaNzUbEb/AgIfd0cVNG90UeM0QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDeJ+bH6sFSkdDLUSrutFZLlU/LfMB8GA1UdIwQY
MBaAFNuSnexcDyOt2bru6nuzmsh6cpCDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjVLZDdGd1BJNjNadXU3cWU3T2F5SHB5a0lNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9iZTVmZmYtYzkxMS00NTdjLTk1ZmMt
ZDMwYjdlMjVhZTBiLzEvTjRuNXNmcXdWS1IwTXRSS3U2MFZrdVZUOHQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9iZTVmZmYtYzkxMS00NTdjLTk1ZmMtZDMwYjdlMjVhZTBi
LzEvMjVLZDdGd1BJNjNadXU3cWU3T2F5SHB5a0lNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAw3INMA8E
AgACMAkDBwAgAQZ4CsgwDQYJKoZIhvcNAQELBQADggEBADGgl1Q4nc0QnY1i6/lk
mhZUXF5rN/ctZMZrdYS7Gblxt5U2hMOvah3aGy9ySM+AxOqBs1/UicoHfnUJOu/Z
IIeuN7+xKijbiik609VJrex86gDxFMJgNqmSd9iLiLnW3ye6TYZcs0gWOfR6GXy6
G/b2K9fmC2lMvNRa0zA6x41ncZq9xV18TxPagn7tzJBbLy7hBF+m0743NxC4pP4I
hg+N4Mm+7swEyZArnQ+ucUHY3tRr2JAYz8I6OW3qzwtnEujOPefyvTv3Gwtp8faT
PryXDN5GAjfBc2kEMImMfyd/nrsvDoZYFFauH2IG0jEJQZZhlYEd754jcN3Tz3mx
LG0=
-----END CERTIFICATE-----
Generated at Tue Apr 22 15:31:16 2025 by rpki-client