Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/NxznN7EEkFFVkFtFHeOmJ1ken5k.roa
File: NxznN7EEkFFVkFtFHeOmJ1ken5k.roa (raw, json)
Hash identifier: ZvFpJ5XKjvP9AtZTF45VSfMaQiT6rARf7LLoFCJH+Rw=
Subject key identifier: 37:1C:E7:37:B1:04:90:51:55:90:5B:45:1D:E3:A6:27:59:1E:9F:99
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 0195CA1552D9D1092508879BBB713DFF18F7
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/NxznN7EEkFFVkFtFHeOmJ1ken5k.roa
Signing time: Mon 24 Mar 2025 21:35:49 +0000
ROA not before: Mon 24 Mar 2025 21:35:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 400696
IP address blocks: 66.56.83.0/24 maxlen: 24
155.2.193.0/24 maxlen: 24
155.2.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft
rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 14:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ca:15:52:d9:d1:09:25:08:87:9b:bb:71:3d:ff:18:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Mar 24 21:35:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=371ce737b104905155905b451de3a627591e9f99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:13:5a:2d:53:48:52:94:3f:81:a4:e1:37:14:
65:d2:b6:22:0d:6b:34:e1:9f:b7:6b:e6:16:02:14:
20:d9:95:c5:40:0f:1c:c7:d4:b0:bd:c1:24:68:b2:
91:f7:36:b5:4b:c6:df:3e:2e:22:fe:47:54:96:06:
dc:97:08:db:fa:e0:25:91:e7:82:3b:b6:05:b9:85:
3d:60:3f:82:1e:72:d3:f4:d4:da:53:33:08:f5:f5:
df:bc:bb:14:e7:48:e6:c2:65:f2:29:41:16:c2:5f:
82:01:c8:4b:bd:62:81:6b:1b:9d:35:2a:1c:83:d1:
91:59:b5:83:05:63:1e:60:f6:00:fd:3b:c4:42:3d:
5f:8a:01:0e:a7:41:88:20:a1:8e:28:c4:df:ef:53:
7c:0d:8e:0a:3f:30:0a:18:24:a9:ec:27:57:ea:8c:
a4:08:89:9e:97:fb:30:e0:a3:24:d7:ce:56:e3:65:
e8:22:c6:b0:07:e5:09:5b:8d:24:84:0f:89:8b:8c:
60:a8:c5:43:92:89:d2:38:05:1f:1d:21:7a:54:0e:
44:3c:27:c3:bc:6c:d4:cd:9b:eb:95:3e:ca:c6:c8:
ba:df:b6:d1:40:6d:c6:e2:66:c3:a9:60:f6:2b:6e:
96:27:ed:07:0f:de:e2:ff:96:b5:52:03:35:dd:04:
ed:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:1C:E7:37:B1:04:90:51:55:90:5B:45:1D:E3:A6:27:59:1E:9F:99
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/NxznN7EEkFFVkFtFHeOmJ1ken5k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
66.56.83.0/24
155.2.193.0/24
155.2.220.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:ef:08:0a:c3:52:5f:3b:83:12:4b:d4:c4:0e:45:ec:0e:1c:
cd:39:4a:00:6b:68:a9:47:a0:8e:96:16:25:12:1f:00:40:91:
2c:ce:41:cb:12:93:e0:22:19:b7:fc:6b:8f:e6:57:29:50:3b:
ff:31:ea:85:a8:2e:56:a5:46:98:c3:bd:80:da:55:f3:bd:d2:
10:01:79:1c:f6:74:8c:c2:21:b4:e3:81:2c:42:b3:4f:5c:39:
08:e3:7f:7e:95:d1:48:c2:60:59:4e:b8:4d:f1:f6:a1:33:4f:
90:da:d9:d6:1c:40:95:3d:c8:d4:b9:ca:6f:0e:63:f2:55:37:
40:20:77:08:e7:4d:53:ce:df:4a:a9:4d:29:45:e9:53:70:cc:
c5:79:f4:ff:99:15:d5:a6:75:ab:91:e0:69:37:20:13:04:e4:
62:5f:e6:1c:83:6b:21:13:86:95:27:9e:cd:4b:3e:19:ad:21:
b5:eb:de:6f:9b:03:fc:28:d3:07:ef:ee:38:61:0d:ac:02:6f:
f5:b3:70:fc:7e:c7:8c:25:d7:f5:de:df:61:39:b1:7d:34:dc:
9c:cd:72:fb:0f:37:24:8d:8d:24:0f:89:1a:77:f5:16:30:f4:
54:20:5a:27:37:91:84:22:f0:6c:1e:ee:61:14:cd:41:74:15:
dc:0f:20:4a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZXKFVLZ0QklCIebu3E9/xj3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjUwMzI0MjEzNTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzFjZTczN2IxMDQ5MDUxNTU5MDViNDUxZGUzYTYyNzU5MWU5Zjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhNaLVNIUpQ/gaThNxRl0rYiDWs0
4Z+3a+YWAhQg2ZXFQA8cx9SwvcEkaLKR9za1S8bfPi4i/kdUlgbclwjb+uAlkeeC
O7YFuYU9YD+CHnLT9NTaUzMI9fXfvLsU50jmwmXyKUEWwl+CAchLvWKBaxudNSoc
g9GRWbWDBWMeYPYA/TvEQj1figEOp0GIIKGOKMTf71N8DY4KPzAKGCSp7CdX6oyk
CImel/sw4KMk185W42XoIsawB+UJW40khA+Ji4xgqMVDkonSOAUfHSF6VA5EPCfD
vGzUzZvrlT7Kxsi637bRQG3G4mbDqWD2K26WJ+0HD97i/5a1UgM13QTtzQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDcc5zexBJBRVZBbRR3jpidZHp+ZMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvTnh6bk43RUVrRkZWa0Z0RkhlT21KMWtlbjVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAQjhTAwQA
mwLBAwQAmwLcMA0GCSqGSIb3DQEBCwUAA4IBAQBe7wgKw1JfO4MSS9TEDkXsDhzN
OUoAa2ipR6COlhYlEh8AQJEszkHLEpPgIhm3/GuP5lcpUDv/MeqFqC5WpUaYw72A
2lXzvdIQAXkc9nSMwiG044EsQrNPXDkI439+ldFIwmBZTrhN8fahM0+Q2tnWHECV
PcjUucpvDmPyVTdAIHcI501Tzt9KqU0pRelTcMzFefT/mRXVpnWrkeBpNyATBORi
X+Ycg2shE4aVJ57NSz4ZrSG1695vmwP8KNMH7+44YQ2sAm/1s3D8fseMJdf13t9h
ObF9NNyczXL7DzckjY0kD4kad/UWMPRUIFonN5GEIvBsHu5hFM1BdBXcDyBK
-----END CERTIFICATE-----
Generated at Fri Apr 11 22:40:40 2025 by rpki-client