Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/nvGMbscQr-nCRZKJCx_sXVAuXnM.roa
File: nvGMbscQr-nCRZKJCx_sXVAuXnM.roa (raw, json)
Hash identifier: FEjJqoH/uFbjUlp+UiOuar/ZgJYrfKdP4uZu1K+Z/R4=
Subject key identifier: 9E:F1:8C:6E:C7:10:AF:E9:C2:45:92:89:0B:1F:EC:5D:50:2E:5E:73
Certificate issuer: /CN=b914961f67f22c61e84a66c8ad9c1a8ce51d099b
Certificate serial: 019428236B3B7B9B02746D2D6C1E1DB9D7E4
Authority key identifier: B9:14:96:1F:67:F2:2C:61:E8:4A:66:C8:AD:9C:1A:8C:E5:1D:09:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uRSWH2fyLGHoSmbIrZwajOUdCZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/nvGMbscQr-nCRZKJCx_sXVAuXnM.roa
Signing time: Thu 02 Jan 2025 17:49:57 +0000
ROA not before: Thu 02 Jan 2025 17:49:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206833
IP address blocks: 195.5.68.0/22 maxlen: 24
195.5.72.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/uRSWH2fyLGHoSmbIrZwajOUdCZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/uRSWH2fyLGHoSmbIrZwajOUdCZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/uRSWH2fyLGHoSmbIrZwajOUdCZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:6b:3b:7b:9b:02:74:6d:2d:6c:1e:1d:b9:d7:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b914961f67f22c61e84a66c8ad9c1a8ce51d099b
Validity
Not Before: Jan 2 17:49:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9ef18c6ec710afe9c24592890b1fec5d502e5e73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:15:17:c6:d9:bd:46:79:94:a2:d1:70:4b:19:
d1:3a:12:08:f7:a9:cb:02:21:3d:0d:d5:81:68:a9:
d8:e5:f1:0a:18:14:43:a8:16:40:f3:34:e1:2e:59:
b0:95:d1:57:0a:8c:4f:7d:f9:03:fa:7d:0b:61:27:
f3:4f:84:af:d1:a5:45:0a:36:3f:27:f0:cb:1b:ac:
ea:52:42:61:65:7b:6b:53:00:4f:5d:c5:0a:21:9b:
ac:a3:b5:99:6b:bc:8f:43:9f:f0:bd:e3:49:0a:e1:
97:29:2c:6a:7d:d8:dd:ea:56:d0:7d:05:22:d1:b3:
d2:b5:c4:f1:0f:a9:b3:a8:22:a1:fa:4a:9e:32:83:
13:f8:6f:3b:ce:10:86:ef:e8:fc:23:db:de:21:b0:
af:fa:3d:78:d4:c7:92:16:14:08:f8:18:d7:8d:60:
49:d5:5a:a6:1f:9d:0d:2d:a5:27:34:2d:39:31:17:
74:2f:1e:a0:67:25:61:26:9b:72:d1:26:b5:68:1d:
8e:06:16:bd:0e:d4:7d:38:11:00:90:ad:89:dd:9a:
15:48:46:a6:91:2b:e3:5c:40:d1:c7:d6:42:fd:59:
aa:d1:c0:80:0e:b4:5f:c4:04:1d:73:65:ab:93:89:
2e:a9:04:9d:16:a2:ad:75:6e:6b:19:ea:37:c6:1d:
f5:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:F1:8C:6E:C7:10:AF:E9:C2:45:92:89:0B:1F:EC:5D:50:2E:5E:73
X509v3 Authority Key Identifier:
keyid:B9:14:96:1F:67:F2:2C:61:E8:4A:66:C8:AD:9C:1A:8C:E5:1D:09:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uRSWH2fyLGHoSmbIrZwajOUdCZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/nvGMbscQr-nCRZKJCx_sXVAuXnM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/uRSWH2fyLGHoSmbIrZwajOUdCZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.5.68.0-195.5.75.255
Signature Algorithm: sha256WithRSAEncryption
e7:6e:33:a2:6d:aa:aa:f4:4a:a5:0c:b0:ce:e5:a5:9c:6e:7f:
80:c7:a2:18:f2:21:e6:5c:89:17:3e:6c:0a:ef:22:4d:b4:ba:
9b:88:f5:0a:37:b0:a1:d2:c3:fe:7c:68:b5:21:4c:1b:88:4b:
62:de:3a:35:60:96:f7:6b:49:f2:a9:57:e3:f4:19:2b:d6:25:
14:dd:c2:68:52:73:9b:88:b2:af:fb:fd:24:36:e1:42:e0:02:
42:d3:d3:a2:18:60:97:7d:02:4e:b0:20:eb:c3:41:e5:fb:a0:
ee:89:16:dd:e9:01:fb:d7:f4:9f:ca:d3:59:2a:bb:7d:2f:d8:
f8:08:ae:b8:05:97:a0:16:75:71:5a:b0:38:ac:c5:46:45:59:
57:ef:d9:f2:28:f3:81:ad:4c:b9:b5:08:65:e8:82:84:b1:22:
d7:1c:d8:7f:2d:25:31:ca:84:7b:c2:bb:e7:a2:a4:6d:aa:e2:
75:e7:e7:5c:c6:80:d9:2f:4b:59:b2:de:8c:5f:52:f3:ef:88:
bf:ef:4f:50:a9:95:a9:d6:dc:65:d8:ce:9b:36:c6:b6:e5:d9:
89:6a:08:95:48:4a:89:92:7a:69:ba:3d:d7:7d:fb:2c:6f:29:
bf:23:bd:8c:8f:0f:6a:76:50:4a:a7:a8:79:62:d2:14:9c:af:
d2:26:87:2d
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQoI2s7e5sCdG0tbB4dudfkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5MTQ5NjFmNjdmMjJjNjFlODRhNjZjOGFkOWMxYThjZTUx
ZDA5OWIwHhcNMjUwMTAyMTc0OTU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWYxOGM2ZWM3MTBhZmU5YzI0NTkyODkwYjFmZWM1ZDUwMmU1ZTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxBUXxtm9RnmUotFwSxnROhII96nL
AiE9DdWBaKnY5fEKGBRDqBZA8zThLlmwldFXCoxPffkD+n0LYSfzT4Sv0aVFCjY/
J/DLG6zqUkJhZXtrUwBPXcUKIZuso7WZa7yPQ5/wveNJCuGXKSxqfdjd6lbQfQUi
0bPStcTxD6mzqCKh+kqeMoMT+G87zhCG7+j8I9veIbCv+j141MeSFhQI+BjXjWBJ
1VqmH50NLaUnNC05MRd0Lx6gZyVhJpty0Sa1aB2OBha9DtR9OBEAkK2J3ZoVSEam
kSvjXEDRx9ZC/Vmq0cCADrRfxAQdc2Wrk4kuqQSdFqKtdW5rGeo3xh31GwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJ7xjG7HEK/pwkWSiQsf7F1QLl5zMB8GA1UdIwQY
MBaAFLkUlh9n8ixh6EpmyK2cGozlHQmbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVJTV0gyZnlMR0hvU21iSXJad2FqT1VkQ1pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8wOTE3YTctOWViZC00NWI5LTlkZTIt
Mjc0NzNjYTYxMmRlLzEvbnZHTWJzY1FyLW5DUlpLSkN4X3NYVkF1WG5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8wOTE3YTctOWViZC00NWI5LTlkZTItMjc0NzNjYTYxMmRl
LzEvdVJTV0gyZnlMR0hvU21iSXJad2FqT1VkQ1pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBALDBUQD
BALDBUgwDQYJKoZIhvcNAQELBQADggEBAOduM6Jtqqr0SqUMsM7lpZxuf4DHohjy
IeZciRc+bArvIk20upuI9Qo3sKHSw/58aLUhTBuIS2LeOjVglvdrSfKpV+P0GSvW
JRTdwmhSc5uIsq/7/SQ24ULgAkLT06IYYJd9Ak6wIOvDQeX7oO6JFt3pAfvX9J/K
01kqu30v2PgIrrgFl6AWdXFasDisxUZFWVfv2fIo84GtTLm1CGXogoSxItcc2H8t
JTHKhHvCu+eipG2q4nXn51zGgNkvS1my3oxfUvPviL/vT1CplanW3GXYzps2xrbl
2YlqCJVISomSemm6Pdd9+yxvKb8jvYyPD2p2UEqnqHli0hScr9Imhy0=
-----END CERTIFICATE-----
Generated at Thu Apr 17 07:31:24 2025 by rpki-client