Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/c6d6be-bf4a-43e5-a908-5ca016a10054/1/N8PiG76ntwKAGaSP3YzYnQGkLVI.roa
File: N8PiG76ntwKAGaSP3YzYnQGkLVI.roa (raw, json)
Hash identifier: nUQC/UxGj4cDa5TMObsdW9+d18vToeDUb/QlHw0eCHA=
Subject key identifier: 37:C3:E2:1B:BE:A7:B7:02:80:19:A4:8F:DD:8C:D8:9D:01:A4:2D:52
Certificate issuer: /CN=aca1f4713024804c445403af63fa644b2a935d24
Certificate serial: 01953DA00B1BEBE8B768BFC93A6449219F13
Authority key identifier: AC:A1:F4:71:30:24:80:4C:44:54:03:AF:63:FA:64:4B:2A:93:5D:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rKH0cTAkgExEVAOvY_pkSyqTXSQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/c6d6be-bf4a-43e5-a908-5ca016a10054/1/N8PiG76ntwKAGaSP3YzYnQGkLVI.roa
Signing time: Tue 25 Feb 2025 15:00:53 +0000
ROA not before: Tue 25 Feb 2025 15:00:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60341
IP address blocks: 185.32.232.0/22 maxlen: 24
185.45.116.0/22 maxlen: 24
185.47.20.0/22 maxlen: 24
185.50.92.0/22 maxlen: 24
185.50.93.0/24 maxlen: 24
185.50.95.0/24 maxlen: 24
2a00:c660::/29 maxlen: 29
2a00:c660::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/c6d6be-bf4a-43e5-a908-5ca016a10054/1/rKH0cTAkgExEVAOvY_pkSyqTXSQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/c6d6be-bf4a-43e5-a908-5ca016a10054/1/rKH0cTAkgExEVAOvY_pkSyqTXSQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/rKH0cTAkgExEVAOvY_pkSyqTXSQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:3d:a0:0b:1b:eb:e8:b7:68:bf:c9:3a:64:49:21:9f:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aca1f4713024804c445403af63fa644b2a935d24
Validity
Not Before: Feb 25 15:00:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=37c3e21bbea7b7028019a48fdd8cd89d01a42d52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:20:fb:b5:b7:1c:b6:56:a5:cb:8f:76:a2:90:
60:12:ea:ab:3e:71:26:25:4e:00:19:75:ff:42:35:
94:8e:91:f7:4f:f9:a1:d6:0d:3e:83:96:8f:1e:46:
43:17:a6:50:4f:7c:48:98:70:47:c0:cc:68:ca:b3:
f4:b1:ab:8a:69:5a:02:9e:23:2b:77:f5:03:35:43:
cf:e3:59:f9:1d:1d:27:4d:c2:9e:65:e6:e0:7f:51:
d8:fd:c4:8a:2a:87:71:a6:d7:42:eb:99:a1:d5:c6:
7a:1a:f7:b7:af:8b:78:29:5b:2e:93:ca:86:ea:9b:
39:8f:30:c0:74:08:3e:52:b1:6c:68:23:73:b9:6a:
1a:6b:53:cb:cb:b6:a0:b9:d0:d2:bc:12:70:8e:70:
bf:dd:7e:64:e2:ef:b2:02:f8:8d:69:0f:3d:d8:52:
82:8a:09:82:31:42:c5:8f:8e:b3:88:e2:c5:da:55:
b7:f1:5f:cf:cb:0c:5b:8c:1c:2c:67:79:7d:e3:64:
da:df:d4:b4:3a:35:5b:1b:72:ec:0c:61:ea:b1:21:
37:c0:cc:98:96:60:ec:16:1d:06:0d:16:b4:bc:19:
e1:ad:5d:48:84:21:a6:73:b1:e6:d2:9c:4d:6f:de:
9e:70:24:e4:d8:1b:24:f2:4b:02:c5:62:12:51:29:
94:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:C3:E2:1B:BE:A7:B7:02:80:19:A4:8F:DD:8C:D8:9D:01:A4:2D:52
X509v3 Authority Key Identifier:
keyid:AC:A1:F4:71:30:24:80:4C:44:54:03:AF:63:FA:64:4B:2A:93:5D:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rKH0cTAkgExEVAOvY_pkSyqTXSQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/c6d6be-bf4a-43e5-a908-5ca016a10054/1/N8PiG76ntwKAGaSP3YzYnQGkLVI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/c6d6be-bf4a-43e5-a908-5ca016a10054/1/rKH0cTAkgExEVAOvY_pkSyqTXSQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.32.232.0/22
185.45.116.0/22
185.47.20.0/22
185.50.92.0/22
IPv6:
2a00:c660::/29
Signature Algorithm: sha256WithRSAEncryption
b6:b2:49:2b:da:b3:87:fd:2f:df:a8:d9:48:d2:20:2d:1e:01:
70:99:81:b6:b3:72:79:9a:56:2a:36:e3:a4:8b:2a:25:61:f7:
ee:fe:37:6b:2f:44:4e:68:b5:8e:73:c9:6d:d9:d6:d6:d8:52:
fa:0d:b0:1f:63:0b:8e:41:33:ce:e6:7c:fb:43:67:c4:57:d2:
a2:5f:af:43:18:b4:57:72:a4:c9:94:6c:e1:e8:c8:c7:52:e9:
b5:ee:ee:d9:68:a0:f1:b7:28:ff:6d:dd:4c:de:d0:33:93:8f:
61:89:61:63:40:4c:1a:ad:42:eb:b7:1b:5b:75:ed:eb:6d:d2:
ea:2b:d4:aa:ab:70:d1:c5:7a:83:9f:04:e2:84:0f:41:ee:cd:
f6:ef:4a:0f:de:e5:70:b1:c2:0f:70:a0:d7:48:81:e8:78:46:
51:d4:86:fd:de:b0:11:d1:a1:83:b1:d2:b4:39:9a:b8:6a:cf:
50:95:92:7d:ea:0c:a5:b5:b5:c8:36:d5:3d:2c:30:66:46:7e:
66:6c:8b:cc:5c:ce:7e:a5:40:d6:5e:be:c9:61:73:7e:5a:ae:
a5:12:96:31:62:d7:7f:43:f9:91:ef:86:d3:84:e1:c2:a8:23:
a1:a7:5c:dd:79:6c:f3:23:c8:05:f1:3b:9c:0c:d8:32:75:5a:
b2:2d:03:4a
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZU9oAsb6+i3aL/JOmRJIZ8TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYTFmNDcxMzAyNDgwNGM0NDU0MDNhZjYzZmE2NDRiMmE5
MzVkMjQwHhcNMjUwMjI1MTUwMDUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2MzZTIxYmJlYTdiNzAyODAxOWE0OGZkZDhjZDg5ZDAxYTQyZDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApiD7tbcctlaly492opBgEuqrPnEm
JU4AGXX/QjWUjpH3T/mh1g0+g5aPHkZDF6ZQT3xImHBHwMxoyrP0sauKaVoCniMr
d/UDNUPP41n5HR0nTcKeZebgf1HY/cSKKodxptdC65mh1cZ6Gve3r4t4KVsuk8qG
6ps5jzDAdAg+UrFsaCNzuWoaa1PLy7agudDSvBJwjnC/3X5k4u+yAviNaQ892FKC
igmCMULFj46ziOLF2lW38V/PywxbjBwsZ3l942Ta39S0OjVbG3LsDGHqsSE3wMyY
lmDsFh0GDRa0vBnhrV1IhCGmc7Hm0pxNb96ecCTk2Bsk8ksCxWISUSmUuQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFDfD4hu+p7cCgBmkj92M2J0BpC1SMB8GA1UdIwQY
MBaAFKyh9HEwJIBMRFQDr2P6ZEsqk10kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcktIMGNUQWtnRXhFVkFPdllfcGtTeXFUWFNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9jNmQ2YmUtYmY0YS00M2U1LWE5MDgt
NWNhMDE2YTEwMDU0LzEvTjhQaUc3Nm50d0tBR2FTUDNZelluUUdrTFZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9jNmQ2YmUtYmY0YS00M2U1LWE5MDgtNWNhMDE2YTEwMDU0
LzEvcktIMGNUQWtnRXhFVkFPdllfcGtTeXFUWFNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCuSDoAwQC
uS10AwQCuS8UAwQCuTJcMA0EAgACMAcDBQMqAMZgMA0GCSqGSIb3DQEBCwUAA4IB
AQC2skkr2rOH/S/fqNlI0iAtHgFwmYG2s3J5mlYqNuOkiyolYffu/jdrL0ROaLWO
c8lt2dbW2FL6DbAfYwuOQTPO5nz7Q2fEV9KiX69DGLRXcqTJlGzh6MjHUum17u7Z
aKDxtyj/bd1M3tAzk49hiWFjQEwarULrtxtbde3rbdLqK9Sqq3DRxXqDnwTihA9B
7s3270oP3uVwscIPcKDXSIHoeEZR1Ib93rAR0aGDsdK0OZq4as9QlZJ96gyltbXI
NtU9LDBmRn5mbIvMXM5+pUDWXr7JYXN+Wq6lEpYxYtd/Q/mR74bThOHCqCOhp1zd
eWzzI8gF8TucDNgydVqyLQNK
-----END CERTIFICATE-----
Generated at Thu Apr 17 03:03:48 2025 by rpki-client