Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/_NnvVvLlvqtdHHcZRyUsiHUEkKs.roa
File: _NnvVvLlvqtdHHcZRyUsiHUEkKs.roa (raw, json)
Hash identifier: es5WKgZ/L1Jato5AQPBVJDwpXDUM030k+h+RNYgLMtA=
Subject key identifier: FC:D9:EF:56:F2:E5:BE:AB:5D:1C:77:19:47:25:2C:88:75:04:90:AB
Certificate issuer: /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial: 01971627D2B1DA95D35DB39AE879FD08852F
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/_NnvVvLlvqtdHHcZRyUsiHUEkKs.roa
Signing time: Wed 28 May 2025 09:09:57 +0000
ROA not before: Wed 28 May 2025 09:09:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51765
IP address blocks: 5.181.168.0/24 maxlen: 24
5.181.169.0/24 maxlen: 24
5.183.255.0/24 maxlen: 24
77.83.247.0/24 maxlen: 24
83.171.224.0/24 maxlen: 24
83.171.226.0/24 maxlen: 24
83.171.227.0/24 maxlen: 24
141.98.87.0/24 maxlen: 24
185.68.184.0/24 maxlen: 24
185.68.246.0/24 maxlen: 24
185.68.247.0/24 maxlen: 24
185.77.217.0/24 maxlen: 24
185.77.218.0/23 maxlen: 24
185.88.36.0/24 maxlen: 24
185.89.42.0/24 maxlen: 24
185.89.43.0/24 maxlen: 24
194.104.10.0/24 maxlen: 24
213.232.120.0/24 maxlen: 24
213.232.122.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.mft
rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:16:27:d2:b1:da:95:d3:5d:b3:9a:e8:79:fd:08:85:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
Validity
Not Before: May 28 09:09:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fcd9ef56f2e5beab5d1c771947252c88750490ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:25:38:56:87:9f:07:4c:64:cc:b3:3b:72:ce:
19:7b:86:fc:65:9a:c8:fa:82:d5:b3:b3:95:96:14:
32:28:b6:a7:7a:03:9e:10:fd:3d:d0:72:44:fe:8c:
c2:63:32:c8:8c:12:ad:5a:8a:f2:7f:b8:27:e8:b3:
10:f4:51:3b:69:5b:e5:fe:fa:41:a2:0f:cd:f5:0b:
e5:38:71:4e:54:05:93:96:10:58:ac:e7:8a:19:09:
c3:bc:2e:a4:74:ae:10:94:9c:03:76:39:ca:a5:9d:
06:6c:d9:48:77:27:39:f0:60:a7:db:f8:0a:14:c1:
db:34:24:69:c8:45:be:ea:ae:66:46:9d:13:7f:fa:
aa:3c:25:00:b9:5b:ef:d0:0c:fa:18:53:53:9d:99:
df:14:7f:2f:44:5b:38:1e:4b:7b:34:c3:63:bf:38:
d1:56:c2:f4:f7:a8:f1:16:22:88:b1:cc:b6:80:92:
f2:42:2b:ec:a6:27:83:d4:10:ec:e8:04:59:93:9a:
a1:5a:a3:57:f9:fb:8c:5b:ea:e3:ad:cf:c8:ac:d8:
6f:2b:fe:36:96:f2:bc:09:d3:88:e9:03:70:0f:11:
ca:ae:58:f1:17:cd:ca:3e:8d:2a:cd:b9:09:eb:ef:
bc:43:e1:0e:f1:53:ea:d7:d1:92:02:d2:0a:27:79:
5f:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:D9:EF:56:F2:E5:BE:AB:5D:1C:77:19:47:25:2C:88:75:04:90:AB
X509v3 Authority Key Identifier:
keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/_NnvVvLlvqtdHHcZRyUsiHUEkKs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.168.0/23
5.183.255.0/24
77.83.247.0/24
83.171.224.0/24
83.171.226.0/23
141.98.87.0/24
185.68.184.0/24
185.68.246.0/23
185.77.217.0-185.77.219.255
185.88.36.0/24
185.89.42.0/23
194.104.10.0/24
213.232.120.0/24
213.232.122.0/24
Signature Algorithm: sha256WithRSAEncryption
59:9d:0e:c3:a8:75:7b:59:22:3c:0b:46:f3:8d:b8:6a:90:b8:
5f:a4:60:ba:b5:db:e5:1f:53:a5:af:f6:14:63:ed:c1:42:af:
a1:eb:db:8a:64:84:02:94:a6:f0:7d:01:62:b9:98:7d:ce:f3:
7f:75:9c:d9:6e:90:7d:85:a8:92:4f:76:e6:b1:87:ff:1b:bc:
d4:36:3c:69:da:9f:32:61:ce:45:28:f0:58:b2:e5:53:dc:b2:
bd:b2:1e:9b:15:31:53:62:3f:d7:14:21:b5:ab:99:db:6d:22:
a0:39:36:35:9b:f8:7e:ad:aa:a4:c4:92:b5:34:e3:6c:8c:27:
77:7e:22:1b:39:cd:97:b9:43:f7:0b:b8:d5:08:10:84:d0:67:
01:19:90:cf:44:a2:47:9d:55:85:18:c9:51:80:e5:de:2f:66:
c9:80:26:b8:2b:14:99:00:75:db:d2:93:ad:46:ee:7b:21:57:
a8:a6:e9:8a:e9:65:17:30:da:28:f9:e8:59:1b:6e:ec:67:be:
a8:06:14:59:f3:c0:7b:a8:f4:8c:6a:8a:19:b2:fd:27:92:e6:
1e:62:11:2d:61:06:a5:2f:2f:b4:9a:c8:54:9e:b8:44:bb:ff:
bc:12:f8:91:19:69:1a:dc:bd:41:03:39:9b:65:08:00:c3:ad:
85:e1:eb:08
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAZcWJ9Kx2pXTXbOa6Hn9CIUvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjUwNTI4MDkwOTU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2Q5ZWY1NmYyZTViZWFiNWQxYzc3MTk0NzI1MmM4ODc1MDQ5MGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyiU4VoefB0xkzLM7cs4Ze4b8ZZrI
+oLVs7OVlhQyKLanegOeEP090HJE/ozCYzLIjBKtWoryf7gn6LMQ9FE7aVvl/vpB
og/N9QvlOHFOVAWTlhBYrOeKGQnDvC6kdK4QlJwDdjnKpZ0GbNlIdyc58GCn2/gK
FMHbNCRpyEW+6q5mRp0Tf/qqPCUAuVvv0Az6GFNTnZnfFH8vRFs4Hkt7NMNjvzjR
VsL096jxFiKIscy2gJLyQivspieD1BDs6ARZk5qhWqNX+fuMW+rjrc/IrNhvK/42
lvK8CdOI6QNwDxHKrljxF83KPo0qzbkJ6++8Q+EO8VPq19GSAtIKJ3lfawIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFPzZ71by5b6rXRx3GUclLIh1BJCrMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvX05udlZ2TGx2cXRkSEhjWlJ5VXNpSFVFa0tzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcAwQBBbWoAwQA
Bbf/AwQATVP3AwQAU6vgAwQBU6viAwQAjWJXAwQAuUS4AwQBuUT2MAwDBAC5TdkD
BAK5TdgDBAC5WCQDBAG5WSoDBADCaAoDBADV6HgDBADV6HowDQYJKoZIhvcNAQEL
BQADggEBAFmdDsOodXtZIjwLRvONuGqQuF+kYLq12+UfU6Wv9hRj7cFCr6Hr24pk
hAKUpvB9AWK5mH3O8391nNlukH2FqJJPduaxh/8bvNQ2PGnanzJhzkUo8Fiy5VPc
sr2yHpsVMVNiP9cUIbWrmdttIqA5NjWb+H6tqqTEkrU042yMJ3d+Ihs5zZe5Q/cL
uNUIEITQZwEZkM9EokedVYUYyVGA5d4vZsmAJrgrFJkAddvSk61G7nshV6im6Yrp
ZRcw2ij56FkbbuxnvqgGFFnzwHuo9Ixqihmy/SeS5h5iES1hBqUvL7SayFSeuES7
/7wS+JEZaRrcvUEDOZtlCADDrYXh6wg=
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:35:30 2025 by rpki-client