Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/N8tDCs7Io_jdHli4KPG-yFhou0M.roa
File: N8tDCs7Io_jdHli4KPG-yFhou0M.roa (raw, json)
Hash identifier: 41gTKrFfnYw3vFBofMdq20SpfeLYjngiWRs/8PhraJA=
Subject key identifier: 37:CB:43:0A:CE:C8:A3:F8:DD:1E:58:B8:28:F1:BE:C8:58:68:BB:43
Certificate issuer: /CN=6fccdffda6a4c48914b5e8cde7da5d820b9c9718
Certificate serial: 0196D3DEB7E01B24B29DA870CE333354211E
Authority key identifier: 6F:CC:DF:FD:A6:A4:C4:89:14:B5:E8:CD:E7:DA:5D:82:0B:9C:97:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b8zf_aakxIkUtejN59pdgguclxg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/N8tDCs7Io_jdHli4KPG-yFhou0M.roa
Signing time: Thu 15 May 2025 12:15:10 +0000
ROA not before: Thu 15 May 2025 12:15:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21100
IP address blocks: 91.90.192.0/24 maxlen: 24
91.90.194.0/24 maxlen: 24
91.223.123.0/24 maxlen: 24
94.131.16.0/24 maxlen: 24
185.198.164.0/22 maxlen: 22
195.245.112.0/23 maxlen: 23
2001:67c:2f5c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/b8zf_aakxIkUtejN59pdgguclxg.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/b8zf_aakxIkUtejN59pdgguclxg.mft
rsync://rpki.ripe.net/repository/DEFAULT/b8zf_aakxIkUtejN59pdgguclxg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 03:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:d3:de:b7:e0:1b:24:b2:9d:a8:70:ce:33:33:54:21:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fccdffda6a4c48914b5e8cde7da5d820b9c9718
Validity
Not Before: May 15 12:15:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=37cb430acec8a3f8dd1e58b828f1bec85868bb43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:a7:cb:5d:a2:11:42:b8:2f:09:cf:4b:69:b4:
cd:c1:11:6e:76:e5:c4:23:16:04:d9:92:5b:b2:6e:
96:48:e3:4e:72:8d:ba:3a:20:15:0e:03:0f:d2:97:
65:95:fb:de:70:36:b7:4f:72:ed:db:f7:2c:8e:c2:
9b:38:d4:bf:3b:6d:cc:fb:ad:26:58:2f:9c:ab:f2:
49:88:2c:18:47:bf:7d:9e:db:5f:5c:6d:26:06:6d:
cd:eb:e8:18:28:4b:5d:fc:7d:3a:79:44:ed:61:35:
29:a4:75:b7:0b:36:02:69:51:d6:52:5c:fc:cd:25:
6e:48:3b:0a:b1:52:e0:59:a2:e5:58:57:3b:76:4d:
60:4b:20:c5:1e:90:66:0c:7c:66:f1:45:6d:fa:c2:
9e:01:b3:ab:f6:8f:b3:b2:57:72:f7:32:76:75:97:
15:1b:74:f4:b0:f9:d6:82:d5:42:a5:e5:fe:cb:6e:
25:3a:4d:b9:0f:9e:ec:3f:a9:4b:39:4f:cf:ae:f2:
6c:0a:05:5d:6d:33:6a:e2:39:5b:01:ad:53:4e:09:
d1:25:bd:a6:9d:b8:38:3e:ec:84:04:15:27:a2:3c:
c8:65:34:2e:48:f8:fe:e0:c1:4f:b9:98:5d:e2:dc:
61:1f:43:7d:3b:8c:58:64:7d:31:51:fb:16:02:3d:
b8:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:CB:43:0A:CE:C8:A3:F8:DD:1E:58:B8:28:F1:BE:C8:58:68:BB:43
X509v3 Authority Key Identifier:
keyid:6F:CC:DF:FD:A6:A4:C4:89:14:B5:E8:CD:E7:DA:5D:82:0B:9C:97:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8zf_aakxIkUtejN59pdgguclxg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/N8tDCs7Io_jdHli4KPG-yFhou0M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/b8zf_aakxIkUtejN59pdgguclxg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.90.192.0/24
91.90.194.0/24
91.223.123.0/24
94.131.16.0/24
185.198.164.0/22
195.245.112.0/23
IPv6:
2001:67c:2f5c::/48
Signature Algorithm: sha256WithRSAEncryption
b2:30:39:2a:54:b1:40:03:94:ab:58:21:86:d8:4e:55:76:41:
1c:7c:b8:05:c5:cb:fe:b5:1d:8c:0c:05:3f:97:2f:d3:02:9a:
cb:a8:42:86:93:d5:ad:cb:7a:fa:ce:2d:13:54:cf:59:1c:a1:
7d:8e:35:75:36:8d:ad:79:51:ba:53:99:c4:48:bd:a8:27:12:
35:35:c0:36:f2:c9:4f:c3:6f:96:fd:61:37:a4:06:38:91:c0:
51:63:97:ec:d8:ed:60:98:33:82:1a:5a:0e:ed:4d:fd:11:bb:
69:08:22:24:4c:7a:a4:98:a8:f5:3a:63:c7:31:69:ec:63:f7:
50:f6:23:d0:f2:3b:00:c3:d7:e3:5e:e7:56:16:a3:cb:a8:44:
53:a0:12:eb:e7:57:3b:d1:3d:21:90:9c:26:8d:40:66:67:bf:
6d:d3:83:35:d3:c2:2f:b4:f0:83:5c:2e:d1:aa:e7:df:72:74:
96:b1:73:56:dc:62:16:ca:13:3f:dc:ac:e7:84:1a:49:e0:fb:
c5:18:8b:a4:46:e7:ec:af:c1:ba:54:08:57:2f:85:31:53:cc:
75:8e:41:6c:b1:c1:bd:c9:52:19:c4:70:80:64:f1:13:51:c3:
d7:bd:13:08:33:cb:ba:58:63:94:9c:7d:80:ed:9f:92:37:81:
7f:53:f9:bb
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZbT3rfgGySynahwzjMzVCEeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmY2NkZmZkYTZhNGM0ODkxNGI1ZThjZGU3ZGE1ZDgyMGI5
Yzk3MTgwHhcNMjUwNTE1MTIxNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2NiNDMwYWNlYzhhM2Y4ZGQxZTU4YjgyOGYxYmVjODU4NjhiYjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnqfLXaIRQrgvCc9LabTNwRFuduXE
IxYE2ZJbsm6WSONOco26OiAVDgMP0pdllfvecDa3T3Lt2/csjsKbONS/O23M+60m
WC+cq/JJiCwYR799nttfXG0mBm3N6+gYKEtd/H06eUTtYTUppHW3CzYCaVHWUlz8
zSVuSDsKsVLgWaLlWFc7dk1gSyDFHpBmDHxm8UVt+sKeAbOr9o+zsldy9zJ2dZcV
G3T0sPnWgtVCpeX+y24lOk25D57sP6lLOU/PrvJsCgVdbTNq4jlbAa1TTgnRJb2m
nbg4PuyEBBUnojzIZTQuSPj+4MFPuZhd4txhH0N9O4xYZH0xUfsWAj248QIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFDfLQwrOyKP43R5YuCjxvshYaLtDMB8GA1UdIwQY
MBaAFG/M3/2mpMSJFLXozefaXYILnJcYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjh6Zl9hYWt4SWtVdGVqTjU5cGRnZ3VjbHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9jYjAxNTMtODAzYS00YmI2LWIxOWQt
YTc3NGU0MWQyNjRjLzEvTjh0RENzN0lvX2pkSGxpNEtQRy15RmhvdTBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9jYjAxNTMtODAzYS00YmI2LWIxOWQtYTc3NGU0MWQyNjRj
LzEvYjh6Zl9hYWt4SWtVdGVqTjU5cGRnZ3VjbHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAqBAIAATAkAwQAW1rAAwQA
W1rCAwQAW997AwQAXoMQAwQCucakAwQBw/VwMA8EAgACMAkDBwAgAQZ8L1wwDQYJ
KoZIhvcNAQELBQADggEBALIwOSpUsUADlKtYIYbYTlV2QRx8uAXFy/61HYwMBT+X
L9MCmsuoQoaT1a3LevrOLRNUz1kcoX2ONXU2ja15UbpTmcRIvagnEjU1wDbyyU/D
b5b9YTekBjiRwFFjl+zY7WCYM4IaWg7tTf0Ru2kIIiRMeqSYqPU6Y8cxaexj91D2
I9DyOwDD1+Ne51YWo8uoRFOgEuvnVzvRPSGQnCaNQGZnv23TgzXTwi+08INcLtGq
599ydJaxc1bcYhbKEz/crOeEGkng+8UYi6RG5+yvwbpUCFcvhTFTzHWOQWyxwb3J
UhnEcIBk8RNRw9e9Ewgzy7pYY5ScfYDtn5I3gX9T+bs=
-----END CERTIFICATE-----
Generated at Sun Jun 8 08:21:13 2025 by rpki-client