Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/111385-2eb6-4c6a-b9c4-34ae891a72cf/1/nzxRK0cEa0Q5b6bg41vXqADSLgQ.roa
File: nzxRK0cEa0Q5b6bg41vXqADSLgQ.roa (raw, json)
Hash identifier: r0hQk+KsffZwjWrXcUdE/l2HhKGLarRWRSIYMo2t7F0=
Subject key identifier: 9F:3C:51:2B:47:04:6B:44:39:6F:A6:E0:E3:5B:D7:A8:00:D2:2E:04
Certificate issuer: /CN=e91ef22adaa16d53dcf637c569f4131f26215b91
Certificate serial: 01959479912C94051D5F66413A3990C17D36
Authority key identifier: E9:1E:F2:2A:DA:A1:6D:53:DC:F6:37:C5:69:F4:13:1F:26:21:5B:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6R7yKtqhbVPc9jfFafQTHyYhW5E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/111385-2eb6-4c6a-b9c4-34ae891a72cf/1/nzxRK0cEa0Q5b6bg41vXqADSLgQ.roa
Signing time: Fri 14 Mar 2025 11:45:49 +0000
ROA not before: Fri 14 Mar 2025 11:45:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214798
IP address blocks: 45.129.140.0/24 maxlen: 24
185.164.163.0/24 maxlen: 24
185.169.107.0/24 maxlen: 24
2a09:31c0:cafe::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/111385-2eb6-4c6a-b9c4-34ae891a72cf/1/6R7yKtqhbVPc9jfFafQTHyYhW5E.crl
rsync://rpki.ripe.net/repository/DEFAULT/91/111385-2eb6-4c6a-b9c4-34ae891a72cf/1/6R7yKtqhbVPc9jfFafQTHyYhW5E.mft
rsync://rpki.ripe.net/repository/DEFAULT/6R7yKtqhbVPc9jfFafQTHyYhW5E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 07:01:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:94:79:91:2c:94:05:1d:5f:66:41:3a:39:90:c1:7d:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e91ef22adaa16d53dcf637c569f4131f26215b91
Validity
Not Before: Mar 14 11:45:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9f3c512b47046b44396fa6e0e35bd7a800d22e04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:44:33:2b:8c:06:54:af:e6:1c:74:bd:21:e2:
69:30:8f:ca:93:65:00:29:d5:46:6e:eb:af:ac:ab:
e7:76:1e:d2:5d:ee:6b:2e:42:c7:af:7e:07:ac:83:
54:b2:3e:50:86:47:5a:e5:ea:55:35:e8:9e:b7:20:
7a:56:b5:76:d2:0f:32:db:be:03:72:9e:98:ff:c6:
af:08:6a:f1:22:cb:63:8a:40:fb:94:1e:f7:9f:74:
35:8d:86:8a:9a:ac:3f:33:ad:38:af:ea:d1:e2:46:
f0:81:6c:14:e1:7a:8b:91:03:e9:2e:ae:c9:95:d0:
da:17:71:9d:93:16:08:33:ed:27:07:e0:fe:d5:6b:
fb:98:6e:70:af:6d:d9:6c:e7:c7:95:ac:04:fe:02:
91:2a:68:3e:e6:8e:dc:6d:2d:29:ac:44:cc:97:4c:
85:d6:dd:53:44:77:9a:1d:38:bd:b9:bc:0c:ec:aa:
6c:c5:05:b7:64:fc:23:f0:46:81:cf:83:79:ae:01:
6d:18:be:ce:46:56:fb:5a:86:f8:19:21:67:59:d8:
10:43:44:94:46:50:cb:a5:21:51:3e:b0:f8:cb:c6:
be:04:68:fa:27:83:dc:42:a6:6b:74:3a:6b:f2:bd:
c3:ad:52:ab:71:bc:00:6f:ba:40:ce:08:99:97:0c:
6e:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:3C:51:2B:47:04:6B:44:39:6F:A6:E0:E3:5B:D7:A8:00:D2:2E:04
X509v3 Authority Key Identifier:
keyid:E9:1E:F2:2A:DA:A1:6D:53:DC:F6:37:C5:69:F4:13:1F:26:21:5B:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6R7yKtqhbVPc9jfFafQTHyYhW5E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/111385-2eb6-4c6a-b9c4-34ae891a72cf/1/nzxRK0cEa0Q5b6bg41vXqADSLgQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/111385-2eb6-4c6a-b9c4-34ae891a72cf/1/6R7yKtqhbVPc9jfFafQTHyYhW5E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.140.0/24
185.164.163.0/24
185.169.107.0/24
IPv6:
2a09:31c0:cafe::/48
Signature Algorithm: sha256WithRSAEncryption
38:fe:fe:f5:d2:80:83:50:e7:c5:4a:0f:19:93:01:5d:92:04:
e7:75:88:1d:02:5f:35:f8:06:82:12:b8:86:da:e7:5f:98:0f:
b3:6f:23:3b:98:c3:b8:3c:70:cf:1c:f2:3b:88:c1:b8:ad:66:
55:e7:43:28:a3:fc:77:b8:94:7b:49:46:f1:20:bd:96:a9:f6:
21:dd:93:d5:09:00:d4:62:9d:68:8e:95:9f:2e:aa:a1:25:60:
a1:1a:33:e6:46:7f:c2:05:05:85:d7:d0:c8:a3:6b:67:04:03:
e0:31:b1:af:e7:f1:8e:6c:24:be:ee:de:e7:62:84:d9:29:d8:
fa:a3:f2:24:3c:b3:c9:cb:0d:70:59:8a:d6:4d:29:0e:3b:48:
d9:ab:b9:36:b5:0c:28:9a:41:e7:20:dc:27:44:2b:b9:79:34:
af:94:a4:fe:62:c0:23:7c:87:b9:40:2c:d5:ca:8a:08:68:76:
b0:cd:18:16:bf:bf:41:21:d2:41:a8:89:f5:71:df:7c:5d:c3:
7a:30:36:18:c8:53:1f:37:53:e7:57:f6:07:f2:2c:79:f1:ea:
7b:4c:18:80:0f:4a:1e:19:b9:43:5f:fc:64:a4:33:2a:55:9f:
6a:53:7a:0f:bc:22:92:b5:7e:79:df:32:28:94:c0:ca:be:d7:
a2:de:7c:55
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZWUeZEslAUdX2ZBOjmQwX02MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5MWVmMjJhZGFhMTZkNTNkY2Y2MzdjNTY5ZjQxMzFmMjYy
MTViOTEwHhcNMjUwMzE0MTE0NTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjNjNTEyYjQ3MDQ2YjQ0Mzk2ZmE2ZTBlMzViZDdhODAwZDIyZTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2EQzK4wGVK/mHHS9IeJpMI/Kk2UA
KdVGbuuvrKvndh7SXe5rLkLHr34HrINUsj5Qhkda5epVNeietyB6VrV20g8y274D
cp6Y/8avCGrxIstjikD7lB73n3Q1jYaKmqw/M604r+rR4kbwgWwU4XqLkQPpLq7J
ldDaF3GdkxYIM+0nB+D+1Wv7mG5wr23ZbOfHlawE/gKRKmg+5o7cbS0prETMl0yF
1t1TRHeaHTi9ubwM7KpsxQW3ZPwj8EaBz4N5rgFtGL7ORlb7Wob4GSFnWdgQQ0SU
RlDLpSFRPrD4y8a+BGj6J4PcQqZrdDpr8r3DrVKrcbwAb7pAzgiZlwxupQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFJ88UStHBGtEOW+m4ONb16gA0i4EMB8GA1UdIwQY
MBaAFOke8iraoW1T3PY3xWn0Ex8mIVuRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlI3eUt0cWhiVlBjOWpmRmFmUVRIeVloVzVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS8xMTEzODUtMmViNi00YzZhLWI5YzQt
MzRhZTg5MWE3MmNmLzEvbnp4UkswY0VhMFE1YjZiZzQxdlhxQURTTGdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS8xMTEzODUtMmViNi00YzZhLWI5YzQtMzRhZTg5MWE3MmNm
LzEvNlI3eUt0cWhiVlBjOWpmRmFmUVRIeVloVzVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQALYGMAwQA
uaSjAwQAualrMA8EAgACMAkDBwAqCTHAyv4wDQYJKoZIhvcNAQELBQADggEBADj+
/vXSgINQ58VKDxmTAV2SBOd1iB0CXzX4BoISuIba51+YD7NvIzuYw7g8cM8c8juI
wbitZlXnQyij/He4lHtJRvEgvZap9iHdk9UJANRinWiOlZ8uqqElYKEaM+ZGf8IF
BYXX0Mija2cEA+Axsa/n8Y5sJL7u3udihNkp2Pqj8iQ8s8nLDXBZitZNKQ47SNmr
uTa1DCiaQecg3CdEK7l5NK+UpP5iwCN8h7lALNXKighodrDNGBa/v0Eh0kGoifVx
33xdw3owNhjIUx83U+dX9gfyLHnx6ntMGIAPSh4ZuUNf/GSkMypVn2pTeg+8IpK1
fnnfMiiUwMq+16LefFU=
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:27:18 2025 by rpki-client