Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/2f977a-c0db-437e-9f60-5592360e3e8e/1/N6I7GkRnTLkodakf220Jx4FEOJ8.roa
File: N6I7GkRnTLkodakf220Jx4FEOJ8.roa (raw, json)
Hash identifier: 5pNB3KiUL7LD9fJaUhiHJ+4Sn0d2T6l1b/8wj0M4PyI=
Subject key identifier: 37:A2:3B:1A:44:67:4C:B9:28:75:A9:1F:DB:6D:09:C7:81:44:38:9F
Certificate issuer: /CN=cab936b35f92cdec5e90df33bdc508661c27b455
Certificate serial: 0196A55A73C1F6C1B456151B358B55B70A99
Authority key identifier: CA:B9:36:B3:5F:92:CD:EC:5E:90:DF:33:BD:C5:08:66:1C:27:B4:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yrk2s1-SzexekN8zvcUIZhwntFU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/2f977a-c0db-437e-9f60-5592360e3e8e/1/N6I7GkRnTLkodakf220Jx4FEOJ8.roa
Signing time: Tue 06 May 2025 11:28:10 +0000
ROA not before: Tue 06 May 2025 11:28:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214089
IP address blocks: 45.94.100.0/22 maxlen: 22
45.94.100.0/24 maxlen: 24
45.94.103.0/24 maxlen: 24
193.178.44.0/22 maxlen: 22
193.178.44.0/24 maxlen: 24
193.178.45.0/24 maxlen: 24
193.178.46.0/24 maxlen: 24
193.178.47.0/24 maxlen: 24
2a12:b840::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/2f977a-c0db-437e-9f60-5592360e3e8e/1/yrk2s1-SzexekN8zvcUIZhwntFU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/2f977a-c0db-437e-9f60-5592360e3e8e/1/yrk2s1-SzexekN8zvcUIZhwntFU.mft
rsync://rpki.ripe.net/repository/DEFAULT/yrk2s1-SzexekN8zvcUIZhwntFU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 02:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a5:5a:73:c1:f6:c1:b4:56:15:1b:35:8b:55:b7:0a:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cab936b35f92cdec5e90df33bdc508661c27b455
Validity
Not Before: May 6 11:28:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=37a23b1a44674cb92875a91fdb6d09c78144389f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:c8:82:6b:f6:4e:bb:b5:1f:9e:cc:bd:48:ae:
aa:7b:50:9b:13:57:ea:bc:bb:e9:bc:a9:43:c1:22:
c5:9e:16:86:ab:63:c8:ec:66:21:76:e8:bb:77:b4:
3e:d8:f5:3b:a0:15:75:31:b2:4e:fd:b2:89:74:96:
20:ed:9a:87:f6:e0:04:57:23:d6:ab:19:c9:dd:65:
2b:b4:fa:92:98:f6:97:67:74:10:42:3c:49:63:71:
fe:80:8f:58:72:50:be:45:3a:65:a4:8a:f9:46:39:
cf:48:d3:4a:94:1d:b2:b0:5e:05:7b:2f:ed:27:34:
e2:48:7d:b4:35:94:1b:47:6a:5f:19:6d:93:2b:85:
e2:bf:a8:49:59:43:29:0c:6f:d5:62:58:38:bc:fd:
42:df:1a:a3:a8:e4:4a:90:ee:ab:70:d4:94:a9:5c:
e4:01:4a:79:0b:fa:e5:e8:d9:aa:20:71:bd:12:df:
c1:4b:bb:a3:ed:80:6f:f4:d4:d8:8f:3d:d1:bb:96:
f7:c7:03:19:de:c8:0b:c3:e5:fe:df:fe:4f:cd:57:
fb:12:54:7f:4a:41:a2:cd:19:94:d9:58:c7:35:9f:
1c:1d:04:b5:b2:40:69:16:26:12:61:b1:89:f6:d5:
8c:c0:4b:eb:00:f8:0e:05:23:28:e0:17:1e:16:d7:
21:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:A2:3B:1A:44:67:4C:B9:28:75:A9:1F:DB:6D:09:C7:81:44:38:9F
X509v3 Authority Key Identifier:
keyid:CA:B9:36:B3:5F:92:CD:EC:5E:90:DF:33:BD:C5:08:66:1C:27:B4:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yrk2s1-SzexekN8zvcUIZhwntFU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/2f977a-c0db-437e-9f60-5592360e3e8e/1/N6I7GkRnTLkodakf220Jx4FEOJ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/2f977a-c0db-437e-9f60-5592360e3e8e/1/yrk2s1-SzexekN8zvcUIZhwntFU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.100.0/22
193.178.44.0/22
IPv6:
2a12:b840::/32
Signature Algorithm: sha256WithRSAEncryption
32:34:45:07:f0:20:65:3f:dc:85:70:40:33:c2:30:9b:e1:3e:
6e:ba:89:7a:35:b5:aa:a6:f8:81:20:48:4e:a6:a4:2e:91:54:
5b:75:b6:38:e9:23:e8:9b:e0:8c:33:97:51:3f:3d:c0:e2:94:
97:ec:7c:57:53:70:c8:0e:c5:5b:68:7d:e4:b4:a6:1f:3d:ba:
4b:d6:aa:a8:a3:4d:4d:54:7a:b9:45:19:03:6c:79:ac:28:8c:
25:5a:7f:9a:20:ea:42:7b:46:05:d5:83:b6:93:72:c9:b7:50:
b8:7b:c2:71:ec:89:23:07:44:c3:ad:bf:5b:00:d1:73:f0:fe:
41:21:fa:33:2d:38:f2:b6:dd:04:e9:bb:f2:a1:dd:b7:72:c4:
50:f5:56:45:c4:d7:86:6a:66:4c:bd:88:bf:09:5f:30:5c:14:
57:1a:1c:f0:8e:b5:68:ed:69:4b:4f:38:a3:f9:ad:05:b3:0b:
e0:5e:dd:de:f9:91:f0:5f:ad:c0:d5:49:ef:8e:7d:56:14:0c:
6d:44:cd:ab:c3:7c:4e:cf:55:51:0f:b2:1b:97:85:27:7d:24:
cb:38:c5:15:3a:bf:71:e8:85:1b:e6:a9:a5:b6:c9:2e:64:0a:
22:1e:79:d4:d5:f2:b3:15:14:61:3e:7d:c5:ee:d2:58:2a:7c:
5b:b0:79:e8
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZalWnPB9sG0VhUbNYtVtwqZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhYjkzNmIzNWY5MmNkZWM1ZTkwZGYzM2JkYzUwODY2MWMy
N2I0NTUwHhcNMjUwNTA2MTEyODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2EyM2IxYTQ0Njc0Y2I5Mjg3NWE5MWZkYjZkMDljNzgxNDQzODlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3ciCa/ZOu7Ufnsy9SK6qe1CbE1fq
vLvpvKlDwSLFnhaGq2PI7GYhdui7d7Q+2PU7oBV1MbJO/bKJdJYg7ZqH9uAEVyPW
qxnJ3WUrtPqSmPaXZ3QQQjxJY3H+gI9YclC+RTplpIr5RjnPSNNKlB2ysF4Fey/t
JzTiSH20NZQbR2pfGW2TK4Xiv6hJWUMpDG/VYlg4vP1C3xqjqORKkO6rcNSUqVzk
AUp5C/rl6NmqIHG9Et/BS7uj7YBv9NTYjz3Ru5b3xwMZ3sgLw+X+3/5PzVf7ElR/
SkGizRmU2VjHNZ8cHQS1skBpFiYSYbGJ9tWMwEvrAPgOBSMo4BceFtchWwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDeiOxpEZ0y5KHWpH9ttCceBRDifMB8GA1UdIwQY
MBaAFMq5NrNfks3sXpDfM73FCGYcJ7RVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXJrMnMxLVN6ZXhla044enZjVUlaaHdudEZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8yZjk3N2EtYzBkYi00MzdlLTlmNjAt
NTU5MjM2MGUzZThlLzEvTjZJN0drUm5UTGtvZGFrZjIyMEp4NEZFT0o4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8yZjk3N2EtYzBkYi00MzdlLTlmNjAtNTU5MjM2MGUzZThl
LzEveXJrMnMxLVN6ZXhla044enZjVUlaaHdudEZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLV5kAwQC
wbIsMA0EAgACMAcDBQAqErhAMA0GCSqGSIb3DQEBCwUAA4IBAQAyNEUH8CBlP9yF
cEAzwjCb4T5uuol6NbWqpviBIEhOpqQukVRbdbY46SPom+CMM5dRPz3A4pSX7HxX
U3DIDsVbaH3ktKYfPbpL1qqoo01NVHq5RRkDbHmsKIwlWn+aIOpCe0YF1YO2k3LJ
t1C4e8Jx7IkjB0TDrb9bANFz8P5BIfozLTjytt0E6bvyod23csRQ9VZFxNeGamZM
vYi/CV8wXBRXGhzwjrVo7WlLTzij+a0FswvgXt3e+ZHwX63A1Unvjn1WFAxtRM2r
w3xOz1VRD7Ibl4UnfSTLOMUVOr9x6IUb5qmltskuZAoiHnnU1fKzFRRhPn3F7tJY
KnxbsHno
-----END CERTIFICATE-----
Generated at Sun Jun 8 10:30:52 2025 by rpki-client