Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/Nc7iCAoE-03LSc1GXjFAkPSA-x0.roa
File: Nc7iCAoE-03LSc1GXjFAkPSA-x0.roa (raw, json)
Hash identifier: VtOFvrmMP9apoQYdMZ3KyjB/zTDsL+t3o+S71XhQxpY=
Subject key identifier: 35:CE:E2:08:0A:04:FB:4D:CB:49:CD:46:5E:31:40:90:F4:80:FB:1D
Certificate issuer: /CN=b4e82ba1715d6aeae5b0102725ffe0c834735d7d
Certificate serial: 0196F816056B8752B369CE5948DAAD46EA9C
Authority key identifier: B4:E8:2B:A1:71:5D:6A:EA:E5:B0:10:27:25:FF:E0:C8:34:73:5D:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tOgroXFdaurlsBAnJf_gyDRzXX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/Nc7iCAoE-03LSc1GXjFAkPSA-x0.roa
Signing time: Thu 22 May 2025 13:01:54 +0000
ROA not before: Thu 22 May 2025 13:01:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57675
IP address blocks: 37.32.64.0/24 maxlen: 24
37.32.65.0/24 maxlen: 24
37.32.66.0/24 maxlen: 24
37.32.68.0/24 maxlen: 24
37.32.69.0/24 maxlen: 24
37.32.70.0/24 maxlen: 24
2a0f:1300::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/tOgroXFdaurlsBAnJf_gyDRzXX0.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/tOgroXFdaurlsBAnJf_gyDRzXX0.mft
rsync://rpki.ripe.net/repository/DEFAULT/tOgroXFdaurlsBAnJf_gyDRzXX0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 01:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f8:16:05:6b:87:52:b3:69:ce:59:48:da:ad:46:ea:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4e82ba1715d6aeae5b0102725ffe0c834735d7d
Validity
Not Before: May 22 13:01:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=35cee2080a04fb4dcb49cd465e314090f480fb1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:e4:ce:31:d9:9a:b4:04:e0:77:dd:8a:60:be:
69:95:4a:d5:70:b0:02:6d:55:9a:df:74:a3:66:c8:
18:9e:70:ea:27:f2:f3:a5:c5:e2:4b:b5:de:45:06:
24:e1:ab:79:5e:ec:54:a1:35:42:a2:0a:35:ff:f7:
5f:a1:ba:68:88:4c:6c:99:0e:d5:44:21:19:6e:3d:
e9:2e:df:2e:a2:e8:4b:c8:03:64:47:be:8c:16:e6:
17:d3:b3:d1:90:98:10:7c:27:27:66:a8:47:ea:32:
70:aa:b6:44:0f:2b:89:46:e2:53:2d:b3:ec:62:80:
cd:9f:28:a1:4c:d4:f8:60:dc:f5:eb:7b:17:fa:dd:
0c:77:bc:14:e4:d2:bd:d8:72:81:3e:be:fa:50:51:
d4:bb:fe:f5:fc:75:7b:7f:24:f8:e6:36:35:7e:3d:
9d:7c:38:2c:de:0e:73:af:4b:bf:ef:f0:7b:30:73:
9a:6e:aa:c0:51:9c:bf:7c:cd:b9:ae:38:54:a7:79:
25:f9:49:98:93:b8:48:e3:d4:d1:60:c1:a2:c6:6d:
c2:61:e8:cb:8b:42:33:38:40:43:33:d6:86:65:f3:
7b:30:c2:47:5b:8d:ac:90:0e:8b:95:2a:d7:f2:80:
67:f0:c0:dc:b9:93:cc:b5:c9:a8:fd:31:16:4d:16:
14:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:CE:E2:08:0A:04:FB:4D:CB:49:CD:46:5E:31:40:90:F4:80:FB:1D
X509v3 Authority Key Identifier:
keyid:B4:E8:2B:A1:71:5D:6A:EA:E5:B0:10:27:25:FF:E0:C8:34:73:5D:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tOgroXFdaurlsBAnJf_gyDRzXX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/Nc7iCAoE-03LSc1GXjFAkPSA-x0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/tOgroXFdaurlsBAnJf_gyDRzXX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.64.0-37.32.66.255
37.32.68.0-37.32.70.255
IPv6:
2a0f:1300::/29
Signature Algorithm: sha256WithRSAEncryption
75:df:54:ee:fd:dc:27:c0:d4:2f:2f:14:5e:1b:e9:64:31:65:
cc:75:97:b9:b6:73:0d:af:e9:99:d1:70:c8:8e:de:0f:3e:9a:
07:ef:3b:eb:d7:4c:18:85:9f:b8:77:e7:fa:e6:6f:95:19:5b:
05:af:87:46:46:79:30:80:da:d6:12:3a:6d:b4:54:f4:6d:ab:
20:32:cb:8d:ec:e9:e1:e7:2b:fa:42:ca:8a:db:07:19:49:c7:
d3:52:15:28:88:3c:a2:72:15:dd:7c:f7:9d:d1:15:b8:17:60:
e1:1c:fa:74:80:ed:00:11:17:c2:9b:f5:9e:82:07:08:b1:db:
b6:23:de:0e:72:97:d9:c8:20:e7:84:6c:a5:11:8e:ce:c7:5b:
1c:41:7c:2b:8c:37:a8:7c:df:c0:39:81:6c:32:96:ef:fd:0a:
b3:cf:24:4a:19:fe:70:42:80:14:d7:8f:e2:4e:e8:18:84:92:
f7:b2:47:41:ba:79:c7:75:3e:de:05:a2:bb:56:96:ce:67:ac:
35:7f:0b:07:be:1e:fa:76:81:1f:08:b8:08:45:aa:d8:3d:bc:
31:5a:3e:a4:e8:05:5a:d1:fe:ec:29:25:3b:02:9a:9a:9b:53:
f1:ed:fc:0b:fc:ae:d9:7b:3a:1c:5f:07:7a:ad:c9:cd:d6:ff:
d1:0d:40:36
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAZb4FgVrh1Kzac5ZSNqtRuqcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ZTgyYmExNzE1ZDZhZWFlNWIwMTAyNzI1ZmZlMGM4MzQ3
MzVkN2QwHhcNMjUwNTIyMTMwMTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWNlZTIwODBhMDRmYjRkY2I0OWNkNDY1ZTMxNDA5MGY0ODBmYjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoOTOMdmatATgd92KYL5plUrVcLAC
bVWa33SjZsgYnnDqJ/LzpcXiS7XeRQYk4at5XuxUoTVCogo1//dfobpoiExsmQ7V
RCEZbj3pLt8uouhLyANkR76MFuYX07PRkJgQfCcnZqhH6jJwqrZEDyuJRuJTLbPs
YoDNnyihTNT4YNz163sX+t0Md7wU5NK92HKBPr76UFHUu/71/HV7fyT45jY1fj2d
fDgs3g5zr0u/7/B7MHOabqrAUZy/fM25rjhUp3kl+UmYk7hI49TRYMGixm3CYejL
i0IzOEBDM9aGZfN7MMJHW42skA6LlSrX8oBn8MDcuZPMtcmo/TEWTRYUxwIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFDXO4ggKBPtNy0nNRl4xQJD0gPsdMB8GA1UdIwQY
MBaAFLToK6FxXWrq5bAQJyX/4Mg0c119MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdE9ncm9YRmRhdXJsc0JBbkpmX2d5RFJ6WFgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy85MTUxYzAtMzMyNi00ODAxLTkzNjMt
YzdkMTk5MzBkNjZkLzEvTmM3aUNBb0UtMDNMU2MxR1hqRkFrUFNBLXgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy85MTUxYzAtMzMyNi00ODAxLTkzNjMtYzdkMTk5MzBkNjZk
LzEvdE9ncm9YRmRhdXJsc0JBbkpmX2d5RFJ6WFgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAiBAIAATAcMAwDBAYlIEAD
BAAlIEIwDAMEAiUgRAMEACUgRjANBAIAAjAHAwUDKg8TADANBgkqhkiG9w0BAQsF
AAOCAQEAdd9U7v3cJ8DULy8UXhvpZDFlzHWXubZzDa/pmdFwyI7eDz6aB+8769dM
GIWfuHfn+uZvlRlbBa+HRkZ5MIDa1hI6bbRU9G2rIDLLjezp4ecr+kLKitsHGUnH
01IVKIg8onIV3Xz3ndEVuBdg4Rz6dIDtABEXwpv1noIHCLHbtiPeDnKX2cgg54Rs
pRGOzsdbHEF8K4w3qHzfwDmBbDKW7/0Ks88kShn+cEKAFNeP4k7oGISS97JHQbp5
x3U+3gWiu1aWzmesNX8LB74e+naBHwi4CEWq2D28MVo+pOgFWtH+7CklOwKamptT
8e38C/yu2Xs6HF8Heq3Jzdb/0Q1ANg==
-----END CERTIFICATE-----
Generated at Sun Jun 8 11:21:39 2025 by rpki-client