Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/ncWW-PHiyTcD5myQc3_j5MkvxYM.roa
File: ncWW-PHiyTcD5myQc3_j5MkvxYM.roa (raw, json)
Hash identifier: yq//c+NUg8a+fjUiszm4DltA+xgrNNfhnKp5UTxqPzs=
Subject key identifier: 9D:C5:96:F8:F1:E2:C9:37:03:E6:6C:90:73:7F:E3:E4:C9:2F:C5:83
Certificate issuer: /CN=ba4d0e69ab769f65bb2b155bdfa83a7186eeac44
Certificate serial: 019597274DDD6AEE564EE699F24D3739D9D2
Authority key identifier: BA:4D:0E:69:AB:76:9F:65:BB:2B:15:5B:DF:A8:3A:71:86:EE:AC:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uk0Oaat2n2W7KxVb36g6cYburEQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/ncWW-PHiyTcD5myQc3_j5MkvxYM.roa
Signing time: Sat 15 Mar 2025 00:14:50 +0000
ROA not before: Sat 15 Mar 2025 00:14:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.149.164.0/24 maxlen: 24
194.246.36.0/24 maxlen: 24
194.246.37.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/uk0Oaat2n2W7KxVb36g6cYburEQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/uk0Oaat2n2W7KxVb36g6cYburEQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/uk0Oaat2n2W7KxVb36g6cYburEQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:97:27:4d:dd:6a:ee:56:4e:e6:99:f2:4d:37:39:d9:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba4d0e69ab769f65bb2b155bdfa83a7186eeac44
Validity
Not Before: Mar 15 00:14:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9dc596f8f1e2c93703e66c90737fe3e4c92fc583
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:0c:dd:61:50:71:1f:82:25:7a:5e:07:16:c8:
cf:1b:8f:0a:cd:bb:a9:69:5d:b2:6a:64:e3:2b:b1:
84:f1:67:ab:17:34:74:78:54:c7:4c:f8:76:03:2f:
2d:ce:22:02:d0:2b:7a:e1:75:01:50:a6:ee:5e:aa:
d5:e7:eb:45:2a:2b:37:4e:51:e0:56:ce:76:55:9c:
f3:a8:a2:08:e0:26:92:11:11:62:a9:07:5e:ad:46:
e3:0e:0f:2d:d1:cc:e8:19:d9:ba:b3:d6:f8:0f:b4:
7e:25:d8:60:37:82:cf:e5:14:e2:cc:6f:81:c9:f0:
6c:36:4d:ec:f0:35:89:89:ec:9c:a8:5d:6c:8f:39:
96:e8:02:e2:bf:b7:ef:75:e7:67:91:dd:d8:61:0b:
54:e4:4c:a8:97:63:5e:fe:1d:4e:e7:7a:4a:ef:a4:
57:8a:b2:46:7a:e5:d2:25:57:ab:f4:02:94:2a:c6:
ef:97:b3:a7:ee:33:56:b5:0f:2e:1a:6d:7f:43:37:
4b:f7:98:4f:f8:26:ee:a9:2b:80:a9:cc:8b:ff:fa:
c8:4a:51:e2:b5:48:63:ae:41:5d:66:c6:c0:aa:13:
4e:72:cf:f0:66:98:cb:6a:22:a9:41:ef:3a:2d:52:
78:76:d0:c6:8d:9e:81:ee:d9:7d:f0:36:37:8d:07:
cf:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:C5:96:F8:F1:E2:C9:37:03:E6:6C:90:73:7F:E3:E4:C9:2F:C5:83
X509v3 Authority Key Identifier:
keyid:BA:4D:0E:69:AB:76:9F:65:BB:2B:15:5B:DF:A8:3A:71:86:EE:AC:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uk0Oaat2n2W7KxVb36g6cYburEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/ncWW-PHiyTcD5myQc3_j5MkvxYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/uk0Oaat2n2W7KxVb36g6cYburEQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.164.0/24
194.246.36.0/23
Signature Algorithm: sha256WithRSAEncryption
9d:55:99:fb:2a:ac:69:d1:93:21:df:55:0f:ac:6b:53:67:9f:
ee:e0:24:e6:b4:44:12:dd:80:bb:80:45:fc:47:6d:db:c8:51:
4e:bc:0d:2d:1a:49:af:5f:eb:8b:69:25:f1:d5:ba:2b:6e:ae:
26:80:b4:70:4a:de:06:65:80:5c:2a:38:e7:d0:a3:30:bd:5f:
6a:e8:28:c9:c7:de:7f:cf:f9:16:bb:24:d4:00:2b:52:37:25:
dd:9f:96:1c:68:59:4f:58:04:91:08:4e:b4:2c:dc:35:f3:58:
83:30:2c:85:79:21:17:7a:83:60:ff:bd:5c:53:d6:45:69:e2:
3d:4d:36:4f:2a:d4:30:b8:22:5d:55:6d:59:35:4e:44:47:16:
c6:a0:4c:1c:6f:de:7e:18:11:bb:eb:95:10:62:72:d2:43:e8:
7e:9d:34:6b:08:d6:ea:68:6d:c4:e5:83:34:84:a7:2c:98:0d:
13:d2:35:de:38:4b:ef:83:1a:db:3b:30:30:c9:ac:35:84:f5:
1c:13:ae:99:09:e1:ba:2c:b0:d9:1f:7c:76:10:1f:7c:01:b7:
27:ca:7b:9d:90:a7:8a:78:55:0e:7f:00:e3:8a:5a:67:4a:24:
c5:b2:73:a9:bc:d4:4c:4f:fb:e7:0c:70:66:4c:75:e9:00:e9:
98:63:ea:77
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZWXJ03dau5WTuaZ8k03OdnSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNGQwZTY5YWI3NjlmNjViYjJiMTU1YmRmYTgzYTcxODZl
ZWFjNDQwHhcNMjUwMzE1MDAxNDUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGM1OTZmOGYxZTJjOTM3MDNlNjZjOTA3MzdmZTNlNGM5MmZjNTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2gzdYVBxH4Ilel4HFsjPG48Kzbup
aV2yamTjK7GE8WerFzR0eFTHTPh2Ay8tziIC0Ct64XUBUKbuXqrV5+tFKis3TlHg
Vs52VZzzqKII4CaSERFiqQderUbjDg8t0czoGdm6s9b4D7R+JdhgN4LP5RTizG+B
yfBsNk3s8DWJieycqF1sjzmW6ALiv7fvdednkd3YYQtU5Eyol2Ne/h1O53pK76RX
irJGeuXSJVer9AKUKsbvl7On7jNWtQ8uGm1/QzdL95hP+CbuqSuAqcyL//rISlHi
tUhjrkFdZsbAqhNOcs/wZpjLaiKpQe86LVJ4dtDGjZ6B7tl98DY3jQfPAwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJ3Flvjx4sk3A+ZskHN/4+TJL8WDMB8GA1UdIwQY
MBaAFLpNDmmrdp9luysVW9+oOnGG7qxEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWswT2FhdDJuMlc3S3hWYjM2ZzZjWWJ1ckVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8zZDZkNmMtZjU4ZC00MmU2LWI2ODgt
OGVmZjNmZDNjNDhhLzEvbmNXVy1QSGl5VGNENW15UWMzX2o1TWt2eFlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8zZDZkNmMtZjU4ZC00MmU2LWI2ODgtOGVmZjNmZDNjNDhh
LzEvdWswT2FhdDJuMlc3S3hWYjM2ZzZjWWJ1ckVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZWkAwQB
wvYkMA0GCSqGSIb3DQEBCwUAA4IBAQCdVZn7Kqxp0ZMh31UPrGtTZ5/u4CTmtEQS
3YC7gEX8R23byFFOvA0tGkmvX+uLaSXx1borbq4mgLRwSt4GZYBcKjjn0KMwvV9q
6CjJx95/z/kWuyTUACtSNyXdn5YcaFlPWASRCE60LNw181iDMCyFeSEXeoNg/71c
U9ZFaeI9TTZPKtQwuCJdVW1ZNU5ERxbGoEwcb95+GBG765UQYnLSQ+h+nTRrCNbq
aG3E5YM0hKcsmA0T0jXeOEvvgxrbOzAwyaw1hPUcE66ZCeG6LLDZH3x2EB98Abcn
ynudkKeKeFUOfwDjilpnSiTFsnOpvNRMT/vnDHBmTHXpAOmYY+p3
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:45:32 2025 by rpki-client