Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/311508-d5a2-4dc5-bc93-50e746424630/1/nAw-tu2iFsVUAoD3d-PCO-n0nlU.roa
File: nAw-tu2iFsVUAoD3d-PCO-n0nlU.roa (raw, json)
Hash identifier: NhBATsK7uGGdrOKi4JXrK4LsPo0OG9umtxigUZlp7BQ=
Subject key identifier: 9C:0C:3E:B6:ED:A2:16:C5:54:02:80:F7:77:E3:C2:3B:E9:F4:9E:55
Certificate issuer: /CN=6ef4874994de7a14e4b584f6d2b96b2d991b1e91
Certificate serial: 019584A823F4CF3FFED9562C43EA8C1BC51F
Authority key identifier: 6E:F4:87:49:94:DE:7A:14:E4:B5:84:F6:D2:B9:6B:2D:99:1B:1E:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bvSHSZTeehTktYT20rlrLZkbHpE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/311508-d5a2-4dc5-bc93-50e746424630/1/nAw-tu2iFsVUAoD3d-PCO-n0nlU.roa
Signing time: Tue 11 Mar 2025 10:02:46 +0000
ROA not before: Tue 11 Mar 2025 10:02:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210165
IP address blocks: 91.225.1.0/24 maxlen: 24
193.104.118.0/24 maxlen: 24
2a12:3440::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/311508-d5a2-4dc5-bc93-50e746424630/1/bvSHSZTeehTktYT20rlrLZkbHpE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/311508-d5a2-4dc5-bc93-50e746424630/1/bvSHSZTeehTktYT20rlrLZkbHpE.mft
rsync://rpki.ripe.net/repository/DEFAULT/bvSHSZTeehTktYT20rlrLZkbHpE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 10:01:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:84:a8:23:f4:cf:3f:fe:d9:56:2c:43:ea:8c:1b:c5:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ef4874994de7a14e4b584f6d2b96b2d991b1e91
Validity
Not Before: Mar 11 10:02:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9c0c3eb6eda216c5540280f777e3c23be9f49e55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:b6:b3:1d:15:c1:1f:f0:93:aa:ca:c4:c3:da:
49:06:23:ec:d7:b4:32:d5:83:20:4e:aa:86:13:bd:
be:80:31:8a:d7:05:02:21:ed:03:43:1b:d0:d2:c2:
38:85:4c:e8:f6:84:39:30:d3:62:99:a0:65:4a:78:
31:6d:95:40:60:7e:ea:bb:6c:ed:39:16:77:c8:b3:
4c:07:0c:3a:63:44:e3:71:fd:b2:31:ca:6c:7a:75:
ee:b2:21:03:88:3c:05:de:bc:a8:1d:69:9d:c8:5b:
72:31:20:ca:48:ef:4d:9f:d8:d0:d8:13:00:e7:c5:
8d:1a:58:f2:33:b0:be:79:39:da:1a:5e:ff:ce:be:
23:ba:05:7f:3f:88:c6:c6:ef:cd:05:ea:1e:77:05:
6c:99:d7:2b:fc:0d:05:31:db:49:76:5e:ee:72:a1:
7f:8a:6d:f1:88:01:e9:99:da:80:d9:c8:69:b3:46:
50:15:0b:d5:b3:17:19:92:f6:9f:b3:a8:f7:18:24:
40:0a:75:89:09:17:b9:83:d1:8a:47:5b:9d:d8:0e:
a7:3e:c9:22:03:50:4c:f4:6a:82:d2:84:46:b2:1e:
72:c2:56:fa:63:da:b0:6c:ce:d1:a2:88:fc:0b:8b:
f6:b0:e4:d7:af:16:72:8c:ec:4c:4f:59:b1:23:4c:
9d:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:0C:3E:B6:ED:A2:16:C5:54:02:80:F7:77:E3:C2:3B:E9:F4:9E:55
X509v3 Authority Key Identifier:
keyid:6E:F4:87:49:94:DE:7A:14:E4:B5:84:F6:D2:B9:6B:2D:99:1B:1E:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bvSHSZTeehTktYT20rlrLZkbHpE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/311508-d5a2-4dc5-bc93-50e746424630/1/nAw-tu2iFsVUAoD3d-PCO-n0nlU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/311508-d5a2-4dc5-bc93-50e746424630/1/bvSHSZTeehTktYT20rlrLZkbHpE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.225.1.0/24
193.104.118.0/24
IPv6:
2a12:3440::/29
Signature Algorithm: sha256WithRSAEncryption
98:42:f5:67:49:bb:9a:03:9e:35:a0:ed:29:8a:35:df:23:20:
4d:af:f4:9f:77:a2:30:f1:59:ca:01:3b:50:a0:97:4d:0a:47:
8c:ff:d1:c9:63:aa:c5:7e:79:d5:f0:0a:e5:90:c1:01:86:6a:
2b:30:a5:1f:44:97:b7:30:a3:eb:7d:e5:07:5e:38:c7:fb:75:
96:ea:e1:20:74:d4:e7:b9:1d:df:73:4a:b6:6e:aa:af:dd:35:
b0:a7:eb:3a:15:31:53:62:b3:68:e3:2a:2a:ac:45:12:78:4d:
f3:93:e8:b7:dd:21:0b:8a:d8:bf:d5:8a:d4:27:00:aa:e2:c2:
89:5c:2a:d0:71:9a:65:81:c4:66:5d:f6:29:ab:ee:95:98:de:
d9:05:1e:e3:43:cf:d2:4b:30:cc:9b:fd:5c:22:e9:87:c1:46:
3e:6a:c7:5c:d9:70:b5:b8:0e:88:00:c0:5d:72:f1:fa:d1:db:
cf:8b:60:62:9a:68:12:55:c8:3a:64:a6:a7:93:5a:76:81:24:
74:48:60:6f:0a:96:3a:1d:80:6b:3e:4f:de:dd:49:e1:87:10:
58:e9:c6:6a:44:cd:b5:a1:57:b9:93:d1:94:8a:7a:36:aa:22:
a2:bf:3e:da:3f:26:38:58:f5:df:b2:76:08:ba:c5:9b:bd:85:
33:a7:ff:49
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZWEqCP0zz/+2VYsQ+qMG8UfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlZjQ4NzQ5OTRkZTdhMTRlNGI1ODRmNmQyYjk2YjJkOTkx
YjFlOTEwHhcNMjUwMzExMTAwMjQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzBjM2ViNmVkYTIxNmM1NTQwMjgwZjc3N2UzYzIzYmU5ZjQ5ZTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3razHRXBH/CTqsrEw9pJBiPs17Qy
1YMgTqqGE72+gDGK1wUCIe0DQxvQ0sI4hUzo9oQ5MNNimaBlSngxbZVAYH7qu2zt
ORZ3yLNMBww6Y0Tjcf2yMcpsenXusiEDiDwF3ryoHWmdyFtyMSDKSO9Nn9jQ2BMA
58WNGljyM7C+eTnaGl7/zr4jugV/P4jGxu/NBeoedwVsmdcr/A0FMdtJdl7ucqF/
im3xiAHpmdqA2chps0ZQFQvVsxcZkvafs6j3GCRACnWJCRe5g9GKR1ud2A6nPski
A1BM9GqC0oRGsh5ywlb6Y9qwbM7Rooj8C4v2sOTXrxZyjOxMT1mxI0ydUQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJwMPrbtohbFVAKA93fjwjvp9J5VMB8GA1UdIwQY
MBaAFG70h0mU3noU5LWE9tK5ay2ZGx6RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnZTSFNaVGVlaFRrdFlUMjBybHJMWmtiSHBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS8zMTE1MDgtZDVhMi00ZGM1LWJjOTMt
NTBlNzQ2NDI0NjMwLzEvbkF3LXR1MmlGc1ZVQW9EM2QtUENPLW4wbmxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS8zMTE1MDgtZDVhMi00ZGM1LWJjOTMtNTBlNzQ2NDI0NjMw
LzEvYnZTSFNaVGVlaFRrdFlUMjBybHJMWmtiSHBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW+EBAwQA
wWh2MA0EAgACMAcDBQMqEjRAMA0GCSqGSIb3DQEBCwUAA4IBAQCYQvVnSbuaA541
oO0pijXfIyBNr/Sfd6Iw8VnKATtQoJdNCkeM/9HJY6rFfnnV8ArlkMEBhmorMKUf
RJe3MKPrfeUHXjjH+3WW6uEgdNTnuR3fc0q2bqqv3TWwp+s6FTFTYrNo4yoqrEUS
eE3zk+i33SELiti/1YrUJwCq4sKJXCrQcZplgcRmXfYpq+6VmN7ZBR7jQ8/SSzDM
m/1cIumHwUY+asdc2XC1uA6IAMBdcvH60dvPi2BimmgSVcg6ZKank1p2gSR0SGBv
CpY6HYBrPk/e3UnhhxBY6cZqRM21oVe5k9GUino2qiKivz7aPyY4WPXfsnYIusWb
vYUzp/9J
-----END CERTIFICATE-----
Generated at Wed Apr 16 21:49:55 2025 by rpki-client