Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/NNWyTOYA5TZiVTfbXky4sbF3W4Q.roa
File: NNWyTOYA5TZiVTfbXky4sbF3W4Q.roa (raw, json)
Hash identifier: koscEFGEPEqpB20HQsq7nHUa/ldz8SMXyn14Nsgg6zI=
Subject key identifier: 34:D5:B2:4C:E6:00:E5:36:62:55:37:DB:5E:4C:B8:B1:B1:77:5B:84
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0194550B01300329720A8FA0850EDD075DE9
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/NNWyTOYA5TZiVTfbXky4sbF3W4Q.roa
Signing time: Sat 11 Jan 2025 11:06:12 +0000
ROA not before: Sat 11 Jan 2025 11:06:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207046
IP address blocks: 45.134.84.0/22 maxlen: 24
80.71.155.0/24 maxlen: 24
178.212.225.0/24 maxlen: 24
185.221.16.0/23 maxlen: 23
185.224.220.0/22 maxlen: 22
185.227.206.0/24 maxlen: 24
185.227.207.0/24 maxlen: 24
185.247.4.0/22 maxlen: 24
185.247.5.0/24 maxlen: 24
185.247.6.0/23 maxlen: 24
185.247.7.0/24 maxlen: 24
185.249.204.0/22 maxlen: 22
185.250.182.0/23 maxlen: 24
194.113.28.0/22 maxlen: 24
194.146.220.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 23:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:55:0b:01:30:03:29:72:0a:8f:a0:85:0e:dd:07:5d:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 11 11:06:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=34d5b24ce600e536625537db5e4cb8b1b1775b84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:28:13:b5:5a:73:c0:aa:7d:ba:f9:27:30:44:
4b:b8:22:98:29:b3:8d:2e:89:a6:6a:7d:47:9c:eb:
05:e1:c0:88:11:a6:2d:93:5a:1f:7f:e9:df:3c:83:
7f:1d:ca:81:08:23:b4:12:e7:f2:73:b7:d7:15:b8:
2d:7d:c4:8c:a6:59:d9:0b:67:46:76:3b:a2:91:fc:
7b:fd:54:0f:80:d2:89:5a:72:e0:de:ca:8d:bc:9f:
57:28:b1:96:55:e4:70:1d:e8:98:e1:93:67:3b:35:
50:29:6b:68:50:af:70:bc:34:94:60:9a:2b:db:a3:
f0:cc:34:52:50:bc:f6:ee:29:c5:8f:34:ab:1b:9a:
67:14:11:d0:da:96:32:69:a5:aa:6d:74:2f:3b:df:
c2:49:c4:53:fb:3c:76:45:9b:34:1a:5a:ee:57:24:
b7:7b:3b:2c:e1:14:41:82:12:11:37:77:b5:f6:e9:
8b:7c:37:87:35:df:01:83:73:52:26:85:9c:2b:6f:
8f:ed:0d:e4:e5:d8:df:c5:ca:af:88:69:d7:5d:b3:
97:b8:cd:84:fd:55:3a:a4:1d:d7:a2:cc:2b:72:47:
cf:28:1e:f7:6a:75:ad:3e:f3:b5:ea:40:f2:08:0e:
b1:28:e8:11:b6:86:7a:f1:d5:53:99:70:26:50:d6:
06:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:D5:B2:4C:E6:00:E5:36:62:55:37:DB:5E:4C:B8:B1:B1:77:5B:84
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/NNWyTOYA5TZiVTfbXky4sbF3W4Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.84.0/22
80.71.155.0/24
178.212.225.0/24
185.221.16.0/23
185.224.220.0/22
185.227.206.0/23
185.247.4.0/22
185.249.204.0/22
185.250.182.0/23
194.113.28.0/22
194.146.220.0/22
Signature Algorithm: sha256WithRSAEncryption
18:73:84:1c:d6:d1:7b:5b:e8:d9:0d:61:6a:d2:27:59:8f:cb:
d8:c4:5a:20:ad:a6:3f:9b:be:1d:88:4e:eb:36:09:c4:a5:f1:
c5:54:6f:9b:40:a8:71:79:16:2c:33:ef:2f:8d:88:3e:fc:d2:
2f:30:30:e5:6e:51:e1:25:a4:7e:94:82:ed:7c:49:98:46:16:
8e:cd:e4:52:7b:3c:79:dd:4f:e9:37:cd:74:a0:ec:f4:88:be:
0a:fc:e0:38:85:0c:48:a8:30:6e:a1:a2:6b:0d:df:6d:d4:3d:
e6:bf:a2:fe:ab:68:ef:4e:6d:91:10:ed:46:be:48:e2:0a:40:
57:b4:c7:e1:c3:fb:13:f2:11:24:cf:4b:41:2c:77:fa:6e:e9:
32:6b:1d:86:7f:87:37:42:23:2b:d3:0f:8e:fe:64:0d:c1:4a:
30:e3:93:0f:93:62:b4:97:01:2e:0e:ee:1b:93:56:a9:c7:e0:
48:7d:d2:ae:e7:b5:f0:85:25:43:99:2f:ff:d3:f3:e6:98:13:
b3:88:a1:5b:1c:ac:0a:18:29:27:7e:2e:f8:31:fd:78:f9:3a:
c6:d4:bf:bd:91:7e:cd:c5:22:6c:34:5f:e4:37:90:74:1e:ea:
11:10:fb:aa:3d:eb:e9:cd:b9:6f:df:da:97:74:ef:ab:af:66:
9f:6c:be:35
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZRVCwEwAylyCo+ghQ7dB13pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwMTExMTEwNjEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGQ1YjI0Y2U2MDBlNTM2NjI1NTM3ZGI1ZTRjYjhiMWIxNzc1Yjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCgTtVpzwKp9uvknMERLuCKYKbON
Lomman1HnOsF4cCIEaYtk1off+nfPIN/HcqBCCO0Eufyc7fXFbgtfcSMplnZC2dG
djuikfx7/VQPgNKJWnLg3sqNvJ9XKLGWVeRwHeiY4ZNnOzVQKWtoUK9wvDSUYJor
26PwzDRSULz27inFjzSrG5pnFBHQ2pYyaaWqbXQvO9/CScRT+zx2RZs0GlruVyS3
ezss4RRBghIRN3e19umLfDeHNd8Bg3NSJoWcK2+P7Q3k5djfxcqviGnXXbOXuM2E
/VU6pB3XoswrckfPKB73anWtPvO16kDyCA6xKOgRtoZ68dVTmXAmUNYG4wIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFDTVskzmAOU2YlU3215MuLGxd1uEMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvTk5XeVRPWUE1VFppVlRmYlhreTRzYkYzVzRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQCLYZUAwQA
UEebAwQAstThAwQBud0QAwQCueDcAwQBuePOAwQCufcEAwQCufnMAwQBufq2AwQC
wnEcAwQCwpLcMA0GCSqGSIb3DQEBCwUAA4IBAQAYc4Qc1tF7W+jZDWFq0idZj8vY
xFograY/m74diE7rNgnEpfHFVG+bQKhxeRYsM+8vjYg+/NIvMDDlblHhJaR+lILt
fEmYRhaOzeRSezx53U/pN810oOz0iL4K/OA4hQxIqDBuoaJrDd9t1D3mv6L+q2jv
Tm2REO1GvkjiCkBXtMfhw/sT8hEkz0tBLHf6bukyax2Gf4c3QiMr0w+O/mQNwUow
45MPk2K0lwEuDu4bk1apx+BIfdKu57XwhSVDmS//0/PmmBOziKFbHKwKGCknfi74
Mf14+TrG1L+9kX7NxSJsNF/kN5B0HuoREPuqPevpzblv39qXdO+rr2afbL41
-----END CERTIFICATE-----
Generated at Sat Apr 12 09:29:13 2025 by rpki-client