Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/NI25XB2pxkwUfWNFNEJktAGNmCk.roa
File: NI25XB2pxkwUfWNFNEJktAGNmCk.roa (raw, json)
Hash identifier: /NbTA57PVEzMmwnuwv1WO3feO0Xx3jN87xAyR3KFut0=
Subject key identifier: 34:8D:B9:5C:1D:A9:C6:4C:14:7D:63:45:34:42:64:B4:01:8D:98:29
Certificate issuer: /CN=618478f198fe569010c3df6219142f530c4f5e56
Certificate serial: 0194258F9D97DDCF0BC1FD1C39C31D32D2FA
Authority key identifier: 61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/NI25XB2pxkwUfWNFNEJktAGNmCk.roa
Signing time: Thu 02 Jan 2025 05:49:16 +0000
ROA not before: Thu 02 Jan 2025 05:49:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61164
IP address blocks: 2a01:5f20::/29 maxlen: 29
2a04:ee80::/29 maxlen: 29
2a07:1f00::/29 maxlen: 29
2a07:5c00::/29 maxlen: 29
2a07:98c0::/29 maxlen: 29
2a09:600::/29 maxlen: 29
2a09:1080::/29 maxlen: 29
2a09:1e00::/29 maxlen: 29
2a09:2480::/29 maxlen: 29
2a09:3380::/29 maxlen: 29
2a09:4700::/29 maxlen: 29
2a09:4780::/29 maxlen: 29
2a09:4b80::/29 maxlen: 29
2a09:4d80::/29 maxlen: 29
2a09:6400::/29 maxlen: 29
2a09:6580::/29 maxlen: 29
2a09:6780::/29 maxlen: 29
2a09:7a00::/29 maxlen: 29
2a09:8000::/29 maxlen: 29
2a09:8440::/29 maxlen: 29
2a09:8bc0::/29 maxlen: 29
2a09:9a80::/29 maxlen: 29
2a09:a100::/29 maxlen: 29
2a09:a980::/29 maxlen: 29
2a09:c000::/29 maxlen: 29
2a09:db00::/29 maxlen: 29
2a09:e3c0::/29 maxlen: 29
2a09:eb00::/29 maxlen: 29
2a09:f300::/29 maxlen: 29
2a0a:c1c0::/29 maxlen: 29
2a0d:29c0::/29 maxlen: 29
2a0d:8bc0::/29 maxlen: 29
2a0d:e140::/29 maxlen: 29
2a0d:f940::/29 maxlen: 29
2a0e:2180::/29 maxlen: 29
2a0e:8c40::/29 maxlen: 29
2a0e:9240::/29 maxlen: 29
2a0e:9440::/29 maxlen: 29
2a0e:b0c0::/29 maxlen: 29
2a0e:c040::/29 maxlen: 29
2a0e:d740::/29 maxlen: 29
2a0e:e440::/29 maxlen: 29
2a0e:e840::/29 maxlen: 29
2a0e:f040::/29 maxlen: 29
2a0f:1c00::/29 maxlen: 29
2a0f:2780::/29 maxlen: 29
2a0f:2c00::/29 maxlen: 29
2a0f:5d80::/29 maxlen: 29
2a0f:6340::/29 maxlen: 29
2a0f:71c0::/29 maxlen: 29
2a0f:7440::/29 maxlen: 29
2a0f:9500::/29 maxlen: 29
2a0f:d400::/29 maxlen: 29
2a0f:dc00::/29 maxlen: 29
2a12:4c40::/29 maxlen: 29
2a12:53c0::/29 maxlen: 29
2a12:8c80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl
rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.mft
rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 13:02:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:9d:97:dd:cf:0b:c1:fd:1c:39:c3:1d:32:d2:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=618478f198fe569010c3df6219142f530c4f5e56
Validity
Not Before: Jan 2 05:49:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=348db95c1da9c64c147d6345344264b4018d9829
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:42:d4:bb:8c:35:e8:d9:2e:38:34:aa:b7:34:
07:a4:ba:44:6a:ad:20:56:56:04:bb:b4:f1:cc:8a:
2f:4d:1e:a0:3f:28:0a:08:f1:b9:40:d1:99:97:a8:
00:fd:e6:0a:00:96:85:cf:ed:02:ef:02:7b:22:9d:
60:06:31:4e:19:f6:53:1f:b1:47:c0:eb:ec:8e:44:
8b:cf:6b:0f:3e:c7:a3:e1:46:28:81:fc:f5:15:18:
df:48:d0:6f:36:21:c0:f1:53:75:1a:9b:18:a2:11:
d6:78:1e:db:c3:eb:0c:dc:43:42:19:2e:8c:0e:44:
b3:e7:d8:a6:16:01:ba:36:e8:cb:c8:6d:fd:ff:51:
7c:b4:60:b9:ee:15:79:6f:46:ee:f4:60:27:e2:f0:
41:31:57:65:54:1c:49:f0:16:3f:67:f0:51:f7:b4:
0d:ba:10:56:aa:fa:b5:28:9e:e1:f8:49:5e:a6:2b:
ad:e1:2b:82:9a:b1:6c:3b:92:1f:6a:e7:e6:77:a5:
57:21:ae:86:11:9b:e4:82:3e:85:4d:bb:1e:15:a7:
bf:65:60:28:cf:9e:e9:af:53:64:27:bc:0b:72:de:
09:08:19:c5:0b:10:a8:1a:a3:ec:2c:36:d5:f6:08:
b2:5a:f1:43:f0:6f:f5:43:52:d9:65:ed:94:72:e7:
c2:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:8D:B9:5C:1D:A9:C6:4C:14:7D:63:45:34:42:64:B4:01:8D:98:29
X509v3 Authority Key Identifier:
keyid:61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/NI25XB2pxkwUfWNFNEJktAGNmCk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:5f20::/29
2a04:ee80::/29
2a07:1f00::/29
2a07:5c00::/29
2a07:98c0::/29
2a09:600::/29
2a09:1080::/29
2a09:1e00::/29
2a09:2480::/29
2a09:3380::/29
2a09:4700::/29
2a09:4780::/29
2a09:4b80::/29
2a09:4d80::/29
2a09:6400::/29
2a09:6580::/29
2a09:6780::/29
2a09:7a00::/29
2a09:8000::/29
2a09:8440::/29
2a09:8bc0::/29
2a09:9a80::/29
2a09:a100::/29
2a09:a980::/29
2a09:c000::/29
2a09:db00::/29
2a09:e3c0::/29
2a09:eb00::/29
2a09:f300::/29
2a0a:c1c0::/29
2a0d:29c0::/29
2a0d:8bc0::/29
2a0d:e140::/29
2a0d:f940::/29
2a0e:2180::/29
2a0e:8c40::/29
2a0e:9240::/29
2a0e:9440::/29
2a0e:b0c0::/29
2a0e:c040::/29
2a0e:d740::/29
2a0e:e440::/29
2a0e:e840::/29
2a0e:f040::/29
2a0f:1c00::/29
2a0f:2780::/29
2a0f:2c00::/29
2a0f:5d80::/29
2a0f:6340::/29
2a0f:71c0::/29
2a0f:7440::/29
2a0f:9500::/29
2a0f:d400::/29
2a0f:dc00::/29
2a12:4c40::/29
2a12:53c0::/29
2a12:8c80::/29
Signature Algorithm: sha256WithRSAEncryption
2e:24:7e:40:9f:f9:1f:67:e0:d6:27:d0:88:66:21:bf:46:7d:
67:2c:1d:02:21:7d:d7:a8:c7:0c:51:4b:fd:1f:9a:c8:27:31:
72:6f:18:36:94:4d:ae:04:68:90:a5:8a:b0:55:3a:08:39:d7:
7b:19:42:27:b4:7d:db:59:c4:b6:34:c0:e3:b3:28:d6:aa:49:
d9:af:cd:e2:66:69:7b:cd:98:08:06:f7:52:db:b7:07:46:97:
48:ba:0a:c2:92:25:b1:07:2a:24:4b:7a:d0:0d:1f:6e:9a:d8:
aa:c4:cf:26:91:43:37:3f:d9:5c:3c:b3:cb:31:ed:84:39:5c:
bb:c8:c0:5e:15:03:8a:f8:10:95:f8:66:c0:67:0d:d5:e2:09:
f6:02:4f:d2:ea:1c:5f:65:96:f5:a4:c2:71:e3:79:58:9e:7c:
2d:a6:14:09:29:2f:bf:54:f0:2c:0d:1e:d7:ed:d8:0d:82:47:
df:b0:74:51:1c:ee:9e:60:48:af:b3:4d:09:c2:c8:ed:70:f5:
43:6e:06:98:7b:60:ab:6c:c4:ee:4e:de:5c:eb:c7:e0:00:13:
75:7e:2e:f2:04:20:20:3d:08:26:d0:90:4d:3d:e0:23:fb:19:
41:ee:66:29:71:2d:7c:30:d2:56:92:a8:98:7d:35:f2:63:2e:
0b:46:79:5c
-----BEGIN CERTIFICATE-----
MIIGkDCCBXigAwIBAgISAZQlj52X3c8Lwf0cOcMdMtL6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxODQ3OGYxOThmZTU2OTAxMGMzZGY2MjE5MTQyZjUzMGM0
ZjVlNTYwHhcNMjUwMTAyMDU0OTE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDhkYjk1YzFkYTljNjRjMTQ3ZDYzNDUzNDQyNjRiNDAxOGQ5ODI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvELUu4w16NkuODSqtzQHpLpEaq0g
VlYEu7TxzIovTR6gPygKCPG5QNGZl6gA/eYKAJaFz+0C7wJ7Ip1gBjFOGfZTH7FH
wOvsjkSLz2sPPsej4UYogfz1FRjfSNBvNiHA8VN1GpsYohHWeB7bw+sM3ENCGS6M
DkSz59imFgG6NujLyG39/1F8tGC57hV5b0bu9GAn4vBBMVdlVBxJ8BY/Z/BR97QN
uhBWqvq1KJ7h+Elepiut4SuCmrFsO5Ifaufmd6VXIa6GEZvkgj6FTbseFae/ZWAo
z57pr1NkJ7wLct4JCBnFCxCoGqPsLDbV9giyWvFD8G/1Q1LZZe2UcufClQIDAQAB
o4IDnDCCA5gwHQYDVR0OBBYEFDSNuVwdqcZMFH1jRTRCZLQBjZgpMB8GA1UdIwQY
MBaAFGGEePGY/laQEMPfYhkUL1MMT15WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEt
YmE5OGYxMTIyMTIxLzEvTkkyNVhCMnB4a3dVZldORk5FSmt0QUdObUNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEtYmE5OGYxMTIyMTIx
LzEvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBsAYIKwYBBQUHAQcBAf8EggGfMIIBmzCCAZcEAgACMIIB
jwMFAyoBXyADBQMqBO6AAwUDKgcfAAMFAyoHXAADBQMqB5jAAwUDKgkGAAMFAyoJ
EIADBQMqCR4AAwUDKgkkgAMFAyoJM4ADBQMqCUcAAwUDKglHgAMFAyoJS4ADBQMq
CU2AAwUDKglkAAMFAyoJZYADBQMqCWeAAwUDKgl6AAMFAyoJgAADBQMqCYRAAwUD
KgmLwAMFAyoJmoADBQMqCaEAAwUDKgmpgAMFAyoJwAADBQMqCdsAAwUDKgnjwAMF
AyoJ6wADBQMqCfMAAwUDKgrBwAMFAyoNKcADBQMqDYvAAwUDKg3hQAMFAyoN+UAD
BQMqDiGAAwUDKg6MQAMFAyoOkkADBQMqDpRAAwUDKg6wwAMFAyoOwEADBQMqDtdA
AwUDKg7kQAMFAyoO6EADBQMqDvBAAwUDKg8cAAMFAyoPJ4ADBQMqDywAAwUDKg9d
gAMFAyoPY0ADBQMqD3HAAwUDKg90QAMFAyoPlQADBQMqD9QAAwUDKg/cAAMFAyoS
TEADBQMqElPAAwUDKhKMgDANBgkqhkiG9w0BAQsFAAOCAQEALiR+QJ/5H2fg1ifQ
iGYhv0Z9ZywdAiF916jHDFFL/R+ayCcxcm8YNpRNrgRokKWKsFU6CDnXexlCJ7R9
21nEtjTA47Mo1qpJ2a/N4mZpe82YCAb3Utu3B0aXSLoKwpIlsQcqJEt60A0fbprY
qsTPJpFDNz/ZXDyzyzHthDlcu8jAXhUDivgQlfhmwGcN1eIJ9gJP0uocX2WW9aTC
ceN5WJ58LaYUCSkvv1TwLA0e1+3YDYJH37B0URzunmBIr7NNCcLI7XD1Q24GmHtg
q2zE7k7eXOvH4AATdX4u8gQgID0IJtCQTT3gI/sZQe5mKXEtfDDSVpKomH018mMu
C0Z5XA==
-----END CERTIFICATE-----
Generated at Fri Apr 11 23:34:48 2025 by rpki-client