Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/NNwMFEhxMbRDsRS0Ujs5UcWLoXw.roa
File: NNwMFEhxMbRDsRS0Ujs5UcWLoXw.roa (raw, json)
Hash identifier: B/gMLVmikacsqiNWPQ61KMiQs160DvW9fNOZyUyFlmw=
Subject key identifier: 34:DC:0C:14:48:71:31:B4:43:B1:14:B4:52:3B:39:51:C5:8B:A1:7C
Certificate issuer: /CN=81a2d0dcd50a682f975ea3d8c38e5e67bb0322f9
Certificate serial: 0195F16FC908392AC34745C8E9639F0862C0
Authority key identifier: 81:A2:D0:DC:D5:0A:68:2F:97:5E:A3:D8:C3:8E:5E:67:BB:03:22:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/NNwMFEhxMbRDsRS0Ujs5UcWLoXw.roa
Signing time: Tue 01 Apr 2025 12:59:49 +0000
ROA not before: Tue 01 Apr 2025 12:59:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213176
IP address blocks: 209.35.224.0/24 maxlen: 24
209.35.225.0/24 maxlen: 24
209.35.226.0/24 maxlen: 24
209.35.227.0/24 maxlen: 24
209.35.228.0/24 maxlen: 24
209.35.229.0/24 maxlen: 24
209.35.230.0/24 maxlen: 24
209.35.231.0/24 maxlen: 24
209.35.233.0/24 maxlen: 24
209.35.234.0/24 maxlen: 24
209.35.235.0/24 maxlen: 24
209.35.236.0/24 maxlen: 24
209.35.237.0/24 maxlen: 24
212.59.64.0/24 maxlen: 24
212.59.65.0/24 maxlen: 24
212.59.66.0/24 maxlen: 24
212.59.67.0/24 maxlen: 24
212.59.68.0/24 maxlen: 24
212.59.69.0/24 maxlen: 24
212.59.70.0/24 maxlen: 24
212.59.71.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.mft
rsync://rpki.ripe.net/repository/DEFAULT/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 18:01:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f1:6f:c9:08:39:2a:c3:47:45:c8:e9:63:9f:08:62:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81a2d0dcd50a682f975ea3d8c38e5e67bb0322f9
Validity
Not Before: Apr 1 12:59:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=34dc0c14487131b443b114b4523b3951c58ba17c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:22:f2:87:3e:b7:60:4f:fd:a1:bd:61:25:55:
32:5d:eb:99:19:c1:0c:19:78:aa:d7:4d:81:4d:47:
96:c8:b5:d5:c6:66:09:a5:7b:01:80:a4:95:0f:a3:
40:29:6c:1e:00:f7:ac:d0:fa:8d:34:f1:ea:ad:8c:
9d:6b:61:be:e0:62:e1:22:95:02:be:92:0b:0a:d4:
d4:3a:54:a2:da:0f:81:52:7a:f3:12:60:8b:42:b9:
44:7b:f2:64:f0:5c:06:f7:5f:2a:0e:fb:2a:48:ed:
d5:f0:95:70:09:7f:24:d2:cb:d6:87:78:65:34:11:
95:b9:ee:0d:fe:de:43:cf:7e:0e:67:c7:d0:94:52:
f7:c8:04:aa:11:ff:51:1a:8e:05:a4:b6:2c:0c:38:
37:2b:a7:0a:24:ac:4a:3c:de:15:d4:87:a1:de:c9:
b4:e8:8a:54:b9:f1:49:89:83:05:41:40:18:df:9f:
36:ab:90:3e:2b:c6:97:41:1f:60:35:e4:89:c9:70:
df:31:77:11:74:ae:72:91:a4:8f:30:e9:69:94:17:
aa:5a:eb:f0:32:42:21:f3:a8:e8:92:9b:41:d0:d8:
cf:45:ea:b0:fd:d8:4d:e5:a0:36:11:87:01:a6:97:
20:a3:bd:2d:ae:d2:b0:a2:bf:41:02:57:d1:bc:ad:
ed:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:DC:0C:14:48:71:31:B4:43:B1:14:B4:52:3B:39:51:C5:8B:A1:7C
X509v3 Authority Key Identifier:
keyid:81:A2:D0:DC:D5:0A:68:2F:97:5E:A3:D8:C3:8E:5E:67:BB:03:22:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/NNwMFEhxMbRDsRS0Ujs5UcWLoXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
209.35.224.0/21
209.35.233.0-209.35.237.255
212.59.64.0/21
Signature Algorithm: sha256WithRSAEncryption
03:b7:84:92:88:ec:f8:24:c5:b0:39:85:88:5b:15:cc:f0:e5:
0c:db:79:3b:94:8e:2a:b1:ea:27:16:9a:50:f8:a7:f0:30:cc:
48:9f:10:77:e4:2d:2f:d8:b8:83:99:5c:f8:60:78:e8:99:4e:
19:c4:63:91:c5:f6:ff:d9:01:94:f3:49:c9:81:ef:0a:38:78:
af:07:e2:2b:41:31:89:87:31:cc:31:91:a4:cf:9b:7b:de:b2:
5c:2e:e2:45:11:3a:90:45:94:4c:54:9c:e9:93:26:24:8e:19:
9f:65:de:6a:9d:2b:f1:3f:34:40:e4:fe:eb:48:28:62:21:4e:
31:aa:16:37:8b:d2:04:6f:bc:bc:14:47:66:7d:44:c4:06:47:
7b:7c:30:06:7c:42:ee:8e:f6:c5:8a:71:2a:c4:0e:b2:3c:2d:
be:18:50:ec:fd:5d:28:26:68:78:6b:1a:3b:29:67:d8:7b:fb:
1f:ae:82:fe:ca:3c:08:af:14:24:ee:e6:cb:4a:4a:4d:ba:97:
88:dc:e0:84:e3:3c:47:4d:3f:18:b0:a9:67:ff:5b:3d:83:be:
7f:7f:f9:c9:0f:8d:64:78:ba:f8:02:41:97:6b:38:35:d8:d7:
29:18:42:77:ff:2d:15:96:a9:dd:72:18:9e:a0:0f:07:8d:b4:
ac:c9:cf:69
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZXxb8kIOSrDR0XI6WOfCGLAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxYTJkMGRjZDUwYTY4MmY5NzVlYTNkOGMzOGU1ZTY3YmIw
MzIyZjkwHhcNMjUwNDAxMTI1OTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGRjMGMxNDQ4NzEzMWI0NDNiMTE0YjQ1MjNiMzk1MWM1OGJhMTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4yLyhz63YE/9ob1hJVUyXeuZGcEM
GXiq102BTUeWyLXVxmYJpXsBgKSVD6NAKWweAPes0PqNNPHqrYyda2G+4GLhIpUC
vpILCtTUOlSi2g+BUnrzEmCLQrlEe/Jk8FwG918qDvsqSO3V8JVwCX8k0svWh3hl
NBGVue4N/t5Dz34OZ8fQlFL3yASqEf9RGo4FpLYsDDg3K6cKJKxKPN4V1Ieh3sm0
6IpUufFJiYMFQUAY3582q5A+K8aXQR9gNeSJyXDfMXcRdK5ykaSPMOlplBeqWuvw
MkIh86jokptB0NjPReqw/dhN5aA2EYcBppcgo70trtKwor9BAlfRvK3tawIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFDTcDBRIcTG0Q7EUtFI7OVHFi6F8MB8GA1UdIwQY
MBaAFIGi0NzVCmgvl16j2MOOXme7AyL5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2FMUTNOVUthQy1YWHFQWXc0NWVaN3NESXZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9kMjVhNzItYmJlMy00YWIwLTk1NjQt
ZmU0NWQ1MTYwYzM5LzEvTk53TUZFaHhNYlJEc1JTMFVqczVVY1dMb1h3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9kMjVhNzItYmJlMy00YWIwLTk1NjQtZmU0NWQ1MTYwYzM5
LzEvZ2FMUTNOVUthQy1YWHFQWXc0NWVaN3NESXZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQD0SPgMAwD
BADRI+kDBAHRI+wDBAPUO0AwDQYJKoZIhvcNAQELBQADggEBAAO3hJKI7PgkxbA5
hYhbFczw5QzbeTuUjiqx6icWmlD4p/AwzEifEHfkLS/YuIOZXPhgeOiZThnEY5HF
9v/ZAZTzScmB7wo4eK8H4itBMYmHMcwxkaTPm3veslwu4kUROpBFlExUnOmTJiSO
GZ9l3mqdK/E/NEDk/utIKGIhTjGqFjeL0gRvvLwUR2Z9RMQGR3t8MAZ8Qu6O9sWK
cSrEDrI8Lb4YUOz9XSgmaHhrGjspZ9h7+x+ugv7KPAivFCTu5stKSk26l4jc4ITj
PEdNPxiwqWf/Wz2Dvn9/+ckPjWR4uvgCQZdrODXY1ykYQnf/LRWWqd1yGJ6gDweN
tKzJz2k=
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:57:49 2025 by rpki-client