Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/NxKKuEIzsEe5p3RwQBZ8j63Lsc4.roa
File: NxKKuEIzsEe5p3RwQBZ8j63Lsc4.roa (raw, json)
Hash identifier: mOT2nWmKWDEZ1VeM86bS3Qx+tjUuZhaB/QcxGF5t7y4=
Subject key identifier: 37:12:8A:B8:42:33:B0:47:B9:A7:74:70:40:16:7C:8F:AD:CB:B1:CE
Certificate issuer: /CN=6991c56f11a7171c6153239769f557beba10182d
Certificate serial: 0197F4458FC814A9E6FBFA2E6FE7A6550513
Authority key identifier: 69:91:C5:6F:11:A7:17:1C:61:53:23:97:69:F5:57:BE:BA:10:18:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aZHFbxGnFxxhUyOXafVXvroQGC0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/NxKKuEIzsEe5p3RwQBZ8j63Lsc4.roa
Signing time: Thu 10 Jul 2025 12:18:08 +0000
ROA not before: Thu 10 Jul 2025 12:18:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51264
IP address blocks: 95.164.90.0/24 maxlen: 24
95.164.92.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/aZHFbxGnFxxhUyOXafVXvroQGC0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/aZHFbxGnFxxhUyOXafVXvroQGC0.mft
rsync://rpki.ripe.net/repository/DEFAULT/aZHFbxGnFxxhUyOXafVXvroQGC0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 11:55:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:f4:45:8f:c8:14:a9:e6:fb:fa:2e:6f:e7:a6:55:05:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6991c56f11a7171c6153239769f557beba10182d
Validity
Not Before: Jul 10 12:18:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=37128ab84233b047b9a7747040167c8fadcbb1ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:d6:b3:ea:e8:95:29:e4:6d:16:2f:54:b1:9d:
4a:61:e8:cb:6b:32:4d:93:31:82:6e:ce:65:4f:1e:
c3:f8:ee:d7:c2:f5:8f:b3:ac:b5:5d:d7:77:98:29:
a5:6d:3d:77:2b:2f:91:88:db:28:fe:e7:2c:b3:c7:
d3:a1:0a:e9:52:3a:b7:cc:d3:3d:f5:ea:5e:fa:54:
b5:31:e1:ac:56:c4:a9:44:5e:b0:e0:90:db:d2:28:
8a:64:7d:15:d7:bb:37:8c:b4:f2:a6:b7:83:b5:41:
36:3b:4c:08:0b:52:ab:c7:2c:b8:2d:ad:d5:66:e9:
12:7d:15:f0:40:6e:db:c9:51:0d:d2:2f:f3:b6:0f:
a6:64:70:e9:36:46:99:3d:e5:60:b8:ac:50:97:c8:
db:af:da:a1:a2:86:f7:06:48:df:bb:89:e4:a7:5d:
01:55:4f:10:cf:51:c6:a1:02:6d:e3:1e:00:b4:70:
ef:20:4e:d2:a9:e6:06:90:cd:1a:a9:b1:8c:ec:14:
de:5f:0d:91:d9:e4:3b:05:0c:89:77:c6:7e:4f:70:
36:7c:32:28:df:a8:23:49:e5:05:dd:8f:2a:bf:a4:
14:63:f7:0f:30:57:b9:78:59:4a:f8:55:44:b8:dd:
a8:0e:24:56:d4:14:e7:57:ce:0d:2f:97:bb:2d:d1:
3d:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:12:8A:B8:42:33:B0:47:B9:A7:74:70:40:16:7C:8F:AD:CB:B1:CE
X509v3 Authority Key Identifier:
keyid:69:91:C5:6F:11:A7:17:1C:61:53:23:97:69:F5:57:BE:BA:10:18:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aZHFbxGnFxxhUyOXafVXvroQGC0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/NxKKuEIzsEe5p3RwQBZ8j63Lsc4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/aZHFbxGnFxxhUyOXafVXvroQGC0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.164.90.0/24
95.164.92.0/23
Signature Algorithm: sha256WithRSAEncryption
02:dd:aa:cc:62:10:73:4d:59:b9:47:35:9c:61:75:13:69:17:
4f:35:90:42:ac:f4:f4:8b:b1:e5:02:9b:87:f7:f7:c5:e8:0a:
c7:57:08:50:89:77:89:2a:38:22:c5:6f:09:9e:a6:07:30:6f:
32:74:fc:29:dc:37:34:07:3a:db:94:b8:dc:7c:89:df:85:38:
ca:d0:01:be:28:b9:41:ee:23:65:9c:31:1a:a3:39:6a:83:46:
59:da:e9:62:f8:4e:1e:9c:78:0f:86:3d:2d:54:e6:e5:34:60:
cd:3e:3a:64:a5:de:39:f9:db:91:40:79:40:bb:1f:2a:a7:ff:
60:7f:91:a9:2f:f2:bd:a5:44:4b:e3:38:ff:a2:6c:61:15:2d:
1d:5b:4a:39:a2:c5:f1:ce:3c:7f:8d:e2:be:57:45:6f:69:37:
da:ed:55:cf:e6:42:b8:ec:ac:cc:a6:9a:57:05:12:aa:65:81:
16:0d:43:49:7a:ef:93:6b:89:49:ad:6e:d1:e2:da:ce:5c:eb:
39:3d:53:db:a5:d2:c3:a3:13:ff:d6:27:58:4c:0f:e0:2f:f4:
df:5d:9c:3b:96:0d:2a:b2:64:af:a9:e7:9c:8d:6f:a8:2c:67:
8e:33:db:e3:3c:d9:e8:39:28:e7:e1:5a:b1:8c:53:60:92:8c:
ba:4b:c6:2c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZf0RY/IFKnm+/oub+emVQUTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5OTFjNTZmMTFhNzE3MWM2MTUzMjM5NzY5ZjU1N2JlYmEx
MDE4MmQwHhcNMjUwNzEwMTIxODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzEyOGFiODQyMzNiMDQ3YjlhNzc0NzA0MDE2N2M4ZmFkY2JiMWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAydaz6uiVKeRtFi9UsZ1KYejLazJN
kzGCbs5lTx7D+O7XwvWPs6y1Xdd3mCmlbT13Ky+RiNso/ucss8fToQrpUjq3zNM9
9epe+lS1MeGsVsSpRF6w4JDb0iiKZH0V17s3jLTypreDtUE2O0wIC1Krxyy4La3V
ZukSfRXwQG7byVEN0i/ztg+mZHDpNkaZPeVguKxQl8jbr9qhoob3Bkjfu4nkp10B
VU8Qz1HGoQJt4x4AtHDvIE7SqeYGkM0aqbGM7BTeXw2R2eQ7BQyJd8Z+T3A2fDIo
36gjSeUF3Y8qv6QUY/cPMFe5eFlK+FVEuN2oDiRW1BTnV84NL5e7LdE9jwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDcSirhCM7BHuad0cEAWfI+ty7HOMB8GA1UdIwQY
MBaAFGmRxW8RpxccYVMjl2n1V766EBgtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVpIRmJ4R25GeHhoVXlPWGFmVlh2cm9RR0MwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC80Mjg4MTUtMDJiOS00NjA2LWIwNjYt
NjVkMTU2NzM0MGZkLzEvTnhLS3VFSXpzRWU1cDNSd1FCWjhqNjNMc2M0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC80Mjg4MTUtMDJiOS00NjA2LWIwNjYtNjVkMTU2NzM0MGZk
LzEvYVpIRmJ4R25GeHhoVXlPWGFmVlh2cm9RR0MwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAX6RaAwQB
X6RcMA0GCSqGSIb3DQEBCwUAA4IBAQAC3arMYhBzTVm5RzWcYXUTaRdPNZBCrPT0
i7HlApuH9/fF6ArHVwhQiXeJKjgixW8JnqYHMG8ydPwp3Dc0BzrblLjcfInfhTjK
0AG+KLlB7iNlnDEaozlqg0ZZ2uli+E4enHgPhj0tVOblNGDNPjpkpd45+duRQHlA
ux8qp/9gf5GpL/K9pURL4zj/omxhFS0dW0o5osXxzjx/jeK+V0VvaTfa7VXP5kK4
7KzMpppXBRKqZYEWDUNJeu+Ta4lJrW7R4trOXOs5PVPbpdLDoxP/1idYTA/gL/Tf
XZw7lg0qsmSvqeecjW+oLGeOM9vjPNnoOSjn4VqxjFNgkoy6S8Ys
-----END CERTIFICATE-----
Generated at Wed Jul 23 16:35:32 2025 by rpki-client