Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/NClupgqAUdwnU34Sum2MaF9qVA0.roa
File: NClupgqAUdwnU34Sum2MaF9qVA0.roa (raw, json)
Hash identifier: aDGxKYq2Y8XMXNzlWk4ySV396lfiu4EB4r+x7lrq+P8=
Subject key identifier: 34:29:6E:A6:0A:80:51:DC:27:53:7E:12:BA:6D:8C:68:5F:6A:54:0D
Certificate issuer: /CN=86ee201c65d655ee9cfe251f951ea91bba154567
Certificate serial: 019740E857542CC333761D26F269B7EC9253
Authority key identifier: 86:EE:20:1C:65:D6:55:EE:9C:FE:25:1F:95:1E:A9:1B:BA:15:45:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hu4gHGXWVe6c_iUflR6pG7oVRWc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/NClupgqAUdwnU34Sum2MaF9qVA0.roa
Signing time: Thu 05 Jun 2025 16:24:17 +0000
ROA not before: Thu 05 Jun 2025 16:24:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16633
IP address blocks: 45.147.95.0/24 maxlen: 24
46.229.240.0/24 maxlen: 24
87.236.163.0/24 maxlen: 24
185.201.17.0/24 maxlen: 24
185.201.18.0/24 maxlen: 24
185.225.27.0/24 maxlen: 24
188.190.112.0/24 maxlen: 24
193.41.32.0/24 maxlen: 24
193.200.214.0/24 maxlen: 24
2a01:ebc0:17::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/hu4gHGXWVe6c_iUflR6pG7oVRWc.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/hu4gHGXWVe6c_iUflR6pG7oVRWc.mft
rsync://rpki.ripe.net/repository/DEFAULT/hu4gHGXWVe6c_iUflR6pG7oVRWc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 11:24:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:40:e8:57:54:2c:c3:33:76:1d:26:f2:69:b7:ec:92:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86ee201c65d655ee9cfe251f951ea91bba154567
Validity
Not Before: Jun 5 16:24:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=34296ea60a8051dc27537e12ba6d8c685f6a540d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:b8:5b:50:87:57:61:8e:c8:9e:aa:a2:37:e4:
df:bf:dc:63:de:44:0e:bf:92:97:2f:39:55:43:4e:
2b:b6:3f:8d:dc:d6:92:02:e9:9f:a3:86:f9:62:12:
05:44:74:04:b4:87:20:a9:f6:ac:7e:d9:f3:9d:de:
c5:aa:dd:c7:a1:64:2b:2b:b9:8e:41:ed:4d:e1:4c:
f9:b9:c4:4f:3a:3a:ff:7f:4c:7c:72:1b:e6:99:84:
92:78:03:30:4d:f5:cf:5a:bc:a1:0d:0b:c3:93:73:
b8:ac:7c:ff:f2:87:20:f4:ce:e2:2d:df:27:af:78:
a5:3f:db:2d:d7:2f:8e:2e:43:a2:3b:97:97:64:32:
a0:52:2e:8b:85:be:14:aa:29:87:21:33:36:1a:aa:
b9:0a:c1:e4:5a:5f:2b:d1:a7:7d:ec:3f:fe:7d:9c:
87:50:c0:3e:12:71:21:4c:70:22:01:a1:15:b7:94:
cb:cd:83:86:70:09:34:25:2e:97:c8:7d:40:76:ad:
76:ee:a0:15:db:bd:1a:31:41:e2:d1:dc:ad:63:08:
b2:d0:3d:0c:26:8d:cd:82:f6:c2:04:6f:9a:a9:7e:
5e:0a:14:d4:48:f2:fb:df:fa:18:53:2f:14:11:2b:
a1:83:15:ff:9b:63:e2:e5:f5:2b:ec:41:99:49:03:
78:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:29:6E:A6:0A:80:51:DC:27:53:7E:12:BA:6D:8C:68:5F:6A:54:0D
X509v3 Authority Key Identifier:
keyid:86:EE:20:1C:65:D6:55:EE:9C:FE:25:1F:95:1E:A9:1B:BA:15:45:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hu4gHGXWVe6c_iUflR6pG7oVRWc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/NClupgqAUdwnU34Sum2MaF9qVA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/hu4gHGXWVe6c_iUflR6pG7oVRWc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.95.0/24
46.229.240.0/24
87.236.163.0/24
185.201.17.0-185.201.18.255
185.225.27.0/24
188.190.112.0/24
193.41.32.0/24
193.200.214.0/24
IPv6:
2a01:ebc0:17::/48
Signature Algorithm: sha256WithRSAEncryption
75:77:0d:db:e5:3a:51:0d:67:83:7f:7c:85:84:b8:4b:52:e5:
b9:b9:32:8c:f2:ba:3b:b6:7b:4c:62:ba:be:8f:da:26:ca:34:
bc:1d:bf:d2:a8:aa:c9:d2:e1:21:2a:65:76:2d:bb:3c:f7:2f:
94:aa:74:4b:92:b6:bd:21:d6:f1:79:13:bb:71:68:6a:0b:39:
b3:90:c0:17:ec:7d:68:5e:df:c3:6e:be:49:42:9c:f4:c1:d8:
2e:b3:11:e3:b7:19:bc:66:2a:91:09:c2:03:35:32:32:25:62:
67:5d:a8:94:82:de:25:a2:b1:a8:34:d6:a1:23:a5:43:2e:cc:
a4:c0:8d:37:ba:be:a2:93:75:0a:8f:06:aa:05:7e:9b:fb:f1:
a8:37:a6:16:b4:9e:f8:24:00:c7:0e:04:fa:6c:8f:10:bf:74:
f6:90:32:f2:b7:f6:a4:e7:34:5f:eb:9a:28:43:ea:65:18:9f:
78:cc:16:7c:d2:8f:a8:5f:56:62:26:2d:bb:cb:ca:79:a4:aa:
85:67:cd:33:08:5f:bd:2b:0c:cb:49:59:40:97:c1:c1:8a:7b:
3c:01:04:dc:05:75:99:e0:fb:b1:0d:ea:b5:98:48:28:64:6c:
34:68:c4:da:23:64:9b:9e:3c:ac:e4:1c:8d:1d:09:87:84:ce:
8a:ff:a4:d2
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgISAZdA6FdULMMzdh0m8mm37JJTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZWUyMDFjNjVkNjU1ZWU5Y2ZlMjUxZjk1MWVhOTFiYmEx
NTQ1NjcwHhcNMjUwNjA1MTYyNDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDI5NmVhNjBhODA1MWRjMjc1MzdlMTJiYTZkOGM2ODVmNmE1NDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqrhbUIdXYY7InqqiN+Tfv9xj3kQO
v5KXLzlVQ04rtj+N3NaSAumfo4b5YhIFRHQEtIcgqfasftnznd7Fqt3HoWQrK7mO
Qe1N4Uz5ucRPOjr/f0x8chvmmYSSeAMwTfXPWryhDQvDk3O4rHz/8ocg9M7iLd8n
r3ilP9st1y+OLkOiO5eXZDKgUi6Lhb4UqimHITM2Gqq5CsHkWl8r0ad97D/+fZyH
UMA+EnEhTHAiAaEVt5TLzYOGcAk0JS6XyH1Adq127qAV270aMUHi0dytYwiy0D0M
Jo3NgvbCBG+aqX5eChTUSPL73/oYUy8UESuhgxX/m2Pi5fUr7EGZSQN4dwIDAQAB
o4ICTDCCAkgwHQYDVR0OBBYEFDQpbqYKgFHcJ1N+ErptjGhfalQNMB8GA1UdIwQY
MBaAFIbuIBxl1lXunP4lH5UeqRu6FUVnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHU0Z0hHWFdWZTZjX2lVZmxSNnBHN29WUldjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8xM2E3MzUtM2IxYy00ZDljLThjZmEt
YThjYThlNGM3ZTc3LzEvTkNsdXBncUFVZHduVTM0U3VtMk1hRjlxVkEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS8xM2E3MzUtM2IxYy00ZDljLThjZmEtYThjYThlNGM3ZTc3
LzEvaHU0Z0hHWFdWZTZjX2lVZmxSNnBHN29WUldjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGIGCCsGAQUFBwEHAQH/BFMwUTA+BAIAATA4AwQALZNfAwQA
LuXwAwQAV+yjMAwDBAC5yREDBAC5yRIDBAC54RsDBAC8vnADBADBKSADBADByNYw
DwQCAAIwCQMHACoB68AAFzANBgkqhkiG9w0BAQsFAAOCAQEAdXcN2+U6UQ1ng398
hYS4S1LlubkyjPK6O7Z7TGK6vo/aJso0vB2/0qiqydLhISpldi27PPcvlKp0S5K2
vSHW8XkTu3Foags5s5DAF+x9aF7fw26+SUKc9MHYLrMR47cZvGYqkQnCAzUyMiVi
Z12olILeJaKxqDTWoSOlQy7MpMCNN7q+opN1Co8GqgV+m/vxqDemFrSe+CQAxw4E
+myPEL909pAy8rf2pOc0X+uaKEPqZRifeMwWfNKPqF9WYiYtu8vKeaSqhWfNMwhf
vSsMy0lZQJfBwYp7PAEE3AV1meD7sQ3qtZhIKGRsNGjE2iNkm548rOQcjR0Jh4TO
iv+k0g==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:10:40 2025 by rpki-client