Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/NYzishm2ogJfRyzy8nT6kXYmzuI.roa
File: NYzishm2ogJfRyzy8nT6kXYmzuI.roa (raw, json)
Hash identifier: LaEEfSMmtUB1mBqYxGiYK3KhOkpxYURIQoeWj6Zjkz4=
Subject key identifier: 35:8C:E2:B2:19:B6:A2:02:5F:47:2C:F2:F2:74:FA:91:76:26:CE:E2
Certificate issuer: /CN=d3d56f07be184cba52f6fdc049e8114d2616c32a
Certificate serial: 0196F28185E9A180A6B714D58650571D0BD4
Authority key identifier: D3:D5:6F:07:BE:18:4C:BA:52:F6:FD:C0:49:E8:11:4D:26:16:C3:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/09VvB74YTLpS9v3ASegRTSYWwyo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/NYzishm2ogJfRyzy8nT6kXYmzuI.roa
Signing time: Wed 21 May 2025 11:01:36 +0000
ROA not before: Wed 21 May 2025 11:01:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62047
IP address blocks: 178.216.40.0/21 maxlen: 21
2001:67c:778::/48 maxlen: 48
2001:7f8:5b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/09VvB74YTLpS9v3ASegRTSYWwyo.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/09VvB74YTLpS9v3ASegRTSYWwyo.mft
rsync://rpki.ripe.net/repository/DEFAULT/09VvB74YTLpS9v3ASegRTSYWwyo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 10 Jun 2025 05:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f2:81:85:e9:a1:80:a6:b7:14:d5:86:50:57:1d:0b:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3d56f07be184cba52f6fdc049e8114d2616c32a
Validity
Not Before: May 21 11:01:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=358ce2b219b6a2025f472cf2f274fa917626cee2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:c1:6c:8e:45:e3:e4:13:ad:50:ce:84:d1:43:
85:44:4e:da:80:a7:30:05:45:d3:21:ad:6e:e3:74:
64:3c:1e:cf:f5:35:3e:d1:48:e7:03:e6:06:81:2f:
e3:3b:32:52:83:ef:6f:dc:02:65:00:86:8d:2f:0a:
67:12:82:1c:a9:c9:73:36:4a:3d:da:b0:34:1b:1a:
61:db:84:c5:55:db:8b:05:58:5b:dd:9c:6a:73:16:
be:2d:82:6a:5b:ef:13:18:b5:10:30:f6:00:3c:84:
c3:ed:ef:17:91:95:a5:aa:19:5b:b7:58:2c:74:4b:
6e:e9:22:de:4c:b2:7e:62:ce:34:96:1e:ef:fa:ce:
fd:bc:f4:94:b6:8d:af:d9:71:fd:fc:6f:75:57:8f:
db:64:b1:6a:a2:7e:96:40:9d:c7:61:9e:e5:7a:69:
c3:dc:5d:a3:f7:f2:65:bf:f9:3f:60:bd:4d:6d:60:
e8:29:9d:ae:df:cf:aa:a1:44:e4:cd:1a:a0:e7:4a:
eb:59:87:ad:d1:9a:ff:ab:db:37:60:90:3f:da:7a:
42:0e:4c:19:8d:6d:23:0e:8e:53:da:a6:69:d0:71:
5a:8f:97:8b:55:84:7b:6c:66:21:f8:83:c2:25:d4:
c4:d9:e5:c3:70:04:07:d9:ac:2d:2f:20:5a:e9:33:
c4:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:8C:E2:B2:19:B6:A2:02:5F:47:2C:F2:F2:74:FA:91:76:26:CE:E2
X509v3 Authority Key Identifier:
keyid:D3:D5:6F:07:BE:18:4C:BA:52:F6:FD:C0:49:E8:11:4D:26:16:C3:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/09VvB74YTLpS9v3ASegRTSYWwyo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/NYzishm2ogJfRyzy8nT6kXYmzuI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/09VvB74YTLpS9v3ASegRTSYWwyo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.216.40.0/21
IPv6:
2001:67c:778::/48
2001:7f8:5b::/48
Signature Algorithm: sha256WithRSAEncryption
2f:da:aa:0b:25:f4:7a:18:ab:b1:10:93:be:ee:5a:d9:5c:05:
3c:af:e9:42:63:7f:91:25:70:75:9a:87:c6:78:4a:3d:d2:b2:
48:0a:17:39:f8:c3:90:24:ca:ec:e8:7e:e5:97:b2:f0:e2:5a:
91:d4:b8:28:a3:54:f9:75:38:0a:08:e5:b2:c8:04:58:07:5a:
a1:ce:2b:f2:a0:09:73:78:6a:f8:62:13:0e:f7:f9:be:c9:a7:
da:84:67:a4:94:fb:5c:63:8f:6b:99:88:9d:76:d3:c9:01:0a:
c6:1d:66:cf:19:6b:1c:39:ad:1a:fa:6f:0a:1f:a9:8d:22:dd:
c3:bf:8b:80:e2:35:d0:dd:2f:26:7d:c8:aa:97:b5:06:ac:df:
f1:4d:35:a9:33:21:9c:41:3a:7d:8c:ff:fb:92:5a:1e:f2:4c:
18:93:4e:2e:e2:1d:53:ea:71:65:5d:19:2f:80:68:11:0b:76:
08:d5:a8:d3:2c:83:64:73:1d:13:b3:f5:60:78:11:98:d0:da:
4d:45:5e:94:27:d8:84:73:c1:a9:58:ba:4f:e4:26:d1:ab:70:
6c:be:1e:2a:58:d3:a7:27:68:a5:1a:96:8c:53:3a:da:90:cd:
fe:61:53:a3:0a:22:93:82:6d:e2:50:70:18:54:e2:0c:98:d1:
e8:d2:cb:95
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZbygYXpoYCmtxTVhlBXHQvUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZDU2ZjA3YmUxODRjYmE1MmY2ZmRjMDQ5ZTgxMTRkMjYx
NmMzMmEwHhcNMjUwNTIxMTEwMTM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNThjZTJiMjE5YjZhMjAyNWY0NzJjZjJmMjc0ZmE5MTc2MjZjZWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlsFsjkXj5BOtUM6E0UOFRE7agKcw
BUXTIa1u43RkPB7P9TU+0UjnA+YGgS/jOzJSg+9v3AJlAIaNLwpnEoIcqclzNko9
2rA0Gxph24TFVduLBVhb3Zxqcxa+LYJqW+8TGLUQMPYAPITD7e8XkZWlqhlbt1gs
dEtu6SLeTLJ+Ys40lh7v+s79vPSUto2v2XH9/G91V4/bZLFqon6WQJ3HYZ7lemnD
3F2j9/Jlv/k/YL1NbWDoKZ2u38+qoUTkzRqg50rrWYet0Zr/q9s3YJA/2npCDkwZ
jW0jDo5T2qZp0HFaj5eLVYR7bGYh+IPCJdTE2eXDcAQH2awtLyBa6TPEeQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFDWM4rIZtqICX0cs8vJ0+pF2Js7iMB8GA1UdIwQY
MBaAFNPVbwe+GEy6Uvb9wEnoEU0mFsMqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDlWdkI3NFlUTHBTOXYzQVNlZ1JUU1lXd3lvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC81Nzg2YWItMDY3ZS00NDBjLWIyNzYt
MWIwNmQxYzcwNGMxLzEvTll6aXNobTJvZ0pmUnl6eThuVDZrWFltenVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC81Nzg2YWItMDY3ZS00NDBjLWIyNzYtMWIwNmQxYzcwNGMx
LzEvMDlWdkI3NFlUTHBTOXYzQVNlZ1JUU1lXd3lvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQDstgoMBgE
AgACMBIDBwAgAQZ8B3gDBwAgAQf4AFswDQYJKoZIhvcNAQELBQADggEBAC/aqgsl
9HoYq7EQk77uWtlcBTyv6UJjf5ElcHWah8Z4Sj3SskgKFzn4w5AkyuzofuWXsvDi
WpHUuCijVPl1OAoI5bLIBFgHWqHOK/KgCXN4avhiEw73+b7Jp9qEZ6SU+1xjj2uZ
iJ1208kBCsYdZs8Zaxw5rRr6bwofqY0i3cO/i4DiNdDdLyZ9yKqXtQas3/FNNakz
IZxBOn2M//uSWh7yTBiTTi7iHVPqcWVdGS+AaBELdgjVqNMsg2RzHROz9WB4EZjQ
2k1FXpQn2IRzwalYuk/kJtGrcGy+HipY06cnaKUaloxTOtqQzf5hU6MKIpOCbeJQ
cBhU4gyY0ejSy5U=
-----END CERTIFICATE-----
Generated at Mon Jun 9 16:12:18 2025 by rpki-client