Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/NIMNyPGIbg1vfnnE1dF5_LRFmpk.roa
File: NIMNyPGIbg1vfnnE1dF5_LRFmpk.roa (raw, json)
Hash identifier: ZE/vf7smwMGPKAuhagOZ8wBiL0bFtr4XLBZUTrYGN7g=
Subject key identifier: 34:83:0D:C8:F1:88:6E:0D:6F:7E:79:C4:D5:D1:79:FC:B4:45:9A:99
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 01973FC61ED4659FAEAB7DF23C5974DCA2F7
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/NIMNyPGIbg1vfnnE1dF5_LRFmpk.roa
Signing time: Thu 05 Jun 2025 11:07:17 +0000
ROA not before: Thu 05 Jun 2025 11:07:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29226
IP address blocks: 2a09:6286::/32 maxlen: 32
2a10:4100::/32 maxlen: 32
2a10:4105::/32 maxlen: 32
2a11:4b44::/32 maxlen: 32
2a12:a347::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft
rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 04:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3f:c6:1e:d4:65:9f:ae:ab:7d:f2:3c:59:74:dc:a2:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Jun 5 11:07:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=34830dc8f1886e0d6f7e79c4d5d179fcb4459a99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:c8:85:1d:c7:f1:08:ce:b0:e2:f7:ce:60:87:
32:fd:fa:ca:6f:9a:d2:cc:eb:94:43:36:85:64:0e:
f8:45:f9:fb:e8:c6:97:a8:67:50:00:0a:f2:4e:18:
cf:97:bc:a8:0d:d9:ba:8c:43:fa:4f:3b:d7:9b:52:
f3:19:77:0a:b7:ff:9d:9d:cc:76:5c:c4:fa:96:1d:
7c:ed:90:ec:f8:fe:94:21:b8:5b:ba:51:9d:69:61:
81:49:b6:e3:79:3a:25:b9:14:88:d4:87:af:6f:84:
c0:16:cd:bd:9b:4a:a5:fd:b0:39:a4:62:51:a9:d5:
5a:ab:74:3c:2a:de:3f:48:45:59:5f:3a:90:6f:86:
e4:aa:e4:cc:5a:a7:a5:fb:8d:b4:a5:df:4c:ea:48:
50:66:42:55:21:03:48:a1:e6:07:6c:bc:72:1f:d5:
e6:8f:c8:77:4a:44:9c:04:d5:ee:c3:93:00:5f:9d:
85:1a:be:49:0f:d5:90:b6:ab:74:45:70:3c:81:c8:
fe:7f:31:5c:b3:b1:c5:de:bf:0f:5f:78:0c:7e:71:
72:42:a5:fe:5d:13:4a:c1:24:d1:0e:19:6f:9f:c6:
14:b7:97:6a:c2:96:0f:26:15:9d:12:8f:09:31:a6:
cc:82:f6:c1:b5:38:81:a9:64:71:1a:77:3b:59:5e:
81:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:83:0D:C8:F1:88:6E:0D:6F:7E:79:C4:D5:D1:79:FC:B4:45:9A:99
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/NIMNyPGIbg1vfnnE1dF5_LRFmpk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:6286::/32
2a10:4100::/32
2a10:4105::/32
2a11:4b44::/32
2a12:a347::/32
Signature Algorithm: sha256WithRSAEncryption
a5:58:c7:03:6e:9f:29:ce:d1:4f:0b:f7:4f:9c:cf:18:79:fb:
fd:2b:41:b3:e1:e1:d0:55:ec:3c:fc:c4:bc:09:fb:dd:dc:bb:
07:1e:3c:ff:a0:b5:e0:b0:9b:75:45:05:7f:c3:f4:ed:05:e9:
88:5e:a8:df:1c:bb:2c:c7:ba:32:71:41:da:f3:5a:fe:01:86:
0c:b7:e9:05:81:71:49:09:17:4c:53:ac:97:b6:d5:dc:a2:47:
6e:11:a9:57:a1:f6:ba:5d:fe:11:83:2f:34:e7:df:f4:bd:96:
98:87:3f:8c:fd:19:b7:c0:3c:b8:50:bd:9a:27:d1:6d:7f:ab:
0f:73:bc:12:64:f7:f1:a0:6b:ba:ad:90:81:60:98:df:21:cc:
17:54:b9:e2:b4:a1:fe:f7:70:46:a9:3a:d2:09:29:f4:d3:7e:
b6:9a:9b:0b:23:83:e2:e3:2a:54:0b:ac:98:6b:67:b1:12:17:
c5:90:46:4d:df:cd:65:cf:db:cb:16:1f:c6:7a:e1:97:d3:96:
34:fe:f1:37:da:cc:20:dd:ce:2f:85:57:eb:b5:ec:96:2d:de:
af:81:9a:34:48:e5:4a:ef:37:d2:31:46:97:da:8c:75:95:44:
d4:29:56:9a:ce:6b:e4:bf:85:47:70:80:3e:95:b3:79:7a:c3:
65:75:2d:0e
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZc/xh7UZZ+uq33yPFl03KL3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjUwNjA1MTEwNzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDgzMGRjOGYxODg2ZTBkNmY3ZTc5YzRkNWQxNzlmY2I0NDU5YTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxsiFHcfxCM6w4vfOYIcy/frKb5rS
zOuUQzaFZA74Rfn76MaXqGdQAAryThjPl7yoDdm6jEP6TzvXm1LzGXcKt/+dncx2
XMT6lh187ZDs+P6UIbhbulGdaWGBSbbjeToluRSI1Ievb4TAFs29m0ql/bA5pGJR
qdVaq3Q8Kt4/SEVZXzqQb4bkquTMWqel+420pd9M6khQZkJVIQNIoeYHbLxyH9Xm
j8h3SkScBNXuw5MAX52FGr5JD9WQtqt0RXA8gcj+fzFcs7HF3r8PX3gMfnFyQqX+
XRNKwSTRDhlvn8YUt5dqwpYPJhWdEo8JMabMgvbBtTiBqWRxGnc7WV6BVwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFDSDDcjxiG4Nb355xNXRefy0RZqZMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvTklNTnlQR0liZzF2Zm5uRTFkRjVfTFJGbXBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUAKglihgMF
ACoQQQADBQAqEEEFAwUAKhFLRAMFACoSo0cwDQYJKoZIhvcNAQELBQADggEBAKVY
xwNunynO0U8L90+czxh5+/0rQbPh4dBV7Dz8xLwJ+93cuwcePP+gteCwm3VFBX/D
9O0F6YheqN8cuyzHujJxQdrzWv4Bhgy36QWBcUkJF0xTrJe21dyiR24RqVeh9rpd
/hGDLzTn3/S9lpiHP4z9GbfAPLhQvZon0W1/qw9zvBJk9/Gga7qtkIFgmN8hzBdU
ueK0of73cEapOtIJKfTTfraamwsjg+LjKlQLrJhrZ7ESF8WQRk3fzWXP28sWH8Z6
4ZfTljT+8TfazCDdzi+FV+u17JYt3q+BmjRI5UrvN9IxRpfajHWVRNQpVprOa+S/
hUdwgD6Vs3l6w2V1LQ4=
-----END CERTIFICATE-----
Generated at Sat Jun 7 14:11:42 2025 by rpki-client