Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/fc8037-2b7c-41fc-9dbf-93d1fb72d383/1/NhCn1a0Le8G6D2sVi_l-BvVs8Q0.roa
File: NhCn1a0Le8G6D2sVi_l-BvVs8Q0.roa (raw, json)
Hash identifier: r1ZHnBqkDB4ZKDNF3hfVKil60HJx5YWEfmJ30XUmtD4=
Subject key identifier: 36:10:A7:D5:AD:0B:7B:C1:BA:0F:6B:15:8B:F9:7E:06:F5:6C:F1:0D
Certificate issuer: /CN=ea22f4fb955d79f093d7e87b182c3440ac4be06c
Certificate serial: 0198A12BE356222E58030A400E50408CDFB8
Authority key identifier: EA:22:F4:FB:95:5D:79:F0:93:D7:E8:7B:18:2C:34:40:AC:4B:E0:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6iL0-5VdefCT1-h7GCw0QKxL4Gw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/fc8037-2b7c-41fc-9dbf-93d1fb72d383/1/NhCn1a0Le8G6D2sVi_l-BvVs8Q0.roa
Signing time: Wed 13 Aug 2025 02:04:24 +0000
ROA not before: Wed 13 Aug 2025 02:04:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56665
IP address blocks: 31.204.88.0/24 maxlen: 24
31.204.90.0/23 maxlen: 23
31.204.92.0/22 maxlen: 22
94.252.0.0/17 maxlen: 17
94.252.0.0/21 maxlen: 21
94.252.8.0/21 maxlen: 21
94.252.16.0/21 maxlen: 21
94.252.24.0/21 maxlen: 21
94.252.32.0/21 maxlen: 21
94.252.40.0/21 maxlen: 21
94.252.48.0/21 maxlen: 21
94.252.56.0/21 maxlen: 21
94.252.64.0/21 maxlen: 21
94.252.72.0/21 maxlen: 21
94.252.80.0/21 maxlen: 21
94.252.88.0/21 maxlen: 21
94.252.96.0/20 maxlen: 20
94.252.112.0/21 maxlen: 21
94.252.120.0/21 maxlen: 21
185.3.44.0/22 maxlen: 22
185.40.60.0/22 maxlen: 22
185.40.60.0/23 maxlen: 23
185.40.62.0/23 maxlen: 23
212.66.64.0/19 maxlen: 19
212.66.67.0/24 maxlen: 24
212.66.76.0/24 maxlen: 24
2a00:4180:1::/48 maxlen: 48
2a00:4180:2::/48 maxlen: 48
2a00:4180:3::/48 maxlen: 48
2a00:4180:1000::/36 maxlen: 36
2a04:81c0::/29 maxlen: 29
2a04:81c4::/44 maxlen: 44
2a04:81c4:10::/44 maxlen: 44
2a04:81c4:1000::/40 maxlen: 40
2a04:81c4:1100::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/fc8037-2b7c-41fc-9dbf-93d1fb72d383/1/6iL0-5VdefCT1-h7GCw0QKxL4Gw.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/fc8037-2b7c-41fc-9dbf-93d1fb72d383/1/6iL0-5VdefCT1-h7GCw0QKxL4Gw.mft
rsync://rpki.ripe.net/repository/DEFAULT/6iL0-5VdefCT1-h7GCw0QKxL4Gw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:a1:2b:e3:56:22:2e:58:03:0a:40:0e:50:40:8c:df:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ea22f4fb955d79f093d7e87b182c3440ac4be06c
Validity
Not Before: Aug 13 02:04:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3610a7d5ad0b7bc1ba0f6b158bf97e06f56cf10d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:8d:02:0d:78:79:c5:7a:0b:3f:a5:c0:b8:cf:
df:0a:55:58:1a:09:2d:e0:08:fe:6c:92:69:11:e7:
7c:97:1c:ae:a8:49:41:8a:bc:15:a9:83:ce:66:81:
46:f5:84:8b:c5:c2:da:af:1c:80:20:ba:da:2c:78:
92:0c:02:fb:75:62:5b:3f:02:d3:6d:93:02:bc:0a:
f5:ea:12:06:05:2c:9b:99:2b:cd:8e:b3:5f:61:de:
a0:ad:0f:67:2a:06:f1:d2:15:71:a7:6b:13:b5:2b:
ee:b4:9d:e8:f3:5a:3c:82:c4:c3:79:a5:b4:46:9f:
3a:3d:41:4b:a8:d3:af:bb:0c:42:f7:1f:2e:2c:ca:
d6:9c:18:eb:d0:95:dc:41:bb:e6:f1:ba:9d:df:c6:
87:40:27:3a:a0:fb:8b:a7:d2:d3:4c:b4:27:a3:76:
6b:5e:5d:90:40:4c:b8:3e:e9:fe:cd:4d:65:47:e6:
8c:7a:d1:96:7f:a9:f0:23:e1:6e:25:b5:64:b4:78:
d1:ec:4f:e3:a2:e7:97:9f:8e:ad:19:38:0c:f6:02:
56:8e:15:0d:71:dc:dc:44:cc:84:17:1a:b5:22:3f:
0a:b4:93:94:55:17:dd:29:21:34:48:b6:9c:5b:a7:
bd:de:c7:94:a2:d8:69:41:06:b8:31:fe:07:e5:cf:
a6:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:10:A7:D5:AD:0B:7B:C1:BA:0F:6B:15:8B:F9:7E:06:F5:6C:F1:0D
X509v3 Authority Key Identifier:
keyid:EA:22:F4:FB:95:5D:79:F0:93:D7:E8:7B:18:2C:34:40:AC:4B:E0:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6iL0-5VdefCT1-h7GCw0QKxL4Gw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/fc8037-2b7c-41fc-9dbf-93d1fb72d383/1/NhCn1a0Le8G6D2sVi_l-BvVs8Q0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/fc8037-2b7c-41fc-9dbf-93d1fb72d383/1/6iL0-5VdefCT1-h7GCw0QKxL4Gw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.204.88.0/24
31.204.90.0-31.204.95.255
94.252.0.0/17
185.3.44.0/22
185.40.60.0/22
212.66.64.0/19
IPv6:
2a00:4180:1::-2a00:4180:3:ffff:ffff:ffff:ffff:ffff
2a00:4180:1000::/36
2a04:81c0::/29
Signature Algorithm: sha256WithRSAEncryption
1e:1d:5c:b3:6f:80:ec:e0:2b:58:ba:66:78:93:d0:0e:b9:0b:
07:45:00:39:4e:60:a6:d0:a9:fc:40:36:81:d6:a7:ef:1b:3f:
32:ea:55:3a:47:fb:93:e4:73:0e:f2:62:f3:89:89:62:6e:4f:
f5:64:e6:31:85:30:b8:bc:92:b8:df:c3:e8:eb:89:c7:45:b9:
33:81:27:57:ae:e4:15:a4:14:66:5d:08:a2:92:4b:eb:24:93:
cf:a1:27:d5:7c:6e:1d:83:5f:bd:fa:6e:70:98:06:f5:70:4b:
fa:72:f7:46:47:04:47:4c:92:dd:ce:b8:a4:50:58:66:8e:d2:
c6:d3:c6:1d:b0:7a:96:ef:44:33:1f:16:ea:c2:59:f9:c7:3e:
09:1f:59:45:dd:6c:ed:f7:0e:6f:05:8f:ad:af:55:d3:77:7a:
05:81:72:46:bd:e8:10:76:99:44:bb:61:70:6a:dc:72:8f:06:
7a:05:46:96:33:c5:d4:34:0e:f9:67:23:51:85:cd:da:93:1d:
e5:90:f2:c0:2f:ae:4d:60:4f:1c:40:f4:42:9b:2c:06:73:af:
16:87:2f:fe:b3:0b:72:0e:4e:6f:a1:64:f3:5b:ad:59:c9:31:
c1:dd:d5:57:c3:87:ca:90:e6:c4:65:f6:69:9f:56:27:e2:de:
5c:f1:9f:ce
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAZihK+NWIi5YAwpADlBAjN+4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhMjJmNGZiOTU1ZDc5ZjA5M2Q3ZTg3YjE4MmMzNDQwYWM0
YmUwNmMwHhcNMjUwODEzMDIwNDI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjEwYTdkNWFkMGI3YmMxYmEwZjZiMTU4YmY5N2UwNmY1NmNmMTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Y0CDXh5xXoLP6XAuM/fClVYGgkt
4Aj+bJJpEed8lxyuqElBirwVqYPOZoFG9YSLxcLarxyAILraLHiSDAL7dWJbPwLT
bZMCvAr16hIGBSybmSvNjrNfYd6grQ9nKgbx0hVxp2sTtSvutJ3o81o8gsTDeaW0
Rp86PUFLqNOvuwxC9x8uLMrWnBjr0JXcQbvm8bqd38aHQCc6oPuLp9LTTLQno3Zr
Xl2QQEy4Pun+zU1lR+aMetGWf6nwI+FuJbVktHjR7E/joueXn46tGTgM9gJWjhUN
cdzcRMyEFxq1Ij8KtJOUVRfdKSE0SLacW6e93seUothpQQa4Mf4H5c+mtQIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFDYQp9WtC3vBug9rFYv5fgb1bPENMB8GA1UdIwQY
MBaAFOoi9PuVXXnwk9foexgsNECsS+BsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmlMMC01VmRlZkNUMS1oN0dDdzBRS3hMNEd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9mYzgwMzctMmI3Yy00MWZjLTlkYmYt
OTNkMWZiNzJkMzgzLzEvTmhDbjFhMExlOEc2RDJzVmlfbC1CdlZzOFEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9mYzgwMzctMmI3Yy00MWZjLTlkYmYtOTNkMWZiNzJkMzgz
LzEvNmlMMC01VmRlZkNUMS1oN0dDdzBRS3hMNEd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzAyBAIAATAsAwQAH8xYMAwD
BAEfzFoDBAUfzEADBAde/AADBAK5AywDBAK5KDwDBAXUQkAwKQQCAAIwIzASAwcA
KgBBgAABAwcCKgBBgAAAAwYEKgBBgBADBQMqBIHAMA0GCSqGSIb3DQEBCwUAA4IB
AQAeHVyzb4Ds4CtYumZ4k9AOuQsHRQA5TmCm0Kn8QDaB1qfvGz8y6lU6R/uT5HMO
8mLziYlibk/1ZOYxhTC4vJK438Po64nHRbkzgSdXruQVpBRmXQiikkvrJJPPoSfV
fG4dg1+9+m5wmAb1cEv6cvdGRwRHTJLdzrikUFhmjtLG08YdsHqW70QzHxbqwln5
xz4JH1lF3Wzt9w5vBY+tr1XTd3oFgXJGvegQdplEu2FwatxyjwZ6BUaWM8XUNA75
ZyNRhc3akx3lkPLAL65NYE8cQPRCmywGc68Why/+swtyDk5voWTzW61ZyTHB3dVX
w4fKkObEZfZpn1Yn4t5c8Z/O
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:40:31 2025 by rpki-client