Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/07f270-c6cc-49cd-ae46-5100a26d274b/1/nPr9uZx_D8jJFj15etiyotIJZFA.roa
File: nPr9uZx_D8jJFj15etiyotIJZFA.roa (raw, json)
Hash identifier: pbSWt6WwR9cxpCQXd7EkLbNcjMbaXCcbiCmqJC5x8GQ=
Subject key identifier: 9C:FA:FD:B9:9C:7F:0F:C8:C9:16:3D:79:7A:D8:B2:A2:D2:09:64:50
Certificate issuer: /CN=4ea65c7edba469d099d76aacd7dc263f4dfec5eb
Certificate serial: 019634B6D63E88CA44FBE3A961CC80FE42AB
Authority key identifier: 4E:A6:5C:7E:DB:A4:69:D0:99:D7:6A:AC:D7:DC:26:3F:4D:FE:C5:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TqZcftukadCZ12qs19wmP03-xes.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/07f270-c6cc-49cd-ae46-5100a26d274b/1/nPr9uZx_D8jJFj15etiyotIJZFA.roa
Signing time: Mon 14 Apr 2025 14:31:59 +0000
ROA not before: Mon 14 Apr 2025 14:31:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12334
IP address blocks: 77.26.0.0/15 maxlen: 18
83.165.0.0/16 maxlen: 18
91.116.64.0/18 maxlen: 18
91.116.128.0/18 maxlen: 18
91.116.192.0/18 maxlen: 18
91.117.0.0/16 maxlen: 18
92.53.192.0/19 maxlen: 19
178.60.0.0/18 maxlen: 18
178.60.128.0/18 maxlen: 18
178.60.192.0/18 maxlen: 18
212.51.32.0/19 maxlen: 19
213.60.0.0/16 maxlen: 18
2a00:bec0::/40 maxlen: 40
2a00:bec0:c800::/40 maxlen: 40
2a00:bec0:d000::/40 maxlen: 40
2a00:bec0:d800::/40 maxlen: 40
2a00:bec0:e000::/40 maxlen: 40
2a00:bec0:e800::/40 maxlen: 40
2a00:bec0:f000::/40 maxlen: 40
2a00:bec0:f800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/07f270-c6cc-49cd-ae46-5100a26d274b/1/TqZcftukadCZ12qs19wmP03-xes.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/07f270-c6cc-49cd-ae46-5100a26d274b/1/TqZcftukadCZ12qs19wmP03-xes.mft
rsync://rpki.ripe.net/repository/DEFAULT/TqZcftukadCZ12qs19wmP03-xes.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 16 May 2025 05:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:34:b6:d6:3e:88:ca:44:fb:e3:a9:61:cc:80:fe:42:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ea65c7edba469d099d76aacd7dc263f4dfec5eb
Validity
Not Before: Apr 14 14:31:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9cfafdb99c7f0fc8c9163d797ad8b2a2d2096450
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:22:bd:b2:0d:29:aa:74:26:98:2d:73:52:90:
bb:3a:a6:68:92:c8:48:fe:82:6e:a6:ea:7b:54:53:
a3:4b:54:1e:39:7e:9d:b7:6f:f5:3f:b4:b3:64:10:
2c:6e:f3:c2:76:55:c9:97:db:cc:18:93:07:32:9c:
f3:17:11:b1:ee:f8:2e:60:c7:96:cd:d4:3a:9d:ef:
f8:c6:b6:0e:c2:04:14:91:50:98:de:dc:16:e1:a4:
ea:61:a5:c4:6b:16:27:fa:27:17:c7:03:ab:cd:f7:
d6:67:e1:64:77:88:9f:da:b5:ac:72:ef:a6:ed:0f:
b8:18:71:a8:52:e3:79:a8:ee:04:5e:00:9b:ac:99:
05:06:30:d9:35:3c:20:2f:a4:6c:dc:30:66:49:20:
69:d0:17:44:3d:6f:75:ac:bd:a3:e2:20:c9:9a:a2:
5b:41:8a:9b:75:b7:1b:c7:96:a3:3b:e0:e5:2c:a4:
57:7e:c8:6b:43:f7:e7:57:ae:29:5d:f6:7a:64:3e:
bc:70:89:67:fb:3e:be:1a:13:96:25:07:14:c1:00:
ab:dd:4e:65:b6:27:e3:48:2d:fa:e1:a5:3f:ad:82:
a8:2d:d1:88:56:5c:11:0d:27:6f:4d:2c:0e:d1:52:
38:72:ff:28:31:df:80:20:a5:4a:28:02:35:06:9d:
1c:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:FA:FD:B9:9C:7F:0F:C8:C9:16:3D:79:7A:D8:B2:A2:D2:09:64:50
X509v3 Authority Key Identifier:
keyid:4E:A6:5C:7E:DB:A4:69:D0:99:D7:6A:AC:D7:DC:26:3F:4D:FE:C5:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TqZcftukadCZ12qs19wmP03-xes.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/07f270-c6cc-49cd-ae46-5100a26d274b/1/nPr9uZx_D8jJFj15etiyotIJZFA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/07f270-c6cc-49cd-ae46-5100a26d274b/1/TqZcftukadCZ12qs19wmP03-xes.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.26.0.0/15
83.165.0.0/16
91.116.64.0-91.117.255.255
92.53.192.0/19
178.60.0.0/18
178.60.128.0/17
212.51.32.0/19
213.60.0.0/16
IPv6:
2a00:bec0::/40
2a00:bec0:c800::/40
2a00:bec0:d000::/40
2a00:bec0:d800::/40
2a00:bec0:e000::/40
2a00:bec0:e800::/40
2a00:bec0:f000::/40
2a00:bec0:f800::/40
Signature Algorithm: sha256WithRSAEncryption
31:05:82:98:cd:34:44:ed:fb:42:59:a3:fd:f8:8b:d7:2b:42:
83:29:06:fe:86:f6:96:df:f6:60:77:77:d3:a3:2d:8b:82:fa:
6d:59:37:33:29:d0:0f:c9:bf:55:7f:e7:81:41:c1:61:fd:80:
28:a4:02:44:d0:30:27:f0:ec:c4:af:1e:22:39:85:28:fd:1d:
f5:02:13:a0:03:bd:dd:bd:50:54:e4:3f:df:9d:af:3a:0d:41:
02:14:ef:c9:7d:bf:e1:04:d4:a6:c9:65:85:10:fd:76:23:fc:
d1:39:68:33:26:fe:6e:d6:6b:84:d1:68:09:c4:c6:2c:d4:99:
73:e4:f3:92:d8:c1:62:6a:bf:49:6e:d6:91:cd:ed:ca:c6:bd:
a1:38:a0:99:75:84:fe:c8:b7:3b:b5:c8:aa:a9:eb:87:b1:1c:
bf:b0:bd:38:52:a4:67:7b:88:71:d0:05:9c:58:ab:36:86:df:
7f:44:d1:d4:29:72:ab:aa:69:e2:0f:9a:88:f5:88:03:71:45:
97:62:b6:48:a7:f4:3a:d4:b6:7d:01:03:73:41:7a:3e:01:91:
8d:cd:70:7c:35:e0:d3:ab:21:ee:af:d6:48:9c:99:9a:b4:bf:
8f:b4:d8:13:8a:cb:2e:ac:a2:dd:ee:ee:ad:fa:ea:4f:38:a9:
80:35:00:f2
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgISAZY0ttY+iMpE++OpYcyA/kKrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlYTY1YzdlZGJhNDY5ZDA5OWQ3NmFhY2Q3ZGMyNjNmNGRm
ZWM1ZWIwHhcNMjUwNDE0MTQzMTU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2ZhZmRiOTljN2YwZmM4YzkxNjNkNzk3YWQ4YjJhMmQyMDk2NDUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSK9sg0pqnQmmC1zUpC7OqZokshI
/oJupup7VFOjS1QeOX6dt2/1P7SzZBAsbvPCdlXJl9vMGJMHMpzzFxGx7vguYMeW
zdQ6ne/4xrYOwgQUkVCY3twW4aTqYaXEaxYn+icXxwOrzffWZ+Fkd4if2rWscu+m
7Q+4GHGoUuN5qO4EXgCbrJkFBjDZNTwgL6Rs3DBmSSBp0BdEPW91rL2j4iDJmqJb
QYqbdbcbx5ajO+DlLKRXfshrQ/fnV64pXfZ6ZD68cIln+z6+GhOWJQcUwQCr3U5l
tifjSC364aU/rYKoLdGIVlwRDSdvTSwO0VI4cv8oMd+AIKVKKAI1Bp0chQIDAQAB
o4ICgjCCAn4wHQYDVR0OBBYEFJz6/bmcfw/IyRY9eXrYsqLSCWRQMB8GA1UdIwQY
MBaAFE6mXH7bpGnQmddqrNfcJj9N/sXrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHFaY2Z0dWthZENaMTJxczE5d21QMDMteGVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8wN2YyNzAtYzZjYy00OWNkLWFlNDYt
NTEwMGEyNmQyNzRiLzEvblByOXVaeF9EOGpKRmoxNWV0aXlvdElKWkZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8wN2YyNzAtYzZjYy00OWNkLWFlNDYtNTEwMGEyNmQyNzRi
LzEvVHFaY2Z0dWthZENaMTJxczE5d21QMDMteGVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGXBggrBgEFBQcBBwEB/wSBhzCBhDA6BAIAATA0AwMBTRoD
AwBTpTALAwQGW3RAAwMBW3QDBAVcNcADBAayPAADBAeyPIADBAXUMyADAwDVPDBG
BAIAAjBAAwYAKgC+wAADBgAqAL7AyAMGACoAvsDQAwYAKgC+wNgDBgAqAL7A4AMG
ACoAvsDoAwYAKgC+wPADBgAqAL7A+DANBgkqhkiG9w0BAQsFAAOCAQEAMQWCmM00
RO37Qlmj/fiL1ytCgykG/ob2lt/2YHd306Mti4L6bVk3MynQD8m/VX/ngUHBYf2A
KKQCRNAwJ/DsxK8eIjmFKP0d9QIToAO93b1QVOQ/352vOg1BAhTvyX2/4QTUpsll
hRD9diP80TloMyb+btZrhNFoCcTGLNSZc+TzktjBYmq/SW7Wkc3tysa9oTigmXWE
/si3O7XIqqnrh7Ecv7C9OFKkZ3uIcdAFnFirNobff0TR1Clyq6pp4g+aiPWIA3FF
l2K2SKf0OtS2fQEDc0F6PgGRjc1wfDXg06sh7q/WSJyZmrS/j7TYE4rLLqyi3e7u
rfrqTzipgDUA8g==
-----END CERTIFICATE-----
Generated at Thu May 15 14:44:08 2025 by rpki-client