Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/3_NV7LmURAUtrbcVdqJe60cB_UA.roa
File: 3_NV7LmURAUtrbcVdqJe60cB_UA.roa (raw, json)
Hash identifier: v253pLEChppW38OVoXH0Qyk/EErGdEorRleqezPPutg=
Subject key identifier: DF:F3:55:EC:B9:94:44:05:2D:AD:B7:15:76:A2:5E:EB:47:01:FD:40
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 0196AA28EB6386E07D2A5F5FF51312EB1D98
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/3_NV7LmURAUtrbcVdqJe60cB_UA.roa
Signing time: Wed 07 May 2025 09:52:10 +0000
ROA not before: Wed 07 May 2025 09:52:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 46475
IP address blocks: 194.62.249.0/24 maxlen: 24
194.62.250.0/23 maxlen: 24
2a09:e683:5::/48 maxlen: 48
2a09:e683:6::/48 maxlen: 48
2a09:e683:7::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.mft
rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 12 May 2025 07:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:aa:28:eb:63:86:e0:7d:2a:5f:5f:f5:13:12:eb:1d:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: May 7 09:52:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dff355ecb99444052dadb71576a25eeb4701fd40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:a9:e4:1d:82:21:a8:4e:f6:91:44:68:32:a3:
44:af:d1:9f:e8:09:bb:83:a6:25:21:cf:1b:1d:16:
3d:20:be:ff:26:1c:ba:bc:35:55:9d:52:e6:4b:71:
c4:b7:90:d0:7a:09:4b:9b:e0:4d:c6:31:5b:5f:0a:
e8:76:c1:bb:d2:d1:eb:19:fd:cd:4b:97:c6:49:32:
6d:36:77:d4:5b:64:f8:72:1e:bf:6d:fe:25:1c:ec:
ea:90:e9:fd:10:fa:58:c2:9c:60:ee:d3:31:1a:9e:
73:4b:b3:c9:a1:c3:99:98:fc:9b:0b:6d:b1:ec:69:
18:e7:46:bf:66:22:3a:52:8b:a1:58:0c:7b:8f:03:
a4:cc:48:b1:eb:cc:42:cd:d9:5b:39:cf:a1:04:f8:
d3:35:13:f4:80:f2:23:b0:5b:9a:77:8a:4c:4b:e2:
95:4d:da:0d:c3:74:13:c4:d8:c5:a9:2b:05:70:db:
38:df:6a:71:1a:6d:3e:25:09:09:c1:f6:ba:bd:e1:
8e:28:2f:8b:a2:a5:64:c7:53:80:85:ce:ae:f2:e0:
ac:7e:62:b8:de:b2:60:32:f9:31:41:1e:f3:60:47:
be:b8:53:36:96:2e:c3:d8:c8:16:c2:e9:e3:97:ca:
e9:5f:a5:71:dc:11:4f:f0:c6:98:60:c6:64:cd:30:
20:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:F3:55:EC:B9:94:44:05:2D:AD:B7:15:76:A2:5E:EB:47:01:FD:40
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/3_NV7LmURAUtrbcVdqJe60cB_UA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.62.249.0-194.62.251.255
IPv6:
2a09:e683:5::-2a09:e683:7:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
67:dd:78:14:65:fb:f3:73:91:18:d9:e9:12:e2:91:55:43:48:
b3:37:af:d9:6a:97:fa:96:5e:b0:d9:7a:3c:6b:9d:a5:2c:41:
3b:e2:d1:47:8a:f4:39:6f:89:96:d9:40:a6:8a:d3:4a:e3:59:
f4:c0:83:79:d3:50:e2:09:b4:8f:51:78:18:a9:99:f7:23:dd:
ad:0d:7d:93:4d:c3:35:e4:7a:6c:1f:35:4f:b1:79:5b:ac:b4:
e1:5f:c3:ea:36:e3:ea:1b:c8:76:36:9a:6c:7d:d4:f8:72:bb:
09:db:4e:cd:ee:68:65:cb:17:94:66:da:41:c9:c1:63:35:79:
57:f0:d1:fd:ad:60:fd:1a:5d:9e:57:dd:44:43:1e:af:de:31:
7f:10:1b:bf:86:df:70:c4:68:0c:14:24:bc:24:24:5e:b1:ec:
ba:57:c0:ab:93:70:a0:82:bd:6e:4a:31:98:68:53:0a:71:64:
b6:58:f2:bb:eb:20:76:4d:75:8a:a8:6d:49:f5:f9:a9:c6:46:
e1:00:3f:54:5d:73:8b:81:6d:ba:37:f3:8b:92:a2:9a:26:7a:
88:24:aa:75:48:b6:f9:99:cd:ec:68:7b:cd:54:b4:68:cc:82:
ec:06:fb:3b:f8:f8:d1:ef:cf:e6:27:29:ae:6d:79:23:15:54:
53:4c:46:e5
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZaqKOtjhuB9Kl9f9RMS6x2YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjUwNTA3MDk1MjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmYzNTVlY2I5OTQ0NDA1MmRhZGI3MTU3NmEyNWVlYjQ3MDFmZDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKnkHYIhqE72kURoMqNEr9Gf6Am7
g6YlIc8bHRY9IL7/Jhy6vDVVnVLmS3HEt5DQeglLm+BNxjFbXwrodsG70tHrGf3N
S5fGSTJtNnfUW2T4ch6/bf4lHOzqkOn9EPpYwpxg7tMxGp5zS7PJocOZmPybC22x
7GkY50a/ZiI6UouhWAx7jwOkzEix68xCzdlbOc+hBPjTNRP0gPIjsFuad4pMS+KV
TdoNw3QTxNjFqSsFcNs432pxGm0+JQkJwfa6veGOKC+LoqVkx1OAhc6u8uCsfmK4
3rJgMvkxQR7zYEe+uFM2li7D2MgWwunjl8rpX6Vx3BFP8MaYYMZkzTAgIwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFN/zVey5lEQFLa23FXaiXutHAf1AMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvM19OVjdMbVVSQVV0cmJjVmRxSmU2MGNCX1VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAUBAIAATAOMAwDBADCPvkD
BALCPvgwGgQCAAIwFDASAwcAKgnmgwAFAwcDKgnmgwAAMA0GCSqGSIb3DQEBCwUA
A4IBAQBn3XgUZfvzc5EY2ekS4pFVQ0izN6/Zapf6ll6w2Xo8a52lLEE74tFHivQ5
b4mW2UCmitNK41n0wIN501DiCbSPUXgYqZn3I92tDX2TTcM15HpsHzVPsXlbrLTh
X8PqNuPqG8h2NppsfdT4crsJ207N7mhlyxeUZtpBycFjNXlX8NH9rWD9Gl2eV91E
Qx6v3jF/EBu/ht9wxGgMFCS8JCResey6V8Crk3Cggr1uSjGYaFMKcWS2WPK76yB2
TXWKqG1J9fmpxkbhAD9UXXOLgW26N/OLkqKaJnqIJKp1SLb5mc3saHvNVLRozILs
Bvs7+PjR78/mJymubXkjFVRTTEbl
-----END CERTIFICATE-----
Generated at Sun May 11 15:33:45 2025 by rpki-client