Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/16d5ce-184a-4366-8d75-aaab25894d5e/1/XZf82C_CN-vLQbpUrT-DW4sm3Y0.roa
File: XZf82C_CN-vLQbpUrT-DW4sm3Y0.roa (raw, json)
Hash identifier: pAKJ5T3FZi6TyLDIs/UxYmL+rXXkynL3g9BJ4W4ROUw=
Subject key identifier: 5D:97:FC:D8:2F:C2:37:EB:CB:41:BA:54:AD:3F:83:5B:8B:26:DD:8D
Certificate issuer: /CN=34b0c5a403e2dad3c47b791fda2042cf715009cf
Certificate serial: 0197AC0A407266D8579CDC8C6CDB064928A0
Authority key identifier: 34:B0:C5:A4:03:E2:DA:D3:C4:7B:79:1F:DA:20:42:CF:71:50:09:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NLDFpAPi2tPEe3kf2iBCz3FQCc8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/16d5ce-184a-4366-8d75-aaab25894d5e/1/XZf82C_CN-vLQbpUrT-DW4sm3Y0.roa
Signing time: Thu 26 Jun 2025 11:40:42 +0000
ROA not before: Thu 26 Jun 2025 11:40:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216188
IP address blocks: 31.47.238.0/24 maxlen: 24
45.10.24.0/24 maxlen: 24
45.133.9.0/24 maxlen: 24
88.218.227.0/24 maxlen: 24
91.210.224.0/24 maxlen: 24
152.89.239.0/24 maxlen: 24
185.45.149.0/24 maxlen: 24
185.245.96.0/24 maxlen: 24
185.248.140.0/24 maxlen: 24
193.135.10.0/24 maxlen: 24
2a13:fd40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/16d5ce-184a-4366-8d75-aaab25894d5e/1/NLDFpAPi2tPEe3kf2iBCz3FQCc8.crl
rsync://rpki.ripe.net/repository/DEFAULT/1b/16d5ce-184a-4366-8d75-aaab25894d5e/1/NLDFpAPi2tPEe3kf2iBCz3FQCc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/NLDFpAPi2tPEe3kf2iBCz3FQCc8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 02 Jul 2025 08:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ac:0a:40:72:66:d8:57:9c:dc:8c:6c:db:06:49:28:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34b0c5a403e2dad3c47b791fda2042cf715009cf
Validity
Not Before: Jun 26 11:40:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5d97fcd82fc237ebcb41ba54ad3f835b8b26dd8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:0b:97:f2:6d:ea:69:ef:9c:87:67:a9:a2:3a:
9d:22:43:f4:df:03:23:2c:a6:b9:d4:de:2c:98:9a:
e9:32:f9:8c:12:e6:48:24:93:b6:88:a5:34:4c:d8:
85:dd:09:95:37:da:f3:ae:4d:fc:ee:08:0d:80:63:
31:30:84:19:7c:95:2b:56:f3:fb:af:f0:fd:d2:0b:
ef:ae:b4:7b:d0:1c:e5:80:56:bd:a9:45:91:9d:2c:
3f:3e:c1:33:82:ba:4a:b4:ee:5d:9a:61:eb:5b:ea:
5c:99:eb:2f:73:c7:4c:7f:f6:98:01:ca:07:40:de:
7b:85:e3:43:54:2b:92:04:f9:bc:22:34:85:68:ca:
ac:9f:74:e3:1b:11:5d:31:25:a6:c9:2e:87:3e:98:
fd:38:2c:16:8a:40:bb:56:89:d5:b8:1b:99:0f:b5:
6a:2a:01:90:3a:45:91:b4:a5:6f:73:f3:fc:bd:a8:
a8:31:92:69:cf:94:24:2e:f1:75:0b:fb:b9:54:86:
93:94:fb:95:70:2b:68:62:58:f3:c8:8f:d0:43:b4:
e0:32:a5:40:68:58:d1:e3:53:4e:1f:19:ed:38:96:
f7:1b:76:25:2f:38:cd:d8:8b:a6:b0:cc:94:c7:d5:
dd:c9:89:2c:0b:3a:a5:65:67:e0:a1:bd:99:68:23:
0f:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:97:FC:D8:2F:C2:37:EB:CB:41:BA:54:AD:3F:83:5B:8B:26:DD:8D
X509v3 Authority Key Identifier:
keyid:34:B0:C5:A4:03:E2:DA:D3:C4:7B:79:1F:DA:20:42:CF:71:50:09:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NLDFpAPi2tPEe3kf2iBCz3FQCc8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/16d5ce-184a-4366-8d75-aaab25894d5e/1/XZf82C_CN-vLQbpUrT-DW4sm3Y0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/16d5ce-184a-4366-8d75-aaab25894d5e/1/NLDFpAPi2tPEe3kf2iBCz3FQCc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.47.238.0/24
45.10.24.0/24
45.133.9.0/24
88.218.227.0/24
91.210.224.0/24
152.89.239.0/24
185.45.149.0/24
185.245.96.0/24
185.248.140.0/24
193.135.10.0/24
IPv6:
2a13:fd40::/29
Signature Algorithm: sha256WithRSAEncryption
92:73:05:71:d2:77:4a:79:8d:c9:27:4d:39:e9:f2:a3:fd:e3:
52:37:6c:c7:b9:d8:43:e5:a9:c9:5a:45:b8:50:fb:1d:79:e8:
e2:80:71:a3:8d:9b:9b:69:c1:28:e4:85:0b:de:56:e0:96:ee:
a3:82:5e:7c:9a:b4:06:e4:b6:5f:26:7a:79:49:d0:a2:d3:1b:
9f:7c:5f:9f:d0:d4:6c:d3:c0:eb:c4:f9:b6:1b:a6:4f:f2:43:
1b:5b:c9:42:7a:4f:87:b1:12:30:92:17:43:cd:64:61:3b:f0:
ce:57:fa:1c:8a:4b:08:3b:98:6e:82:f5:4e:77:c5:2c:9b:70:
4c:b9:07:86:8e:8c:3d:99:36:cb:f9:2e:e5:af:22:5d:76:48:
61:f1:ec:bc:b4:6e:2e:7d:4b:66:f0:f8:ad:3a:47:65:af:2d:
83:3e:be:6c:2d:ae:dc:94:c0:df:f9:ef:74:7b:bf:ab:5b:5a:
6e:d9:88:57:4d:62:cf:49:4d:dd:6a:53:6b:91:49:ce:1f:10:
f7:85:3d:66:26:0d:91:78:e7:0d:e5:ef:42:fd:20:20:36:70:
ca:fc:b0:13:b2:fd:ec:58:99:73:e1:b6:9b:71:3d:85:0d:4d:
d2:b3:f9:a0:f9:bd:99:85:01:08:28:8a:83:7c:ed:09:7a:07:
3f:53:ec:bd
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAZesCkByZthXnNyMbNsGSSigMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0YjBjNWE0MDNlMmRhZDNjNDdiNzkxZmRhMjA0MmNmNzE1
MDA5Y2YwHhcNMjUwNjI2MTE0MDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDk3ZmNkODJmYzIzN2ViY2I0MWJhNTRhZDNmODM1YjhiMjZkZDhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQuX8m3qae+ch2epojqdIkP03wMj
LKa51N4smJrpMvmMEuZIJJO2iKU0TNiF3QmVN9rzrk387ggNgGMxMIQZfJUrVvP7
r/D90gvvrrR70BzlgFa9qUWRnSw/PsEzgrpKtO5dmmHrW+pcmesvc8dMf/aYAcoH
QN57heNDVCuSBPm8IjSFaMqsn3TjGxFdMSWmyS6HPpj9OCwWikC7VonVuBuZD7Vq
KgGQOkWRtKVvc/P8vaioMZJpz5QkLvF1C/u5VIaTlPuVcCtoYljzyI/QQ7TgMqVA
aFjR41NOHxntOJb3G3YlLzjN2IumsMyUx9XdyYksCzqlZWfgob2ZaCMPwwIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFF2X/Ngvwjfry0G6VK0/g1uLJt2NMB8GA1UdIwQY
MBaAFDSwxaQD4trTxHt5H9ogQs9xUAnPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkxERnBBUGkydFBFZTNrZjJpQkN6M0ZRQ2M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi8xNmQ1Y2UtMTg0YS00MzY2LThkNzUt
YWFhYjI1ODk0ZDVlLzEvWFpmODJDX0NOLXZMUWJwVXJULURXNHNtM1kwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi8xNmQ1Y2UtMTg0YS00MzY2LThkNzUtYWFhYjI1ODk0ZDVl
LzEvTkxERnBBUGkydFBFZTNrZjJpQkN6M0ZRQ2M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQAHy/uAwQA
LQoYAwQALYUJAwQAWNrjAwQAW9LgAwQAmFnvAwQAuS2VAwQAufVgAwQAufiMAwQA
wYcKMA0EAgACMAcDBQMqE/1AMA0GCSqGSIb3DQEBCwUAA4IBAQCScwVx0ndKeY3J
J0056fKj/eNSN2zHudhD5anJWkW4UPsdeejigHGjjZubacEo5IUL3lbglu6jgl58
mrQG5LZfJnp5SdCi0xuffF+f0NRs08DrxPm2G6ZP8kMbW8lCek+HsRIwkhdDzWRh
O/DOV/ociksIO5hugvVOd8Usm3BMuQeGjow9mTbL+S7lryJddkhh8ey8tG4ufUtm
8PitOkdlry2DPr5sLa7clMDf+e90e7+rW1pu2YhXTWLPSU3dalNrkUnOHxD3hT1m
Jg2ReOcN5e9C/SAgNnDK/LATsv3sWJlz4babcT2FDU3Ss/mg+b2ZhQEIKIqDfO0J
egc/U+y9
-----END CERTIFICATE-----
Generated at Tue Jul 1 18:32:42 2025 by rpki-client