Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/8d9ac1-d35d-4e32-b83f-c10cc953bd1b/1/Nooohr4P5yKkhRHUp5WOKPpdMDs.roa
File: Nooohr4P5yKkhRHUp5WOKPpdMDs.roa (raw, json)
Hash identifier: yQvSjkqhAqaWpvZ1QnemaJY2V/F+jwI7osUi/29zs8c=
Subject key identifier: 36:8A:28:86:BE:0F:E7:22:A4:85:11:D4:A7:95:8E:28:FA:5D:30:3B
Certificate issuer: /CN=916f80c35f202eb02766419bfb7d282125ffe158
Certificate serial: 01968B4CD5B0633647E7D0DA36B7BEFAD7AA
Authority key identifier: 91:6F:80:C3:5F:20:2E:B0:27:66:41:9B:FB:7D:28:21:25:FF:E1:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kW-Aw18gLrAnZkGb-30oISX_4Vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/8d9ac1-d35d-4e32-b83f-c10cc953bd1b/1/Nooohr4P5yKkhRHUp5WOKPpdMDs.roa
Signing time: Thu 01 May 2025 10:03:10 +0000
ROA not before: Thu 01 May 2025 10:03:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58273
IP address blocks: 5.83.8.0/21 maxlen: 24
148.252.16.0/20 maxlen: 24
185.89.32.0/22 maxlen: 24
185.159.91.0/24 maxlen: 24
185.201.32.0/22 maxlen: 24
194.113.44.0/22 maxlen: 24
2a01:6240::/29 maxlen: 48
2a10:cb80::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/8d9ac1-d35d-4e32-b83f-c10cc953bd1b/1/kW-Aw18gLrAnZkGb-30oISX_4Vg.crl
rsync://rpki.ripe.net/repository/DEFAULT/26/8d9ac1-d35d-4e32-b83f-c10cc953bd1b/1/kW-Aw18gLrAnZkGb-30oISX_4Vg.mft
rsync://rpki.ripe.net/repository/DEFAULT/kW-Aw18gLrAnZkGb-30oISX_4Vg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 15 May 2025 13:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:8b:4c:d5:b0:63:36:47:e7:d0:da:36:b7:be:fa:d7:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=916f80c35f202eb02766419bfb7d282125ffe158
Validity
Not Before: May 1 10:03:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=368a2886be0fe722a48511d4a7958e28fa5d303b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:94:b0:d7:32:b9:ba:7e:ee:14:d7:e4:88:b9:
7a:0b:05:88:e9:b6:64:32:e4:5f:43:58:85:98:62:
81:d8:f0:37:74:f0:68:15:24:30:f3:98:a6:6d:17:
2b:e1:18:d0:9f:15:82:af:f5:1e:b5:03:fb:65:7c:
47:cc:49:cf:9b:38:75:a6:f2:91:7a:4e:aa:7a:c5:
cb:e9:6b:68:29:8e:4f:90:81:a0:7e:fe:a7:93:31:
0c:c4:8b:0b:f9:b9:e3:ff:b9:82:27:4f:b5:d6:22:
09:5a:46:91:4d:ff:5b:a9:d1:f8:42:d4:da:fd:9d:
c8:b5:b9:0f:45:75:87:a2:bf:06:8d:b7:cf:6d:fb:
d7:72:ea:db:d5:42:34:36:6d:be:14:3d:33:ea:44:
2a:c0:8b:76:0b:d0:4a:72:9e:26:15:9a:61:a6:e1:
2e:f6:93:3b:30:0d:a6:cf:4b:6f:8b:fe:54:11:c8:
9d:13:69:d2:8e:26:cd:0f:39:3d:8e:90:e5:e8:28:
22:94:05:c2:10:95:7e:5e:7e:ba:93:39:4d:00:c3:
45:eb:76:1b:0a:67:24:fa:05:e3:af:21:88:05:10:
b9:e6:09:a4:38:00:ee:b2:c0:f9:f7:1f:69:4f:33:
97:b1:3e:23:37:78:6b:fc:38:e4:2b:dc:a6:bd:8a:
52:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:8A:28:86:BE:0F:E7:22:A4:85:11:D4:A7:95:8E:28:FA:5D:30:3B
X509v3 Authority Key Identifier:
keyid:91:6F:80:C3:5F:20:2E:B0:27:66:41:9B:FB:7D:28:21:25:FF:E1:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kW-Aw18gLrAnZkGb-30oISX_4Vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/8d9ac1-d35d-4e32-b83f-c10cc953bd1b/1/Nooohr4P5yKkhRHUp5WOKPpdMDs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/8d9ac1-d35d-4e32-b83f-c10cc953bd1b/1/kW-Aw18gLrAnZkGb-30oISX_4Vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.8.0/21
148.252.16.0/20
185.89.32.0/22
185.159.91.0/24
185.201.32.0/22
194.113.44.0/22
IPv6:
2a01:6240::/29
2a10:cb80::/29
Signature Algorithm: sha256WithRSAEncryption
51:be:0d:64:70:91:3a:0c:63:87:be:50:29:ba:7f:69:57:a2:
e7:8e:c1:db:0e:93:7e:ec:86:c6:eb:5f:47:76:89:7c:15:71:
38:31:28:13:15:0c:08:12:60:8e:45:5a:11:1f:02:b5:cc:fb:
20:d7:c0:3e:b7:d5:33:7a:58:d5:9d:cc:95:6d:d8:2f:2a:95:
64:3e:72:e1:79:d8:c7:f1:20:6e:a9:bf:bb:8c:5a:7d:7a:a5:
1d:d2:69:94:3c:9a:4a:a4:78:1b:2b:9f:b6:2b:0c:87:b1:52:
d9:61:ba:11:ab:13:48:65:90:73:4a:72:47:cf:bf:e3:09:45:
1c:bd:cf:48:df:05:4a:7e:02:7a:c9:1f:d6:e1:88:87:61:d1:
c0:f7:2e:49:0e:54:4c:61:76:fc:37:e1:1c:c7:fe:ae:ed:29:
4d:cc:74:49:9b:e6:c7:03:21:c0:34:0b:b3:02:34:9e:7e:71:
63:88:7e:28:78:5e:2c:ef:f4:ea:8e:57:6c:a2:13:39:26:35:
56:f3:4c:92:dc:f1:c8:6f:be:c5:64:11:89:0c:93:ef:e9:6f:
fb:6f:69:d8:ff:b9:9c:98:33:cc:bf:93:82:ce:b2:a9:2b:ef:
e7:2d:f8:72:5a:7f:23:7f:df:7c:6b:9b:3e:53:2f:6c:4d:93:
64:81:2b:05
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZaLTNWwYzZH59DaNre++teqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxNmY4MGMzNWYyMDJlYjAyNzY2NDE5YmZiN2QyODIxMjVm
ZmUxNTgwHhcNMjUwNTAxMTAwMzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjhhMjg4NmJlMGZlNzIyYTQ4NTExZDRhNzk1OGUyOGZhNWQzMDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7JSw1zK5un7uFNfkiLl6CwWI6bZk
MuRfQ1iFmGKB2PA3dPBoFSQw85imbRcr4RjQnxWCr/UetQP7ZXxHzEnPmzh1pvKR
ek6qesXL6WtoKY5PkIGgfv6nkzEMxIsL+bnj/7mCJ0+11iIJWkaRTf9bqdH4QtTa
/Z3ItbkPRXWHor8GjbfPbfvXcurb1UI0Nm2+FD0z6kQqwIt2C9BKcp4mFZphpuEu
9pM7MA2mz0tvi/5UEcidE2nSjibNDzk9jpDl6CgilAXCEJV+Xn66kzlNAMNF63Yb
Cmck+gXjryGIBRC55gmkOADussD59x9pTzOXsT4jN3hr/DjkK9ymvYpSmwIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFDaKKIa+D+cipIUR1KeVjij6XTA7MB8GA1UdIwQY
MBaAFJFvgMNfIC6wJ2ZBm/t9KCEl/+FYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1ctQXcxOGdMckFuWmtHYi0zMG9JU1hfNFZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi84ZDlhYzEtZDM1ZC00ZTMyLWI4M2Yt
YzEwY2M5NTNiZDFiLzEvTm9vb2hyNFA1eUtraFJIVXA1V09LUHBkTURzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi84ZDlhYzEtZDM1ZC00ZTMyLWI4M2YtYzEwY2M5NTNiZDFi
LzEva1ctQXcxOGdMckFuWmtHYi0zMG9JU1hfNFZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQDBVMIAwQE
lPwQAwQCuVkgAwQAuZ9bAwQCuckgAwQCwnEsMBQEAgACMA4DBQMqAWJAAwUDKhDL
gDANBgkqhkiG9w0BAQsFAAOCAQEAUb4NZHCROgxjh75QKbp/aVei547B2w6TfuyG
xutfR3aJfBVxODEoExUMCBJgjkVaER8Ctcz7INfAPrfVM3pY1Z3MlW3YLyqVZD5y
4XnYx/Egbqm/u4xafXqlHdJplDyaSqR4GyuftisMh7FS2WG6EasTSGWQc0pyR8+/
4wlFHL3PSN8FSn4Ceskf1uGIh2HRwPcuSQ5UTGF2/DfhHMf+ru0pTcx0SZvmxwMh
wDQLswI0nn5xY4h+KHheLO/06o5XbKITOSY1VvNMktzxyG++xWQRiQyT7+lv+29p
2P+5nJgzzL+Tgs6yqSvv5y34clp/I3/ffGubPlMvbE2TZIErBQ==
-----END CERTIFICATE-----
Generated at Wed May 14 18:36:07 2025 by rpki-client