Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/NgpciPnmjPOF-OSNOiSo5MIijfs.roa
File: NgpciPnmjPOF-OSNOiSo5MIijfs.roa (raw, json)
Hash identifier: vKdGaRhdGD6WCVfukM5iZz4CdH1h6kqqTU0c8sc8nic=
Subject key identifier: 36:0A:5C:88:F9:E6:8C:F3:85:F8:E4:8D:3A:24:A8:E4:C2:22:8D:FB
Certificate issuer: /CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Certificate serial: 0196A69CB7205D536A8D4D1BEAD7E8E17CAA
Authority key identifier: 26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/NgpciPnmjPOF-OSNOiSo5MIijfs.roa
Signing time: Tue 06 May 2025 17:20:10 +0000
ROA not before: Tue 06 May 2025 17:20:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209641
IP address blocks: 2a0a:c0c3::/32 maxlen: 32
2a0e:7f00::/32 maxlen: 32
2a0e:c4c0::/32 maxlen: 32
2a0e:eec1::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/JgsrxFR3yB13TaoMKKtEt3S6CSA.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/JgsrxFR3yB13TaoMKKtEt3S6CSA.mft
rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 09 May 2025 15:42:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a6:9c:b7:20:5d:53:6a:8d:4d:1b:ea:d7:e8:e1:7c:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Validity
Not Before: May 6 17:20:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=360a5c88f9e68cf385f8e48d3a24a8e4c2228dfb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:99:42:92:84:77:bb:5d:65:f0:46:9d:b1:2a:
13:04:3f:73:cf:0c:11:02:0d:4a:27:bb:d0:97:75:
87:22:fb:8b:74:e1:6f:2d:b7:2f:3e:af:c5:ab:49:
2c:98:f1:e5:e8:03:98:53:0a:ba:83:a2:39:ab:fc:
19:4b:aa:b8:22:9e:7f:eb:a2:f2:10:30:62:95:7e:
e3:1d:b5:87:4e:1c:b5:97:a6:81:93:d5:b0:f7:d6:
84:01:f8:7b:6e:8f:d8:7f:88:b6:08:63:a3:02:6d:
ac:80:d7:d2:46:f8:1c:2a:33:d9:6b:8e:f3:2e:4d:
4f:85:d5:69:18:0a:e4:34:cf:5f:39:ae:45:49:88:
5f:d3:86:75:2a:0c:80:a1:c1:42:79:1a:53:94:84:
8d:a4:56:f8:6d:19:48:32:91:34:71:b0:90:e6:d9:
ee:c3:45:ab:73:48:48:83:11:0e:25:5a:7a:6b:a7:
7d:81:eb:61:37:77:e8:8a:91:ae:4e:85:98:70:85:
d9:1d:c6:1d:a9:e7:92:aa:4b:04:c6:4e:35:39:f1:
8b:9b:9d:16:e4:1d:79:f4:aa:86:40:fd:7e:2b:ae:
af:24:75:76:eb:19:fd:08:66:bc:e7:14:49:0d:21:
9a:21:d7:72:f9:03:dd:03:be:c7:69:a9:0e:53:91:
a7:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:0A:5C:88:F9:E6:8C:F3:85:F8:E4:8D:3A:24:A8:E4:C2:22:8D:FB
X509v3 Authority Key Identifier:
keyid:26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/NgpciPnmjPOF-OSNOiSo5MIijfs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/JgsrxFR3yB13TaoMKKtEt3S6CSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:c0c3::/32
2a0e:7f00::/32
2a0e:c4c0::/32
2a0e:eec1::/32
Signature Algorithm: sha256WithRSAEncryption
ad:f3:42:4d:3c:b7:df:d1:94:7d:c4:1a:dd:5f:55:53:49:9e:
68:9f:43:d5:6e:7e:5b:3d:1b:40:bb:7f:53:d3:18:8c:c7:93:
10:60:11:0f:00:fb:1b:34:17:2d:58:87:e9:00:60:be:49:77:
a3:a8:98:5a:85:e7:71:0b:83:32:6e:14:6e:6b:85:f5:6c:ea:
e4:5d:fd:c8:49:7e:32:bc:da:e5:c1:7a:7e:3d:c2:9e:7e:dd:
c8:d3:14:4d:3f:de:0f:87:ce:bd:07:ea:84:68:21:b6:44:44:
a5:8f:4d:8a:d9:e5:3c:cf:0c:36:03:ff:8b:50:8f:c4:45:ef:
54:fc:af:19:a9:1a:1f:a8:11:12:b2:43:26:bd:a2:0c:5c:e0:
7d:69:a5:a9:c2:9d:b4:57:c5:13:6e:c5:da:05:5e:31:f4:0d:
04:be:6c:c5:0d:c5:04:e0:45:1c:6c:48:24:5a:3b:31:14:e9:
e0:6d:f3:54:8c:14:06:36:67:cf:80:6d:55:cf:4a:39:32:ce:
0c:70:f4:68:a5:70:ca:c2:9c:26:71:9f:50:e9:a3:30:43:96:
e2:a8:bf:3a:e8:e5:15:55:78:48:49:00:a1:1e:86:31:63:bb:
99:05:3f:b9:db:2d:0b:04:cc:b2:1d:00:5b:59:cb:40:c9:9e:
17:70:85:c1
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZamnLcgXVNqjU0b6tfo4XyqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MGIyYmM0NTQ3N2M4MWQ3NzRkYWEwYzI4YWI0NGI3NzRi
YTA5MjAwHhcNMjUwNTA2MTcyMDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjBhNWM4OGY5ZTY4Y2YzODVmOGU0OGQzYTI0YThlNGMyMjI4ZGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx5lCkoR3u11l8EadsSoTBD9zzwwR
Ag1KJ7vQl3WHIvuLdOFvLbcvPq/Fq0ksmPHl6AOYUwq6g6I5q/wZS6q4Ip5/66Ly
EDBilX7jHbWHThy1l6aBk9Ww99aEAfh7bo/Yf4i2CGOjAm2sgNfSRvgcKjPZa47z
Lk1PhdVpGArkNM9fOa5FSYhf04Z1KgyAocFCeRpTlISNpFb4bRlIMpE0cbCQ5tnu
w0Wrc0hIgxEOJVp6a6d9gethN3foipGuToWYcIXZHcYdqeeSqksExk41OfGLm50W
5B159KqGQP1+K66vJHV26xn9CGa85xRJDSGaIddy+QPdA77HaakOU5GnEwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFDYKXIj55ozzhfjkjTokqOTCIo37MB8GA1UdIwQY
MBaAFCYLK8RUd8gdd02qDCirRLd0ugkgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQt
MTdlNjZjMWZkM2QxLzEvTmdwY2lQbm1qUE9GLU9TTk9pU281TUlpamZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQtMTdlNjZjMWZkM2Qx
LzEvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUAKgrAwwMF
ACoOfwADBQAqDsTAAwUAKg7uwTANBgkqhkiG9w0BAQsFAAOCAQEArfNCTTy339GU
fcQa3V9VU0meaJ9D1W5+Wz0bQLt/U9MYjMeTEGARDwD7GzQXLViH6QBgvkl3o6iY
WoXncQuDMm4UbmuF9Wzq5F39yEl+Mrza5cF6fj3Cnn7dyNMUTT/eD4fOvQfqhGgh
tkREpY9NitnlPM8MNgP/i1CPxEXvVPyvGakaH6gRErJDJr2iDFzgfWmlqcKdtFfF
E27F2gVeMfQNBL5sxQ3FBOBFHGxIJFo7MRTp4G3zVIwUBjZnz4BtVc9KOTLODHD0
aKVwysKcJnGfUOmjMEOW4qi/OujlFVV4SEkAoR6GMWO7mQU/udstCwTMsh0AW1nL
QMmeF3CFwQ==
-----END CERTIFICATE-----
Generated at Thu May 8 23:29:58 2025 by rpki-client