Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/nMsRKGL1_JNonvFYOo8XapYWg_Y.roa
File: nMsRKGL1_JNonvFYOo8XapYWg_Y.roa (raw, json)
Hash identifier: 0zjtbl5thW5KK1yuV6e1gQ/H4BrleI2lexyiPXWKx+4=
Subject key identifier: 9C:CB:11:28:62:F5:FC:93:68:9E:F1:58:3A:8F:17:6A:96:16:83:F6
Certificate issuer: /CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Certificate serial: 019684372D8287DEE5FAC474D303BE0A9854
Authority key identifier: 12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/nMsRKGL1_JNonvFYOo8XapYWg_Y.roa
Signing time: Wed 30 Apr 2025 01:02:10 +0000
ROA not before: Wed 30 Apr 2025 01:02:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198160
IP address blocks: 89.36.32.0/24 maxlen: 24
89.36.33.0/24 maxlen: 24
185.121.133.0/24 maxlen: 24
185.144.71.0/24 maxlen: 24
2a0c:2501::/32 maxlen: 48
2a14:6780::/29 maxlen: 48
2a14:6780::/32 maxlen: 32
2a14:6781::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.mft
rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 13:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:84:37:2d:82:87:de:e5:fa:c4:74:d3:03:be:0a:98:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Validity
Not Before: Apr 30 01:02:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9ccb112862f5fc93689ef1583a8f176a961683f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:99:b9:e2:97:71:68:d9:e8:f1:f0:19:af:dc:
9f:61:30:97:71:72:4a:6b:44:5c:4b:48:d5:e3:4b:
3d:3f:84:59:00:bf:44:59:fc:ce:d9:8b:0d:f0:e9:
da:83:fa:19:ff:15:39:d4:43:77:a2:95:35:bb:6a:
c1:d4:af:9b:a2:86:b0:18:41:4a:f0:11:e1:d7:47:
49:24:2f:dd:31:1a:4b:a2:08:57:bf:51:e1:e2:03:
85:a8:b4:f8:0e:fd:6f:bd:0e:1c:e7:62:ff:21:b3:
db:76:36:df:e9:5d:32:29:26:55:9b:e1:6a:6b:bf:
4a:bb:68:8f:9f:6c:ed:f7:20:d8:95:09:a0:6f:60:
0b:e3:83:c9:6b:f0:6c:df:01:c9:14:58:30:89:3b:
1c:77:02:52:75:f0:aa:a4:ba:04:0b:bb:e6:28:26:
ad:69:9b:b4:d2:2e:f9:e1:17:c4:5f:fc:52:bf:19:
1c:d9:d4:a2:3c:bf:cc:89:fa:ca:c4:72:12:21:d4:
02:5c:48:d4:d3:d8:d5:d4:ba:6d:8f:7c:db:21:6f:
14:b2:8e:23:cf:b0:e3:d9:e6:d2:8c:3b:72:f2:68:
43:c2:bb:73:c1:ca:99:c6:2b:4a:f3:b3:04:5d:3b:
60:62:9c:bb:fc:cc:13:e8:ac:88:82:84:70:ba:07:
45:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:CB:11:28:62:F5:FC:93:68:9E:F1:58:3A:8F:17:6A:96:16:83:F6
X509v3 Authority Key Identifier:
keyid:12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/nMsRKGL1_JNonvFYOo8XapYWg_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.36.32.0/23
185.121.133.0/24
185.144.71.0/24
IPv6:
2a0c:2501::/32
2a14:6780::/29
Signature Algorithm: sha256WithRSAEncryption
76:79:bb:ae:e5:de:72:7b:86:17:ea:b0:bd:0d:ab:cb:bf:b2:
43:d5:94:7f:7a:02:80:52:d6:19:c5:07:89:2d:33:cb:75:84:
46:85:82:12:ad:16:51:cd:f9:d9:22:39:96:ba:e0:33:cf:9f:
de:bc:c6:c3:e7:f9:96:7c:b3:37:af:31:02:5f:f4:38:3c:d2:
44:97:96:42:0a:e5:29:e7:d1:78:aa:c0:f8:83:2a:32:3b:9a:
dc:95:bb:77:a3:f3:13:78:3b:a6:8f:31:1c:74:24:0b:9d:c6:
21:70:09:23:dd:cf:60:27:b4:b4:75:4c:c5:f9:d8:7f:5c:f5:
fe:70:52:9b:18:d9:a3:31:76:01:9c:e0:77:a1:4a:af:d3:75:
b2:e5:c0:29:78:af:63:d9:a4:ea:e5:22:6c:3b:49:f2:25:2f:
1a:26:ca:6f:3b:eb:05:1a:17:89:6b:45:63:65:cb:de:ab:06:
fc:6f:f3:16:4b:40:d2:84:7c:5e:ed:1c:50:1d:0a:d5:b5:ad:
f4:9f:11:4d:ae:df:0f:e1:26:92:2d:1b:f3:ed:1e:c2:d6:62:
cd:6b:0c:2f:cc:2e:6c:c7:d5:8e:a4:02:81:68:f1:9c:f0:db:
6a:85:fa:fa:ac:13:b8:0e:1d:f1:87:57:06:a7:c3:02:62:25:
e9:c3:d4:00
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZaENy2Ch97l+sR00wO+CphUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyYmUyOWM5NTY4OTRjNDljNmQ0YmUwZWQ5ODg4MmI5MGQx
YmM3N2YwHhcNMjUwNDMwMDEwMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2NiMTEyODYyZjVmYzkzNjg5ZWYxNTgzYThmMTc2YTk2MTY4M2Y2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5m54pdxaNno8fAZr9yfYTCXcXJK
a0RcS0jV40s9P4RZAL9EWfzO2YsN8Onag/oZ/xU51EN3opU1u2rB1K+booawGEFK
8BHh10dJJC/dMRpLoghXv1Hh4gOFqLT4Dv1vvQ4c52L/IbPbdjbf6V0yKSZVm+Fq
a79Ku2iPn2zt9yDYlQmgb2AL44PJa/Bs3wHJFFgwiTscdwJSdfCqpLoEC7vmKCat
aZu00i754RfEX/xSvxkc2dSiPL/MifrKxHISIdQCXEjU09jV1Lptj3zbIW8Uso4j
z7Dj2ebSjDty8mhDwrtzwcqZxitK87MEXTtgYpy7/MwT6KyIgoRwugdFZQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFJzLEShi9fyTaJ7xWDqPF2qWFoP2MB8GA1UdIwQY
MBaAFBK+KclWiUxJxtS+DtmIgrkNG8d/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjIt
YWE2ZWQ0ZGFmYjNiLzEvbk1zUktHTDFfSk5vbnZGWU9vOFhhcFlXZ19ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjItYWE2ZWQ0ZGFmYjNi
LzEvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQBWSQgAwQA
uXmFAwQAuZBHMBQEAgACMA4DBQAqDCUBAwUDKhRngDANBgkqhkiG9w0BAQsFAAOC
AQEAdnm7ruXecnuGF+qwvQ2ry7+yQ9WUf3oCgFLWGcUHiS0zy3WERoWCEq0WUc35
2SI5lrrgM8+f3rzGw+f5lnyzN68xAl/0ODzSRJeWQgrlKefReKrA+IMqMjua3JW7
d6PzE3g7po8xHHQkC53GIXAJI93PYCe0tHVMxfnYf1z1/nBSmxjZozF2AZzgd6FK
r9N1suXAKXivY9mk6uUibDtJ8iUvGibKbzvrBRoXiWtFY2XL3qsG/G/zFktA0oR8
Xu0cUB0K1bWt9J8RTa7fD+Emki0b8+0ewtZizWsML8wubMfVjqQCgWjxnPDbaoX6
+qwTuA4d8YdXBqfDAmIl6cPUAA==
-----END CERTIFICATE-----
Generated at Sat May 10 17:09:02 2025 by rpki-client