Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/224351-3a47-4014-b395-a63479610968/1/N9cWhqUFIVawgrdQo39XMG40ub4.roa
File: N9cWhqUFIVawgrdQo39XMG40ub4.roa (raw, json)
Hash identifier: SCUpW4rME59j2WRx9sdbb5UKbUyRcBdu4ExJZL5DBNQ=
Subject key identifier: 37:D7:16:86:A5:05:21:56:B0:82:B7:50:A3:7F:57:30:6E:34:B9:BE
Certificate issuer: /CN=c1d369e66cdbe30d7b3aff6081f20c17a98fdc5b
Certificate serial: 0198C1723559A4919987D768C980DF823FEE
Authority key identifier: C1:D3:69:E6:6C:DB:E3:0D:7B:3A:FF:60:81:F2:0C:17:A9:8F:DC:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wdNp5mzb4w17Ov9ggfIMF6mP3Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/224351-3a47-4014-b395-a63479610968/1/N9cWhqUFIVawgrdQo39XMG40ub4.roa
Signing time: Tue 19 Aug 2025 08:29:04 +0000
ROA not before: Tue 19 Aug 2025 08:29:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204601
IP address blocks: 45.88.78.0/24 maxlen: 24
81.91.177.0/24 maxlen: 24
81.91.178.0/24 maxlen: 24
95.215.205.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/224351-3a47-4014-b395-a63479610968/1/wdNp5mzb4w17Ov9ggfIMF6mP3Fs.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/224351-3a47-4014-b395-a63479610968/1/wdNp5mzb4w17Ov9ggfIMF6mP3Fs.mft
rsync://rpki.ripe.net/repository/DEFAULT/wdNp5mzb4w17Ov9ggfIMF6mP3Fs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:c1:72:35:59:a4:91:99:87:d7:68:c9:80:df:82:3f:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1d369e66cdbe30d7b3aff6081f20c17a98fdc5b
Validity
Not Before: Aug 19 08:29:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=37d71686a5052156b082b750a37f57306e34b9be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:a2:80:86:9a:7a:f3:68:a0:87:4c:90:5d:e8:
db:12:c2:d8:f4:0c:df:5c:3e:4b:58:e0:03:59:26:
ef:aa:ff:dc:0b:bc:56:56:ce:1d:8d:06:63:56:eb:
fd:43:32:d0:f1:33:4f:c1:b3:8f:b2:fc:ef:ee:b4:
2e:81:2f:bb:0c:1e:02:1b:84:0a:a1:10:b6:0b:7e:
6c:d2:a4:7e:e4:37:72:38:91:dc:cf:00:92:9b:71:
4a:9f:0c:bb:34:93:37:84:1d:fd:5e:4a:71:f3:38:
4e:ec:65:73:ef:b5:4c:d8:f0:d0:5c:bb:07:cb:a7:
bd:e8:35:05:2a:fc:e6:ba:78:31:cb:b4:37:df:a3:
c7:01:aa:ca:6b:65:4c:25:ae:6b:7d:07:51:f4:ae:
5b:c3:9b:56:95:3b:b7:32:74:14:11:28:2a:b3:c2:
58:25:1e:fd:f1:6a:55:3f:e8:7c:41:72:6f:01:c6:
44:00:5d:17:00:b3:34:fd:03:90:6d:01:f4:45:c9:
f8:00:ff:62:3a:30:ff:78:7b:ac:6d:2a:2b:c3:55:
a4:c2:64:61:98:9f:bb:dd:e9:dd:4c:49:73:ee:68:
a2:01:8f:83:b8:b7:76:a8:fb:88:ff:e7:6e:d7:9b:
c9:1c:e3:90:37:93:93:0f:97:95:9e:70:68:84:5d:
f4:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:D7:16:86:A5:05:21:56:B0:82:B7:50:A3:7F:57:30:6E:34:B9:BE
X509v3 Authority Key Identifier:
keyid:C1:D3:69:E6:6C:DB:E3:0D:7B:3A:FF:60:81:F2:0C:17:A9:8F:DC:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wdNp5mzb4w17Ov9ggfIMF6mP3Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/224351-3a47-4014-b395-a63479610968/1/N9cWhqUFIVawgrdQo39XMG40ub4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/224351-3a47-4014-b395-a63479610968/1/wdNp5mzb4w17Ov9ggfIMF6mP3Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.78.0/24
81.91.177.0-81.91.178.255
95.215.205.0/24
Signature Algorithm: sha256WithRSAEncryption
76:ce:a1:df:d8:e9:99:5f:23:6e:b3:12:f5:1d:e9:7e:7d:49:
cd:60:3f:cf:3d:51:60:fc:af:2b:f9:8e:f0:79:c0:3d:fd:de:
65:16:ae:65:34:27:a3:45:08:53:08:c1:4b:aa:00:1d:43:be:
b7:7f:13:ed:ca:d6:eb:74:85:ca:aa:ab:3b:c9:db:c5:e3:6d:
83:8c:af:d6:bb:7e:e9:fe:d2:01:7b:98:85:01:0d:9e:ad:68:
a8:72:ff:83:95:13:f0:26:ef:7e:82:3b:43:a2:39:39:a0:11:
f8:8f:db:2d:01:64:57:3c:34:a6:5d:6c:23:da:71:80:73:ae:
94:8b:bc:c5:74:ae:f2:10:60:d6:3e:76:6c:23:7a:25:c9:35:
db:0b:01:ff:34:ef:50:ca:82:17:81:47:b5:76:bd:7a:f4:02:
62:cc:b9:ea:b5:d7:06:ea:6a:ff:59:a8:9b:17:2a:af:ca:b7:
ee:11:84:a6:5d:48:13:d8:6f:86:27:14:32:26:a1:c6:e8:97:
0a:2a:79:1d:c4:72:aa:0a:c1:7f:5e:2b:be:da:47:d2:b7:40:
43:80:9a:ac:95:ac:9b:14:c7:0c:9a:d3:ec:36:e9:6b:73:bc:
3f:3f:bb:90:94:e2:95:74:6e:68:0c:3c:90:0f:17:46:66:cb:
42:79:b1:4f
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZjBcjVZpJGZh9doyYDfgj/uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxZDM2OWU2NmNkYmUzMGQ3YjNhZmY2MDgxZjIwYzE3YTk4
ZmRjNWIwHhcNMjUwODE5MDgyOTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2Q3MTY4NmE1MDUyMTU2YjA4MmI3NTBhMzdmNTczMDZlMzRiOWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtaKAhpp682igh0yQXejbEsLY9Azf
XD5LWOADWSbvqv/cC7xWVs4djQZjVuv9QzLQ8TNPwbOPsvzv7rQugS+7DB4CG4QK
oRC2C35s0qR+5DdyOJHczwCSm3FKnwy7NJM3hB39Xkpx8zhO7GVz77VM2PDQXLsH
y6e96DUFKvzmungxy7Q336PHAarKa2VMJa5rfQdR9K5bw5tWlTu3MnQUESgqs8JY
JR798WpVP+h8QXJvAcZEAF0XALM0/QOQbQH0Rcn4AP9iOjD/eHusbSorw1WkwmRh
mJ+73endTElz7miiAY+DuLd2qPuI/+du15vJHOOQN5OTD5eVnnBohF30YwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFDfXFoalBSFWsIK3UKN/VzBuNLm+MB8GA1UdIwQY
MBaAFMHTaeZs2+MNezr/YIHyDBepj9xbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2ROcDVtemI0dzE3T3Y5Z2dmSU1GNm1QM0ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yMjQzNTEtM2E0Ny00MDE0LWIzOTUt
YTYzNDc5NjEwOTY4LzEvTjljV2hxVUZJVmF3Z3JkUW8zOVhNRzQwdWI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yMjQzNTEtM2E0Ny00MDE0LWIzOTUtYTYzNDc5NjEwOTY4
LzEvd2ROcDVtemI0dzE3T3Y5Z2dmSU1GNm1QM0ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQALVhOMAwD
BABRW7EDBABRW7IDBABf180wDQYJKoZIhvcNAQELBQADggEBAHbOod/Y6ZlfI26z
EvUd6X59Sc1gP889UWD8ryv5jvB5wD393mUWrmU0J6NFCFMIwUuqAB1Dvrd/E+3K
1ut0hcqqqzvJ28XjbYOMr9a7fun+0gF7mIUBDZ6taKhy/4OVE/Am736CO0OiOTmg
EfiP2y0BZFc8NKZdbCPacYBzrpSLvMV0rvIQYNY+dmwjeiXJNdsLAf8071DKgheB
R7V2vXr0AmLMueq11wbqav9ZqJsXKq/Kt+4RhKZdSBPYb4YnFDImocbolwoqeR3E
cqoKwX9eK77aR9K3QEOAmqyVrJsUxwya0+w26WtzvD8/u5CU4pV0bmgMPJAPF0Zm
y0J5sU8=
-----END CERTIFICATE-----
Generated at Sat Aug 23 22:42:18 2025 by rpki-client