Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/Nc9h3qvLuJI4WP6YkQa2jYc6rJI.roa
File: Nc9h3qvLuJI4WP6YkQa2jYc6rJI.roa (raw, json)
Hash identifier: 5Bmg9YYyOOpJwhqaN3H4Zio8XFaxyte8HHt0oAAzH5g=
Subject key identifier: 35:CF:61:DE:AB:CB:B8:92:38:58:FE:98:91:06:B6:8D:87:3A:AC:92
Certificate issuer: /CN=f84128146b7bec8bd1185bbe0c3b9340aaf5b714
Certificate serial: 01968FF4D91F66FB9EE6489C01F4E7896734
Authority key identifier: F8:41:28:14:6B:7B:EC:8B:D1:18:5B:BE:0C:3B:93:40:AA:F5:B7:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-EEoFGt77IvRGFu-DDuTQKr1txQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/Nc9h3qvLuJI4WP6YkQa2jYc6rJI.roa
Signing time: Fri 02 May 2025 07:45:10 +0000
ROA not before: Fri 02 May 2025 07:45:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39608
IP address blocks: 86.111.64.0/19 maxlen: 19
86.111.88.0/21 maxlen: 22
91.194.81.0/24 maxlen: 24
91.216.165.0/24 maxlen: 24
176.36.0.0/14 maxlen: 14
176.36.0.0/16 maxlen: 17
176.36.160.0/24 maxlen: 24
176.37.0.0/16 maxlen: 17
176.38.0.0/16 maxlen: 17
176.39.0.0/16 maxlen: 16
176.39.34.0/23 maxlen: 24
176.39.36.0/23 maxlen: 24
185.53.76.0/23 maxlen: 24
185.53.76.0/24 maxlen: 24
185.53.78.0/24 maxlen: 24
193.93.160.0/22 maxlen: 22
193.107.224.0/22 maxlen: 22
194.33.189.0/24 maxlen: 24
194.50.85.0/24 maxlen: 24
194.60.69.0/24 maxlen: 24
2a01:5800::/32 maxlen: 32
2a01:bf20::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/1-EEoFGt77IvRGFu-DDuTQKr1txQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/1-EEoFGt77IvRGFu-DDuTQKr1txQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-EEoFGt77IvRGFu-DDuTQKr1txQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 17 May 2025 23:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:8f:f4:d9:1f:66:fb:9e:e6:48:9c:01:f4:e7:89:67:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f84128146b7bec8bd1185bbe0c3b9340aaf5b714
Validity
Not Before: May 2 07:45:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=35cf61deabcbb8923858fe989106b68d873aac92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:c2:b2:d8:3b:03:a1:5f:d2:b2:2c:cc:15:01:
4a:4c:43:c6:1a:19:c2:49:3b:f3:26:78:40:3c:50:
b9:62:ba:0b:e7:96:a7:04:2e:b7:71:12:ff:8b:89:
71:a0:46:00:97:1b:f2:03:2e:22:c2:69:81:93:93:
f5:89:6b:91:7f:f4:db:d3:71:f7:23:19:99:9f:22:
ab:b4:22:d2:70:e1:86:74:09:54:4c:07:f5:de:24:
20:b9:c7:bd:38:6f:0f:47:3c:de:a9:82:31:67:e1:
23:9e:92:a3:ed:17:06:16:00:69:41:f1:55:b8:e2:
61:eb:87:c7:42:37:00:12:cd:a4:c0:59:5a:a7:05:
16:63:51:90:81:ce:9e:b5:a3:d7:30:a6:88:94:0a:
1b:55:65:55:c3:aa:8b:66:2c:11:cb:11:44:bc:f3:
9c:b7:1a:b3:6b:a1:b0:6c:de:07:30:3c:c7:7f:45:
bc:16:be:19:ee:0d:0a:c0:41:83:35:b2:b8:8e:0c:
5c:35:ea:8a:76:39:21:9b:bd:f1:5c:32:d9:d0:55:
86:c7:26:fb:83:a6:60:2c:7c:44:5a:e0:6b:9d:fa:
ee:83:b8:11:8a:5c:5f:ff:c5:2a:c1:7e:78:f6:eb:
e4:eb:30:02:e1:3d:1d:7a:53:b9:d7:88:64:40:5c:
a2:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:CF:61:DE:AB:CB:B8:92:38:58:FE:98:91:06:B6:8D:87:3A:AC:92
X509v3 Authority Key Identifier:
keyid:F8:41:28:14:6B:7B:EC:8B:D1:18:5B:BE:0C:3B:93:40:AA:F5:B7:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-EEoFGt77IvRGFu-DDuTQKr1txQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/Nc9h3qvLuJI4WP6YkQa2jYc6rJI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/1-EEoFGt77IvRGFu-DDuTQKr1txQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.111.64.0/19
91.194.81.0/24
91.216.165.0/24
176.36.0.0/14
185.53.76.0-185.53.78.255
193.93.160.0/22
193.107.224.0/22
194.33.189.0/24
194.50.85.0/24
194.60.69.0/24
IPv6:
2a01:5800::/32
2a01:bf20::/32
Signature Algorithm: sha256WithRSAEncryption
8d:9e:e0:78:27:2a:8c:d8:ca:86:b3:6c:50:ca:7f:86:4f:a4:
96:26:1a:00:07:71:60:53:30:e0:b5:77:88:ea:0c:d3:28:24:
d3:7d:12:a9:5b:e0:92:a8:07:be:5b:c0:94:9d:cd:5d:f1:65:
67:97:dc:b5:7b:c0:12:db:a5:e2:b7:b2:a2:05:d1:48:79:8c:
68:71:9a:76:fe:c8:c8:43:66:96:37:b9:4e:f9:85:09:37:ef:
a7:98:4e:3f:7e:fb:fa:d4:a0:af:c4:cd:c8:c2:f6:20:47:7b:
cf:a0:61:a5:ef:bb:77:d4:1a:b0:20:c6:05:fe:3e:14:6c:03:
a4:1b:8b:f8:fe:c7:73:dd:07:be:dd:a1:59:dc:9d:98:67:54:
05:5b:ff:c5:85:85:b8:e6:04:ef:c3:26:b3:6b:a7:c4:30:f8:
0d:a7:42:14:74:f5:f8:2e:72:ab:ba:85:80:ec:c7:50:78:9b:
33:6c:9c:ed:f4:5b:e6:37:e6:39:b6:a2:a1:60:5c:b3:89:dc:
9b:4d:ab:9d:7b:1e:d3:84:6c:25:cb:f7:68:23:bf:2e:65:c1:
d0:82:22:4f:20:61:ed:ba:e7:c9:1e:6c:25:25:c7:d5:df:38:
a7:3c:2c:24:06:85:57:6c:55:b2:3d:b7:1f:8d:30:6b:7a:db:
22:30:a7:50
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAZaP9NkfZvue5kicAfTniWc0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4NDEyODE0NmI3YmVjOGJkMTE4NWJiZTBjM2I5MzQwYWFm
NWI3MTQwHhcNMjUwNTAyMDc0NTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWNmNjFkZWFiY2JiODkyMzg1OGZlOTg5MTA2YjY4ZDg3M2FhYzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxcKy2DsDoV/SsizMFQFKTEPGGhnC
STvzJnhAPFC5YroL55anBC63cRL/i4lxoEYAlxvyAy4iwmmBk5P1iWuRf/Tb03H3
IxmZnyKrtCLScOGGdAlUTAf13iQguce9OG8PRzzeqYIxZ+EjnpKj7RcGFgBpQfFV
uOJh64fHQjcAEs2kwFlapwUWY1GQgc6etaPXMKaIlAobVWVVw6qLZiwRyxFEvPOc
txqza6GwbN4HMDzHf0W8Fr4Z7g0KwEGDNbK4jgxcNeqKdjkhm73xXDLZ0FWGxyb7
g6ZgLHxEWuBrnfrug7gRilxf/8UqwX549uvk6zAC4T0delO514hkQFyiTwIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFDXPYd6ry7iSOFj+mJEGto2HOqySMB8GA1UdIwQY
MBaAFPhBKBRre+yL0Rhbvgw7k0Cq9bcUMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1FRW9GR3Q3N0l2UkdGdS1ERHVUUUtyMXR4US5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIvZmIyNDExLTQ4NWItNDE0My05MjQx
LTEzODM5NjQwYTYwNC8xL05jOWgzcXZMdUpJNFdQNllrUWEyalljNnJKSS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNjIvZmIyNDExLTQ4NWItNDE0My05MjQxLTEzODM5NjQwYTYw
NC8xLzEtRUVvRkd0NzdJdlJHRnUtRER1VFFLcjF0eFEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwcgYIKwYBBQUHAQcBAf8EYzBhMEkEAgABMEMDBAVWb0AD
BABbwlEDBABb2KUDAwKwJDAMAwQCuTVMAwQAuTVOAwQCwV2gAwQCwWvgAwQAwiG9
AwQAwjJVAwQAwjxFMBQEAgACMA4DBQAqAVgAAwUAKgG/IDANBgkqhkiG9w0BAQsF
AAOCAQEAjZ7geCcqjNjKhrNsUMp/hk+kliYaAAdxYFMw4LV3iOoM0ygk030SqVvg
kqgHvlvAlJ3NXfFlZ5fctXvAEtul4reyogXRSHmMaHGadv7IyENmlje5TvmFCTfv
p5hOP377+tSgr8TNyML2IEd7z6Bhpe+7d9QasCDGBf4+FGwDpBuL+P7Hc90Hvt2h
WdydmGdUBVv/xYWFuOYE78Mms2unxDD4DadCFHT1+C5yq7qFgOzHUHibM2yc7fRb
5jfmObaioWBcs4ncm02rnXse04RsJcv3aCO/LmXB0IIiTyBh7brnyR5sJSXH1d84
pzwsJAaFV2xVsj23H40wa3rbIjCnUA==
-----END CERTIFICATE-----
Generated at Sat May 17 07:59:44 2025 by rpki-client