Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/35a9a6-60cd-4f24-8ef0-7dc69430d352/1/nyurKK5lYc3Jd4A-TJ70SVH4ScU.roa
File: nyurKK5lYc3Jd4A-TJ70SVH4ScU.roa (raw, json)
Hash identifier: zjZFoWXTAxAXpj9+aZvhkarE3nbYeEPl4fyvTkTHB8w=
Subject key identifier: 9F:2B:AB:28:AE:65:61:CD:C9:77:80:3E:4C:9E:F4:49:51:F8:49:C5
Certificate issuer: /CN=671cd071dc960bdc829b0be7e34b6b61cf8b0b1e
Certificate serial: 019898A0B0D55E68B7DA582E8B935A100C51
Authority key identifier: 67:1C:D0:71:DC:96:0B:DC:82:9B:0B:E7:E3:4B:6B:61:CF:8B:0B:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZxzQcdyWC9yCmwvn40trYc-LCx4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/35a9a6-60cd-4f24-8ef0-7dc69430d352/1/nyurKK5lYc3Jd4A-TJ70SVH4ScU.roa
Signing time: Mon 11 Aug 2025 10:15:24 +0000
ROA not before: Mon 11 Aug 2025 10:15:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21489
IP address blocks: 185.45.52.0/24 maxlen: 24
185.45.53.0/24 maxlen: 24
185.45.54.0/24 maxlen: 24
185.45.55.0/24 maxlen: 24
192.101.252.0/24 maxlen: 24
193.110.130.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/35a9a6-60cd-4f24-8ef0-7dc69430d352/1/ZxzQcdyWC9yCmwvn40trYc-LCx4.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/35a9a6-60cd-4f24-8ef0-7dc69430d352/1/ZxzQcdyWC9yCmwvn40trYc-LCx4.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZxzQcdyWC9yCmwvn40trYc-LCx4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:98:a0:b0:d5:5e:68:b7:da:58:2e:8b:93:5a:10:0c:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=671cd071dc960bdc829b0be7e34b6b61cf8b0b1e
Validity
Not Before: Aug 11 10:15:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9f2bab28ae6561cdc977803e4c9ef44951f849c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:de:d7:a2:35:8c:ba:b7:7e:76:b4:ca:42:f7:
12:88:25:93:fb:44:4f:e1:a3:46:fe:03:fe:49:20:
c5:90:7e:d1:5d:0c:36:22:a7:b3:7c:d1:3c:4b:04:
4b:f2:cc:50:d6:9c:5f:fb:5a:b9:8a:39:d8:ba:b7:
d9:c8:a4:b9:dd:de:95:4b:81:fc:37:4e:4e:ae:8d:
ba:cf:10:34:71:43:12:c8:f7:ba:4b:24:82:44:fb:
64:51:1e:93:ff:06:69:d4:21:18:3d:19:a9:d0:b9:
86:01:e8:57:11:a7:b0:b5:76:3b:01:48:fe:5f:5f:
e3:41:94:04:bf:e1:13:1c:51:a8:63:5c:0d:25:a8:
08:1c:09:b3:a0:20:f6:88:d9:be:bf:fc:43:af:60:
4a:51:10:ba:2f:5a:fb:57:d1:af:71:d7:c5:1f:51:
21:66:09:2a:a2:26:55:ca:98:0a:3f:eb:90:14:59:
5e:67:65:82:8d:17:ff:0f:aa:19:f2:92:d6:f2:14:
0a:5a:35:43:a9:50:e1:b7:28:0b:de:06:ab:c3:07:
66:46:a9:ba:be:51:6b:1e:f7:0e:8b:3c:85:cb:c0:
8b:83:64:69:d4:3a:c6:b5:de:29:00:5f:39:20:41:
06:87:08:b1:bd:48:59:fd:45:39:00:14:77:76:84:
93:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:2B:AB:28:AE:65:61:CD:C9:77:80:3E:4C:9E:F4:49:51:F8:49:C5
X509v3 Authority Key Identifier:
keyid:67:1C:D0:71:DC:96:0B:DC:82:9B:0B:E7:E3:4B:6B:61:CF:8B:0B:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZxzQcdyWC9yCmwvn40trYc-LCx4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/35a9a6-60cd-4f24-8ef0-7dc69430d352/1/nyurKK5lYc3Jd4A-TJ70SVH4ScU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/35a9a6-60cd-4f24-8ef0-7dc69430d352/1/ZxzQcdyWC9yCmwvn40trYc-LCx4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.45.52.0/22
192.101.252.0/24
193.110.130.0/24
Signature Algorithm: sha256WithRSAEncryption
53:de:cf:37:c4:29:39:92:0e:4b:03:2f:d2:a7:16:aa:56:19:
e1:24:d9:87:32:77:b7:56:0a:75:61:c4:87:6b:59:70:fa:29:
fd:4a:cd:9f:7f:a7:f1:25:8b:72:d2:d3:51:af:28:c4:d3:ab:
a4:52:c4:18:4a:57:ad:40:4d:47:83:cb:85:e7:3e:ff:ab:f0:
a7:05:79:d4:dd:78:5e:82:03:ee:c3:3c:27:4e:90:30:21:54:
7e:09:6f:27:c3:bf:ca:84:0f:d9:ff:76:21:90:11:33:c0:ec:
ce:1c:5d:7d:e9:06:df:6a:5c:53:0d:7a:03:3d:ff:0b:4b:5f:
69:22:e3:dd:ee:0a:cc:7d:89:cd:8d:cd:73:a0:b7:a1:75:19:
31:a0:24:90:e8:e3:7b:8a:9e:c0:61:e4:82:8c:c4:c8:cb:83:
8d:e7:d8:8b:e8:aa:78:f2:71:92:38:fe:a5:c8:dd:f2:76:18:
dd:a1:03:b4:89:18:35:0c:1b:57:da:74:f9:80:cd:9b:25:f0:
1b:91:6b:05:d2:07:2e:5c:ea:fe:85:b0:79:e8:d0:aa:df:8f:
3c:be:19:c9:51:bd:18:61:a7:2a:63:5f:8d:de:ef:5f:a0:87:
85:1d:cf:45:58:b6:37:1c:3a:59:4a:bf:93:db:be:42:c8:b0:
07:61:d7:50
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZiYoLDVXmi32lgui5NaEAxRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3MWNkMDcxZGM5NjBiZGM4MjliMGJlN2UzNGI2YjYxY2Y4
YjBiMWUwHhcNMjUwODExMTAxNTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjJiYWIyOGFlNjU2MWNkYzk3NzgwM2U0YzllZjQ0OTUxZjg0OWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAud7XojWMurd+drTKQvcSiCWT+0RP
4aNG/gP+SSDFkH7RXQw2IqezfNE8SwRL8sxQ1pxf+1q5ijnYurfZyKS53d6VS4H8
N05Oro26zxA0cUMSyPe6SySCRPtkUR6T/wZp1CEYPRmp0LmGAehXEaewtXY7AUj+
X1/jQZQEv+ETHFGoY1wNJagIHAmzoCD2iNm+v/xDr2BKURC6L1r7V9GvcdfFH1Eh
ZgkqoiZVypgKP+uQFFleZ2WCjRf/D6oZ8pLW8hQKWjVDqVDhtygL3garwwdmRqm6
vlFrHvcOizyFy8CLg2Rp1DrGtd4pAF85IEEGhwixvUhZ/UU5ABR3doSTeQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJ8rqyiuZWHNyXeAPkye9ElR+EnFMB8GA1UdIwQY
MBaAFGcc0HHclgvcgpsL5+NLa2HPiwseMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnh6UWNkeVdDOXlDbXd2bjQwdHJZYy1MQ3g0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8zNWE5YTYtNjBjZC00ZjI0LThlZjAt
N2RjNjk0MzBkMzUyLzEvbnl1cktLNWxZYzNKZDRBLVRKNzBTVkg0U2NVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8zNWE5YTYtNjBjZC00ZjI0LThlZjAtN2RjNjk0MzBkMzUy
LzEvWnh6UWNkeVdDOXlDbXd2bjQwdHJZYy1MQ3g0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuS00AwQA
wGX8AwQAwW6CMA0GCSqGSIb3DQEBCwUAA4IBAQBT3s83xCk5kg5LAy/SpxaqVhnh
JNmHMne3Vgp1YcSHa1lw+in9Ss2ff6fxJYty0tNRryjE06ukUsQYSletQE1Hg8uF
5z7/q/CnBXnU3XheggPuwzwnTpAwIVR+CW8nw7/KhA/Z/3YhkBEzwOzOHF196Qbf
alxTDXoDPf8LS19pIuPd7grMfYnNjc1zoLehdRkxoCSQ6ON7ip7AYeSCjMTIy4ON
59iL6Kp48nGSOP6lyN3ydhjdoQO0iRg1DBtX2nT5gM2bJfAbkWsF0gcuXOr+hbB5
6NCq3488vhnJUb0YYacqY1+N3u9foIeFHc9FWLY3HDpZSr+T275CyLAHYddQ
-----END CERTIFICATE-----
Generated at Sat Aug 23 13:50:51 2025 by rpki-client