Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/nQLKKSXPAlURO0CoUz-oQdUGeFI.roa
File: nQLKKSXPAlURO0CoUz-oQdUGeFI.roa (raw, json)
Hash identifier: UeEwJIBBWDo7KqfLU64EUoXcIbRt9vA9I7fqVZkyPpA=
Subject key identifier: 9D:02:CA:29:25:CF:02:55:11:3B:40:A8:53:3F:A8:41:D5:06:78:52
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0198C15FE8FD95F145DB3ED2DAE0746A7596
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/nQLKKSXPAlURO0CoUz-oQdUGeFI.roa
Signing time: Tue 19 Aug 2025 08:09:04 +0000
ROA not before: Tue 19 Aug 2025 08:09:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21840
IP address blocks: 217.144.145.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:c1:5f:e8:fd:95:f1:45:db:3e:d2:da:e0:74:6a:75:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Aug 19 08:09:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9d02ca2925cf0255113b40a8533fa841d5067852
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:05:23:40:fd:e9:93:6c:87:a7:e7:9e:5d:5a:
e2:7d:e1:4a:94:0b:ef:00:45:0a:14:6a:f3:63:59:
e7:42:d8:53:da:7e:fe:1e:12:f6:d1:d8:b4:ea:55:
ca:ef:36:57:b0:94:80:82:56:67:83:3d:f1:75:e4:
73:3e:74:01:5d:7b:3b:04:f0:69:45:a2:0b:f5:3b:
33:dd:84:65:bd:54:31:21:2d:e5:6b:1a:c1:5e:f3:
f8:30:2d:ab:ba:cf:3f:00:89:ea:6a:40:bd:b1:b7:
8a:88:bf:1e:6a:fd:82:28:92:02:10:67:1a:dc:f9:
38:73:b8:24:9a:a1:52:e0:bb:57:d0:1c:69:e6:d0:
4a:b7:ff:a7:2f:6e:fd:15:35:28:3e:da:de:cb:01:
45:b0:90:61:96:46:68:5e:0d:1e:54:d1:82:30:dd:
27:5a:81:00:28:d4:fb:bb:a1:e9:1a:28:b6:33:a3:
4e:a1:ed:5e:60:99:60:cb:1b:ee:dc:fc:ef:9c:a0:
0d:e0:6d:e2:25:b8:32:f5:20:27:95:7d:80:96:74:
43:b2:04:b1:17:45:c1:8b:a9:41:b0:2e:6e:83:82:
27:aa:7f:5f:f5:40:75:e2:db:a4:f0:ae:77:fb:5c:
18:0c:79:e0:8b:82:ab:6a:2d:6f:2f:1d:07:54:82:
7a:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:02:CA:29:25:CF:02:55:11:3B:40:A8:53:3F:A8:41:D5:06:78:52
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/nQLKKSXPAlURO0CoUz-oQdUGeFI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.144.145.0/24
Signature Algorithm: sha256WithRSAEncryption
01:53:65:7c:d9:0a:ab:d9:fa:9d:df:84:73:75:0b:3f:89:98:
71:bb:76:0b:af:c7:2b:1d:0d:f7:12:d0:01:57:d2:73:6c:76:
31:6b:df:96:8f:9c:db:ec:c9:91:2e:0f:2c:bb:a2:c9:dc:f7:
24:b7:c5:3c:d0:b7:2f:b1:4e:96:53:c4:7b:cc:0e:17:81:36:
e7:27:a8:65:44:a2:0e:44:5d:0a:f7:03:94:db:d4:08:ea:3f:
23:3c:6f:d5:d1:7d:63:a7:fc:03:2c:3e:9b:c5:31:85:67:d6:
bc:e7:cf:9e:0b:2f:4b:39:cc:86:3d:48:df:60:0d:4d:b5:c9:
d4:5f:ad:fa:da:63:9e:6b:17:0c:94:9f:8a:87:10:ff:0e:89:
80:9f:5b:1d:14:60:a4:10:96:37:75:0a:ec:39:89:66:8e:98:
65:91:79:ca:b5:83:11:d4:53:33:fe:1d:da:25:eb:67:6d:c7:
cc:21:fe:52:3f:fe:ad:d6:95:41:08:39:ce:81:9b:d4:db:21:
97:53:93:3b:3e:59:2a:25:be:f3:7b:be:10:fe:e3:fd:2b:2b:
e9:c2:2d:91:5f:41:9e:93:ae:50:09:0c:3c:cf:1d:9d:ac:a1:
ef:38:93:2d:ee:9e:46:3c:4b:a2:08:b9:c3:ec:5e:9f:90:ef:
ea:04:cf:bd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZjBX+j9lfFF2z7S2uB0anWWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwODE5MDgwOTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDAyY2EyOTI1Y2YwMjU1MTEzYjQwYTg1MzNmYTg0MWQ1MDY3ODUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQUjQP3pk2yHp+eeXVrifeFKlAvv
AEUKFGrzY1nnQthT2n7+HhL20di06lXK7zZXsJSAglZngz3xdeRzPnQBXXs7BPBp
RaIL9Tsz3YRlvVQxIS3laxrBXvP4MC2rus8/AInqakC9sbeKiL8eav2CKJICEGca
3Pk4c7gkmqFS4LtX0Bxp5tBKt/+nL279FTUoPtreywFFsJBhlkZoXg0eVNGCMN0n
WoEAKNT7u6HpGii2M6NOoe1eYJlgyxvu3PzvnKAN4G3iJbgy9SAnlX2AlnRDsgSx
F0XBi6lBsC5ug4Inqn9f9UB14tuk8K53+1wYDHngi4Krai1vLx0HVIJ65wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ0CyiklzwJVETtAqFM/qEHVBnhSMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvblFMS0tTWFBBbFVSTzBDb1V6LW9RZFVHZUZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2ZCRMA0G
CSqGSIb3DQEBCwUAA4IBAQABU2V82Qqr2fqd34RzdQs/iZhxu3YLr8crHQ33EtAB
V9JzbHYxa9+Wj5zb7MmRLg8su6LJ3Pckt8U80LcvsU6WU8R7zA4XgTbnJ6hlRKIO
RF0K9wOU29QI6j8jPG/V0X1jp/wDLD6bxTGFZ9a858+eCy9LOcyGPUjfYA1NtcnU
X6362mOeaxcMlJ+KhxD/DomAn1sdFGCkEJY3dQrsOYlmjphlkXnKtYMR1FMz/h3a
JetnbcfMIf5SP/6t1pVBCDnOgZvU2yGXU5M7PlkqJb7ze74Q/uP9Kyvpwi2RX0Ge
k65QCQw8zx2drKHvOJMt7p5GPEuiCLnD7F6fkO/qBM+9
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:17:37 2025 by rpki-client