Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/89090c-53b1-41be-a338-3831f3ed1ca8/1/nxKiXrNdio14ckCG_Sgh0vm0DTQ.roa
File: nxKiXrNdio14ckCG_Sgh0vm0DTQ.roa (raw, json)
Hash identifier: 0O+vnPePnv6+wWmJ082MbIlY0Wsbvz8NfNZYidPwzkQ=
Subject key identifier: 9F:12:A2:5E:B3:5D:8A:8D:78:72:40:86:FD:28:21:D2:F9:B4:0D:34
Certificate issuer: /CN=d7c60a54e03c9f815cc33afd45d3c4db9af76f16
Certificate serial: 01968793C43EDC0EC67B90884251F6B47D70
Authority key identifier: D7:C6:0A:54:E0:3C:9F:81:5C:C3:3A:FD:45:D3:C4:DB:9A:F7:6F:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/18YKVOA8n4Fcwzr9RdPE25r3bxY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/89090c-53b1-41be-a338-3831f3ed1ca8/1/nxKiXrNdio14ckCG_Sgh0vm0DTQ.roa
Signing time: Wed 30 Apr 2025 16:42:10 +0000
ROA not before: Wed 30 Apr 2025 16:42:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 36224
IP address blocks: 185.33.114.0/24 maxlen: 24
202.162.49.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/89090c-53b1-41be-a338-3831f3ed1ca8/1/18YKVOA8n4Fcwzr9RdPE25r3bxY.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/89090c-53b1-41be-a338-3831f3ed1ca8/1/18YKVOA8n4Fcwzr9RdPE25r3bxY.mft
rsync://rpki.ripe.net/repository/DEFAULT/18YKVOA8n4Fcwzr9RdPE25r3bxY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 10 May 2025 07:01:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:87:93:c4:3e:dc:0e:c6:7b:90:88:42:51:f6:b4:7d:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d7c60a54e03c9f815cc33afd45d3c4db9af76f16
Validity
Not Before: Apr 30 16:42:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9f12a25eb35d8a8d78724086fd2821d2f9b40d34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:08:5f:f6:46:ff:f7:12:0e:15:44:f8:9f:32:
b4:6b:38:9e:34:fc:15:ab:19:0d:54:04:ad:60:33:
04:6b:0c:c5:f9:be:02:38:c2:8d:af:89:17:ed:aa:
20:dd:51:dc:93:d0:1d:03:1b:52:4f:35:5c:b7:b2:
88:b6:b9:ed:da:e8:12:8c:fa:ac:59:5e:1f:90:2a:
d1:25:49:d5:db:f6:07:71:5d:c6:46:dd:f0:85:e4:
42:7c:0d:73:53:a8:a9:a8:e5:ce:bf:91:26:ce:c8:
cc:aa:29:93:9b:f1:e0:f8:b3:7a:6b:12:02:01:ef:
ca:40:90:5d:f3:19:55:d0:6b:bb:49:1a:fd:60:2f:
1c:95:11:c3:db:88:2b:0d:91:ea:b3:d8:38:5f:8b:
d3:79:1a:01:ac:b2:18:73:b5:40:58:e6:94:ed:44:
88:a5:54:9a:a2:c6:e4:7b:66:d0:49:da:9e:cd:62:
a4:56:2a:24:9b:33:a5:ff:4c:30:b2:4a:b1:d6:ed:
ce:d0:1c:1a:9e:65:3e:93:7e:05:18:aa:24:a5:08:
6f:9f:38:8e:f7:42:9d:f8:a6:e5:a9:d9:a6:ca:41:
47:ab:68:54:99:32:19:8f:21:3a:c7:6c:ea:f8:3e:
f4:92:68:cd:b4:07:2f:f9:bb:d5:8b:ec:70:5d:a4:
f6:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:12:A2:5E:B3:5D:8A:8D:78:72:40:86:FD:28:21:D2:F9:B4:0D:34
X509v3 Authority Key Identifier:
keyid:D7:C6:0A:54:E0:3C:9F:81:5C:C3:3A:FD:45:D3:C4:DB:9A:F7:6F:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/18YKVOA8n4Fcwzr9RdPE25r3bxY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/89090c-53b1-41be-a338-3831f3ed1ca8/1/nxKiXrNdio14ckCG_Sgh0vm0DTQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/89090c-53b1-41be-a338-3831f3ed1ca8/1/18YKVOA8n4Fcwzr9RdPE25r3bxY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.33.114.0/24
202.162.49.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:eb:8c:9a:2d:04:01:08:95:35:e6:2e:34:2c:8b:a3:80:75:
e8:a1:10:6d:af:fa:3a:2e:71:e2:99:0d:51:3b:48:ba:fe:52:
fc:15:e1:d9:c0:7e:ed:b7:00:0f:a4:79:c1:9f:26:7c:07:1c:
f3:cc:eb:6c:b4:11:2f:61:39:ae:9c:cb:04:90:00:58:7c:17:
47:0b:9c:04:4f:ab:cf:31:6d:0b:05:79:1c:42:dd:ae:41:fb:
e8:17:e9:c2:21:43:a3:0c:96:26:1a:41:23:1e:0c:bb:cd:fb:
9b:74:73:58:f6:f3:2a:aa:c1:b4:37:f4:dc:ed:5f:9a:f5:9b:
19:13:32:fe:16:8c:19:13:6e:f7:3f:3a:10:b5:68:ce:70:9b:
e4:c0:c3:79:46:e5:c9:21:a2:65:01:9f:16:0d:46:a2:36:8a:
dc:86:20:7c:43:b2:12:52:90:e1:4c:9b:8a:1e:61:12:23:1e:
77:de:be:04:aa:f4:a9:ec:22:40:07:d0:33:91:ff:17:8e:35:
70:e4:76:bb:a5:29:c6:18:48:11:7c:24:10:12:69:8f:63:db:
27:36:4d:7c:da:2f:68:d9:e5:4d:a0:13:d4:9d:86:51:b5:99:
f7:fb:39:8f:42:d8:63:30:68:50:cc:28:22:95:4e:80:fd:ef:
89:c8:a4:2a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZaHk8Q+3A7Ge5CIQlH2tH1wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3YzYwYTU0ZTAzYzlmODE1Y2MzM2FmZDQ1ZDNjNGRiOWFm
NzZmMTYwHhcNMjUwNDMwMTY0MjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjEyYTI1ZWIzNWQ4YThkNzg3MjQwODZmZDI4MjFkMmY5YjQwZDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Ahf9kb/9xIOFUT4nzK0azieNPwV
qxkNVAStYDMEawzF+b4COMKNr4kX7aog3VHck9AdAxtSTzVct7KItrnt2ugSjPqs
WV4fkCrRJUnV2/YHcV3GRt3wheRCfA1zU6ipqOXOv5EmzsjMqimTm/Hg+LN6axIC
Ae/KQJBd8xlV0Gu7SRr9YC8clRHD24grDZHqs9g4X4vTeRoBrLIYc7VAWOaU7USI
pVSaosbke2bQSdqezWKkViokmzOl/0wwskqx1u3O0BwanmU+k34FGKokpQhvnziO
90Kd+KblqdmmykFHq2hUmTIZjyE6x2zq+D70kmjNtAcv+bvVi+xwXaT2lQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJ8Sol6zXYqNeHJAhv0oIdL5tA00MB8GA1UdIwQY
MBaAFNfGClTgPJ+BXMM6/UXTxNua928WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMThZS1ZPQThuNEZjd3pyOVJkUEUyNXIzYnhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC84OTA5MGMtNTNiMS00MWJlLWEzMzgt
MzgzMWYzZWQxY2E4LzEvbnhLaVhyTmRpbzE0Y2tDR19TZ2gwdm0wRFRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC84OTA5MGMtNTNiMS00MWJlLWEzMzgtMzgzMWYzZWQxY2E4
LzEvMThZS1ZPQThuNEZjd3pyOVJkUEUyNXIzYnhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuSFyAwQA
yqIxMA0GCSqGSIb3DQEBCwUAA4IBAQBf64yaLQQBCJU15i40LIujgHXooRBtr/o6
LnHimQ1RO0i6/lL8FeHZwH7ttwAPpHnBnyZ8BxzzzOtstBEvYTmunMsEkABYfBdH
C5wET6vPMW0LBXkcQt2uQfvoF+nCIUOjDJYmGkEjHgy7zfubdHNY9vMqqsG0N/Tc
7V+a9ZsZEzL+FowZE273PzoQtWjOcJvkwMN5RuXJIaJlAZ8WDUaiNorchiB8Q7IS
UpDhTJuKHmESIx533r4EqvSp7CJAB9Azkf8XjjVw5Ha7pSnGGEgRfCQQEmmPY9sn
Nk182i9o2eVNoBPUnYZRtZn3+zmPQthjMGhQzCgilU6A/e+JyKQq
-----END CERTIFICATE-----
Generated at Fri May 9 13:43:14 2025 by rpki-client