Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/07cdcf-8875-4770-8c75-41b745bf53db/1/NjASS9Fcywmz2PQGC289Z6czZDw.roa
File: NjASS9Fcywmz2PQGC289Z6czZDw.roa (raw, json)
Hash identifier: HSbgUfk0PK7NcRU0i0FIegZSv4Qc7DSpvzCcUEz+mx0=
Subject key identifier: 36:30:12:4B:D1:5C:CB:09:B3:D8:F4:06:0B:6F:3D:67:A7:33:64:3C
Certificate issuer: /CN=49378660f5f01923946c35d94be5ccd7d2b71051
Certificate serial: 01978CA35348E8A1414DF22B1073F6FBC800
Authority key identifier: 49:37:86:60:F5:F0:19:23:94:6C:35:D9:4B:E5:CC:D7:D2:B7:10:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/STeGYPXwGSOUbDXZS-XM19K3EFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/07cdcf-8875-4770-8c75-41b745bf53db/1/NjASS9Fcywmz2PQGC289Z6czZDw.roa
Signing time: Fri 20 Jun 2025 09:20:03 +0000
ROA not before: Fri 20 Jun 2025 09:20:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203593
IP address blocks: 157.97.163.0/24 maxlen: 24
185.129.252.0/22 maxlen: 24
193.254.202.0/23 maxlen: 24
213.244.32.0/20 maxlen: 24
2a06:d680::/29 maxlen: 32
2a0a:6840::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/07cdcf-8875-4770-8c75-41b745bf53db/1/STeGYPXwGSOUbDXZS-XM19K3EFE.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/07cdcf-8875-4770-8c75-41b745bf53db/1/STeGYPXwGSOUbDXZS-XM19K3EFE.mft
rsync://rpki.ripe.net/repository/DEFAULT/STeGYPXwGSOUbDXZS-XM19K3EFE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 00:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:8c:a3:53:48:e8:a1:41:4d:f2:2b:10:73:f6:fb:c8:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49378660f5f01923946c35d94be5ccd7d2b71051
Validity
Not Before: Jun 20 09:20:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3630124bd15ccb09b3d8f4060b6f3d67a733643c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:e1:fb:69:67:97:93:76:9d:0a:3b:d9:0a:e9:
4d:08:2e:76:1e:65:2c:3b:26:75:85:f9:a1:29:06:
a2:95:fe:68:f1:ef:20:78:c8:3a:0b:fe:2a:f9:ad:
b8:d6:6d:57:f6:a1:af:65:cc:94:ac:98:48:76:01:
13:75:89:84:2a:9f:0f:11:64:4d:71:f5:70:c2:34:
fa:23:5b:9a:21:05:33:95:15:b8:8f:e1:f2:3d:ea:
a2:41:86:56:9e:25:01:88:4f:f8:7f:b9:01:49:b5:
80:36:40:cf:cd:93:e1:2a:1f:99:d4:10:ec:3a:cb:
85:52:39:06:42:49:e9:8b:e8:46:e6:39:b4:88:42:
b7:44:e6:10:3c:f9:a7:dc:b1:26:d5:df:11:75:53:
ad:b5:32:1b:c2:11:34:88:86:36:67:8f:7d:11:93:
68:cf:2b:a4:7d:57:b2:c8:4b:67:60:73:7f:bf:4f:
4c:72:da:6a:db:07:6c:21:57:d4:35:98:5e:29:d3:
c1:ca:ef:8b:42:3f:c1:06:3a:76:3e:89:2c:63:24:
ab:71:37:21:67:c6:cf:32:de:3e:4f:3e:e5:07:12:
12:6d:d8:81:15:ae:44:9a:1d:f6:f1:f3:68:71:11:
be:b3:2f:a8:da:93:e1:cb:4d:a2:b5:e4:d7:cb:2c:
14:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:30:12:4B:D1:5C:CB:09:B3:D8:F4:06:0B:6F:3D:67:A7:33:64:3C
X509v3 Authority Key Identifier:
keyid:49:37:86:60:F5:F0:19:23:94:6C:35:D9:4B:E5:CC:D7:D2:B7:10:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/STeGYPXwGSOUbDXZS-XM19K3EFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/07cdcf-8875-4770-8c75-41b745bf53db/1/NjASS9Fcywmz2PQGC289Z6czZDw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/07cdcf-8875-4770-8c75-41b745bf53db/1/STeGYPXwGSOUbDXZS-XM19K3EFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.97.163.0/24
185.129.252.0/22
193.254.202.0/23
213.244.32.0/20
IPv6:
2a06:d680::/29
2a0a:6840::/29
Signature Algorithm: sha256WithRSAEncryption
a0:f7:ce:b4:63:58:50:6d:b0:32:27:12:89:8e:35:0b:ed:f9:
41:34:a1:41:f3:71:07:29:93:9c:49:7e:1d:9d:e3:0a:f2:48:
e0:4f:14:8d:f9:dd:65:29:6f:d3:b7:12:50:d6:c1:50:6c:86:
86:94:ff:3d:8b:19:4f:ea:8b:9f:7d:c6:04:14:5c:75:69:f2:
5e:60:e1:89:26:51:6f:e5:48:8c:46:27:c5:38:71:69:ca:4d:
1d:ae:34:91:21:09:27:a4:15:9e:28:d4:c2:36:01:90:da:f7:
2c:60:b6:17:f0:5d:85:0c:a3:17:1f:21:6e:ba:8b:55:30:12:
c1:a5:92:6e:f0:d9:d3:69:f4:eb:1d:0b:2e:f8:27:de:0c:fd:
3b:45:a5:87:27:80:f5:e2:a4:59:99:3c:75:44:c3:de:96:13:
6c:f8:14:8a:02:29:05:7c:72:42:8c:ed:ae:f4:10:1c:54:40:
58:7b:74:e7:2a:e0:2e:b9:11:1e:e5:2a:e1:c9:9a:d5:44:46:
b8:6b:fa:c0:7a:f7:4a:97:4e:d0:7b:57:ff:da:83:98:a1:4a:
4d:59:2e:11:79:16:10:ee:9b:31:89:29:c3:00:e2:83:7e:6b:
71:66:ec:40:39:1d:8a:a7:4e:2f:d3:7b:95:96:f9:68:ce:f0:
4a:8b:76:4c
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZeMo1NI6KFBTfIrEHP2+8gAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5Mzc4NjYwZjVmMDE5MjM5NDZjMzVkOTRiZTVjY2Q3ZDJi
NzEwNTEwHhcNMjUwNjIwMDkyMDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjMwMTI0YmQxNWNjYjA5YjNkOGY0MDYwYjZmM2Q2N2E3MzM2NDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAneH7aWeXk3adCjvZCulNCC52HmUs
OyZ1hfmhKQailf5o8e8geMg6C/4q+a241m1X9qGvZcyUrJhIdgETdYmEKp8PEWRN
cfVwwjT6I1uaIQUzlRW4j+HyPeqiQYZWniUBiE/4f7kBSbWANkDPzZPhKh+Z1BDs
OsuFUjkGQknpi+hG5jm0iEK3ROYQPPmn3LEm1d8RdVOttTIbwhE0iIY2Z499EZNo
zyukfVeyyEtnYHN/v09Mctpq2wdsIVfUNZheKdPByu+LQj/BBjp2PoksYySrcTch
Z8bPMt4+Tz7lBxISbdiBFa5Emh328fNocRG+sy+o2pPhy02iteTXyywU6wIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFDYwEkvRXMsJs9j0BgtvPWenM2Q8MB8GA1UdIwQY
MBaAFEk3hmD18BkjlGw12UvlzNfStxBRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1RlR1lQWHdHU09VYkRYWlMtWE0xOUszRUZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8wN2NkY2YtODg3NS00NzcwLThjNzUt
NDFiNzQ1YmY1M2RiLzEvTmpBU1M5RmN5d216MlBRR0MyODlaNmN6WkR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8wN2NkY2YtODg3NS00NzcwLThjNzUtNDFiNzQ1YmY1M2Ri
LzEvU1RlR1lQWHdHU09VYkRYWlMtWE0xOUszRUZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQAnWGjAwQC
uYH8AwQBwf7KAwQE1fQgMBQEAgACMA4DBQMqBtaAAwUDKgpoQDANBgkqhkiG9w0B
AQsFAAOCAQEAoPfOtGNYUG2wMicSiY41C+35QTShQfNxBymTnEl+HZ3jCvJI4E8U
jfndZSlv07cSUNbBUGyGhpT/PYsZT+qLn33GBBRcdWnyXmDhiSZRb+VIjEYnxThx
acpNHa40kSEJJ6QVnijUwjYBkNr3LGC2F/BdhQyjFx8hbrqLVTASwaWSbvDZ02n0
6x0LLvgn3gz9O0WlhyeA9eKkWZk8dUTD3pYTbPgUigIpBXxyQoztrvQQHFRAWHt0
5yrgLrkRHuUq4cma1URGuGv6wHr3SpdO0HtX/9qDmKFKTVkuEXkWEO6bMYkpwwDi
g35rcWbsQDkdiqdOL9N7lZb5aM7wSot2TA==
-----END CERTIFICATE-----
Generated at Sun Jun 29 08:12:02 2025 by rpki-client