Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/82e2ba-442c-42b0-9315-bc0dba932b35/1/N3HQCj8pZ2B5KD-1fWRfe-izTtI.roa
File: N3HQCj8pZ2B5KD-1fWRfe-izTtI.roa (raw, json)
Hash identifier: xkDsIDr+yVzsjhkmsgRy7CxO+RieEnLyvv6DyEzvUeY=
Subject key identifier: 37:71:D0:0A:3F:29:67:60:79:28:3F:B5:7D:64:5F:7B:E8:B3:4E:D2
Certificate issuer: /CN=44e888a76e99851b01fb86cec537d4d8e610de16
Certificate serial: 019777FD4A68003F657EE0CBD8F5CD02C088
Authority key identifier: 44:E8:88:A7:6E:99:85:1B:01:FB:86:CE:C5:37:D4:D8:E6:10:DE:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ROiIp26ZhRsB-4bOxTfU2OYQ3hY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/82e2ba-442c-42b0-9315-bc0dba932b35/1/N3HQCj8pZ2B5KD-1fWRfe-izTtI.roa
Signing time: Mon 16 Jun 2025 09:06:17 +0000
ROA not before: Mon 16 Jun 2025 09:06:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48955
IP address blocks: 89.35.80.0/23 maxlen: 23
89.40.222.0/23 maxlen: 23
89.45.124.0/23 maxlen: 23
91.235.207.0/24 maxlen: 24
92.42.0.0/24 maxlen: 24
185.98.158.0/24 maxlen: 24
193.239.176.0/24 maxlen: 24
194.32.82.0/24 maxlen: 24
194.106.206.0/24 maxlen: 24
195.35.100.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/82e2ba-442c-42b0-9315-bc0dba932b35/1/ROiIp26ZhRsB-4bOxTfU2OYQ3hY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/82e2ba-442c-42b0-9315-bc0dba932b35/1/ROiIp26ZhRsB-4bOxTfU2OYQ3hY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ROiIp26ZhRsB-4bOxTfU2OYQ3hY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:77:fd:4a:68:00:3f:65:7e:e0:cb:d8:f5:cd:02:c0:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44e888a76e99851b01fb86cec537d4d8e610de16
Validity
Not Before: Jun 16 09:06:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3771d00a3f29676079283fb57d645f7be8b34ed2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:9a:0d:3d:5b:5a:ec:cc:1b:24:14:1e:30:9a:
ff:1a:88:66:c3:55:1f:5f:8c:a4:84:a2:b9:34:e7:
37:3f:bf:ca:a0:60:3f:f9:e6:48:98:01:56:96:49:
3a:d7:fe:e8:13:c4:8a:c2:28:4d:9f:24:ff:60:21:
f7:97:75:2f:63:05:72:4a:71:93:a0:b3:fe:87:b6:
92:4d:de:c2:b2:28:6d:a9:3e:79:a7:d9:69:c7:97:
55:6a:4b:7c:e6:69:09:54:37:da:c2:ba:a0:fa:1d:
34:0a:be:b8:d8:d8:d1:f0:3b:98:e9:4a:82:9b:70:
59:49:0b:05:f8:0a:1a:47:df:23:cb:ee:07:ae:0d:
62:2d:2c:38:db:38:8b:09:0a:63:50:44:5c:0f:10:
7c:a7:bc:96:10:95:7b:69:05:d5:84:a6:5e:48:b7:
68:a3:24:42:49:f1:01:6d:b1:5f:5b:be:36:5e:75:
9a:9b:fe:fd:af:d3:8d:22:f1:e8:4a:74:2a:69:83:
8d:63:6c:0d:16:57:71:69:82:84:b4:22:aa:88:a1:
c1:de:8f:0c:81:86:25:88:67:80:ff:6f:43:8b:6e:
09:7d:59:58:96:5f:1f:3d:f9:07:85:67:75:93:99:
f1:2c:c0:d3:8a:6f:01:76:fd:5a:d2:c7:75:c6:75:
8e:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:71:D0:0A:3F:29:67:60:79:28:3F:B5:7D:64:5F:7B:E8:B3:4E:D2
X509v3 Authority Key Identifier:
keyid:44:E8:88:A7:6E:99:85:1B:01:FB:86:CE:C5:37:D4:D8:E6:10:DE:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ROiIp26ZhRsB-4bOxTfU2OYQ3hY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/82e2ba-442c-42b0-9315-bc0dba932b35/1/N3HQCj8pZ2B5KD-1fWRfe-izTtI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/82e2ba-442c-42b0-9315-bc0dba932b35/1/ROiIp26ZhRsB-4bOxTfU2OYQ3hY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.80.0/23
89.40.222.0/23
89.45.124.0/23
91.235.207.0/24
92.42.0.0/24
185.98.158.0/24
193.239.176.0/24
194.32.82.0/24
194.106.206.0/24
195.35.100.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:cf:73:52:b7:41:e6:a6:08:ac:b3:35:a7:31:0c:3e:8e:75:
ed:de:b0:b4:2e:0a:e0:38:e7:19:f6:c5:71:45:b0:dc:52:9d:
63:c0:8a:70:fd:26:d8:b2:f5:5b:1e:71:f1:9c:d1:f6:4c:e8:
0a:18:7e:c3:68:d2:69:b0:ba:a9:07:92:de:76:18:86:83:8c:
33:9b:5a:c7:06:79:13:32:d1:ee:89:8b:9d:51:3d:97:8d:32:
4f:07:0f:5b:c5:df:2e:6d:7a:6d:b0:91:79:35:6f:e6:ff:91:
28:c3:d9:88:32:49:8d:3f:e6:46:68:d9:62:13:eb:c2:56:1f:
1d:31:80:09:f3:2c:ea:8c:d9:8d:7e:68:b7:7c:ca:2e:10:43:
80:16:5a:60:96:37:d3:0d:06:ee:81:b8:39:ec:2a:48:d5:b9:
b0:08:6c:eb:16:ea:cf:10:dd:22:db:bb:9d:81:b8:ea:be:63:
d6:6d:cf:c5:fd:22:cc:0a:55:ee:11:9e:c3:51:4b:db:e5:57:
20:39:2e:9f:5d:bd:0f:dc:c9:46:9d:ee:e9:84:8e:25:0a:e6:
98:e0:a0:ac:21:ae:19:39:f5:e8:d0:e9:e4:13:b7:6f:ca:67:
f5:ff:b2:e3:b5:bf:f9:e0:2a:0b:88:1a:36:aa:0e:55:14:80:
20:87:67:23
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZd3/UpoAD9lfuDL2PXNAsCIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZTg4OGE3NmU5OTg1MWIwMWZiODZjZWM1MzdkNGQ4ZTYx
MGRlMTYwHhcNMjUwNjE2MDkwNjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzcxZDAwYTNmMjk2NzYwNzkyODNmYjU3ZDY0NWY3YmU4YjM0ZWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZoNPVta7MwbJBQeMJr/Gohmw1Uf
X4ykhKK5NOc3P7/KoGA/+eZImAFWlkk61/7oE8SKwihNnyT/YCH3l3UvYwVySnGT
oLP+h7aSTd7CsihtqT55p9lpx5dVakt85mkJVDfawrqg+h00Cr642NjR8DuY6UqC
m3BZSQsF+AoaR98jy+4Hrg1iLSw42ziLCQpjUERcDxB8p7yWEJV7aQXVhKZeSLdo
oyRCSfEBbbFfW742XnWam/79r9ONIvHoSnQqaYONY2wNFldxaYKEtCKqiKHB3o8M
gYYliGeA/29Di24JfVlYll8fPfkHhWd1k5nxLMDTim8Bdv1a0sd1xnWOhQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFDdx0Ao/KWdgeSg/tX1kX3vos07SMB8GA1UdIwQY
MBaAFEToiKdumYUbAfuGzsU31NjmEN4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUk9pSXAyNlpoUnNCLTRiT3hUZlUyT1lRM2hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS84MmUyYmEtNDQyYy00MmIwLTkzMTUt
YmMwZGJhOTMyYjM1LzEvTjNIUUNqOHBaMkI1S0QtMWZXUmZlLWl6VHRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS84MmUyYmEtNDQyYy00MmIwLTkzMTUtYmMwZGJhOTMyYjM1
LzEvUk9pSXAyNlpoUnNCLTRiT3hUZlUyT1lRM2hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQBWSNQAwQB
WSjeAwQBWS18AwQAW+vPAwQAXCoAAwQAuWKeAwQAwe+wAwQAwiBSAwQAwmrOAwQA
wyNkMA0GCSqGSIb3DQEBCwUAA4IBAQAbz3NSt0HmpgisszWnMQw+jnXt3rC0Lgrg
OOcZ9sVxRbDcUp1jwIpw/SbYsvVbHnHxnNH2TOgKGH7DaNJpsLqpB5LedhiGg4wz
m1rHBnkTMtHuiYudUT2XjTJPBw9bxd8ubXptsJF5NW/m/5Eow9mIMkmNP+ZGaNli
E+vCVh8dMYAJ8yzqjNmNfmi3fMouEEOAFlpgljfTDQbugbg57CpI1bmwCGzrFurP
EN0i27udgbjqvmPWbc/F/SLMClXuEZ7DUUvb5VcgOS6fXb0P3MlGne7phI4lCuaY
4KCsIa4ZOfXo0OnkE7dvymf1/7Ljtb/54CoLiBo2qg5VFIAgh2cj
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:56:44 2025 by rpki-client