Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/e22dc2-f406-40c9-ba5f-bf69b12a6744/1/nOieJBaD-sIvzNFw8ys8kgtNYus.roa
File: nOieJBaD-sIvzNFw8ys8kgtNYus.roa (raw, json)
Hash identifier: mIQiCbdb3uG6eqbgHss6OvqglKI0yQcTc3QtF2YXAwA=
Subject key identifier: 9C:E8:9E:24:16:83:FA:C2:2F:CC:D1:70:F3:2B:3C:92:0B:4D:62:EB
Certificate issuer: /CN=9e81ddaad88f7071612d7c3b7618e24d1a5233bb
Certificate serial: 0199A49BB4C21252CA15E6ACAEAB1B6B71C3
Authority key identifier: 9E:81:DD:AA:D8:8F:70:71:61:2D:7C:3B:76:18:E2:4D:1A:52:33:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/noHdqtiPcHFhLXw7dhjiTRpSM7s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/e22dc2-f406-40c9-ba5f-bf69b12a6744/1/nOieJBaD-sIvzNFw8ys8kgtNYus.roa
Signing time: Thu 02 Oct 2025 11:08:11 +0000
ROA not before: Thu 02 Oct 2025 11:08:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61060
IP address blocks: 37.44.8.0/21 maxlen: 21
45.66.112.0/22 maxlen: 22
185.144.4.0/22 maxlen: 22
185.144.5.0/24 maxlen: 24
185.172.160.0/22 maxlen: 22
193.5.148.0/24 maxlen: 24
2a10:40::/32 maxlen: 32
2a10:41::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/e22dc2-f406-40c9-ba5f-bf69b12a6744/1/noHdqtiPcHFhLXw7dhjiTRpSM7s.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/e22dc2-f406-40c9-ba5f-bf69b12a6744/1/noHdqtiPcHFhLXw7dhjiTRpSM7s.mft
rsync://rpki.ripe.net/repository/DEFAULT/noHdqtiPcHFhLXw7dhjiTRpSM7s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:a4:9b:b4:c2:12:52:ca:15:e6:ac:ae:ab:1b:6b:71:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e81ddaad88f7071612d7c3b7618e24d1a5233bb
Validity
Not Before: Oct 2 11:08:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9ce89e241683fac22fccd170f32b3c920b4d62eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:69:77:24:68:29:e5:f3:ec:5a:37:e8:69:4a:
37:9b:67:59:cd:8f:74:27:ca:6a:b9:f5:07:f5:9d:
6f:c9:11:b0:9f:c9:64:00:13:f4:b0:2f:48:cc:fd:
1d:a0:b8:9f:6d:ff:ec:22:35:94:e8:83:88:c6:52:
51:33:0c:5d:7c:37:70:b7:2e:38:68:b2:af:b4:3d:
bd:e4:09:a7:eb:0c:4a:41:93:dd:c6:6c:84:8e:89:
cb:07:e8:b1:5e:e1:ac:44:5c:32:6d:7b:04:47:8f:
70:36:5f:da:53:77:1d:eb:22:98:c3:2a:7e:6b:75:
5a:f3:cd:f4:45:f7:db:8b:1c:a7:01:05:b9:b3:4b:
81:16:8e:60:c9:8c:a8:52:db:b7:50:78:bc:b3:25:
17:f3:c8:fc:3c:c7:fb:6f:03:bd:28:7a:e1:61:9b:
5e:65:41:86:03:ad:05:2c:ac:ac:7a:12:6d:6c:d8:
2c:37:f6:b2:31:c5:f2:67:fc:64:8c:02:82:42:bf:
f7:cd:25:16:4c:1c:92:8c:a6:73:65:ba:c7:cc:a2:
b8:3f:19:6f:f8:8f:8c:25:a3:eb:98:c0:ce:5c:1c:
7f:8e:2d:0f:86:73:89:b2:07:bd:c9:4a:fb:06:92:
f4:3b:b2:8b:4f:b8:6f:db:1d:93:fd:b5:8c:2d:b3:
4c:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:E8:9E:24:16:83:FA:C2:2F:CC:D1:70:F3:2B:3C:92:0B:4D:62:EB
X509v3 Authority Key Identifier:
keyid:9E:81:DD:AA:D8:8F:70:71:61:2D:7C:3B:76:18:E2:4D:1A:52:33:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/noHdqtiPcHFhLXw7dhjiTRpSM7s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/e22dc2-f406-40c9-ba5f-bf69b12a6744/1/nOieJBaD-sIvzNFw8ys8kgtNYus.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/e22dc2-f406-40c9-ba5f-bf69b12a6744/1/noHdqtiPcHFhLXw7dhjiTRpSM7s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.44.8.0/21
45.66.112.0/22
185.144.4.0/22
185.172.160.0/22
193.5.148.0/24
IPv6:
2a10:40::/31
Signature Algorithm: sha256WithRSAEncryption
5e:d6:eb:b6:d9:da:fe:8f:79:37:3f:1b:5e:5c:a1:3e:a7:b1:
16:39:5b:fc:a2:8c:7b:26:57:c8:b4:98:80:70:2d:4e:b4:58:
b5:a6:e6:10:3a:bb:26:6a:36:00:06:15:90:89:93:cd:a3:2b:
c7:57:45:eb:ed:e2:4c:18:fa:66:5c:69:2a:44:48:39:6e:d4:
36:58:1b:13:b3:cd:8f:e3:67:ff:7b:e0:cd:06:aa:6f:dc:09:
12:3d:83:7d:2a:0e:48:0e:d4:ab:08:81:da:dd:71:7b:45:6e:
cd:ec:38:c5:5c:e8:40:0f:a1:88:92:c5:56:e5:b1:4c:68:f3:
cd:75:2c:9f:4c:8e:21:2a:6a:c0:23:64:71:56:22:52:13:3c:
65:3d:91:97:3f:22:8c:ab:f8:f1:25:0c:7d:1d:19:39:fa:59:
bb:3a:74:a7:f4:a9:94:73:88:15:3b:1d:4f:8e:d8:a9:5e:00:
fe:5b:92:f5:94:e7:ec:3a:c6:08:62:55:8c:cc:3a:7c:65:33:
63:ca:5d:e9:da:f3:17:78:e9:dd:72:73:ab:e3:43:8b:b1:30:
e3:da:aa:16:40:fa:2c:9a:65:29:d1:19:ea:e1:1a:5b:16:e3:
46:1d:a9:40:97:84:2d:da:72:1c:aa:13:fe:71:b8:12:6e:64:
79:6b:06:d1
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZmkm7TCElLKFeasrqsba3HDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllODFkZGFhZDg4ZjcwNzE2MTJkN2MzYjc2MThlMjRkMWE1
MjMzYmIwHhcNMjUxMDAyMTEwODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2U4OWUyNDE2ODNmYWMyMmZjY2QxNzBmMzJiM2M5MjBiNGQ2MmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8Wl3JGgp5fPsWjfoaUo3m2dZzY90
J8pqufUH9Z1vyRGwn8lkABP0sC9IzP0doLifbf/sIjWU6IOIxlJRMwxdfDdwty44
aLKvtD295Amn6wxKQZPdxmyEjonLB+ixXuGsRFwybXsER49wNl/aU3cd6yKYwyp+
a3Va8830RffbixynAQW5s0uBFo5gyYyoUtu3UHi8syUX88j8PMf7bwO9KHrhYZte
ZUGGA60FLKysehJtbNgsN/ayMcXyZ/xkjAKCQr/3zSUWTBySjKZzZbrHzKK4Pxlv
+I+MJaPrmMDOXBx/ji0PhnOJsge9yUr7BpL0O7KLT7hv2x2T/bWMLbNMCQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFJzoniQWg/rCL8zRcPMrPJILTWLrMB8GA1UdIwQY
MBaAFJ6B3arYj3BxYS18O3YY4k0aUjO7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbm9IZHF0aVBjSEZoTFh3N2RoamlUUnBTTTdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9lMjJkYzItZjQwNi00MGM5LWJhNWYt
YmY2OWIxMmE2NzQ0LzEvbk9pZUpCYUQtc0l2ek5Gdzh5czhrZ3ROWXVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9lMjJkYzItZjQwNi00MGM5LWJhNWYtYmY2OWIxMmE2NzQ0
LzEvbm9IZHF0aVBjSEZoTFh3N2RoamlUUnBTTTdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDJSwIAwQC
LUJwAwQCuZAEAwQCuaygAwQAwQWUMA0EAgACMAcDBQEqEABAMA0GCSqGSIb3DQEB
CwUAA4IBAQBe1uu22dr+j3k3PxteXKE+p7EWOVv8oox7JlfItJiAcC1OtFi1puYQ
OrsmajYABhWQiZPNoyvHV0Xr7eJMGPpmXGkqREg5btQ2WBsTs82P42f/e+DNBqpv
3AkSPYN9Kg5IDtSrCIHa3XF7RW7N7DjFXOhAD6GIksVW5bFMaPPNdSyfTI4hKmrA
I2RxViJSEzxlPZGXPyKMq/jxJQx9HRk5+lm7OnSn9KmUc4gVOx1PjtipXgD+W5L1
lOfsOsYIYlWMzDp8ZTNjyl3p2vMXeOndcnOr40OLsTDj2qoWQPosmmUp0Rnq4Rpb
FuNGHalAl4Qt2nIcqhP+cbgSbmR5awbR
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:25:52 2025 by rpki-client