Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/nbOZXhIINfQc77gHfbI_Sb1Z3kc.roa
File: nbOZXhIINfQc77gHfbI_Sb1Z3kc.roa (raw, json)
Hash identifier: NsyrOZGKSOyRSS6aHvrokQeFXOY4xYNam6BnK7E5duI=
Subject key identifier: 9D:B3:99:5E:12:08:35:F4:1C:EF:B8:07:7D:B2:3F:49:BD:59:DE:47
Certificate issuer: /CN=1e14eb1eef66c2d349f3f7d7bafa68e49fbfec9c
Certificate serial: 01970EA26CC74F32A34E45360BA8B9D01021
Authority key identifier: 1E:14:EB:1E:EF:66:C2:D3:49:F3:F7:D7:BA:FA:68:E4:9F:BF:EC:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HhTrHu9mwtNJ8_fXuvpo5J-_7Jw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/nbOZXhIINfQc77gHfbI_Sb1Z3kc.roa
Signing time: Mon 26 May 2025 22:06:55 +0000
ROA not before: Mon 26 May 2025 22:06:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29491
IP address blocks: 91.193.164.0/22 maxlen: 22
94.45.128.0/19 maxlen: 24
94.45.128.0/24 maxlen: 24
94.45.130.0/24 maxlen: 24
94.45.143.0/24 maxlen: 24
194.187.108.0/22 maxlen: 22
194.187.110.0/24 maxlen: 24
195.137.202.0/23 maxlen: 23
195.191.214.0/23 maxlen: 23
2a03:5dc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/HhTrHu9mwtNJ8_fXuvpo5J-_7Jw.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/HhTrHu9mwtNJ8_fXuvpo5J-_7Jw.mft
rsync://rpki.ripe.net/repository/DEFAULT/HhTrHu9mwtNJ8_fXuvpo5J-_7Jw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 18 Jun 2025 13:26:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:0e:a2:6c:c7:4f:32:a3:4e:45:36:0b:a8:b9:d0:10:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e14eb1eef66c2d349f3f7d7bafa68e49fbfec9c
Validity
Not Before: May 26 22:06:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9db3995e120835f41cefb8077db23f49bd59de47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:83:c8:90:09:2d:ae:7c:40:6f:66:af:6b:f5:
bb:6a:a9:2e:15:fd:b7:2b:09:11:80:29:96:39:67:
19:ef:e9:67:cb:2f:9a:e6:ca:bc:34:c8:2e:6c:8e:
50:20:19:e3:fe:53:63:da:ed:2b:a2:4b:ad:07:8c:
a1:c7:7a:9d:22:18:f9:1e:2b:23:58:ad:d2:f3:c2:
3d:ad:98:55:10:0c:2f:c6:87:4e:5d:22:8e:eb:94:
fd:cc:58:d7:5c:2b:33:9e:1e:36:48:4d:7a:f5:4a:
de:c8:f8:07:bd:ff:bf:6c:91:fd:65:4d:09:3c:e4:
a2:ff:a7:d1:4a:1e:02:41:48:56:ff:9c:2c:b9:91:
bd:b3:b3:29:9e:1c:69:7c:4d:7e:2f:7a:84:bf:0f:
36:da:e6:21:49:2c:34:f9:36:67:ff:7d:b5:9e:65:
25:86:cd:3a:8f:b5:4f:69:60:de:f6:aa:6e:dd:75:
3e:68:92:ce:90:ff:e2:42:11:32:d7:91:a1:81:ec:
69:a2:ab:f3:8a:0c:7b:ff:27:e5:ef:8c:6c:a0:83:
87:8f:9b:53:dd:8e:3f:cb:47:a0:3e:d3:fa:48:bc:
9c:88:f7:75:fc:0e:a7:03:83:b5:f0:1d:7b:1f:74:
ee:74:d7:2f:87:a6:74:80:f7:b7:d4:cb:98:13:ee:
bc:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:B3:99:5E:12:08:35:F4:1C:EF:B8:07:7D:B2:3F:49:BD:59:DE:47
X509v3 Authority Key Identifier:
keyid:1E:14:EB:1E:EF:66:C2:D3:49:F3:F7:D7:BA:FA:68:E4:9F:BF:EC:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HhTrHu9mwtNJ8_fXuvpo5J-_7Jw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/nbOZXhIINfQc77gHfbI_Sb1Z3kc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/HhTrHu9mwtNJ8_fXuvpo5J-_7Jw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.193.164.0/22
94.45.128.0/19
194.187.108.0/22
195.137.202.0/23
195.191.214.0/23
IPv6:
2a03:5dc0::/29
Signature Algorithm: sha256WithRSAEncryption
cd:75:fc:b5:c4:6a:3f:f7:61:96:d4:13:be:6e:b7:ae:bb:19:
be:c9:1d:f8:f2:47:07:5f:3d:c1:6d:04:de:84:74:cb:7f:af:
c5:a9:1d:fd:17:7c:ba:5d:b2:dc:1d:32:c9:a5:58:3a:99:09:
da:23:9f:1b:25:ae:99:9b:14:1a:d8:e9:af:ed:b1:37:15:b7:
de:36:cf:60:2e:e4:14:49:87:b9:c7:78:08:9e:ed:a2:be:77:
d8:31:ff:0b:25:fa:2b:4b:2a:42:8e:20:be:50:1b:10:5b:73:
72:28:94:89:51:c9:6a:6d:8c:8d:a1:1a:66:f3:f7:4e:f4:3d:
dd:4d:8f:55:e2:9d:b2:94:a7:91:9e:65:0b:de:44:c4:73:26:
18:4d:ce:ac:e1:bc:6e:9e:dc:f3:66:c9:5a:b4:fc:79:c1:85:
24:6b:0e:55:cd:87:2b:28:7d:dc:07:3a:da:c8:98:aa:ca:8e:
3a:c1:de:72:08:7d:0f:6c:79:fb:88:d1:0c:d8:ce:b3:ee:4c:
c2:fe:37:51:ff:d6:c1:d3:bb:98:65:b8:f2:3c:cb:d3:7f:02:
eb:eb:01:9b:a1:59:b9:1c:73:ab:83:f5:f2:5c:e2:f8:5b:57:
2d:43:96:3b:31:1c:43:7f:e7:aa:b6:a1:c3:b3:5f:c5:d0:8c:
c8:e7:9b:a7
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZcOomzHTzKjTkU2C6i50BAhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMTRlYjFlZWY2NmMyZDM0OWYzZjdkN2JhZmE2OGU0OWZi
ZmVjOWMwHhcNMjUwNTI2MjIwNjU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGIzOTk1ZTEyMDgzNWY0MWNlZmI4MDc3ZGIyM2Y0OWJkNTlkZTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy4PIkAktrnxAb2ava/W7aqkuFf23
KwkRgCmWOWcZ7+lnyy+a5sq8NMgubI5QIBnj/lNj2u0rokutB4yhx3qdIhj5Hisj
WK3S88I9rZhVEAwvxodOXSKO65T9zFjXXCsznh42SE169UreyPgHvf+/bJH9ZU0J
POSi/6fRSh4CQUhW/5wsuZG9s7MpnhxpfE1+L3qEvw822uYhSSw0+TZn/321nmUl
hs06j7VPaWDe9qpu3XU+aJLOkP/iQhEy15Ghgexpoqvzigx7/yfl74xsoIOHj5tT
3Y4/y0egPtP6SLyciPd1/A6nA4O18B17H3TudNcvh6Z0gPe31MuYE+68awIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFJ2zmV4SCDX0HO+4B32yP0m9Wd5HMB8GA1UdIwQY
MBaAFB4U6x7vZsLTSfP317r6aOSfv+ycMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGhUckh1OW13dE5KOF9mWHV2cG81Si1fN0p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy8zMzNhYjEtYWY5Yi00MzRjLThkMTMt
OWNhOThmNDk1MGNmLzEvbmJPWlhoSUlOZlFjNzdnSGZiSV9TYjFaM2tjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy8zMzNhYjEtYWY5Yi00MzRjLThkMTMtOWNhOThmNDk1MGNm
LzEvSGhUckh1OW13dE5KOF9mWHV2cG81Si1fN0p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCW8GkAwQF
Xi2AAwQCwrtsAwQBw4nKAwQBw7/WMA0EAgACMAcDBQMqA13AMA0GCSqGSIb3DQEB
CwUAA4IBAQDNdfy1xGo/92GW1BO+breuuxm+yR348kcHXz3BbQTehHTLf6/FqR39
F3y6XbLcHTLJpVg6mQnaI58bJa6ZmxQa2Omv7bE3FbfeNs9gLuQUSYe5x3gInu2i
vnfYMf8LJforSypCjiC+UBsQW3NyKJSJUclqbYyNoRpm8/dO9D3dTY9V4p2ylKeR
nmUL3kTEcyYYTc6s4bxuntzzZslatPx5wYUkaw5VzYcrKH3cBzrayJiqyo46wd5y
CH0PbHn7iNEM2M6z7kzC/jdR/9bB07uYZbjyPMvTfwLr6wGboVm5HHOrg/XyXOL4
W1ctQ5Y7MRxDf+eqtqHDs1/F0IzI55un
-----END CERTIFICATE-----
Generated at Tue Jun 17 19:22:28 2025 by rpki-client