Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/T1_pchNqlq7DTDdnnhWMYLChBoU.roa
File: T1_pchNqlq7DTDdnnhWMYLChBoU.roa (raw, json)
Hash identifier: 3peIpL8l/Rnx3wWmXa0H7Vz2+9XZpZaFvAX9xROlB/s=
Subject key identifier: 4F:5F:E9:72:13:6A:96:AE:C3:4C:37:67:9E:15:8C:60:B0:A1:06:85
Certificate issuer: /CN=9e55320077696944b1613c2e8c9c606a1e06eb79
Certificate serial: 019657FBEE2DC01B41AF5F1722EA19E539A6
Authority key identifier: 9E:55:32:00:77:69:69:44:B1:61:3C:2E:8C:9C:60:6A:1E:06:EB:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nlUyAHdpaUSxYTwujJxgah4G63k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/T1_pchNqlq7DTDdnnhWMYLChBoU.roa
Signing time: Mon 21 Apr 2025 10:54:10 +0000
ROA not before: Mon 21 Apr 2025 10:54:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34984
IP address blocks: 5.182.244.0/24 maxlen: 24
89.200.219.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/nlUyAHdpaUSxYTwujJxgah4G63k.crl
rsync://rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/nlUyAHdpaUSxYTwujJxgah4G63k.mft
rsync://rpki.ripe.net/repository/DEFAULT/nlUyAHdpaUSxYTwujJxgah4G63k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Apr 2025 13:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:57:fb:ee:2d:c0:1b:41:af:5f:17:22:ea:19:e5:39:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e55320077696944b1613c2e8c9c606a1e06eb79
Validity
Not Before: Apr 21 10:54:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4f5fe972136a96aec34c37679e158c60b0a10685
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ca:16:ed:4d:ee:7c:77:94:11:69:54:a0:62:
3a:65:bb:11:2e:ad:b6:0d:c4:4d:8a:56:b2:92:73:
dc:4a:46:b8:3a:41:e5:cc:5b:c9:d6:a8:50:7f:c0:
e2:52:20:d4:4c:3a:da:bc:ee:04:c2:70:0f:a7:a6:
a6:33:2f:c7:af:66:d2:d2:e8:99:27:af:5f:af:42:
7c:25:cc:5f:d6:5c:81:3c:04:2c:f8:26:8f:d0:8e:
74:5c:8b:12:79:59:89:fb:bc:85:a9:3a:c3:81:ed:
3d:5f:6f:a6:f4:63:98:c3:8e:3e:94:0a:27:2c:c1:
02:9d:0f:bf:eb:de:57:44:4f:4c:9a:b3:20:a0:96:
09:42:8e:8c:00:75:99:67:c5:b3:83:55:70:47:8d:
4c:26:be:9d:0b:45:bf:4e:b6:28:9f:12:d6:17:4b:
16:e3:1c:f1:bd:bb:3c:43:65:bb:e1:a3:16:20:e0:
5d:72:45:33:5a:c2:25:b4:69:0c:25:46:92:a8:61:
43:d8:fe:a5:77:04:c2:00:ab:53:2c:eb:2c:29:40:
18:bc:b6:1c:5e:6a:d7:9f:9c:44:5f:b2:bf:1a:c4:
6c:c1:2f:c8:c6:77:0d:bd:34:56:e6:69:95:08:c5:
26:fb:dc:6f:27:10:86:6b:36:19:83:6a:e2:e1:79:
4e:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:5F:E9:72:13:6A:96:AE:C3:4C:37:67:9E:15:8C:60:B0:A1:06:85
X509v3 Authority Key Identifier:
keyid:9E:55:32:00:77:69:69:44:B1:61:3C:2E:8C:9C:60:6A:1E:06:EB:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nlUyAHdpaUSxYTwujJxgah4G63k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/T1_pchNqlq7DTDdnnhWMYLChBoU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/nlUyAHdpaUSxYTwujJxgah4G63k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.244.0/24
89.200.219.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:6d:20:a7:2b:ff:9b:49:62:59:55:fe:d4:c8:c8:ea:3f:a6:
1b:93:bf:4a:26:5f:22:d8:9a:71:00:70:8d:51:2a:33:60:f5:
ca:90:e2:0d:6f:62:a1:17:16:27:72:7f:96:aa:b4:93:da:be:
61:bc:2b:04:72:dc:02:59:b7:6b:62:aa:e6:eb:05:60:fb:58:
3d:02:a6:6d:13:25:51:03:0e:ec:8c:96:66:72:da:77:64:4b:
7b:b9:d9:72:31:83:2a:2b:17:8f:79:6b:59:76:11:91:d6:bd:
b4:44:7b:ba:a6:8e:03:6c:81:1b:f1:d6:a7:2f:da:e7:ab:07:
48:68:dd:f6:67:6d:a2:1a:b8:ff:32:05:a0:18:ea:ad:8a:04:
f9:2c:bd:f2:bb:7b:9b:5d:5b:12:e5:91:f0:4e:ca:2a:bf:89:
16:b1:29:60:33:ac:35:9e:d1:39:be:c7:da:c3:8d:9c:8a:93:
38:ab:ad:a6:c5:08:08:d0:5a:60:26:76:31:52:be:5e:f9:32:
8f:b5:54:74:7e:eb:0c:07:e0:01:18:5a:7c:bc:b4:c8:60:53:
ea:a7:b6:b8:4b:11:3c:5c:fa:c4:2d:ea:e4:e4:b5:14:bb:db:
d3:d1:de:42:79:82:a6:82:29:47:89:50:80:3f:15:aa:1e:aa:
c1:f1:cf:48
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZZX++4twBtBr18XIuoZ5TmmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNTUzMjAwNzc2OTY5NDRiMTYxM2MyZThjOWM2MDZhMWUw
NmViNzkwHhcNMjUwNDIxMTA1NDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjVmZTk3MjEzNmE5NmFlYzM0YzM3Njc5ZTE1OGM2MGIwYTEwNjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMoW7U3ufHeUEWlUoGI6ZbsRLq22
DcRNilayknPcSka4OkHlzFvJ1qhQf8DiUiDUTDravO4EwnAPp6amMy/Hr2bS0uiZ
J69fr0J8Jcxf1lyBPAQs+CaP0I50XIsSeVmJ+7yFqTrDge09X2+m9GOYw44+lAon
LMECnQ+/695XRE9MmrMgoJYJQo6MAHWZZ8Wzg1VwR41MJr6dC0W/TrYonxLWF0sW
4xzxvbs8Q2W74aMWIOBdckUzWsIltGkMJUaSqGFD2P6ldwTCAKtTLOssKUAYvLYc
XmrXn5xEX7K/GsRswS/IxncNvTRW5mmVCMUm+9xvJxCGazYZg2ri4XlOTQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE9f6XITapauw0w3Z54VjGCwoQaFMB8GA1UdIwQY
MBaAFJ5VMgB3aWlEsWE8LoycYGoeBut5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmxVeUFIZHBhVVN4WVR3dWpKeGdhaDRHNjNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC8yNjBiNjEtYTM0OC00ZDQ3LTkyZjYt
MWUwZThiOTA5ZTM0LzEvVDFfcGNoTnFscTdEVERkbm5oV01ZTENoQm9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC8yNjBiNjEtYTM0OC00ZDQ3LTkyZjYtMWUwZThiOTA5ZTM0
LzEvbmxVeUFIZHBhVVN4WVR3dWpKeGdhaDRHNjNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABbb0AwQA
WcjbMA0GCSqGSIb3DQEBCwUAA4IBAQC6bSCnK/+bSWJZVf7UyMjqP6Ybk79KJl8i
2JpxAHCNUSozYPXKkOINb2KhFxYncn+WqrST2r5hvCsEctwCWbdrYqrm6wVg+1g9
AqZtEyVRAw7sjJZmctp3ZEt7udlyMYMqKxePeWtZdhGR1r20RHu6po4DbIEb8dan
L9rnqwdIaN32Z22iGrj/MgWgGOqtigT5LL3yu3ubXVsS5ZHwTsoqv4kWsSlgM6w1
ntE5vsfaw42cipM4q62mxQgI0FpgJnYxUr5e+TKPtVR0fusMB+ABGFp8vLTIYFPq
p7a4SxE8XPrELerk5LUUu9vT0d5CeYKmgilHiVCAPxWqHqrB8c9I
-----END CERTIFICATE-----
Generated at Mon Apr 28 19:59:55 2025 by rpki-client