Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/24db21-efb9-407e-96ad-013d2a11c0a5/1/nNW4KSgPA--HMZbOvN0wrjE78RY.roa
File: nNW4KSgPA--HMZbOvN0wrjE78RY.roa (raw, json)
Hash identifier: 84Hxv/gGXJN5VIyPdqcuH/H3o9PoVNXInlG1MH6WokI=
Subject key identifier: 9C:D5:B8:29:28:0F:03:EF:87:31:96:CE:BC:DD:30:AE:31:3B:F1:16
Certificate issuer: /CN=efa5b62347a1b64cea49a2ab3ab4983c34861fb2
Certificate serial: 01989F22F37A6C263C2ED99B879722ACCC41
Authority key identifier: EF:A5:B6:23:47:A1:B6:4C:EA:49:A2:AB:3A:B4:98:3C:34:86:1F:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/76W2I0ehtkzqSaKrOrSYPDSGH7I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/24db21-efb9-407e-96ad-013d2a11c0a5/1/nNW4KSgPA--HMZbOvN0wrjE78RY.roa
Signing time: Tue 12 Aug 2025 16:35:24 +0000
ROA not before: Tue 12 Aug 2025 16:35:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49592
IP address blocks: 83.143.119.0/24 maxlen: 24
2a07:cec0:4402::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/24db21-efb9-407e-96ad-013d2a11c0a5/1/76W2I0ehtkzqSaKrOrSYPDSGH7I.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/24db21-efb9-407e-96ad-013d2a11c0a5/1/76W2I0ehtkzqSaKrOrSYPDSGH7I.mft
rsync://rpki.ripe.net/repository/DEFAULT/76W2I0ehtkzqSaKrOrSYPDSGH7I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 Aug 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:9f:22:f3:7a:6c:26:3c:2e:d9:9b:87:97:22:ac:cc:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=efa5b62347a1b64cea49a2ab3ab4983c34861fb2
Validity
Not Before: Aug 12 16:35:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9cd5b829280f03ef873196cebcdd30ae313bf116
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:f5:62:71:47:6b:a7:75:74:b1:16:fd:5f:a2:
45:9e:58:09:9d:be:96:e1:19:35:4e:0b:c5:be:49:
69:29:62:a4:81:e4:e6:83:90:c6:7c:48:d4:e2:8b:
91:49:7c:e1:94:9d:7b:24:25:96:f9:6d:f0:cd:0c:
cb:2f:13:7e:09:7f:4a:ad:35:e8:4a:e6:63:a8:8d:
62:8a:8c:03:f3:82:b9:44:23:67:93:e5:79:c8:b9:
bf:b4:44:63:b2:5f:c6:a2:2f:20:40:a5:f6:6e:d6:
fc:fd:d6:11:fa:c3:1c:fd:df:13:cf:69:5a:3e:4f:
09:1a:52:0c:26:53:d0:1f:aa:04:61:1e:06:92:c2:
95:78:89:cb:56:a3:3b:b5:be:7e:3d:0a:db:46:19:
95:6b:9f:d6:49:d0:32:4c:0c:26:71:5b:4f:dd:35:
7e:ba:66:e6:a2:29:ad:a5:8e:12:be:ad:a3:37:50:
43:88:a8:1d:02:41:77:22:ac:fe:93:eb:3b:1c:23:
e3:a0:88:39:20:52:d2:5c:d2:da:3e:64:0f:3b:ed:
ef:b6:88:27:d0:30:72:6f:66:5d:95:d4:f4:12:d9:
52:51:c0:a2:06:6e:67:ad:17:54:09:fe:73:a2:ce:
7a:79:2d:42:2f:f9:d6:a1:47:ce:3c:63:eb:5b:11:
81:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:D5:B8:29:28:0F:03:EF:87:31:96:CE:BC:DD:30:AE:31:3B:F1:16
X509v3 Authority Key Identifier:
keyid:EF:A5:B6:23:47:A1:B6:4C:EA:49:A2:AB:3A:B4:98:3C:34:86:1F:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/76W2I0ehtkzqSaKrOrSYPDSGH7I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/24db21-efb9-407e-96ad-013d2a11c0a5/1/nNW4KSgPA--HMZbOvN0wrjE78RY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/24db21-efb9-407e-96ad-013d2a11c0a5/1/76W2I0ehtkzqSaKrOrSYPDSGH7I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.143.119.0/24
IPv6:
2a07:cec0:4402::/48
Signature Algorithm: sha256WithRSAEncryption
0f:98:4d:98:8b:f1:f7:c5:21:b8:a2:86:eb:38:b1:00:98:56:
46:32:aa:52:93:c5:ed:ab:aa:a8:d8:f9:24:3e:71:4b:5e:43:
11:c2:9a:15:96:fe:80:36:92:e9:42:61:98:96:c7:da:76:36:
89:e1:0a:d7:3c:b1:6c:2f:4a:26:80:c5:3f:db:5e:2f:00:88:
c6:9a:db:23:ce:73:2c:40:8d:64:70:ed:13:84:9b:e1:9f:7c:
7a:14:f6:b6:f5:85:98:7a:b6:aa:9f:af:f3:b3:cf:a5:1d:8e:
e5:cd:c9:c3:85:75:82:88:f7:f3:31:ad:ac:69:ef:45:aa:d4:
f3:9e:eb:05:7c:9d:23:fe:5f:d0:11:70:b3:3a:80:09:ee:7b:
3b:da:46:6c:11:d0:53:23:24:d2:3e:23:11:94:95:78:d5:1a:
9a:87:9e:24:d2:81:c2:5b:d3:fa:97:cb:f9:3c:8e:ba:13:08:
72:dd:82:00:0f:e0:60:f2:85:a7:6e:47:8d:a8:84:26:31:0f:
68:ad:f4:2b:ef:d1:05:55:15:1a:5f:ee:2a:e2:40:ef:b3:04:
81:cb:ca:8f:72:2f:7a:c6:4c:6f:a7:9f:eb:0e:b6:e0:18:7f:
aa:2d:09:01:30:3f:8a:b5:65:6a:d8:6f:9d:ea:38:d1:91:4c:
02:c3:af:b5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZifIvN6bCY8Ltmbh5cirMxBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmYTViNjIzNDdhMWI2NGNlYTQ5YTJhYjNhYjQ5ODNjMzQ4
NjFmYjIwHhcNMjUwODEyMTYzNTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2Q1YjgyOTI4MGYwM2VmODczMTk2Y2ViY2RkMzBhZTMxM2JmMTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxPVicUdrp3V0sRb9X6JFnlgJnb6W
4Rk1TgvFvklpKWKkgeTmg5DGfEjU4ouRSXzhlJ17JCWW+W3wzQzLLxN+CX9KrTXo
SuZjqI1iiowD84K5RCNnk+V5yLm/tERjsl/Goi8gQKX2btb8/dYR+sMc/d8Tz2la
Pk8JGlIMJlPQH6oEYR4GksKVeInLVqM7tb5+PQrbRhmVa5/WSdAyTAwmcVtP3TV+
umbmoimtpY4Svq2jN1BDiKgdAkF3Iqz+k+s7HCPjoIg5IFLSXNLaPmQPO+3vtogn
0DByb2ZdldT0EtlSUcCiBm5nrRdUCf5zos56eS1CL/nWoUfOPGPrWxGB5wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJzVuCkoDwPvhzGWzrzdMK4xO/EWMB8GA1UdIwQY
MBaAFO+ltiNHobZM6kmiqzq0mDw0hh+yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzZXMkkwZWh0a3pxU2FLck9yU1lQRFNHSDdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yNGRiMjEtZWZiOS00MDdlLTk2YWQt
MDEzZDJhMTFjMGE1LzEvbk5XNEtTZ1BBLS1ITVpiT3ZOMHdyakU3OFJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yNGRiMjEtZWZiOS00MDdlLTk2YWQtMDEzZDJhMTFjMGE1
LzEvNzZXMkkwZWh0a3pxU2FLck9yU1lQRFNHSDdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAU493MA8E
AgACMAkDBwAqB87ARAIwDQYJKoZIhvcNAQELBQADggEBAA+YTZiL8ffFIbiihus4
sQCYVkYyqlKTxe2rqqjY+SQ+cUteQxHCmhWW/oA2kulCYZiWx9p2NonhCtc8sWwv
SiaAxT/bXi8AiMaa2yPOcyxAjWRw7ROEm+GffHoU9rb1hZh6tqqfr/Ozz6UdjuXN
ycOFdYKI9/Mxraxp70Wq1POe6wV8nSP+X9ARcLM6gAnuezvaRmwR0FMjJNI+IxGU
lXjVGpqHniTSgcJb0/qXy/k8jroTCHLdggAP4GDyhaduR42ohCYxD2it9Cvv0QVV
FRpf7iriQO+zBIHLyo9yL3rGTG+nn+sOtuAYf6otCQEwP4q1ZWrYb53qONGRTALD
r7U=
-----END CERTIFICATE-----
Generated at Wed Aug 13 15:59:41 2025 by rpki-client