Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/np0cAhPKRwujoBTUCYa5fOwFGh4.roa
File: np0cAhPKRwujoBTUCYa5fOwFGh4.roa (raw, json)
Hash identifier: 603KZeIB2oKqlOn7uaoh9ijriNQarwBJPP+paEteUbM=
Subject key identifier: 9E:9D:1C:02:13:CA:47:0B:A3:A0:14:D4:09:86:B9:7C:EC:05:1A:1E
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 01975918F7C13CE11ABA534101815E0CF68A
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/np0cAhPKRwujoBTUCYa5fOwFGh4.roa
Signing time: Tue 10 Jun 2025 09:08:17 +0000
ROA not before: Tue 10 Jun 2025 09:08:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48678
IP address blocks: 109.236.49.0/24 maxlen: 24
109.236.50.0/24 maxlen: 24
109.236.51.0/24 maxlen: 24
185.254.28.0/24 maxlen: 24
185.254.29.0/24 maxlen: 24
185.254.31.0/24 maxlen: 24
193.35.152.0/24 maxlen: 24
193.35.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.mft
rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 16 Jun 2025 04:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:59:18:f7:c1:3c:e1:1a:ba:53:41:01:81:5e:0c:f6:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Jun 10 09:08:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9e9d1c0213ca470ba3a014d40986b97cec051a1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:dc:8f:41:dd:f7:9b:3e:ac:6d:fe:68:65:83:
0f:57:2b:4f:fd:4a:60:e7:92:a2:76:34:0f:06:bb:
dd:9c:73:5d:42:d5:24:37:10:2c:34:8e:a7:68:a2:
e8:70:a8:d9:50:de:07:91:fb:40:b3:b1:f5:7a:65:
8a:6c:32:40:2d:e4:8f:d5:9b:d5:c3:23:21:5a:e6:
18:38:9e:7d:23:b0:b6:ec:b5:14:e4:f8:19:c4:f4:
eb:05:56:76:de:f2:ec:f3:10:d4:f6:48:43:92:e0:
02:7a:39:72:94:e2:1a:cc:90:91:c2:49:48:e1:a2:
6a:71:92:eb:20:60:3a:de:e2:20:07:ba:87:ba:fb:
a7:77:34:6c:86:a6:40:11:83:40:4e:a2:cf:58:76:
a4:f6:ae:3d:66:5e:4c:27:0e:bf:76:a3:b6:1d:27:
8e:90:99:77:d5:f7:db:7a:ec:95:38:7f:df:eb:7f:
1f:67:12:3a:c3:d6:f2:26:2b:5e:48:a7:00:4c:78:
2d:f1:51:8e:7e:31:e4:31:51:52:a6:6e:1b:bc:c4:
c7:e4:c2:9e:cb:dd:f3:30:6b:e3:5b:d2:56:48:36:
da:ad:a5:3d:d1:00:22:c4:51:eb:a9:2c:bd:ae:26:
ea:52:48:34:8c:25:ed:db:79:09:db:54:2d:4d:57:
8e:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:9D:1C:02:13:CA:47:0B:A3:A0:14:D4:09:86:B9:7C:EC:05:1A:1E
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/np0cAhPKRwujoBTUCYa5fOwFGh4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.236.49.0-109.236.51.255
185.254.28.0/23
185.254.31.0/24
193.35.152.0/23
Signature Algorithm: sha256WithRSAEncryption
8b:97:ca:24:d2:a5:af:c5:50:ec:90:c7:ed:b3:45:e3:c5:88:
2c:36:e6:b6:dc:e8:1a:ed:e5:cf:b0:8c:d9:0c:65:09:26:d0:
47:77:88:ab:c9:aa:8b:86:9f:40:2c:d7:20:ed:4e:ef:bf:2c:
9b:23:fe:6c:42:5f:77:69:ae:a0:28:c9:a7:c8:12:58:25:be:
07:80:e4:66:9f:4b:2b:ba:c7:7d:24:a9:ae:03:74:c3:58:45:
45:78:cc:82:cf:04:9c:92:14:b6:c6:a6:24:a3:cb:8f:34:0b:
da:fd:b8:ef:c2:6f:ac:0f:ec:74:0b:19:a5:8e:f7:c8:8f:c8:
62:a5:de:42:b1:6c:51:9f:7e:b3:52:aa:ff:3c:aa:b2:d2:cf:
22:1d:12:34:c3:e8:c3:ff:8f:7e:6d:1f:98:6a:eb:2d:77:d4:
41:b2:c6:3f:df:ed:62:3a:c2:2d:d1:1b:38:d2:29:ef:79:7a:
2b:11:98:89:21:7e:c3:94:fd:3e:7d:39:71:88:eb:36:33:d5:
a0:bb:59:c7:54:33:17:86:39:37:ce:54:4b:83:df:f2:27:05:
a1:b5:f0:9d:67:2c:c5:0a:3a:d5:f3:74:4d:1e:e1:a0:8d:9e:
dd:ad:f7:48:b8:91:d5:3e:61:c4:5c:2d:ea:ea:0f:f8:ca:57:
d1:c6:1c:08
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZdZGPfBPOEaulNBAYFeDPaKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjUwNjEwMDkwODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTlkMWMwMjEzY2E0NzBiYTNhMDE0ZDQwOTg2Yjk3Y2VjMDUxYTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoNyPQd33mz6sbf5oZYMPVytP/Upg
55KidjQPBrvdnHNdQtUkNxAsNI6naKLocKjZUN4HkftAs7H1emWKbDJALeSP1ZvV
wyMhWuYYOJ59I7C27LUU5PgZxPTrBVZ23vLs8xDU9khDkuACejlylOIazJCRwklI
4aJqcZLrIGA63uIgB7qHuvundzRshqZAEYNATqLPWHak9q49Zl5MJw6/dqO2HSeO
kJl31ffbeuyVOH/f638fZxI6w9byJiteSKcATHgt8VGOfjHkMVFSpm4bvMTH5MKe
y93zMGvjW9JWSDbaraU90QAixFHrqSy9ribqUkg0jCXt23kJ21QtTVeOSwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFJ6dHAITykcLo6AU1AmGuXzsBRoeMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvbnAwY0FoUEtSd3Vqb0JUVUNZYTVmT3dGR2g0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBABt7DED
BAJt7DADBAG5/hwDBAC5/h8DBAHBI5gwDQYJKoZIhvcNAQELBQADggEBAIuXyiTS
pa/FUOyQx+2zRePFiCw25rbc6Brt5c+wjNkMZQkm0Ed3iKvJqouGn0As1yDtTu+/
LJsj/mxCX3dprqAoyafIElglvgeA5GafSyu6x30kqa4DdMNYRUV4zILPBJySFLbG
piSjy480C9r9uO/Cb6wP7HQLGaWO98iPyGKl3kKxbFGffrNSqv88qrLSzyIdEjTD
6MP/j35tH5hq6y131EGyxj/f7WI6wi3RGzjSKe95eisRmIkhfsOU/T59OXGI6zYz
1aC7WcdUMxeGOTfOVEuD3/InBaG18J1nLMUKOtXzdE0e4aCNnt2t90i4kdU+YcRc
LerqD/jKV9HGHAg=
-----END CERTIFICATE-----
Generated at Sun Jun 15 12:27:13 2025 by rpki-client