Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ncufSlW7F-6baW6KA3AJZJHu_IA.roa
File: ncufSlW7F-6baW6KA3AJZJHu_IA.roa (raw, json)
Hash identifier: VFboSXcbS667dGtXW2sEO2S1zQANVzpVP2+0DmhVt0c=
Subject key identifier: 9D:CB:9F:4A:55:BB:17:EE:9B:69:6E:8A:03:70:09:64:91:EE:FC:80
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0196381A07D1975BC7D1866473D5448821C0
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ncufSlW7F-6baW6KA3AJZJHu_IA.roa
Signing time: Tue 15 Apr 2025 06:19:12 +0000
ROA not before: Tue 15 Apr 2025 06:19:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58057
IP address blocks: 45.131.186.0/24 maxlen: 24
45.136.136.0/24 maxlen: 24
45.136.137.0/24 maxlen: 24
45.136.139.0/24 maxlen: 24
185.102.84.0/24 maxlen: 24
185.232.117.0/24 maxlen: 24
193.33.94.0/23 maxlen: 24
193.163.86.0/24 maxlen: 24
194.50.92.0/24 maxlen: 24
2a04:ccc0:ffff::/48 maxlen: 48
2a04:ccc1::/32 maxlen: 48
2a04:ccc3::/32 maxlen: 48
2a04:ccc4::/32 maxlen: 48
2a04:ccc5::/32 maxlen: 48
2a04:ccc6::/32 maxlen: 48
2a04:ccc7::/32 maxlen: 48
2a09:4c0::/29 maxlen: 64
2a0c:3b80::/32 maxlen: 48
2a0c:3b81::/32 maxlen: 48
2a0c:3b82::/32 maxlen: 48
2a0c:3b83::/32 maxlen: 48
2a0c:3b84::/32 maxlen: 48
2a0c:3b85::/32 maxlen: 48
2a0c:3b86::/32 maxlen: 48
2a0e:97c0:1d0::/44 maxlen: 44
2a0e:97c0:260::/44 maxlen: 44
2a0e:97c1:200::/40 maxlen: 48
2a0e:97c3:110::/44 maxlen: 48
2a0e:97c4:120::/44 maxlen: 48
2a0e:b107:9f2::/48 maxlen: 48
2a0e:b107:1165::/48 maxlen: 48
2a0e:b107:1786::/48 maxlen: 48
2a0e:b107:21c0::/45 maxlen: 48
2a0e:b107:2220::/45 maxlen: 48
2a0e:b107:2228::/45 maxlen: 48
2a0f:e404:102::/48 maxlen: 48
2a10:2f00:18d::/48 maxlen: 48
2a10:2f00:18f::/48 maxlen: 48
2a10:2f00:193::/48 maxlen: 48
2a10:cc40:250::/44 maxlen: 48
2a10:cc45:130::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:38:1a:07:d1:97:5b:c7:d1:86:64:73:d5:44:88:21:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Apr 15 06:19:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9dcb9f4a55bb17ee9b696e8a0370096491eefc80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:80:7e:62:9a:6b:e4:d0:17:0b:24:37:d7:0f:
69:b1:1c:15:d9:75:34:6e:6f:e6:fe:be:71:d1:15:
28:48:24:58:ff:97:c5:c1:b8:a7:8c:9e:08:9e:17:
7b:a6:12:74:08:e9:6c:de:d6:a5:cf:c0:d0:e7:ff:
22:73:7b:6b:1b:e8:99:e5:c4:f6:d2:64:eb:14:8c:
29:66:c4:6b:89:bf:84:3f:03:c0:30:e9:54:f8:00:
c0:1a:4b:88:96:2f:84:ab:4b:ee:01:2a:1e:0c:ae:
50:68:97:99:b4:3a:a5:56:bd:65:a1:99:02:37:9d:
cf:69:bf:59:13:1d:bd:32:8d:b8:63:28:d2:2f:ff:
62:d3:62:43:7f:b7:a4:1f:8a:44:9e:4d:43:51:72:
07:17:fc:76:e5:69:f5:48:99:97:71:af:52:53:1c:
c5:d0:27:39:20:5c:e4:6d:21:b6:94:6e:22:a4:4a:
ea:70:0f:bc:d6:24:3c:99:f4:62:a7:19:64:7b:ec:
67:51:3e:a8:28:3d:79:db:c8:5c:92:bc:ae:e3:91:
98:89:d2:59:4b:27:fe:59:0e:56:4e:74:a1:79:8d:
ae:2f:2c:72:9a:5f:d3:28:9f:17:bc:44:9f:18:da:
21:3a:16:64:df:d3:c1:9a:96:e6:22:62:b3:01:2e:
5c:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:CB:9F:4A:55:BB:17:EE:9B:69:6E:8A:03:70:09:64:91:EE:FC:80
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ncufSlW7F-6baW6KA3AJZJHu_IA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.186.0/24
45.136.136.0/23
45.136.139.0/24
185.102.84.0/24
185.232.117.0/24
193.33.94.0/23
193.163.86.0/24
194.50.92.0/24
IPv6:
2a04:ccc0:ffff::-2a04:ccc1:ffff:ffff:ffff:ffff:ffff:ffff
2a04:ccc3::-2a04:ccc7:ffff:ffff:ffff:ffff:ffff:ffff
2a09:4c0::/29
2a0c:3b80::-2a0c:3b86:ffff:ffff:ffff:ffff:ffff:ffff
2a0e:97c0:1d0::/44
2a0e:97c0:260::/44
2a0e:97c1:200::/40
2a0e:97c3:110::/44
2a0e:97c4:120::/44
2a0e:b107:9f2::/48
2a0e:b107:1165::/48
2a0e:b107:1786::/48
2a0e:b107:21c0::/45
2a0e:b107:2220::/44
2a0f:e404:102::/48
2a10:2f00:18d::/48
2a10:2f00:18f::/48
2a10:2f00:193::/48
2a10:cc40:250::/44
2a10:cc45:130::/44
Signature Algorithm: sha256WithRSAEncryption
a2:f5:b1:c6:34:5c:b9:3a:61:7f:b2:30:19:7a:af:41:44:22:
e9:2c:93:23:a5:5b:9c:e7:c0:4e:e3:0e:37:2c:7b:9a:e6:f6:
55:04:a5:0b:ae:53:6d:28:6f:5b:56:47:91:1b:da:14:1e:22:
c1:c1:35:a3:8b:4c:fa:b7:fe:f6:f4:72:fa:29:02:d2:11:64:
4b:6b:55:cb:57:c7:63:b3:2d:b3:73:b4:a1:dc:b9:52:62:d1:
f3:ad:da:a1:d6:fa:9c:21:99:b0:a1:63:a4:d5:66:d9:6d:d3:
8c:fd:87:2d:f4:4a:c8:40:fc:6d:e8:5c:17:3d:d1:e5:e6:15:
45:87:03:ff:04:96:f5:c4:a5:d5:b8:ea:41:06:00:cf:f3:96:
f5:20:5b:c8:f5:1c:40:64:fc:54:4e:56:36:03:49:b5:ae:aa:
47:45:2f:73:70:d4:63:9a:7d:ac:18:99:90:8d:fb:01:c9:65:
ea:77:bf:c2:81:a2:8a:3e:11:8e:50:d8:f4:6e:60:8f:e9:20:
51:44:1a:16:db:e6:d5:76:76:07:87:99:d1:7e:c0:b2:a3:f1:
80:fa:39:09:76:29:cd:6f:e5:2e:ca:09:19:e5:e0:e9:90:d4:
a9:6a:a6:3c:79:1b:7b:cc:bf:60:2a:82:b6:86:c0:69:92:9a:
d7:47:06:7d
-----BEGIN CERTIFICATE-----
MIIF/zCCBOegAwIBAgISAZY4GgfRl1vH0YZkc9VEiCHAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwNDE1MDYxOTEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGNiOWY0YTU1YmIxN2VlOWI2OTZlOGEwMzcwMDk2NDkxZWVmYzgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzoB+Yppr5NAXCyQ31w9psRwV2XU0
bm/m/r5x0RUoSCRY/5fFwbinjJ4Inhd7phJ0COls3talz8DQ5/8ic3trG+iZ5cT2
0mTrFIwpZsRrib+EPwPAMOlU+ADAGkuIli+Eq0vuASoeDK5QaJeZtDqlVr1loZkC
N53Pab9ZEx29Mo24YyjSL/9i02JDf7ekH4pEnk1DUXIHF/x25Wn1SJmXca9SUxzF
0Cc5IFzkbSG2lG4ipErqcA+81iQ8mfRipxlke+xnUT6oKD1528hckryu45GYidJZ
Syf+WQ5WTnSheY2uLyxyml/TKJ8XvESfGNohOhZk39PBmpbmImKzAS5cOwIDAQAB
o4IDCzCCAwcwHQYDVR0OBBYEFJ3Ln0pVuxfum2luigNwCWSR7vyAMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvbmN1ZlNsVzdGLTZiYVc2S0EzQUpaSkh1X0lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBHwYIKwYBBQUHAQcBAf8EggEOMIIBCjA2BAIAATAwAwQA
LYO6AwQBLYiIAwQALYiLAwQAuWZUAwQAueh1AwQBwSFeAwQAwaNWAwQAwjJcMIHP
BAIAAjCByDAQAwcAKgTMwP//AwUBKgTMwDAOAwUAKgTMwwMFAyoEzMADBQMqCQTA
MA4DBQcqDDuAAwUAKgw7hgMHBCoOl8AB0AMHBCoOl8ACYAMGACoOl8ECAwcEKg6X
wwEQAwcEKg6XxAEgAwcAKg6xBwnyAwcAKg6xBxFlAwcAKg6xBxeGAwcDKg6xByHA
AwcEKg6xByIgAwcAKg/kBAECAwcAKhAvAAGNAwcAKhAvAAGPAwcAKhAvAAGTAwcE
KhDMQAJQAwcEKhDMRQEwMA0GCSqGSIb3DQEBCwUAA4IBAQCi9bHGNFy5OmF/sjAZ
eq9BRCLpLJMjpVuc58BO4w43LHua5vZVBKULrlNtKG9bVkeRG9oUHiLBwTWji0z6
t/729HL6KQLSEWRLa1XLV8djsy2zc7Sh3LlSYtHzrdqh1vqcIZmwoWOk1WbZbdOM
/Yct9ErIQPxt6FwXPdHl5hVFhwP/BJb1xKXVuOpBBgDP85b1IFvI9RxAZPxUTlY2
A0m1rqpHRS9zcNRjmn2sGJmQjfsByWXqd7/CgaKKPhGOUNj0bmCP6SBRRBoW2+bV
dnYHh5nRfsCyo/GA+jkJdinNb+UuygkZ5eDpkNSpaqY8eRt7zL9gKoK2hsBpkprX
RwZ9
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:36:33 2025 by rpki-client