Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/38ff36-7d73-485c-8910-37c14092eb27/1/NopP_ZIwxAVnz5Xq3F8YDJ6XlSQ.roa
File: NopP_ZIwxAVnz5Xq3F8YDJ6XlSQ.roa (raw, json)
Hash identifier: klfGz6i2JiivKFDVhsCpWAOF20m0ZYcMb/uXv3sHlTs=
Subject key identifier: 36:8A:4F:FD:92:30:C4:05:67:CF:95:EA:DC:5F:18:0C:9E:97:95:24
Certificate issuer: /CN=df3b82005fdbe961020f740ab43c554e5a38451f
Certificate serial: 01972F5D53B5FFA430C14E0CDC36AC39D51A
Authority key identifier: DF:3B:82:00:5F:DB:E9:61:02:0F:74:0A:B4:3C:55:4E:5A:38:45:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3zuCAF_b6WECD3QKtDxVTlo4RR8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/38ff36-7d73-485c-8910-37c14092eb27/1/NopP_ZIwxAVnz5Xq3F8YDJ6XlSQ.roa
Signing time: Mon 02 Jun 2025 06:38:54 +0000
ROA not before: Mon 02 Jun 2025 06:38:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34265
IP address blocks: 176.106.0.0/21 maxlen: 21
176.106.0.0/24 maxlen: 24
176.106.1.0/24 maxlen: 24
176.112.120.0/21 maxlen: 21
176.112.120.0/24 maxlen: 24
176.112.121.0/24 maxlen: 24
176.112.127.0/24 maxlen: 24
193.138.184.0/22 maxlen: 22
193.138.186.0/24 maxlen: 24
193.138.187.0/24 maxlen: 24
213.108.72.0/21 maxlen: 21
213.108.75.0/24 maxlen: 24
213.108.78.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/38ff36-7d73-485c-8910-37c14092eb27/1/3zuCAF_b6WECD3QKtDxVTlo4RR8.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/38ff36-7d73-485c-8910-37c14092eb27/1/3zuCAF_b6WECD3QKtDxVTlo4RR8.mft
rsync://rpki.ripe.net/repository/DEFAULT/3zuCAF_b6WECD3QKtDxVTlo4RR8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 21 Jun 2025 07:01:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:2f:5d:53:b5:ff:a4:30:c1:4e:0c:dc:36:ac:39:d5:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df3b82005fdbe961020f740ab43c554e5a38451f
Validity
Not Before: Jun 2 06:38:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=368a4ffd9230c40567cf95eadc5f180c9e979524
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:2e:29:b8:48:d6:98:0b:f2:72:c6:d1:b9:51:
ce:7d:4d:4b:65:10:79:27:8a:b4:b7:91:ab:b5:e0:
10:9d:4e:3f:ea:56:ec:65:1a:c0:88:86:bd:e9:40:
66:7b:1b:26:03:41:0d:37:49:76:54:87:82:89:9f:
ab:29:a1:8c:4a:b3:43:8c:43:c7:3a:4f:e6:ec:fe:
c7:51:86:4e:65:f4:23:b7:b3:d4:5e:b9:62:75:89:
b3:d3:ad:ab:f7:78:00:3a:57:a0:31:bf:2a:5a:80:
a7:f1:db:24:ce:0f:b7:b4:57:c7:cd:1c:cc:e5:47:
03:d3:ea:f9:79:95:33:22:23:96:ee:1e:63:2a:49:
5e:b3:84:80:9f:00:e8:95:ba:8c:db:d0:ec:9a:90:
9b:61:1a:c8:dc:04:fd:f4:5b:66:31:5b:0f:d1:9b:
f8:64:cf:c8:62:7d:4a:ed:36:df:9b:0f:c6:fc:d3:
62:86:89:01:e8:cb:0b:bb:7c:62:7e:92:ae:d3:af:
2c:d2:a4:1b:40:8e:f8:6e:b4:2a:2c:df:20:dc:47:
6f:78:01:39:7f:df:5e:52:f7:58:10:d0:95:9d:1c:
e6:c7:e7:23:64:9d:5f:5b:0e:d1:e5:c6:f0:10:1a:
f9:76:25:98:0d:cc:e1:50:2d:cb:d8:04:b8:bb:22:
ca:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:8A:4F:FD:92:30:C4:05:67:CF:95:EA:DC:5F:18:0C:9E:97:95:24
X509v3 Authority Key Identifier:
keyid:DF:3B:82:00:5F:DB:E9:61:02:0F:74:0A:B4:3C:55:4E:5A:38:45:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3zuCAF_b6WECD3QKtDxVTlo4RR8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/38ff36-7d73-485c-8910-37c14092eb27/1/NopP_ZIwxAVnz5Xq3F8YDJ6XlSQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/38ff36-7d73-485c-8910-37c14092eb27/1/3zuCAF_b6WECD3QKtDxVTlo4RR8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.106.0.0/21
176.112.120.0/21
193.138.184.0/22
213.108.72.0/21
Signature Algorithm: sha256WithRSAEncryption
98:53:a0:1e:05:6f:8a:e5:74:1a:ce:3f:72:a3:17:a6:0d:6e:
cf:68:76:61:73:8c:25:81:48:dc:18:cd:b9:e1:32:cb:cf:d9:
55:56:32:8a:89:17:6d:41:ea:bb:91:6a:57:50:c8:f8:ed:19:
7a:cb:08:99:89:a2:70:b2:6d:c6:20:f4:9f:23:41:a7:f8:b3:
46:08:33:1c:79:60:2c:c3:a0:e8:8b:6d:9a:bc:f5:61:ef:94:
ef:6a:78:a2:3a:c9:fe:ee:a5:fd:45:20:70:fd:45:ff:f7:2c:
30:89:c1:89:fa:df:ab:54:3b:5e:00:6e:ee:58:07:48:4c:c1:
cd:ec:90:24:52:73:84:d9:6a:66:ad:ae:df:68:61:37:c5:c5:
8b:f1:7a:61:64:09:c4:25:d6:c2:5c:88:21:4e:39:df:de:06:
b8:a9:48:66:fa:dd:50:59:c1:30:7c:65:e4:29:d4:c9:6f:68:
07:d5:64:54:ae:c1:19:9a:4e:d0:6f:74:0b:f8:80:23:60:07:
84:c9:81:9e:fd:64:57:19:8b:22:b4:d6:b5:61:fc:c3:99:0e:
c2:7d:92:18:f4:f1:8e:bd:53:d9:83:ce:fb:72:1b:3e:88:d9:
af:37:33:83:3b:99:8e:fe:8f:9e:ac:7f:dc:f3:8a:a0:0a:cc:
96:36:c6:27
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZcvXVO1/6QwwU4M3DasOdUaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmM2I4MjAwNWZkYmU5NjEwMjBmNzQwYWI0M2M1NTRlNWEz
ODQ1MWYwHhcNMjUwNjAyMDYzODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjhhNGZmZDkyMzBjNDA1NjdjZjk1ZWFkYzVmMTgwYzllOTc5NTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwS4puEjWmAvycsbRuVHOfU1LZRB5
J4q0t5GrteAQnU4/6lbsZRrAiIa96UBmexsmA0ENN0l2VIeCiZ+rKaGMSrNDjEPH
Ok/m7P7HUYZOZfQjt7PUXrlidYmz062r93gAOlegMb8qWoCn8dskzg+3tFfHzRzM
5UcD0+r5eZUzIiOW7h5jKkles4SAnwDolbqM29DsmpCbYRrI3AT99FtmMVsP0Zv4
ZM/IYn1K7Tbfmw/G/NNihokB6MsLu3xifpKu068s0qQbQI74brQqLN8g3EdveAE5
f99eUvdYENCVnRzmx+cjZJ1fWw7R5cbwEBr5diWYDczhUC3L2AS4uyLKowIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDaKT/2SMMQFZ8+V6txfGAyel5UkMB8GA1UdIwQY
MBaAFN87ggBf2+lhAg90CrQ8VU5aOEUfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3p1Q0FGX2I2V0VDRDNRS3REeFZUbG80UlI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS8zOGZmMzYtN2Q3My00ODVjLTg5MTAt
MzdjMTQwOTJlYjI3LzEvTm9wUF9aSXd4QVZuejVYcTNGOFlESjZYbFNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS8zOGZmMzYtN2Q3My00ODVjLTg5MTAtMzdjMTQwOTJlYjI3
LzEvM3p1Q0FGX2I2V0VDRDNRS3REeFZUbG80UlI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDsGoAAwQD
sHB4AwQCwYq4AwQD1WxIMA0GCSqGSIb3DQEBCwUAA4IBAQCYU6AeBW+K5XQazj9y
oxemDW7PaHZhc4wlgUjcGM254TLLz9lVVjKKiRdtQeq7kWpXUMj47Rl6ywiZiaJw
sm3GIPSfI0Gn+LNGCDMceWAsw6Doi22avPVh75TvaniiOsn+7qX9RSBw/UX/9yww
icGJ+t+rVDteAG7uWAdITMHN7JAkUnOE2Wpmra7faGE3xcWL8XphZAnEJdbCXIgh
Tjnf3ga4qUhm+t1QWcEwfGXkKdTJb2gH1WRUrsEZmk7Qb3QL+IAjYAeEyYGe/WRX
GYsitNa1YfzDmQ7CfZIY9PGOvVPZg877chs+iNmvNzODO5mO/o+erH/c84qgCsyW
NsYn
-----END CERTIFICATE-----
Generated at Fri Jun 20 17:31:59 2025 by rpki-client