Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/nuSvhtSdRa3PuOgrH0yIixyEAnE.roa
File: nuSvhtSdRa3PuOgrH0yIixyEAnE.roa (raw, json)
Hash identifier: Cx6hYocM+3Mg8cSkkb6ffwBE4ZYh5zNkzJT+Ky6p81M=
Subject key identifier: 9E:E4:AF:86:D4:9D:45:AD:CF:B8:E8:2B:1F:4C:88:8B:1C:84:02:71
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 01972FCFC568C6672B90B0BBAF5F37D4699A
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/nuSvhtSdRa3PuOgrH0yIixyEAnE.roa
Signing time: Mon 02 Jun 2025 08:43:54 +0000
ROA not before: Mon 02 Jun 2025 08:43:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25113
IP address blocks: 193.251.158.0/24 maxlen: 24
193.252.124.0/24 maxlen: 24
193.252.150.0/23 maxlen: 24
193.252.152.0/23 maxlen: 24
193.252.235.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.mft
rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 19:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:2f:cf:c5:68:c6:67:2b:90:b0:bb:af:5f:37:d4:69:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jun 2 08:43:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9ee4af86d49d45adcfb8e82b1f4c888b1c840271
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:22:34:00:f7:3d:f3:c2:86:cf:43:d7:97:a2:
5f:85:50:7c:65:00:0b:98:e6:07:dc:fa:e0:3e:69:
f0:4b:5e:a6:26:9f:a6:12:a4:73:74:d2:08:5b:ee:
17:11:ab:cd:66:ab:0e:e4:84:68:1b:1b:e7:6a:71:
cb:fe:13:cf:9e:05:30:45:a7:a1:b7:34:87:09:4f:
c5:34:2e:54:30:29:36:a5:8a:00:6b:50:16:50:99:
81:c7:1b:ab:31:c1:df:2d:36:3c:49:8e:3e:ab:19:
69:96:ce:eb:5a:d2:bf:6e:87:43:f0:cb:3c:99:78:
8b:57:56:ff:a7:90:85:d6:79:b1:6c:bc:de:d3:44:
f3:e6:e0:8d:f5:28:b6:97:b8:9e:0f:60:e0:c8:a9:
31:32:93:dc:e4:ea:43:7b:40:74:e5:cd:1c:b8:92:
ad:4c:e5:98:b2:ca:96:48:b6:52:e8:76:b2:6c:67:
08:6a:02:f8:d6:3b:1b:41:04:6e:85:e8:e1:d3:8e:
97:cd:41:10:13:6e:4f:a1:c8:30:2e:e6:fa:fd:3d:
74:8f:21:59:e0:8e:73:7b:3d:26:36:18:c0:a8:73:
a6:33:d5:eb:f9:c4:57:f3:6d:d7:11:60:2e:74:57:
ac:ed:8e:57:16:e1:a8:60:56:73:a8:7f:50:b7:66:
e4:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:E4:AF:86:D4:9D:45:AD:CF:B8:E8:2B:1F:4C:88:8B:1C:84:02:71
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/nuSvhtSdRa3PuOgrH0yIixyEAnE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.251.158.0/24
193.252.124.0/24
193.252.150.0-193.252.153.255
193.252.235.0/24
Signature Algorithm: sha256WithRSAEncryption
03:7c:c2:23:d6:52:9c:12:ad:6a:ee:96:3f:3d:9b:9b:d1:31:
ea:bc:7b:fa:09:38:53:0e:a3:dc:99:5f:04:a2:7c:3f:47:fd:
e5:23:51:78:ce:d5:de:43:83:48:e9:4d:0d:55:af:52:7d:4b:
70:4e:8b:5e:52:f9:0f:19:00:f4:aa:0d:6f:42:21:dc:33:79:
cd:c2:bb:a4:e9:e9:65:dd:9a:a9:2a:21:60:9a:6c:c1:07:96:
16:e0:11:5d:db:a8:67:14:29:75:18:e6:15:bc:9b:d8:6c:5d:
3d:84:80:fb:98:20:57:50:d3:34:64:0c:98:5d:67:4b:22:44:
2a:5f:be:d2:10:ba:f1:5a:40:d0:03:e2:cb:81:c4:e3:02:d2:
03:3a:40:90:5e:13:a5:4b:f8:f7:13:ea:a4:43:c0:4f:6b:52:
f3:9f:bb:f8:b6:0f:fb:59:8e:9c:9d:c0:07:fa:68:e6:ab:11:
b9:4b:15:fe:ef:dc:0d:3a:56:5a:f4:d3:d9:f3:37:11:74:36:
9c:69:e7:f9:f9:1d:e2:c4:cb:74:9f:74:7d:af:8b:ea:25:94:
0c:6c:79:60:74:24:a8:82:8a:56:b5:cb:9a:b5:3e:9b:da:e0:
fe:69:70:c0:7f:b0:52:e2:bb:1e:a2:79:3b:24:84:2f:4b:ca:
0c:6c:17:34
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZcvz8VoxmcrkLC7r1831GmaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjUwNjAyMDg0MzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWU0YWY4NmQ0OWQ0NWFkY2ZiOGU4MmIxZjRjODg4YjFjODQwMjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtSI0APc988KGz0PXl6JfhVB8ZQAL
mOYH3PrgPmnwS16mJp+mEqRzdNIIW+4XEavNZqsO5IRoGxvnanHL/hPPngUwRaeh
tzSHCU/FNC5UMCk2pYoAa1AWUJmBxxurMcHfLTY8SY4+qxlpls7rWtK/bodD8Ms8
mXiLV1b/p5CF1nmxbLze00Tz5uCN9Si2l7ieD2DgyKkxMpPc5OpDe0B05c0cuJKt
TOWYssqWSLZS6HaybGcIagL41jsbQQRuhejh046XzUEQE25PocgwLub6/T10jyFZ
4I5zez0mNhjAqHOmM9Xr+cRX823XEWAudFes7Y5XFuGoYFZzqH9Qt2bkvwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFJ7kr4bUnUWtz7joKx9MiIschAJxMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvbnVTdmh0U2RSYTNQdU9nckgweUlpeHlFQW5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAwfueAwQA
wfx8MAwDBAHB/JYDBAHB/JgDBADB/OswDQYJKoZIhvcNAQELBQADggEBAAN8wiPW
UpwSrWrulj89m5vRMeq8e/oJOFMOo9yZXwSifD9H/eUjUXjO1d5Dg0jpTQ1Vr1J9
S3BOi15S+Q8ZAPSqDW9CIdwzec3Cu6Tp6WXdmqkqIWCabMEHlhbgEV3bqGcUKXUY
5hW8m9hsXT2EgPuYIFdQ0zRkDJhdZ0siRCpfvtIQuvFaQNAD4suBxOMC0gM6QJBe
E6VL+PcT6qRDwE9rUvOfu/i2D/tZjpydwAf6aOarEblLFf7v3A06Vlr009nzNxF0
Npxp5/n5HeLEy3SfdH2vi+ollAxseWB0JKiCila1y5q1Ppva4P5pcMB/sFLiux6i
eTskhC9LygxsFzQ=
-----END CERTIFICATE-----
Generated at Sun Jun 15 03:16:56 2025 by rpki-client