Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/NwHU4_RRdYlU4XyGWZgPG7ScoJI.roa
File: NwHU4_RRdYlU4XyGWZgPG7ScoJI.roa (raw, json)
Hash identifier: ipL8tImvWhn17uYEp5lsF1Z56RqnWb9jmUuXddwpoFg=
Subject key identifier: 37:01:D4:E3:F4:51:75:89:54:E1:7C:86:59:98:0F:1B:B4:9C:A0:92
Certificate issuer: /CN=b630b73b51cbc5380dd4adb3d5aaff4d7a334c5e
Certificate serial: 0196677CBDA5066D173D48053A4EC3889C65
Authority key identifier: B6:30:B7:3B:51:CB:C5:38:0D:D4:AD:B3:D5:AA:FF:4D:7A:33:4C:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tjC3O1HLxTgN1K2z1ar_TXozTF4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/NwHU4_RRdYlU4XyGWZgPG7ScoJI.roa
Signing time: Thu 24 Apr 2025 11:09:10 +0000
ROA not before: Thu 24 Apr 2025 11:09:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47952
IP address blocks: 45.136.106.0/24 maxlen: 24
45.139.220.0/24 maxlen: 24
45.139.221.0/24 maxlen: 24
45.139.223.0/24 maxlen: 24
45.145.21.0/24 maxlen: 24
45.145.22.0/24 maxlen: 24
45.145.23.0/24 maxlen: 24
81.200.140.0/24 maxlen: 24
81.200.141.0/24 maxlen: 24
91.194.52.0/24 maxlen: 24
91.194.54.0/24 maxlen: 24
185.82.220.0/24 maxlen: 24
185.82.221.0/24 maxlen: 24
185.82.222.0/24 maxlen: 24
185.82.223.0/24 maxlen: 24
185.126.177.0/24 maxlen: 24
185.126.178.0/24 maxlen: 24
185.126.179.0/24 maxlen: 24
185.201.212.0/24 maxlen: 24
185.201.213.0/24 maxlen: 24
185.201.214.0/24 maxlen: 24
185.201.215.0/24 maxlen: 24
2a0a:c4c0::/48 maxlen: 48
2a0a:c4c0:1::/48 maxlen: 48
2a0a:c4c0:2::/48 maxlen: 48
2a0a:c4c0:3::/48 maxlen: 48
2a0a:c4c0:100::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/tjC3O1HLxTgN1K2z1ar_TXozTF4.crl
rsync://rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/tjC3O1HLxTgN1K2z1ar_TXozTF4.mft
rsync://rpki.ripe.net/repository/DEFAULT/tjC3O1HLxTgN1K2z1ar_TXozTF4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 14:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:67:7c:bd:a5:06:6d:17:3d:48:05:3a:4e:c3:88:9c:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b630b73b51cbc5380dd4adb3d5aaff4d7a334c5e
Validity
Not Before: Apr 24 11:09:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3701d4e3f451758954e17c8659980f1bb49ca092
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:79:79:e5:e7:b5:40:6f:6a:c3:38:f3:fe:be:
7c:4a:7a:41:b1:f0:b2:cc:d8:6a:74:e7:5b:76:16:
b4:1f:db:05:0c:fc:e9:91:bb:7e:c4:d9:26:2a:2d:
fc:b8:07:a5:96:a6:85:38:8a:fa:e8:fe:ed:df:cc:
13:cd:21:1a:e3:66:ad:77:55:8b:ba:4e:fc:fa:f9:
1b:20:da:8d:18:50:b2:b9:1f:d7:17:76:fb:76:b3:
c1:08:43:77:c2:25:81:42:7b:d1:0e:0f:3b:de:17:
79:70:9f:28:9d:1c:7c:52:bd:11:50:d3:a6:36:94:
10:25:1f:f9:89:bd:7d:64:d0:a1:6c:5b:94:e6:ba:
ff:55:6c:dd:4d:d7:50:bf:da:e2:53:40:4a:82:c9:
23:44:15:85:b4:29:0c:81:c0:39:af:03:2c:f1:14:
30:70:17:00:70:2b:c1:c4:6d:64:29:00:c9:75:cb:
a6:e9:f8:fa:aa:12:a4:aa:07:b7:af:e4:76:38:16:
f9:9e:5b:43:08:63:a2:4e:1f:40:f9:21:03:fa:48:
6e:e9:54:60:f6:52:ab:c0:c1:80:5a:db:7b:3e:06:
b4:f5:44:6c:cc:8c:8b:c8:c9:d2:05:6d:82:01:07:
e7:43:6f:11:7a:35:78:04:0c:99:d8:64:ac:25:ad:
0f:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:01:D4:E3:F4:51:75:89:54:E1:7C:86:59:98:0F:1B:B4:9C:A0:92
X509v3 Authority Key Identifier:
keyid:B6:30:B7:3B:51:CB:C5:38:0D:D4:AD:B3:D5:AA:FF:4D:7A:33:4C:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tjC3O1HLxTgN1K2z1ar_TXozTF4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/NwHU4_RRdYlU4XyGWZgPG7ScoJI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/tjC3O1HLxTgN1K2z1ar_TXozTF4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.106.0/24
45.139.220.0/23
45.139.223.0/24
45.145.21.0-45.145.23.255
81.200.140.0/23
91.194.52.0/24
91.194.54.0/24
185.82.220.0/22
185.126.177.0-185.126.179.255
185.201.212.0/22
IPv6:
2a0a:c4c0::/46
2a0a:c4c0:100::/48
Signature Algorithm: sha256WithRSAEncryption
06:aa:b3:65:eb:09:86:e8:b7:db:78:a3:a0:7f:b5:4f:e4:c5:
62:29:5d:b7:f5:b3:7e:df:6a:04:4c:13:2a:45:08:ce:0d:47:
b9:70:b6:e6:50:8c:cf:4e:a3:65:8a:6e:19:c2:d3:52:1e:a2:
12:fa:05:18:25:27:4a:44:46:ef:c6:92:20:bc:38:6d:a1:89:
bb:30:66:80:1e:ae:f6:df:fe:43:37:f4:88:f4:7e:5b:3e:f1:
bf:3f:43:18:e3:a7:9d:9b:ee:5b:65:1a:f7:58:d5:87:29:d6:
ca:21:ff:77:59:17:83:8c:bc:4f:ab:4d:80:e4:1e:df:b5:fe:
50:45:96:1b:cf:f3:48:3a:02:64:6b:ef:12:d9:7a:64:e8:a9:
8c:17:be:ba:7b:34:db:12:53:4b:f4:c4:08:71:f6:7d:f0:b3:
ce:25:23:e5:ab:bd:d0:f9:6d:2e:d0:e2:8f:86:c3:00:75:2e:
31:31:cd:cb:ff:4a:d0:fd:90:9c:c8:ab:ef:92:a9:28:cb:07:
c6:e7:a1:73:e9:cc:36:c9:51:bd:2e:12:a8:43:e3:13:fa:2f:
03:c7:18:35:9c:a1:a7:0d:79:88:8e:85:72:64:1c:c0:c1:58:
4f:75:92:01:9c:b4:fc:a2:c6:60:be:fb:9e:e7:fc:be:b9:e8:
e8:32:e6:3b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAZZnfL2lBm0XPUgFOk7DiJxlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2MzBiNzNiNTFjYmM1MzgwZGQ0YWRiM2Q1YWFmZjRkN2Ez
MzRjNWUwHhcNMjUwNDI0MTEwOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzAxZDRlM2Y0NTE3NTg5NTRlMTdjODY1OTk4MGYxYmI0OWNhMDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAknl55ee1QG9qwzjz/r58SnpBsfCy
zNhqdOdbdha0H9sFDPzpkbt+xNkmKi38uAellqaFOIr66P7t38wTzSEa42atd1WL
uk78+vkbINqNGFCyuR/XF3b7drPBCEN3wiWBQnvRDg873hd5cJ8onRx8Ur0RUNOm
NpQQJR/5ib19ZNChbFuU5rr/VWzdTddQv9riU0BKgskjRBWFtCkMgcA5rwMs8RQw
cBcAcCvBxG1kKQDJdcum6fj6qhKkqge3r+R2OBb5nltDCGOiTh9A+SED+khu6VRg
9lKrwMGAWtt7Pga09URszIyLyMnSBW2CAQfnQ28RejV4BAyZ2GSsJa0PUQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFDcB1OP0UXWJVOF8hlmYDxu0nKCSMB8GA1UdIwQY
MBaAFLYwtztRy8U4DdSts9Wq/016M0xeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGpDM08xSEx4VGdOMUsyejFhcl9UWG96VEY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC80NzQ4YzctY2Q5ZS00MDFlLWE4YTQt
MGQ0OGU2ODk1ZjEyLzEvTndIVTRfUlJkWWxVNFh5R1daZ1BHN1Njb0pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC80NzQ4YzctY2Q5ZS00MDFlLWE4YTQtMGQ0OGU2ODk1ZjEy
LzEvdGpDM08xSEx4VGdOMUsyejFhcl9UWG96VEY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBSBAIAATBMAwQALYhqAwQB
LYvcAwQALYvfMAwDBAAtkRUDBAMtkRADBAFRyIwDBABbwjQDBABbwjYDBAK5Utww
DAMEALl+sQMEArl+sAMEArnJ1DAYBAIAAjASAwcCKgrEwAAAAwcAKgrEwAEAMA0G
CSqGSIb3DQEBCwUAA4IBAQAGqrNl6wmG6LfbeKOgf7VP5MViKV239bN+32oETBMq
RQjODUe5cLbmUIzPTqNlim4ZwtNSHqIS+gUYJSdKREbvxpIgvDhtoYm7MGaAHq72
3/5DN/SI9H5bPvG/P0MY46edm+5bZRr3WNWHKdbKIf93WReDjLxPq02A5B7ftf5Q
RZYbz/NIOgJka+8S2Xpk6KmMF766ezTbElNL9MQIcfZ98LPOJSPlq73Q+W0u0OKP
hsMAdS4xMc3L/0rQ/ZCcyKvvkqkoywfG56Fz6cw2yVG9LhKoQ+MT+i8Dxxg1nKGn
DXmIjoVyZBzAwVhPdZIBnLT8osZgvvue5/y+uejoMuY7
-----END CERTIFICATE-----
Generated at Sun Apr 27 23:03:47 2025 by rpki-client