Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/N6Cxsg4yhWdbNvcJRQ9DruyQifM.roa
File: N6Cxsg4yhWdbNvcJRQ9DruyQifM.roa (raw, json)
Hash identifier: G6dNbWQvkgu2chC3kBkkNo42dWDyh5B3vzZaylhxuDY=
Subject key identifier: 37:A0:B1:B2:0E:32:85:67:5B:36:F7:09:45:0F:43:AE:EC:90:89:F3
Certificate issuer: /CN=3718b734349bf327d9453b96501e44b192e55142
Certificate serial: 01965C2EC2DF63521BEF7FD9510EE8CA67D5
Authority key identifier: 37:18:B7:34:34:9B:F3:27:D9:45:3B:96:50:1E:44:B1:92:E5:51:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nxi3NDSb8yfZRTuWUB5EsZLlUUI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/N6Cxsg4yhWdbNvcJRQ9DruyQifM.roa
Signing time: Tue 22 Apr 2025 06:28:10 +0000
ROA not before: Tue 22 Apr 2025 06:28:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 31.14.37.0/24 maxlen: 24
31.14.38.0/23 maxlen: 23
45.132.27.0/24 maxlen: 24
185.155.54.0/23 maxlen: 24
185.155.55.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/Nxi3NDSb8yfZRTuWUB5EsZLlUUI.crl
rsync://rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/Nxi3NDSb8yfZRTuWUB5EsZLlUUI.mft
rsync://rpki.ripe.net/repository/DEFAULT/Nxi3NDSb8yfZRTuWUB5EsZLlUUI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 09:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:5c:2e:c2:df:63:52:1b:ef:7f:d9:51:0e:e8:ca:67:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3718b734349bf327d9453b96501e44b192e55142
Validity
Not Before: Apr 22 06:28:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=37a0b1b20e3285675b36f709450f43aeec9089f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:31:98:f7:ec:39:87:ed:4c:d0:2e:6f:94:5c:
2c:8e:77:1f:e7:54:49:09:8c:54:ca:b8:ee:d1:1b:
14:d8:b5:be:ab:24:9c:33:1d:2d:50:55:62:86:e1:
d1:ba:b8:33:18:fc:07:d4:6f:76:e6:f9:6e:61:4c:
60:b4:92:4f:2c:94:a1:1a:9f:c3:3e:3a:7c:39:59:
73:1f:7c:ab:1f:62:02:f0:fb:cf:19:d7:ea:ca:82:
75:e4:b2:d5:7c:53:f4:b3:a0:b2:38:b7:94:9e:54:
35:8a:dc:c0:6b:01:cc:75:5e:84:fd:b7:57:1b:ca:
c0:a0:00:d2:83:1b:69:5e:19:50:3b:ca:b5:02:bd:
83:63:0b:5e:d9:62:e2:3d:cb:c7:06:51:17:ee:5a:
8c:03:6c:71:3d:61:fa:a8:81:a8:b5:d6:5c:ed:8a:
7a:e6:46:7d:8d:0c:ba:90:61:a5:24:14:d5:85:33:
c3:c5:58:e7:5a:6d:a0:66:ea:f7:c3:73:71:39:54:
f7:a8:01:32:1a:81:05:56:12:4b:11:c4:30:ca:e6:
ca:b3:75:df:8e:ea:be:8b:6c:61:52:c5:68:16:ff:
a5:10:ca:f8:01:0f:83:58:ee:29:41:62:3e:70:c8:
f1:31:3c:84:3c:2d:78:35:2d:b3:c7:04:8d:48:82:
73:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:A0:B1:B2:0E:32:85:67:5B:36:F7:09:45:0F:43:AE:EC:90:89:F3
X509v3 Authority Key Identifier:
keyid:37:18:B7:34:34:9B:F3:27:D9:45:3B:96:50:1E:44:B1:92:E5:51:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nxi3NDSb8yfZRTuWUB5EsZLlUUI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/N6Cxsg4yhWdbNvcJRQ9DruyQifM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/Nxi3NDSb8yfZRTuWUB5EsZLlUUI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.37.0-31.14.39.255
45.132.27.0/24
185.155.54.0/23
Signature Algorithm: sha256WithRSAEncryption
4b:18:90:93:00:17:71:7a:a5:6e:c1:b1:78:18:ee:33:d8:e2:
32:cd:71:3c:a0:22:97:4b:79:80:58:86:60:bb:68:be:a6:ed:
51:9f:36:b3:35:f5:30:88:66:98:52:b8:96:cf:6d:e0:e5:43:
a5:51:21:c4:1f:89:7b:e5:a7:3e:dc:bf:5e:e3:8a:b3:5a:14:
49:fc:87:06:d2:8f:6b:4a:1b:e9:f4:8d:86:a5:1c:fb:ed:e0:
12:43:70:56:7b:c1:8d:18:dc:8e:3d:e0:d3:06:06:2d:c3:5a:
ab:a1:53:bc:e8:6c:c4:bb:10:e8:cf:9a:f3:42:cf:6f:eb:42:
77:ae:20:bb:c9:aa:fc:b0:f1:b3:d6:d5:4d:64:d8:45:4a:66:
c1:60:b0:98:14:85:4d:8f:1c:3d:f6:85:be:2d:38:24:6a:e6:
4b:58:2d:c3:a2:51:c8:ce:b4:20:90:30:e2:4a:8f:1e:e2:1e:
7e:3d:1c:7f:c8:e3:84:8e:b8:6c:44:e4:d6:3d:e4:af:ac:3d:
fe:b2:d2:1f:19:44:e2:73:bb:0f:85:86:80:dc:f1:5b:89:21:
9e:0c:50:6f:86:ec:fb:31:6d:59:e7:45:cc:a7:88:fb:4f:a9:
43:ed:0b:8c:99:52:b9:85:49:64:99:b5:16:3b:0d:6c:48:d4:
21:bb:2d:97
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZZcLsLfY1Ib73/ZUQ7oymfVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3MThiNzM0MzQ5YmYzMjdkOTQ1M2I5NjUwMWU0NGIxOTJl
NTUxNDIwHhcNMjUwNDIyMDYyODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2EwYjFiMjBlMzI4NTY3NWIzNmY3MDk0NTBmNDNhZWVjOTA4OWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyjGY9+w5h+1M0C5vlFwsjncf51RJ
CYxUyrju0RsU2LW+qyScMx0tUFVihuHRurgzGPwH1G925vluYUxgtJJPLJShGp/D
Pjp8OVlzH3yrH2IC8PvPGdfqyoJ15LLVfFP0s6CyOLeUnlQ1itzAawHMdV6E/bdX
G8rAoADSgxtpXhlQO8q1Ar2DYwte2WLiPcvHBlEX7lqMA2xxPWH6qIGotdZc7Yp6
5kZ9jQy6kGGlJBTVhTPDxVjnWm2gZur3w3NxOVT3qAEyGoEFVhJLEcQwyubKs3Xf
juq+i2xhUsVoFv+lEMr4AQ+DWO4pQWI+cMjxMTyEPC14NS2zxwSNSIJz2wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFDegsbIOMoVnWzb3CUUPQ67skInzMB8GA1UdIwQY
MBaAFDcYtzQ0m/Mn2UU7llAeRLGS5VFCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnhpM05EU2I4eWZaUlR1V1VCNUVzWkxsVVVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My83YmY4YTgtZTQ5Yy00MDZlLThlYjct
YzgyM2NjOGYzODM3LzEvTjZDeHNnNHloV2RiTnZjSlJROURydXlRaWZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My83YmY4YTgtZTQ5Yy00MDZlLThlYjctYzgyM2NjOGYzODM3
LzEvTnhpM05EU2I4eWZaUlR1V1VCNUVzWkxsVVVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAAfDiUD
BAMfDiADBAAthBsDBAG5mzYwDQYJKoZIhvcNAQELBQADggEBAEsYkJMAF3F6pW7B
sXgY7jPY4jLNcTygIpdLeYBYhmC7aL6m7VGfNrM19TCIZphSuJbPbeDlQ6VRIcQf
iXvlpz7cv17jirNaFEn8hwbSj2tKG+n0jYalHPvt4BJDcFZ7wY0Y3I494NMGBi3D
WquhU7zobMS7EOjPmvNCz2/rQneuILvJqvyw8bPW1U1k2EVKZsFgsJgUhU2PHD32
hb4tOCRq5ktYLcOiUcjOtCCQMOJKjx7iHn49HH/I44SOuGxE5NY95K+sPf6y0h8Z
ROJzuw+FhoDc8VuJIZ4MUG+G7PsxbVnnRcyniPtPqUPtC4yZUrmFSWSZtRY7DWxI
1CG7LZc=
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:57:43 2025 by rpki-client