Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/noVQ5aldb8M9Jyg7y39REHNVbj8.roa
File: noVQ5aldb8M9Jyg7y39REHNVbj8.roa (raw, json)
Hash identifier: W5quuW/3hTBRBpWjCO1fiYWc1cO/4aTR/EQ2ir0ZYUI=
Subject key identifier: 9E:85:50:E5:A9:5D:6F:C3:3D:27:28:3B:CB:7F:51:10:73:55:6E:3F
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01973A29AA7A8089CD873E22D163ED8B2AC2
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/noVQ5aldb8M9Jyg7y39REHNVbj8.roa
Signing time: Wed 04 Jun 2025 08:58:18 +0000
ROA not before: Wed 04 Jun 2025 08:58:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 136501
IP address blocks: 217.60.0.0/21 maxlen: 24
217.60.12.0/22 maxlen: 24
217.60.24.0/22 maxlen: 24
217.60.60.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 19:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3a:29:aa:7a:80:89:cd:87:3e:22:d1:63:ed:8b:2a:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jun 4 08:58:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9e8550e5a95d6fc33d27283bcb7f511073556e3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:88:64:fd:24:28:d3:59:8c:21:c7:9f:db:cc:
51:22:9a:f1:fe:cf:6e:a1:b2:14:22:e7:9e:05:b3:
37:64:d7:e4:32:0b:bb:7e:21:83:11:b2:b9:40:4d:
d2:11:71:f9:fb:4b:e9:0c:08:33:f3:f7:0f:98:57:
92:39:a5:b8:53:9b:b3:7b:f9:c3:65:73:0a:cd:0c:
f9:8e:4b:a5:b0:9b:e7:b8:70:aa:b7:6c:40:0a:52:
69:30:b4:6e:bd:f8:ce:57:a9:6a:68:d8:78:95:6b:
fd:60:cd:92:0b:a1:4f:3a:b5:73:d4:df:8f:72:cd:
f2:a5:bc:3c:98:2a:1c:0c:d3:96:9f:3e:dd:e9:3a:
c8:09:c6:ce:0d:48:44:43:bc:0c:28:27:ce:d1:7a:
d9:26:46:47:11:0e:f1:ce:16:7c:8e:3c:dc:61:fc:
f8:0a:c5:ee:0c:43:8f:eb:f4:09:54:c6:aa:f7:17:
26:d8:05:16:19:2c:d7:76:e2:e6:8f:b5:db:24:24:
16:cf:be:5d:38:9b:78:ca:09:1f:97:a1:92:cf:bd:
87:87:e3:10:5e:06:4c:a5:d0:4a:c3:6c:e0:22:b1:
e3:5e:90:a2:ec:14:3a:9b:f6:2b:6b:15:4c:00:dc:
5b:03:43:87:2a:78:9e:e5:43:dc:2d:80:b3:66:ee:
b5:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:85:50:E5:A9:5D:6F:C3:3D:27:28:3B:CB:7F:51:10:73:55:6E:3F
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/noVQ5aldb8M9Jyg7y39REHNVbj8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.60.0.0/21
217.60.12.0/22
217.60.24.0/22
217.60.60.0/22
Signature Algorithm: sha256WithRSAEncryption
0e:83:e0:02:e7:30:ab:c9:19:75:ab:2c:4a:2f:63:1f:c9:de:
69:9e:d1:d3:38:2d:0e:cb:90:99:ce:7f:0d:f8:61:87:4b:f4:
a7:94:a8:22:fc:51:fd:e4:1a:72:f6:b0:00:70:f7:1e:6b:47:
94:57:a8:79:cc:88:83:81:c4:0e:9b:c0:ce:fc:2b:df:95:75:
3c:fd:db:50:38:86:7b:e0:65:6a:dd:f4:cf:03:95:87:a3:ab:
9c:69:a8:ed:a9:83:3a:bc:d6:06:63:f4:c6:18:2c:87:4a:99:
e5:fe:b0:6b:87:ec:ba:14:5b:7c:f9:fd:ad:66:80:38:eb:7c:
f4:1a:b8:18:5e:b4:af:1c:dc:0d:c5:fd:6c:c4:7d:2e:37:ce:
8c:98:f9:2e:35:cc:d3:0b:83:d3:c1:13:94:7b:01:7a:03:5d:
90:14:cd:33:a0:a7:e7:11:ec:ec:5f:29:00:ba:81:b3:d9:c7:
10:bb:94:5d:04:c6:1e:fd:e8:9b:b4:98:1f:c1:54:c1:35:0f:
d1:5c:ea:c6:d3:c2:91:cb:91:87:e6:3e:22:a9:d0:cc:ae:08:
75:a6:2b:3a:11:a6:47:7f:36:1e:7f:5a:e9:61:de:9b:83:bf:
94:9c:2a:4f:e2:12:57:6b:01:33:11:4d:b2:f3:5e:96:c3:f7:
77:0f:e2:26
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZc6Kap6gInNhz4i0WPtiyrCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNjA0MDg1ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTg1NTBlNWE5NWQ2ZmMzM2QyNzI4M2JjYjdmNTExMDczNTU2ZTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwohk/SQo01mMIcef28xRIprx/s9u
obIUIueeBbM3ZNfkMgu7fiGDEbK5QE3SEXH5+0vpDAgz8/cPmFeSOaW4U5uze/nD
ZXMKzQz5jkulsJvnuHCqt2xAClJpMLRuvfjOV6lqaNh4lWv9YM2SC6FPOrVz1N+P
cs3ypbw8mCocDNOWnz7d6TrICcbODUhEQ7wMKCfO0XrZJkZHEQ7xzhZ8jjzcYfz4
CsXuDEOP6/QJVMaq9xcm2AUWGSzXduLmj7XbJCQWz75dOJt4ygkfl6GSz72Hh+MQ
XgZMpdBKw2zgIrHjXpCi7BQ6m/YraxVMANxbA0OHKnie5UPcLYCzZu618wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJ6FUOWpXW/DPScoO8t/URBzVW4/MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvbm9WUTVhbGRiOE05SnlnN3kzOVJFSE5WYmo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQD2TwAAwQC
2TwMAwQC2TwYAwQC2Tw8MA0GCSqGSIb3DQEBCwUAA4IBAQAOg+AC5zCryRl1qyxK
L2Mfyd5pntHTOC0Oy5CZzn8N+GGHS/SnlKgi/FH95Bpy9rAAcPcea0eUV6h5zIiD
gcQOm8DO/CvflXU8/dtQOIZ74GVq3fTPA5WHo6ucaajtqYM6vNYGY/TGGCyHSpnl
/rBrh+y6FFt8+f2tZoA463z0GrgYXrSvHNwNxf1sxH0uN86MmPkuNczTC4PTwROU
ewF6A12QFM0zoKfnEezsXykAuoGz2ccQu5RdBMYe/eibtJgfwVTBNQ/RXOrG08KR
y5GH5j4iqdDMrgh1pis6EaZHfzYef1rpYd6bg7+UnCpP4hJXawEzEU2y816Ww/d3
D+Im
-----END CERTIFICATE-----
Generated at Sun Jun 15 04:11:20 2025 by rpki-client