
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/njDYe726b4g2WziR2Ptwk7nKcuY.roa
File: njDYe726b4g2WziR2Ptwk7nKcuY.roa (raw, json)
Hash identifier: VXhuuRrPIfDG/tnSpO40Vj0Xu3bXnbZugw4OVwrCghg=
Subject key identifier: 9E:30:D8:7B:BD:BA:6F:88:36:5B:38:91:D8:FB:70:93:B9:CA:72:E6
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 01986A02F0D98D2F22EBA8EE7B8BAFF0EE05
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/njDYe726b4g2WziR2Ptwk7nKcuY.roa
Signing time: Sat 02 Aug 2025 09:00:34 +0000
ROA not before: Sat 02 Aug 2025 09:00:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59592
IP address blocks: 5.230.206.0/24 maxlen: 32
5.230.220.0/24 maxlen: 32
5.231.87.0/24 maxlen: 32
5.231.200.0/24 maxlen: 32
185.13.158.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 10 Aug 2025 14:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:6a:02:f0:d9:8d:2f:22:eb:a8:ee:7b:8b:af:f0:ee:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Aug 2 09:00:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9e30d87bbdba6f88365b3891d8fb7093b9ca72e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:cd:97:77:c0:aa:9d:43:ec:92:b6:ed:da:c3:
93:0e:66:22:b1:87:11:0d:2b:3e:78:45:2e:e2:ed:
7d:cf:c3:dd:c2:f8:a3:99:c9:9c:f3:40:81:73:c2:
d0:e2:ca:c2:63:f9:5b:fe:39:04:ee:81:84:4b:68:
85:ba:1d:c8:96:24:79:40:ac:35:05:fe:f8:59:e8:
5b:ec:4f:18:00:3b:2f:91:d8:1c:21:e9:87:1b:48:
05:e8:de:c1:ef:f9:a9:97:65:9f:59:07:2a:f8:c9:
21:e6:59:5f:bc:ec:08:28:a2:43:5a:0d:00:26:69:
ce:1e:c1:01:45:ab:dd:cc:f6:a2:10:7d:96:c9:c6:
1b:8e:68:0f:43:4c:71:ed:e7:dc:73:11:ad:45:41:
98:70:15:a1:83:59:01:f9:aa:cc:32:b4:65:38:5e:
fb:6c:f7:32:5a:b8:19:88:34:4e:b4:6e:64:6a:7f:
0c:68:4d:ad:94:22:ef:f1:40:1d:0e:db:6b:bd:ae:
31:4b:50:47:84:5c:21:bb:3f:a7:17:10:52:f3:43:
15:de:fb:76:aa:88:3d:0f:62:c7:08:a1:02:7e:17:
6a:0e:7e:4c:c9:eb:0c:51:2c:46:3e:b5:db:2a:d8:
70:88:f5:a0:ee:bc:81:c5:e4:6f:3b:2e:4d:b4:af:
d1:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:30:D8:7B:BD:BA:6F:88:36:5B:38:91:D8:FB:70:93:B9:CA:72:E6
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/njDYe726b4g2WziR2Ptwk7nKcuY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.230.206.0/24
5.230.220.0/24
5.231.87.0/24
5.231.200.0/24
185.13.158.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:8d:b1:c5:e7:8e:6e:93:80:f1:16:4e:95:30:4d:9e:f7:fb:
40:24:da:25:82:cb:4f:21:49:14:26:94:9b:e1:78:f7:39:f1:
b9:b5:a4:ae:a9:f4:63:d5:45:d9:17:22:aa:e1:aa:15:98:e7:
d1:27:9a:2d:db:0d:24:75:01:fd:f1:22:d3:a1:36:a9:ba:58:
66:ad:7c:a6:a0:f4:4d:4a:32:23:55:85:20:64:98:24:1d:67:
1c:55:d9:f8:8a:f3:0b:23:52:6f:6d:64:56:06:d7:aa:84:07:
59:44:2d:c1:52:84:84:db:90:d8:2c:93:41:de:16:66:20:af:
cc:f7:23:40:ba:c8:5f:ea:fa:2e:d4:11:15:a5:d3:c5:3a:b6:
7b:8e:33:c7:cd:b0:b2:8e:81:dd:21:80:24:b4:f8:ae:a7:e5:
43:c2:07:2d:5f:fc:55:21:e4:a3:33:58:5a:8e:4f:62:aa:b5:
a4:b2:18:7e:ba:4d:01:ed:02:56:97:4b:69:90:15:f7:e0:7f:
2f:5c:ba:73:d6:0d:5a:6d:1c:c6:b7:65:fa:62:5d:f8:d3:09:
be:10:ea:6e:2e:28:93:ee:73:ab:9c:73:ca:07:57:33:a1:a2:
48:37:b3:f1:cc:ec:8d:19:1d:f7:a0:94:9b:61:c1:30:3b:b0:
9f:95:df:f7
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZhqAvDZjS8i66jue4uv8O4FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwODAyMDkwMDM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTMwZDg3YmJkYmE2Zjg4MzY1YjM4OTFkOGZiNzA5M2I5Y2E3MmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAss2Xd8CqnUPskrbt2sOTDmYisYcR
DSs+eEUu4u19z8Pdwvijmcmc80CBc8LQ4srCY/lb/jkE7oGES2iFuh3IliR5QKw1
Bf74Wehb7E8YADsvkdgcIemHG0gF6N7B7/mpl2WfWQcq+Mkh5llfvOwIKKJDWg0A
JmnOHsEBRavdzPaiEH2WycYbjmgPQ0xx7efccxGtRUGYcBWhg1kB+arMMrRlOF77
bPcyWrgZiDROtG5kan8MaE2tlCLv8UAdDttrva4xS1BHhFwhuz+nFxBS80MV3vt2
qog9D2LHCKECfhdqDn5MyesMUSxGPrXbKthwiPWg7ryBxeRvOy5NtK/R8QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJ4w2Hu9um+INls4kdj7cJO5ynLmMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvbmpEWWU3MjZiNGcyV3ppUjJQdHdrN25LY3VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQABebOAwQA
BebcAwQABedXAwQABefIAwQAuQ2eMA0GCSqGSIb3DQEBCwUAA4IBAQA9jbHF545u
k4DxFk6VME2e9/tAJNolgstPIUkUJpSb4Xj3OfG5taSuqfRj1UXZFyKq4aoVmOfR
J5ot2w0kdQH98SLToTapulhmrXymoPRNSjIjVYUgZJgkHWccVdn4ivMLI1JvbWRW
BteqhAdZRC3BUoSE25DYLJNB3hZmIK/M9yNAushf6vou1BEVpdPFOrZ7jjPHzbCy
joHdIYAktPiup+VDwgctX/xVIeSjM1hajk9iqrWkshh+uk0B7QJWl0tpkBX34H8v
XLpz1g1abRzGt2X6Yl340wm+EOpuLiiT7nOrnHPKB1czoaJIN7PxzOyNGR33oJSb
YcEwO7Cfld/3
-----END CERTIFICATE-----
Generated at Sat Aug 9 23:11:27 2025 by rpki-client