Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/8020d8-0684-44f6-84d1-d1d0f96cad1e/1/NqA4au-1_FHTNTD3PbPf44VlPQw.roa
File: NqA4au-1_FHTNTD3PbPf44VlPQw.roa (raw, json)
Hash identifier: tZmyHlgbPB86inFat8ThR1i4AUrklKSpxKPNfScJNO8=
Subject key identifier: 36:A0:38:6A:EF:B5:FC:51:D3:35:30:F7:3D:B3:DF:E3:85:65:3D:0C
Certificate issuer: /CN=134bc7e6fdfbf738d23fc5ee5e5acb52befbc051
Certificate serial: 019808E9FC928C88CD190981E319DB4839D8
Authority key identifier: 13:4B:C7:E6:FD:FB:F7:38:D2:3F:C5:EE:5E:5A:CB:52:BE:FB:C0:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E0vH5v379zjSP8XuXlrLUr77wFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/8020d8-0684-44f6-84d1-d1d0f96cad1e/1/NqA4au-1_FHTNTD3PbPf44VlPQw.roa
Signing time: Mon 14 Jul 2025 12:30:08 +0000
ROA not before: Mon 14 Jul 2025 12:30:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35368
IP address blocks: 185.36.136.0/22 maxlen: 22
185.36.138.0/24 maxlen: 24
2a04:6440::/29 maxlen: 29
2a04:6447:910::/48 maxlen: 48
2a04:6447:911::/48 maxlen: 48
2a04:6447:912::/48 maxlen: 48
2a04:6447:913::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/8020d8-0684-44f6-84d1-d1d0f96cad1e/1/E0vH5v379zjSP8XuXlrLUr77wFE.crl
rsync://rpki.ripe.net/repository/DEFAULT/3d/8020d8-0684-44f6-84d1-d1d0f96cad1e/1/E0vH5v379zjSP8XuXlrLUr77wFE.mft
rsync://rpki.ripe.net/repository/DEFAULT/E0vH5v379zjSP8XuXlrLUr77wFE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 11 Aug 2025 12:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:08:e9:fc:92:8c:88:cd:19:09:81:e3:19:db:48:39:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=134bc7e6fdfbf738d23fc5ee5e5acb52befbc051
Validity
Not Before: Jul 14 12:30:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=36a0386aefb5fc51d33530f73db3dfe385653d0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:6d:3f:be:81:d9:96:ac:e1:36:e3:2f:02:a6:
3f:91:f8:56:49:98:a2:a0:47:0f:c7:f8:6e:bf:e2:
5c:91:bb:09:8d:28:06:58:8f:86:05:89:78:14:ba:
12:b2:1f:6d:be:85:ef:ee:c9:4a:ae:c1:21:c3:f4:
7d:00:ce:f3:12:4b:b4:69:73:46:64:d8:3d:2a:ea:
39:e8:89:65:cd:e2:69:09:a5:d6:f7:1d:68:da:71:
4a:81:7f:b0:06:8b:ca:96:8e:a8:ae:02:8c:ec:47:
09:d4:e3:2f:c9:a5:06:88:64:5b:fe:02:0a:99:38:
8a:cf:07:17:03:fb:04:a4:84:18:ac:0a:d7:c7:38:
a2:e1:43:a6:eb:fc:06:5c:7b:77:e7:e4:f1:7a:20:
ec:db:77:50:1e:fe:a3:ea:b5:80:45:65:5d:53:92:
df:c4:d9:cf:b9:d9:0b:37:b6:e3:b8:f4:04:cc:18:
79:5d:07:fe:9b:d8:49:35:ff:c7:00:d4:1b:08:8b:
65:6e:ce:14:11:de:8a:dd:ec:ae:26:64:e8:f7:21:
f5:bf:75:54:71:76:7c:4f:4b:58:85:e3:6f:6e:2f:
a7:83:bb:c4:6c:aa:26:90:36:b6:3c:47:ec:d7:e9:
50:f1:e9:d2:5a:36:e2:5a:c3:d9:7f:a4:43:5c:e9:
7d:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:A0:38:6A:EF:B5:FC:51:D3:35:30:F7:3D:B3:DF:E3:85:65:3D:0C
X509v3 Authority Key Identifier:
keyid:13:4B:C7:E6:FD:FB:F7:38:D2:3F:C5:EE:5E:5A:CB:52:BE:FB:C0:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E0vH5v379zjSP8XuXlrLUr77wFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/8020d8-0684-44f6-84d1-d1d0f96cad1e/1/NqA4au-1_FHTNTD3PbPf44VlPQw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/8020d8-0684-44f6-84d1-d1d0f96cad1e/1/E0vH5v379zjSP8XuXlrLUr77wFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.36.136.0/22
IPv6:
2a04:6440::/29
Signature Algorithm: sha256WithRSAEncryption
82:eb:8b:32:e2:76:2e:3d:7c:b4:58:6c:26:60:6c:1f:f3:b2:
8c:0d:8a:8c:88:16:8f:87:b6:45:30:2d:08:86:47:04:29:bd:
14:a5:9e:58:e4:20:bb:dd:15:28:cf:31:51:53:84:50:04:b7:
c8:f7:94:d8:2b:a3:1a:5e:06:13:1a:58:3f:ba:4d:5d:63:28:
4f:b7:a4:89:6d:e2:e1:d1:45:e9:ec:d1:2d:28:41:5f:0e:e0:
4d:6f:d4:50:10:f5:80:50:c1:ea:f2:45:66:da:d9:ca:82:d0:
98:bf:0e:d9:27:5a:8e:14:f6:d1:8f:dd:bb:0f:74:90:d9:4a:
6d:3c:7a:36:ac:f6:2a:00:3b:f2:19:18:63:1f:87:73:b8:4b:
1a:61:44:29:22:eb:b5:4f:e2:bc:b9:fb:b0:fe:d1:26:0b:e6:
62:b3:a5:d2:bf:d6:6a:0e:61:fd:81:e8:2d:ee:48:43:41:9b:
4c:42:b7:45:07:ad:77:f2:7e:f2:86:11:1e:f1:62:c7:c7:55:
5c:ac:f7:ea:8e:e9:4f:71:ba:df:ae:38:d8:9e:cc:1e:61:31:
3e:15:be:c0:32:9b:8c:d2:f7:e2:0e:98:7a:c4:4c:6c:d0:7c:
37:cc:72:b8:8a:78:e5:57:4a:55:25:99:c5:60:e7:98:d1:b0:
84:e3:53:bd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZgI6fySjIjNGQmB4xnbSDnYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzNGJjN2U2ZmRmYmY3MzhkMjNmYzVlZTVlNWFjYjUyYmVm
YmMwNTEwHhcNMjUwNzE0MTIzMDA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmEwMzg2YWVmYjVmYzUxZDMzNTMwZjczZGIzZGZlMzg1NjUzZDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApG0/voHZlqzhNuMvAqY/kfhWSZii
oEcPx/huv+JckbsJjSgGWI+GBYl4FLoSsh9tvoXv7slKrsEhw/R9AM7zEku0aXNG
ZNg9Kuo56IllzeJpCaXW9x1o2nFKgX+wBovKlo6orgKM7EcJ1OMvyaUGiGRb/gIK
mTiKzwcXA/sEpIQYrArXxzii4UOm6/wGXHt35+TxeiDs23dQHv6j6rWARWVdU5Lf
xNnPudkLN7bjuPQEzBh5XQf+m9hJNf/HANQbCItlbs4UEd6K3eyuJmTo9yH1v3VU
cXZ8T0tYheNvbi+ng7vEbKomkDa2PEfs1+lQ8enSWjbiWsPZf6RDXOl9vwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDagOGrvtfxR0zUw9z2z3+OFZT0MMB8GA1UdIwQY
MBaAFBNLx+b9+/c40j/F7l5ay1K++8BRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTB2SDV2Mzc5empTUDhYdVhsckxVcjc3d0ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC84MDIwZDgtMDY4NC00NGY2LTg0ZDEt
ZDFkMGY5NmNhZDFlLzEvTnFBNGF1LTFfRkhUTlREM1BiUGY0NFZsUFF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC84MDIwZDgtMDY4NC00NGY2LTg0ZDEtZDFkMGY5NmNhZDFl
LzEvRTB2SDV2Mzc5empTUDhYdVhsckxVcjc3d0ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuSSIMA0E
AgACMAcDBQMqBGRAMA0GCSqGSIb3DQEBCwUAA4IBAQCC64sy4nYuPXy0WGwmYGwf
87KMDYqMiBaPh7ZFMC0IhkcEKb0UpZ5Y5CC73RUozzFRU4RQBLfI95TYK6MaXgYT
Glg/uk1dYyhPt6SJbeLh0UXp7NEtKEFfDuBNb9RQEPWAUMHq8kVm2tnKgtCYvw7Z
J1qOFPbRj927D3SQ2UptPHo2rPYqADvyGRhjH4dzuEsaYUQpIuu1T+K8ufuw/tEm
C+Zis6XSv9ZqDmH9gegt7khDQZtMQrdFB6138n7yhhEe8WLHx1VcrPfqjulPcbrf
rjjYnsweYTE+Fb7AMpuM0vfiDph6xExs0Hw3zHK4injlV0pVJZnFYOeY0bCE41O9
-----END CERTIFICATE-----
Generated at Sun Aug 10 21:00:19 2025 by rpki-client