Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/e62f95-abbd-430d-8160-04ac17881aa9/1/NbdZ6ugORBZjoDTrAWUrXkjwUuI.roa
File: NbdZ6ugORBZjoDTrAWUrXkjwUuI.roa (raw, json)
Hash identifier: iQOa1RcfmoA/B6cMljXl71s2hXvSqumuFlMfJVKYx4s=
Subject key identifier: 35:B7:59:EA:E8:0E:44:16:63:A0:34:EB:01:65:2B:5E:48:F0:52:E2
Certificate issuer: /CN=844969780141824cd0acbfa5a784611eeb0a7ddb
Certificate serial: 01985FA5A8E0CAAA5FC8CEBB037FA9E3351E
Authority key identifier: 84:49:69:78:01:41:82:4C:D0:AC:BF:A5:A7:84:61:1E:EB:0A:7D:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hElpeAFBgkzQrL-lp4RhHusKfds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/e62f95-abbd-430d-8160-04ac17881aa9/1/NbdZ6ugORBZjoDTrAWUrXkjwUuI.roa
Signing time: Thu 31 Jul 2025 08:42:28 +0000
ROA not before: Thu 31 Jul 2025 08:42:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216192
IP address blocks: 85.159.89.0/24 maxlen: 24
188.125.165.0/24 maxlen: 24
188.125.174.0/24 maxlen: 24
194.177.14.0/24 maxlen: 24
2a13:f6c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/e62f95-abbd-430d-8160-04ac17881aa9/1/hElpeAFBgkzQrL-lp4RhHusKfds.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/e62f95-abbd-430d-8160-04ac17881aa9/1/hElpeAFBgkzQrL-lp4RhHusKfds.mft
rsync://rpki.ripe.net/repository/DEFAULT/hElpeAFBgkzQrL-lp4RhHusKfds.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Aug 2025 09:39:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:5f:a5:a8:e0:ca:aa:5f:c8:ce:bb:03:7f:a9:e3:35:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=844969780141824cd0acbfa5a784611eeb0a7ddb
Validity
Not Before: Jul 31 08:42:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=35b759eae80e441663a034eb01652b5e48f052e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:ec:61:86:2b:a7:04:51:78:fa:bf:d3:3e:4e:
72:2a:ce:6a:68:17:11:15:d0:7a:83:5c:52:90:e1:
20:c8:24:89:2b:34:5a:4b:53:47:0e:1c:9b:7a:87:
03:e9:44:a2:c0:f8:a2:a8:19:7a:f7:c9:2f:c1:4c:
c5:7e:4c:01:ed:ba:a6:93:04:45:35:55:63:48:10:
d8:8b:e4:e1:fd:1e:bb:24:ff:9f:96:29:3c:41:53:
b8:b7:4c:df:54:41:f2:07:a5:3f:27:7a:e3:9f:26:
c8:ab:d0:7c:0c:98:79:16:4b:d0:fe:29:0b:b7:5f:
35:18:3c:1e:86:0c:bf:64:ad:c3:a4:51:32:a8:6c:
72:9d:65:75:b5:36:26:de:59:f4:00:20:9f:90:ef:
c8:3c:bc:c6:18:c9:08:98:2d:b4:c3:e2:7d:ec:d0:
cb:61:1c:2d:c8:0f:95:b8:b1:27:01:a1:31:88:21:
49:dc:e9:ad:dc:77:42:21:b5:6c:c4:f9:93:76:4c:
5c:ea:3b:e4:64:21:98:f2:78:9d:cf:33:84:70:7f:
56:36:47:85:b9:a1:b4:3e:8e:c2:f8:a7:8f:8b:d3:
22:7b:d5:1b:ae:cb:95:51:ba:c1:25:96:1b:c3:7e:
f2:c1:71:1b:30:55:11:91:b8:88:95:22:bd:d4:3c:
1c:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:B7:59:EA:E8:0E:44:16:63:A0:34:EB:01:65:2B:5E:48:F0:52:E2
X509v3 Authority Key Identifier:
keyid:84:49:69:78:01:41:82:4C:D0:AC:BF:A5:A7:84:61:1E:EB:0A:7D:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hElpeAFBgkzQrL-lp4RhHusKfds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/e62f95-abbd-430d-8160-04ac17881aa9/1/NbdZ6ugORBZjoDTrAWUrXkjwUuI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/e62f95-abbd-430d-8160-04ac17881aa9/1/hElpeAFBgkzQrL-lp4RhHusKfds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.159.89.0/24
188.125.165.0/24
188.125.174.0/24
194.177.14.0/24
IPv6:
2a13:f6c0::/29
Signature Algorithm: sha256WithRSAEncryption
61:5b:36:c0:4e:08:6a:b1:55:27:36:df:a0:da:e8:8f:08:70:
5e:04:9e:4d:48:17:52:86:fb:e3:a3:d4:1b:6f:d0:29:7a:fc:
05:52:2b:3b:d3:0b:54:d9:09:13:4c:a5:0c:6f:31:f4:35:4d:
17:52:b0:d3:50:da:c7:6f:11:3f:d3:40:7e:64:ac:3a:04:ed:
44:8f:c3:ee:f8:46:2a:cd:20:5d:1d:3a:4e:7a:2c:52:63:b9:
12:0d:75:4a:ef:e4:d6:17:6e:70:5e:42:65:23:85:6e:97:e1:
42:d7:69:c7:a6:46:b8:46:5c:6d:60:d7:2f:9e:47:a9:b1:e5:
4d:a1:52:6e:1d:4b:11:dd:6c:d8:d6:ca:9d:67:a8:93:62:3b:
bd:48:12:a4:6a:5f:9d:88:ac:ef:b7:07:77:fe:20:f4:61:b8:
4f:9f:c4:82:95:80:bb:d8:40:d7:81:37:d4:4e:4f:54:cb:57:
ba:2c:1a:8d:e3:77:ab:b2:5c:1c:ae:ed:57:28:40:d8:38:b6:
91:f8:87:1c:50:7d:65:84:10:5e:f6:0a:c4:f8:5a:d6:74:80:
15:55:e5:d1:06:8e:f1:e7:c3:5c:f7:90:4f:0b:bf:6d:64:0e:
ab:02:6b:6d:be:5b:f5:fd:50:79:fa:4f:1d:5b:48:c2:14:ec:
b7:f0:c8:24
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZhfpajgyqpfyM67A3+p4zUeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NDk2OTc4MDE0MTgyNGNkMGFjYmZhNWE3ODQ2MTFlZWIw
YTdkZGIwHhcNMjUwNzMxMDg0MjI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWI3NTllYWU4MGU0NDE2NjNhMDM0ZWIwMTY1MmI1ZTQ4ZjA1MmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2uxhhiunBFF4+r/TPk5yKs5qaBcR
FdB6g1xSkOEgyCSJKzRaS1NHDhybeocD6USiwPiiqBl698kvwUzFfkwB7bqmkwRF
NVVjSBDYi+Th/R67JP+flik8QVO4t0zfVEHyB6U/J3rjnybIq9B8DJh5FkvQ/ikL
t181GDwehgy/ZK3DpFEyqGxynWV1tTYm3ln0ACCfkO/IPLzGGMkImC20w+J97NDL
YRwtyA+VuLEnAaExiCFJ3Omt3HdCIbVsxPmTdkxc6jvkZCGY8nidzzOEcH9WNkeF
uaG0Po7C+KePi9Mie9UbrsuVUbrBJZYbw37ywXEbMFURkbiIlSK91DwcnwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFDW3WeroDkQWY6A06wFlK15I8FLiMB8GA1UdIwQY
MBaAFIRJaXgBQYJM0Ky/paeEYR7rCn3bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEVscGVBRkJna3pRckwtbHA0UmhIdXNLZmRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9lNjJmOTUtYWJiZC00MzBkLTgxNjAt
MDRhYzE3ODgxYWE5LzEvTmJkWjZ1Z09SQlpqb0RUckFXVXJYa2p3VXVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9lNjJmOTUtYWJiZC00MzBkLTgxNjAtMDRhYzE3ODgxYWE5
LzEvaEVscGVBRkJna3pRckwtbHA0UmhIdXNLZmRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAVZ9ZAwQA
vH2lAwQAvH2uAwQAwrEOMA0EAgACMAcDBQMqE/bAMA0GCSqGSIb3DQEBCwUAA4IB
AQBhWzbATghqsVUnNt+g2uiPCHBeBJ5NSBdShvvjo9Qbb9ApevwFUis70wtU2QkT
TKUMbzH0NU0XUrDTUNrHbxE/00B+ZKw6BO1Ej8Pu+EYqzSBdHTpOeixSY7kSDXVK
7+TWF25wXkJlI4Vul+FC12nHpka4RlxtYNcvnkepseVNoVJuHUsR3WzY1sqdZ6iT
Yju9SBKkal+diKzvtwd3/iD0YbhPn8SClYC72EDXgTfUTk9Uy1e6LBqN43erslwc
ru1XKEDYOLaR+IccUH1lhBBe9grE+FrWdIAVVeXRBo7x58Nc95BPC79tZA6rAmtt
vlv1/VB5+k8dW0jCFOy38Mgk
-----END CERTIFICATE-----
Generated at Mon Aug 11 14:45:09 2025 by rpki-client