Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/6197c1-72f4-4e4f-a4b8-9e4d0cf95544/1/NPPLtydqeRlV2SqgCsZgFx1jLc0.roa
File: NPPLtydqeRlV2SqgCsZgFx1jLc0.roa (raw, json)
Hash identifier: 4vbM/e49hZ5KxAznjysgF0WAFiLvdL1qXyl+41eveFs=
Subject key identifier: 34:F3:CB:B7:27:6A:79:19:55:D9:2A:A0:0A:C6:60:17:1D:63:2D:CD
Certificate issuer: /CN=191b1a99358daa58e72625c4ce9d829e918efc86
Certificate serial: 019D6C866562C73D7A8267585D5D6064D719
Authority key identifier: 19:1B:1A:99:35:8D:AA:58:E7:26:25:C4:CE:9D:82:9E:91:8E:FC:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GRsamTWNqljnJiXEzp2CnpGO_IY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/6197c1-72f4-4e4f-a4b8-9e4d0cf95544/1/NPPLtydqeRlV2SqgCsZgFx1jLc0.roa
Signing time: Wed 08 Apr 2026 09:57:20 +0000
ROA not before: Wed 08 Apr 2026 09:57:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212280
IP address blocks: 45.89.20.0/24 maxlen: 24
185.122.252.0/24 maxlen: 24
185.122.253.0/24 maxlen: 24
185.122.254.0/24 maxlen: 24
185.122.255.0/24 maxlen: 24
185.133.224.0/24 maxlen: 24
185.133.225.0/24 maxlen: 24
185.133.226.0/24 maxlen: 24
185.133.227.0/24 maxlen: 24
185.217.61.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/76/6197c1-72f4-4e4f-a4b8-9e4d0cf95544/1/GRsamTWNqljnJiXEzp2CnpGO_IY.crl
rsync://rpki.ripe.net/repository/DEFAULT/76/6197c1-72f4-4e4f-a4b8-9e4d0cf95544/1/GRsamTWNqljnJiXEzp2CnpGO_IY.mft
rsync://rpki.ripe.net/repository/DEFAULT/GRsamTWNqljnJiXEzp2CnpGO_IY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 16:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:6c:86:65:62:c7:3d:7a:82:67:58:5d:5d:60:64:d7:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=191b1a99358daa58e72625c4ce9d829e918efc86
Validity
Not Before: Apr 8 09:57:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=34f3cbb7276a791955d92aa00ac660171d632dcd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:24:ae:8a:5d:69:6d:7c:55:3c:fd:34:bd:11:
2b:1b:54:e7:9a:b9:66:0c:8e:f0:cf:f8:fc:6d:8f:
e6:c1:63:d7:22:a9:e4:b2:55:cd:64:b0:18:6c:41:
79:ba:23:bb:28:ac:2c:b8:59:d0:e8:b0:0f:ab:6f:
5a:10:f1:9e:b5:3b:b3:9e:92:5d:2d:9e:40:22:54:
36:6e:9c:b4:02:58:aa:67:32:44:d0:0e:08:31:f2:
a4:f7:16:54:b7:1f:fc:ba:cc:37:33:d2:28:cd:46:
1e:3e:94:b8:69:2e:00:e2:db:f2:54:ce:e6:10:ff:
0c:99:9d:6d:e7:66:04:97:81:63:d0:f1:2f:01:76:
46:ab:31:68:3d:30:63:fc:d2:7b:dc:bc:f1:e2:e8:
ca:f2:dc:27:58:fb:a7:74:eb:f7:93:69:0e:4f:df:
79:b5:1f:c4:ef:bf:0d:24:b3:22:82:0a:50:fa:4e:
ed:7e:f3:61:d2:4c:63:13:5a:31:87:22:eb:83:88:
4c:a7:34:8f:24:16:ce:03:e3:fa:23:fc:71:47:9c:
f5:33:15:48:4b:c1:71:5d:73:00:f6:46:56:d9:46:
35:d7:67:ee:c3:e7:8e:1f:89:10:4b:fd:5c:48:33:
96:5b:7f:f0:5b:5a:cb:d6:75:55:66:d5:bf:99:03:
70:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:F3:CB:B7:27:6A:79:19:55:D9:2A:A0:0A:C6:60:17:1D:63:2D:CD
X509v3 Authority Key Identifier:
keyid:19:1B:1A:99:35:8D:AA:58:E7:26:25:C4:CE:9D:82:9E:91:8E:FC:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GRsamTWNqljnJiXEzp2CnpGO_IY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/6197c1-72f4-4e4f-a4b8-9e4d0cf95544/1/NPPLtydqeRlV2SqgCsZgFx1jLc0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/6197c1-72f4-4e4f-a4b8-9e4d0cf95544/1/GRsamTWNqljnJiXEzp2CnpGO_IY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.20.0/24
185.122.252.0/22
185.133.224.0/22
185.217.61.0/24
Signature Algorithm: sha256WithRSAEncryption
42:61:2e:fb:ba:f8:2d:66:a0:e9:3a:cf:79:15:01:b3:99:41:
af:16:94:d8:75:98:01:ab:ce:4e:64:75:27:69:c9:0d:43:e6:
42:d5:c9:e4:e3:3f:13:66:4f:05:16:c1:f8:d7:40:8b:bb:fe:
23:d7:db:20:cc:6f:35:4a:9d:38:0a:b7:8b:9e:b5:4d:bd:64:
7b:7f:46:a7:3f:22:c8:af:50:72:fe:2c:32:94:fa:3c:6e:56:
51:dd:74:d7:54:67:ec:db:11:ca:d4:04:06:59:25:ea:e2:99:
b0:56:a2:75:7c:3a:3e:bf:33:ba:bd:19:a9:26:68:03:0d:d9:
37:24:08:cd:22:b6:bd:bc:de:86:a2:2d:9b:e8:0e:59:81:87:
d0:ee:ec:e3:f6:1e:7b:6c:b4:2b:12:83:84:45:ae:6f:6f:73:
8a:0b:c1:b9:22:93:dd:27:6d:9d:f9:67:d8:72:11:43:d0:0b:
1b:c4:0b:d5:49:74:1a:3a:4f:4c:e1:db:f3:07:f9:85:b8:5e:
35:c4:80:05:ef:5a:8b:50:4b:b2:96:9f:78:1e:26:7e:93:67:
65:99:36:c5:53:f1:90:c5:58:99:fa:7e:63:1b:e7:dd:ed:07:
62:07:77:3e:66:60:c4:73:45:29:76:cc:c4:ed:bd:81:cd:1e:
4b:41:d9:dd
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ1shmVixz16gmdYXV1gZNcZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5MWIxYTk5MzU4ZGFhNThlNzI2MjVjNGNlOWQ4MjllOTE4
ZWZjODYwHhcNMjYwNDA4MDk1NzIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGYzY2JiNzI3NmE3OTE5NTVkOTJhYTAwYWM2NjAxNzFkNjMyZGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqiSuil1pbXxVPP00vRErG1Tnmrlm
DI7wz/j8bY/mwWPXIqnkslXNZLAYbEF5uiO7KKwsuFnQ6LAPq29aEPGetTuznpJd
LZ5AIlQ2bpy0AliqZzJE0A4IMfKk9xZUtx/8usw3M9IozUYePpS4aS4A4tvyVM7m
EP8MmZ1t52YEl4Fj0PEvAXZGqzFoPTBj/NJ73Lzx4ujK8twnWPundOv3k2kOT995
tR/E778NJLMiggpQ+k7tfvNh0kxjE1oxhyLrg4hMpzSPJBbOA+P6I/xxR5z1MxVI
S8FxXXMA9kZW2UY112fuw+eOH4kQS/1cSDOWW3/wW1rL1nVVZtW/mQNwZQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDTzy7cnankZVdkqoArGYBcdYy3NMB8GA1UdIwQY
MBaAFBkbGpk1japY5yYlxM6dgp6RjvyGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1JzYW1UV05xbGpuSmlYRXpwMkNucEdPX0lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni82MTk3YzEtNzJmNC00ZTRmLWE0Yjgt
OWU0ZDBjZjk1NTQ0LzEvTlBQTHR5ZHFlUmxWMlNxZ0NzWmdGeDFqTGMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni82MTk3YzEtNzJmNC00ZTRmLWE0YjgtOWU0ZDBjZjk1NTQ0
LzEvR1JzYW1UV05xbGpuSmlYRXpwMkNucEdPX0lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALVkUAwQC
uXr8AwQCuYXgAwQAudk9MA0GCSqGSIb3DQEBCwUAA4IBAQBCYS77uvgtZqDpOs95
FQGzmUGvFpTYdZgBq85OZHUnackNQ+ZC1cnk4z8TZk8FFsH410CLu/4j19sgzG81
Sp04CreLnrVNvWR7f0anPyLIr1By/iwylPo8blZR3XTXVGfs2xHK1AQGWSXq4pmw
VqJ1fDo+vzO6vRmpJmgDDdk3JAjNIra9vN6Goi2b6A5ZgYfQ7uzj9h57bLQrEoOE
Ra5vb3OKC8G5IpPdJ22d+WfYchFD0AsbxAvVSXQaOk9M4dvzB/mFuF41xIAF71qL
UEuylp94HiZ+k2dlmTbFU/GQxViZ+n5jG+fd7QdiB3c+ZmDEc0UpdszE7b2BzR5L
Qdnd
-----END CERTIFICATE-----
Generated at Fri Apr 17 23:23:24 2026 by rpki-client