Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/njy0ZzE7jQ8CAv0N5IGSMS0-dL8.roa
File: njy0ZzE7jQ8CAv0N5IGSMS0-dL8.roa (raw, json)
Hash identifier: KK7BgZXmKYBrQlBIPx+WAzdhzWil1XPXeHZy3yXRGGA=
Subject key identifier: 9E:3C:B4:67:31:3B:8D:0F:02:02:FD:0D:E4:81:92:31:2D:3E:74:BF
Certificate issuer: /CN=a2088e06d553cff293d277f4d76c3a710bd8b2f7
Certificate serial: 019851D7DB5D01149585AF8236B13B34AE42
Authority key identifier: A2:08:8E:06:D5:53:CF:F2:93:D2:77:F4:D7:6C:3A:71:0B:D8:B2:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ogiOBtVTz_KT0nf012w6cQvYsvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/njy0ZzE7jQ8CAv0N5IGSMS0-dL8.roa
Signing time: Mon 28 Jul 2025 16:22:37 +0000
ROA not before: Mon 28 Jul 2025 16:22:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3320
IP address blocks: 85.204.181.0/24 maxlen: 24
86.105.58.0/24 maxlen: 24
86.105.211.0/24 maxlen: 24
86.107.164.0/24 maxlen: 24
89.39.97.0/24 maxlen: 24
93.113.70.0/24 maxlen: 24
93.119.144.0/24 maxlen: 24
93.119.201.0/24 maxlen: 24
93.119.232.0/24 maxlen: 24
188.208.124.0/24 maxlen: 24
188.214.136.0/24 maxlen: 24
188.214.137.0/24 maxlen: 24
188.214.138.0/24 maxlen: 24
188.214.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/ogiOBtVTz_KT0nf012w6cQvYsvc.crl
rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/ogiOBtVTz_KT0nf012w6cQvYsvc.mft
rsync://rpki.ripe.net/repository/DEFAULT/ogiOBtVTz_KT0nf012w6cQvYsvc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 07:03:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:51:d7:db:5d:01:14:95:85:af:82:36:b1:3b:34:ae:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2088e06d553cff293d277f4d76c3a710bd8b2f7
Validity
Not Before: Jul 28 16:22:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9e3cb467313b8d0f0202fd0de48192312d3e74bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:a8:dd:ea:d1:e7:92:c8:ed:ff:14:1b:db:b7:
a0:33:ff:ea:04:64:76:28:49:9e:9a:d5:e4:80:a5:
c4:0a:f4:e2:df:6f:83:df:4c:4d:fd:57:e7:ab:7a:
05:98:34:70:c9:69:1d:02:44:35:c4:eb:3f:1b:8f:
ea:2c:94:45:76:6f:cb:bc:6d:2e:42:6f:db:d0:05:
53:c4:d3:28:6b:a8:88:f2:2e:4c:d9:13:e4:84:9c:
c3:28:c9:05:99:f9:51:2c:67:c2:52:6d:e3:a4:b5:
78:4a:c8:51:ed:60:e7:b5:79:82:d8:8e:c9:d2:f2:
49:ae:84:fc:f2:88:fc:a4:e8:9a:e5:69:b4:08:f1:
98:0c:fa:4f:f3:85:ec:af:16:1a:93:6f:79:46:a2:
ac:4e:5a:bc:ce:fd:2b:33:f8:8b:5e:7b:93:61:7b:
2e:ea:44:99:1f:fa:f3:17:32:20:4a:38:29:52:b0:
b8:4f:0d:5b:8f:19:26:da:66:cd:b0:11:df:f3:3b:
a9:f4:09:29:5e:d2:5b:1e:90:d8:55:32:9f:c6:e2:
78:e5:e4:b0:e4:64:28:a7:a8:43:d8:ec:2b:ad:c9:
d1:48:8f:04:fc:dc:7d:bd:3a:45:a8:69:08:c1:7c:
e8:2d:57:fb:3e:ac:d2:cd:d3:6e:b9:78:38:65:9c:
fb:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:3C:B4:67:31:3B:8D:0F:02:02:FD:0D:E4:81:92:31:2D:3E:74:BF
X509v3 Authority Key Identifier:
keyid:A2:08:8E:06:D5:53:CF:F2:93:D2:77:F4:D7:6C:3A:71:0B:D8:B2:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ogiOBtVTz_KT0nf012w6cQvYsvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/njy0ZzE7jQ8CAv0N5IGSMS0-dL8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/ogiOBtVTz_KT0nf012w6cQvYsvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.181.0/24
86.105.58.0/24
86.105.211.0/24
86.107.164.0/24
89.39.97.0/24
93.113.70.0/24
93.119.144.0/24
93.119.201.0/24
93.119.232.0/24
188.208.124.0/24
188.214.136.0/22
Signature Algorithm: sha256WithRSAEncryption
03:e9:b3:1b:e8:11:56:4e:3f:b3:75:9e:a6:87:87:c7:2b:ac:
01:5d:ae:b2:58:fc:81:4a:69:d3:8f:a3:bd:b2:7e:63:36:f3:
5b:cc:21:6a:6b:a5:a7:53:84:9b:6b:fa:fe:ee:41:8a:f6:95:
4f:8b:5f:76:31:50:8d:60:8a:7c:3c:3d:e2:3a:2d:1a:60:e6:
7e:ed:35:f8:62:9c:ed:be:c4:e4:32:84:5f:e2:8e:8a:3b:dd:
74:0b:81:bf:cd:12:d0:15:56:0a:b7:bf:cd:98:3a:54:e8:c1:
40:09:51:59:d2:98:a0:e1:99:f5:30:af:7e:7b:35:a9:98:a7:
c8:8e:b1:50:48:d9:07:3d:a4:69:48:00:23:08:a6:8a:1c:65:
01:d3:ea:57:69:d8:52:d2:23:9d:3a:fb:ae:73:ac:4a:f1:27:
ea:c6:05:1c:a1:4a:96:89:f8:89:6d:43:39:d0:f3:ca:f1:ab:
b0:80:d3:7a:09:5a:c7:7f:f3:94:d9:ef:5f:b1:d8:88:14:ff:
c9:56:0a:1b:0c:6f:4c:e8:84:ce:13:f6:97:82:10:61:40:29:
40:08:fa:a3:4a:98:80:3e:26:64:dc:e8:66:be:ab:06:69:56:
10:8c:42:4c:04:f9:43:03:25:e6:01:67:46:79:f9:d0:32:21:
a3:74:89:09
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZhR19tdARSVha+CNrE7NK5CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMDg4ZTA2ZDU1M2NmZjI5M2QyNzdmNGQ3NmMzYTcxMGJk
OGIyZjcwHhcNMjUwNzI4MTYyMjM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTNjYjQ2NzMxM2I4ZDBmMDIwMmZkMGRlNDgxOTIzMTJkM2U3NGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn6jd6tHnksjt/xQb27egM//qBGR2
KEmemtXkgKXECvTi32+D30xN/Vfnq3oFmDRwyWkdAkQ1xOs/G4/qLJRFdm/LvG0u
Qm/b0AVTxNMoa6iI8i5M2RPkhJzDKMkFmflRLGfCUm3jpLV4SshR7WDntXmC2I7J
0vJJroT88oj8pOia5Wm0CPGYDPpP84XsrxYak295RqKsTlq8zv0rM/iLXnuTYXsu
6kSZH/rzFzIgSjgpUrC4Tw1bjxkm2mbNsBHf8zup9AkpXtJbHpDYVTKfxuJ45eSw
5GQop6hD2OwrrcnRSI8E/Nx9vTpFqGkIwXzoLVf7PqzSzdNuuXg4ZZz7PQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFJ48tGcxO40PAgL9DeSBkjEtPnS/MB8GA1UdIwQY
MBaAFKIIjgbVU8/yk9J39NdsOnEL2LL3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2dpT0J0VlR6X0tUMG5mMDEydzZjUXZZc3ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9iNDVkNzktYTRkNy00NDYwLWJmZTct
YmJlYTI5MThlMTAyLzEvbmp5MFp6RTdqUThDQXYwTjVJR1NNUzAtZEw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9iNDVkNzktYTRkNy00NDYwLWJmZTctYmJlYTI5MThlMTAy
LzEvb2dpT0J0VlR6X0tUMG5mMDEydzZjUXZZc3ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAVcy1AwQA
Vmk6AwQAVmnTAwQAVmukAwQAWSdhAwQAXXFGAwQAXXeQAwQAXXfJAwQAXXfoAwQA
vNB8AwQCvNaIMA0GCSqGSIb3DQEBCwUAA4IBAQAD6bMb6BFWTj+zdZ6mh4fHK6wB
Xa6yWPyBSmnTj6O9sn5jNvNbzCFqa6WnU4Sba/r+7kGK9pVPi192MVCNYIp8PD3i
Oi0aYOZ+7TX4YpztvsTkMoRf4o6KO910C4G/zRLQFVYKt7/NmDpU6MFACVFZ0pig
4Zn1MK9+ezWpmKfIjrFQSNkHPaRpSAAjCKaKHGUB0+pXadhS0iOdOvuuc6xK8Sfq
xgUcoUqWifiJbUM50PPK8auwgNN6CVrHf/OU2e9fsdiIFP/JVgobDG9M6ITOE/aX
ghBhQClACPqjSpiAPiZk3OhmvqsGaVYQjEJMBPlDAyXmAWdGefnQMiGjdIkJ
-----END CERTIFICATE-----
Generated at Mon Aug 4 15:36:36 2025 by rpki-client