Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/Njfyl2KPR3xOc19I21BmKveiq_g.roa
File: Njfyl2KPR3xOc19I21BmKveiq_g.roa (raw, json)
Hash identifier: Jv/2a5qxJQXPdUJfbdhH4moM57s4biyJMjIwHU+DbKo=
Subject key identifier: 36:37:F2:97:62:8F:47:7C:4E:73:5F:48:DB:50:66:2A:F7:A2:AB:F8
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 01980070FDA7D7E3A35A1BFF639015BC559B
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/Njfyl2KPR3xOc19I21BmKveiq_g.roa
Signing time: Sat 12 Jul 2025 21:01:01 +0000
ROA not before: Sat 12 Jul 2025 21:01:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203963
IP address blocks: 94.74.137.0/24 maxlen: 24
94.74.156.0/24 maxlen: 24
94.74.158.0/24 maxlen: 24
94.74.159.0/24 maxlen: 24
94.74.169.0/24 maxlen: 24
94.74.171.0/24 maxlen: 24
109.203.163.0/24 maxlen: 24
176.46.136.0/24 maxlen: 24
176.46.138.0/24 maxlen: 24
176.46.139.0/24 maxlen: 24
176.46.142.0/24 maxlen: 24
176.46.144.0/24 maxlen: 24
176.46.150.0/24 maxlen: 24
176.46.155.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.mft
rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 14:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:00:70:fd:a7:d7:e3:a3:5a:1b:ff:63:90:15:bc:55:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Jul 12 21:01:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3637f297628f477c4e735f48db50662af7a2abf8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:d2:2d:1e:52:e7:ec:5a:2f:17:2f:54:6e:55:
07:94:95:1a:83:a4:0c:32:b0:c2:8e:0a:cf:bd:9c:
de:50:7c:18:15:c3:ad:4c:e7:bb:ae:ab:d9:98:0e:
8d:6d:29:d6:95:05:ea:b0:24:52:09:93:56:86:ee:
69:89:b6:c4:cf:5d:06:ee:e9:a5:97:4a:7a:f2:0e:
58:a2:85:c8:da:a8:94:4c:9f:31:f0:28:46:24:b7:
3e:9b:f9:5f:ae:f8:e9:86:d2:4c:0d:c2:06:03:34:
6a:5d:96:5f:99:e7:1b:5e:4d:7f:31:5d:87:e1:bb:
3e:60:b8:38:47:36:23:a8:2e:a5:a2:22:16:c6:07:
f3:44:4f:ff:a3:de:44:2d:4b:73:21:a7:0f:62:b6:
99:df:ab:75:3e:f7:9b:9f:9f:13:bc:17:6d:20:cd:
ef:18:17:ee:c7:19:19:60:6b:c4:18:06:af:6a:a6:
b2:ff:bd:34:5e:90:36:97:52:c3:df:34:04:7b:99:
48:08:d3:73:bb:b2:13:71:ca:1c:c2:43:08:d2:7d:
87:15:e3:15:4a:06:7f:5e:11:42:2b:f4:fe:10:f0:
b4:4f:bd:d2:69:4c:d4:08:eb:33:41:a1:8f:83:24:
3e:3c:03:0b:70:8d:73:6a:d0:b1:1e:22:93:c2:09:
0b:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:37:F2:97:62:8F:47:7C:4E:73:5F:48:DB:50:66:2A:F7:A2:AB:F8
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/Njfyl2KPR3xOc19I21BmKveiq_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.74.137.0/24
94.74.156.0/24
94.74.158.0/23
94.74.169.0/24
94.74.171.0/24
109.203.163.0/24
176.46.136.0/24
176.46.138.0/23
176.46.142.0/24
176.46.144.0/24
176.46.150.0/24
176.46.155.0/24
Signature Algorithm: sha256WithRSAEncryption
04:34:e8:0c:ff:99:85:6a:30:13:fb:a5:5c:c2:66:93:26:74:
9f:f7:24:68:65:bf:3a:9f:a0:12:6e:2f:d8:41:7d:12:7d:29:
53:82:b0:76:8d:e0:98:84:23:0f:1f:82:e4:e0:b9:c7:85:75:
2a:a6:45:5c:93:a9:ba:41:0f:c8:16:be:9e:f9:b1:c3:bf:2d:
e2:ac:a4:8e:9f:6c:29:49:43:51:9d:51:8c:cb:9d:e5:0b:e8:
44:fa:34:46:53:b8:03:ab:0a:09:af:50:a7:39:88:e0:e5:dc:
e7:c7:7d:ba:0f:c8:30:54:84:ac:69:1a:b3:09:27:91:04:e5:
02:14:e1:08:85:c6:3d:b4:0d:b0:d3:92:e7:61:bf:69:be:60:
54:eb:84:1e:58:57:4d:c0:6f:08:d3:4d:69:8a:e7:b0:7d:af:
70:1b:93:0b:82:4a:ad:3a:36:df:de:f8:c2:8d:11:9f:87:e6:
30:21:6b:69:94:17:69:a4:eb:05:e0:cd:1f:cc:10:a6:a9:72:
42:94:eb:21:5f:0f:28:d9:71:b4:0d:f1:31:fc:61:5d:c9:c0:
82:ae:02:0b:9d:23:ae:3c:71:d4:3c:92:88:e7:5e:9c:99:5a:
10:87:b5:31:9a:eb:c5:24:2a:18:0f:66:68:7d:49:52:a8:5a:
e1:85:70:99
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZgAcP2n1+OjWhv/Y5AVvFWbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjUwNzEyMjEwMTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjM3ZjI5NzYyOGY0NzdjNGU3MzVmNDhkYjUwNjYyYWY3YTJhYmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtNItHlLn7FovFy9UblUHlJUag6QM
MrDCjgrPvZzeUHwYFcOtTOe7rqvZmA6NbSnWlQXqsCRSCZNWhu5pibbEz10G7uml
l0p68g5YooXI2qiUTJ8x8ChGJLc+m/lfrvjphtJMDcIGAzRqXZZfmecbXk1/MV2H
4bs+YLg4RzYjqC6loiIWxgfzRE//o95ELUtzIacPYraZ36t1Pvebn58TvBdtIM3v
GBfuxxkZYGvEGAavaqay/700XpA2l1LD3zQEe5lICNNzu7ITccocwkMI0n2HFeMV
SgZ/XhFCK/T+EPC0T73SaUzUCOszQaGPgyQ+PAMLcI1zatCxHiKTwgkLLwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFDY38pdij0d8TnNfSNtQZir3oqv4MB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvTmpmeWwyS1BSM3hPYzE5STIxQm1LdmVpcV9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQAXkqJAwQA
XkqcAwQBXkqeAwQAXkqpAwQAXkqrAwQAbcujAwQAsC6IAwQBsC6KAwQAsC6OAwQA
sC6QAwQAsC6WAwQAsC6bMA0GCSqGSIb3DQEBCwUAA4IBAQAENOgM/5mFajAT+6Vc
wmaTJnSf9yRoZb86n6ASbi/YQX0SfSlTgrB2jeCYhCMPH4Lk4LnHhXUqpkVck6m6
QQ/IFr6e+bHDvy3irKSOn2wpSUNRnVGMy53lC+hE+jRGU7gDqwoJr1CnOYjg5dzn
x326D8gwVISsaRqzCSeRBOUCFOEIhcY9tA2w05LnYb9pvmBU64QeWFdNwG8I001p
iuewfa9wG5MLgkqtOjbf3vjCjRGfh+YwIWtplBdppOsF4M0fzBCmqXJClOshXw8o
2XG0DfEx/GFdycCCrgILnSOuPHHUPJKI516cmVoQh7UxmuvFJCoYD2ZofUlSqFrh
hXCZ
-----END CERTIFICATE-----
Generated at Wed Jul 23 23:28:20 2025 by rpki-client