Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/NuPadKGZBaMAGBPtIQ6gKqOUOVE.roa
File: NuPadKGZBaMAGBPtIQ6gKqOUOVE.roa (raw, json)
Hash identifier: 7vP9wfcX5uAIPbCHr3n/pH4psPIKCak3rPJRSdTHVEg=
Subject key identifier: 36:E3:DA:74:A1:99:05:A3:00:18:13:ED:21:0E:A0:2A:A3:94:39:51
Certificate issuer: /CN=e5d6c6e8bced40bd032d17718c1b1e39ae841ae8
Certificate serial: 0197F02F1C2332370A31AAFA19BE6B591817
Authority key identifier: E5:D6:C6:E8:BC:ED:40:BD:03:2D:17:71:8C:1B:1E:39:AE:84:1A:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5dbG6LztQL0DLRdxjBseOa6EGug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/NuPadKGZBaMAGBPtIQ6gKqOUOVE.roa
Signing time: Wed 09 Jul 2025 17:15:08 +0000
ROA not before: Wed 09 Jul 2025 17:15:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5610
IP address blocks: 37.188.128.0/17 maxlen: 17
37.188.128.0/21 maxlen: 21
37.188.136.0/21 maxlen: 21
37.188.144.0/20 maxlen: 20
37.188.144.0/21 maxlen: 21
37.188.152.0/21 maxlen: 21
37.188.160.0/20 maxlen: 20
37.188.160.0/21 maxlen: 21
37.188.168.0/21 maxlen: 21
37.188.176.0/20 maxlen: 20
37.188.176.0/21 maxlen: 21
37.188.184.0/21 maxlen: 21
37.188.192.0/23 maxlen: 23
37.188.194.0/23 maxlen: 23
37.188.224.0/21 maxlen: 21
37.188.232.0/21 maxlen: 21
37.188.240.0/20 maxlen: 20
37.188.240.0/21 maxlen: 21
37.188.248.0/21 maxlen: 21
80.188.0.0/16 maxlen: 16
80.188.0.0/17 maxlen: 17
80.188.40.0/24 maxlen: 24
80.188.120.0/24 maxlen: 24
80.188.128.0/17 maxlen: 17
80.188.131.0/24 maxlen: 24
80.188.165.0/24 maxlen: 24
80.188.170.0/24 maxlen: 24
80.188.200.0/24 maxlen: 24
80.188.202.0/24 maxlen: 24
80.188.222.0/24 maxlen: 24
80.188.225.0/24 maxlen: 24
81.90.160.0/20 maxlen: 20
81.90.168.0/24 maxlen: 24
81.90.170.0/24 maxlen: 24
81.90.173.0/24 maxlen: 24
83.69.32.0/19 maxlen: 19
83.208.0.0/16 maxlen: 16
83.208.0.0/18 maxlen: 18
83.208.64.0/18 maxlen: 18
83.208.128.0/19 maxlen: 19
85.70.0.0/15 maxlen: 15
85.70.0.0/16 maxlen: 16
85.70.0.0/17 maxlen: 17
85.70.128.0/17 maxlen: 17
85.71.0.0/16 maxlen: 16
85.160.0.0/15 maxlen: 15
85.193.0.0/18 maxlen: 18
88.83.160.0/19 maxlen: 19
88.83.175.0/24 maxlen: 24
88.100.0.0/14 maxlen: 14
88.100.0.0/15 maxlen: 15
88.102.0.0/15 maxlen: 15
88.102.0.0/16 maxlen: 16
88.103.218.0/24 maxlen: 24
90.176.32.0/19 maxlen: 19
90.176.64.0/18 maxlen: 18
90.176.128.0/17 maxlen: 17
90.177.0.0/16 maxlen: 16
90.178.0.0/15 maxlen: 15
90.180.0.0/14 maxlen: 14
90.182.6.0/24 maxlen: 24
90.182.108.0/24 maxlen: 24
90.182.109.0/24 maxlen: 24
90.182.110.0/24 maxlen: 24
90.182.134.0/24 maxlen: 24
90.182.146.0/24 maxlen: 24
90.182.161.0/24 maxlen: 24
90.182.221.0/24 maxlen: 24
90.183.57.0/24 maxlen: 24
90.183.72.0/24 maxlen: 24
90.183.76.0/24 maxlen: 24
90.183.77.0/24 maxlen: 24
90.183.78.0/24 maxlen: 24
90.183.108.0/24 maxlen: 24
92.243.192.0/19 maxlen: 19
109.80.0.0/15 maxlen: 15
109.81.112.0/20 maxlen: 20
109.81.160.0/20 maxlen: 20
109.81.208.0/24 maxlen: 24
109.81.209.0/24 maxlen: 24
109.81.210.0/24 maxlen: 24
109.81.211.0/24 maxlen: 24
109.81.212.0/24 maxlen: 24
109.81.213.0/24 maxlen: 24
109.81.214.0/24 maxlen: 24
109.81.215.0/24 maxlen: 24
160.218.0.0/16 maxlen: 16
160.218.13.0/24 maxlen: 24
185.61.228.0/22 maxlen: 22
194.228.0.0/16 maxlen: 16
194.228.0.0/17 maxlen: 17
194.228.11.0/24 maxlen: 24
194.228.13.0/24 maxlen: 24
194.228.20.0/24 maxlen: 24
194.228.32.0/24 maxlen: 24
194.228.59.0/24 maxlen: 24
194.228.68.0/24 maxlen: 24
194.228.72.0/22 maxlen: 22
194.228.76.0/24 maxlen: 24
194.228.79.0/24 maxlen: 24
194.228.128.0/17 maxlen: 17
217.117.208.0/20 maxlen: 20
217.194.160.0/20 maxlen: 20
2001:41d8::/32 maxlen: 32
2a00:1028::/29 maxlen: 29
2a00:1028::/32 maxlen: 32
2a00:1028:d::/48 maxlen: 48
2a02:9b8::/31 maxlen: 31
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/5dbG6LztQL0DLRdxjBseOa6EGug.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/5dbG6LztQL0DLRdxjBseOa6EGug.mft
rsync://rpki.ripe.net/repository/DEFAULT/5dbG6LztQL0DLRdxjBseOa6EGug.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 03:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:f0:2f:1c:23:32:37:0a:31:aa:fa:19:be:6b:59:18:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5d6c6e8bced40bd032d17718c1b1e39ae841ae8
Validity
Not Before: Jul 9 17:15:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=36e3da74a19905a3001813ed210ea02aa3943951
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:2d:d4:bb:09:f3:16:2b:47:e9:f7:64:92:14:
50:38:77:42:b4:de:8c:9f:e6:2d:35:94:96:03:ce:
63:f7:b0:b0:83:2f:84:30:00:f8:97:8e:a1:df:32:
c5:9e:51:f4:66:59:cc:99:b8:f6:b9:9d:a1:f7:24:
0b:a6:e3:f0:96:f6:7a:ae:63:a9:05:66:bf:7f:db:
d3:f0:9e:f0:1a:3b:f9:ab:33:78:15:cf:97:3d:85:
a8:11:9f:12:f4:43:44:b1:f2:59:fb:71:2e:aa:15:
a1:bb:42:7e:b7:2b:df:78:25:a1:42:1e:c5:fd:e4:
6f:c1:05:04:cd:d8:0a:00:dc:b1:1e:c8:04:55:ce:
82:d2:b5:36:3b:e7:a1:bc:18:8f:d5:4f:68:98:e1:
de:79:87:f5:21:40:71:4b:e5:1a:f7:ec:ad:3e:ba:
8c:52:7d:93:f5:49:21:ff:84:10:72:eb:f1:3e:8e:
ce:f1:83:76:bb:86:60:f9:d2:36:9d:49:ab:92:f9:
ba:bb:d1:ce:d9:26:b4:62:84:a6:66:2a:13:a3:6c:
fd:99:05:52:50:e4:81:f9:49:e7:f5:b4:b4:e4:76:
d5:f8:22:0b:9d:42:48:64:0b:ed:55:cd:49:24:d1:
31:96:1f:3d:50:e2:b7:a3:83:d6:5a:08:f0:1b:90:
64:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:E3:DA:74:A1:99:05:A3:00:18:13:ED:21:0E:A0:2A:A3:94:39:51
X509v3 Authority Key Identifier:
keyid:E5:D6:C6:E8:BC:ED:40:BD:03:2D:17:71:8C:1B:1E:39:AE:84:1A:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5dbG6LztQL0DLRdxjBseOa6EGug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/NuPadKGZBaMAGBPtIQ6gKqOUOVE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/5dbG6LztQL0DLRdxjBseOa6EGug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.188.128.0/17
80.188.0.0/16
81.90.160.0/20
83.69.32.0/19
83.208.0.0/16
85.70.0.0/15
85.160.0.0/15
85.193.0.0/18
88.83.160.0/19
88.100.0.0/14
90.176.32.0-90.183.255.255
92.243.192.0/19
109.80.0.0/15
160.218.0.0/16
185.61.228.0/22
194.228.0.0/16
217.117.208.0/20
217.194.160.0/20
IPv6:
2001:41d8::/32
2a00:1028::/29
2a02:9b8::/31
Signature Algorithm: sha256WithRSAEncryption
84:24:77:6e:0b:a3:9a:00:d1:b6:51:f9:dc:d5:4c:6c:87:ea:
c1:9a:78:98:67:53:99:f5:f3:20:8a:c6:3a:4d:5b:52:5d:4b:
0e:55:ce:f3:49:2e:8c:37:c7:50:c1:2c:c6:ab:3c:5f:89:b2:
ee:6d:8f:0d:20:90:60:cf:5d:e6:b1:c5:ae:0b:4f:2c:7c:fe:
c4:cf:e2:02:e7:69:c0:6e:63:25:c3:80:8d:72:3f:21:e9:4c:
51:c8:b4:84:e4:75:f2:18:22:5d:4f:f2:a2:d7:62:76:fd:54:
2f:a0:ee:1a:da:81:5f:f7:95:40:c0:1f:48:94:6c:36:25:e3:
d9:87:20:e2:5e:c8:31:2d:72:40:a2:06:59:1f:85:a0:37:3d:
b1:49:2f:2a:35:44:09:02:b3:74:b2:51:e1:9b:bc:4f:74:e1:
d8:c2:54:af:19:20:8c:5b:c1:d9:e7:4c:6f:e6:12:33:69:67:
c2:1e:56:17:4b:d1:8e:60:7a:97:f3:d9:63:68:98:8f:01:0f:
2f:a6:a2:d3:4f:d8:2e:c1:8c:2b:4b:73:3d:a4:04:ce:1d:b2:
df:92:df:59:b6:b3:dc:9f:68:a6:ac:17:63:8b:7f:3b:a6:8e:
c9:1d:20:2c:ff:37:33:ac:cb:2a:aa:3d:81:d8:2b:2b:1e:d2:
b7:bd:f4:6b
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAZfwLxwjMjcKMar6Gb5rWRgXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1ZDZjNmU4YmNlZDQwYmQwMzJkMTc3MThjMWIxZTM5YWU4
NDFhZTgwHhcNMjUwNzA5MTcxNTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmUzZGE3NGExOTkwNWEzMDAxODEzZWQyMTBlYTAyYWEzOTQzOTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsy3UuwnzFitH6fdkkhRQOHdCtN6M
n+YtNZSWA85j97Cwgy+EMAD4l46h3zLFnlH0ZlnMmbj2uZ2h9yQLpuPwlvZ6rmOp
BWa/f9vT8J7wGjv5qzN4Fc+XPYWoEZ8S9ENEsfJZ+3EuqhWhu0J+tyvfeCWhQh7F
/eRvwQUEzdgKANyxHsgEVc6C0rU2O+ehvBiP1U9omOHeeYf1IUBxS+Ua9+ytPrqM
Un2T9Ukh/4QQcuvxPo7O8YN2u4Zg+dI2nUmrkvm6u9HO2Sa0YoSmZioTo2z9mQVS
UOSB+Unn9bS05HbV+CILnUJIZAvtVc1JJNExlh89UOK3o4PWWgjwG5BkAwIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFDbj2nShmQWjABgT7SEOoCqjlDlRMB8GA1UdIwQY
MBaAFOXWxui87UC9Ay0XcYwbHjmuhBroMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWRiRzZMenRRTDBETFJkeGpCc2VPYTZFR3VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wODk0ZjctZTI0ZC00NzI4LThjYWQt
YmQyNDliNjI1Nzk3LzEvTnVQYWRLR1pCYU1BR0JQdElRNmdLcU9VT1ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8wODk0ZjctZTI0ZC00NzI4LThjYWQtYmQyNDliNjI1Nzk3
LzEvNWRiRzZMenRRTDBETFJkeGpCc2VPYTZFR3VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDBxBAIAATBrAwQHJbyA
AwMAULwDBARRWqADBAVTRSADAwBT0AMDAVVGAwMBVaADBAZVwQADBAVYU6ADAwJY
ZDALAwQFWrAgAwMDWrADBAVc88ADAwFtUAMDAKDaAwQCuT3kAwMAwuQDBATZddAD
BATZwqAwGwQCAAIwFQMFACABQdgDBQMqABAoAwUBKgIJuDANBgkqhkiG9w0BAQsF
AAOCAQEAhCR3bgujmgDRtlH53NVMbIfqwZp4mGdTmfXzIIrGOk1bUl1LDlXO80ku
jDfHUMEsxqs8X4my7m2PDSCQYM9d5rHFrgtPLHz+xM/iAudpwG5jJcOAjXI/IelM
Uci0hOR18hgiXU/yotdidv1UL6DuGtqBX/eVQMAfSJRsNiXj2Ycg4l7IMS1yQKIG
WR+FoDc9sUkvKjVECQKzdLJR4Zu8T3Th2MJUrxkgjFvB2edMb+YSM2lnwh5WF0vR
jmB6l/PZY2iYjwEPL6ai00/YLsGMK0tzPaQEzh2y35LfWbaz3J9opqwXY4t/O6aO
yR0gLP83M6zLKqo9gdgrKx7St730aw==
-----END CERTIFICATE-----
Generated at Sun Jul 27 10:18:54 2025 by rpki-client