Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/NnqvQhUaUP2DJi_WZAMSKo0P-OQ.roa
File: NnqvQhUaUP2DJi_WZAMSKo0P-OQ.roa (raw, json)
Hash identifier: nk529TsYCvVQjH8mDtUSTqsATbfQa7whuncsuwTHiRc=
Subject key identifier: 36:7A:AF:42:15:1A:50:FD:83:26:2F:D6:64:03:12:2A:8D:0F:F8:E4
Certificate issuer: /CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
Certificate serial: 0197F9BC7BD1AEF68601FD95E0D6879D1F71
Authority key identifier: D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/NnqvQhUaUP2DJi_WZAMSKo0P-OQ.roa
Signing time: Fri 11 Jul 2025 13:46:08 +0000
ROA not before: Fri 11 Jul 2025 13:46:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60246
IP address blocks: 80.72.20.0/23 maxlen: 32
80.72.24.0/23 maxlen: 32
85.198.120.0/21 maxlen: 32
92.118.72.0/23 maxlen: 32
95.174.96.0/20 maxlen: 32
95.174.112.0/21 maxlen: 32
95.174.120.0/24 maxlen: 32
95.174.123.0/24 maxlen: 32
95.174.124.0/22 maxlen: 32
178.212.139.0/24 maxlen: 32
178.248.0.0/22 maxlen: 32
185.9.184.0/24 maxlen: 32
185.9.186.0/23 maxlen: 32
185.230.240.0/23 maxlen: 32
185.230.242.0/24 maxlen: 32
2a00:8740::/47 maxlen: 128
2a00:8740:2::/48 maxlen: 128
2a00:8740:10::/47 maxlen: 128
2a00:8740:15::/48 maxlen: 128
2a00:8740:16::/47 maxlen: 128
2a00:8740:18::/45 maxlen: 128
2a00:8740:20::/44 maxlen: 128
2a00:8740:30::/46 maxlen: 128
2a00:8740:34::/47 maxlen: 128
2a00:8740:36::/48 maxlen: 128
2a00:8740:100::/48 maxlen: 128
2a00:8740:110::/47 maxlen: 128
2a00:8740:112::/48 maxlen: 128
2a00:8740:201::/48 maxlen: 128
2a00:8740:ff00::/48 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/0-lwM6NqqbzAwvFn5iDXyhSTy-o.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/0-lwM6NqqbzAwvFn5iDXyhSTy-o.mft
rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 26 Jul 2025 01:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:f9:bc:7b:d1:ae:f6:86:01:fd:95:e0:d6:87:9d:1f:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
Validity
Not Before: Jul 11 13:46:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=367aaf42151a50fd83262fd66403122a8d0ff8e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:bf:85:98:ea:59:00:66:61:15:a9:c7:b1:e7:
32:b9:4d:b9:1d:42:b2:d1:cb:41:1c:1f:64:60:bf:
65:63:2e:0f:37:bc:29:c2:8d:83:8d:40:07:2a:50:
97:59:8b:01:e7:d6:6f:bc:3c:a3:d2:7a:3d:f7:40:
cb:ad:5c:9f:79:23:3d:ec:b3:82:db:12:02:31:d6:
d8:34:8e:ab:3f:2f:61:b7:fb:af:24:18:fd:68:5f:
cc:ea:d6:16:8d:75:29:d9:88:6a:42:ac:1b:8d:39:
9e:1d:5f:10:4f:11:fa:2d:47:38:4b:db:f9:46:78:
ae:88:c4:da:38:a0:84:47:b9:bc:aa:18:6b:e3:39:
38:02:39:e1:30:9d:84:5a:15:01:3e:f4:14:97:7e:
43:8f:bb:63:d6:da:cb:30:ff:0e:7c:14:c0:50:9d:
c3:13:56:5d:06:c4:2c:66:df:ad:ac:42:da:cd:af:
f5:1b:f9:ec:7e:37:88:0c:ea:34:2c:85:96:ba:21:
ed:ee:bb:ad:3b:82:80:f2:dc:d3:64:30:b8:84:c1:
db:7f:68:32:1c:8c:d8:63:86:27:93:77:68:f0:03:
26:f2:91:87:dd:a7:75:e0:31:2c:2c:ab:22:cc:d3:
d8:4d:c8:99:8b:c8:50:52:74:90:d2:d5:8a:e3:f5:
70:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:7A:AF:42:15:1A:50:FD:83:26:2F:D6:64:03:12:2A:8D:0F:F8:E4
X509v3 Authority Key Identifier:
keyid:D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/NnqvQhUaUP2DJi_WZAMSKo0P-OQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/0-lwM6NqqbzAwvFn5iDXyhSTy-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.72.20.0/23
80.72.24.0/23
85.198.120.0/21
92.118.72.0/23
95.174.96.0-95.174.120.255
95.174.123.0-95.174.127.255
178.212.139.0/24
178.248.0.0/22
185.9.184.0/24
185.9.186.0/23
185.230.240.0-185.230.242.255
IPv6:
2a00:8740::-2a00:8740:2:ffff:ffff:ffff:ffff:ffff
2a00:8740:10::/47
2a00:8740:15::-2a00:8740:36:ffff:ffff:ffff:ffff:ffff
2a00:8740:100::/48
2a00:8740:110::-2a00:8740:112:ffff:ffff:ffff:ffff:ffff
2a00:8740:201::/48
2a00:8740:ff00::/48
Signature Algorithm: sha256WithRSAEncryption
99:be:d9:15:e2:4b:1b:37:9f:60:04:ad:a6:db:00:b4:5e:2f:
d9:30:72:cc:65:e3:9a:05:66:dd:80:ba:20:f9:8e:c8:c5:0d:
18:72:66:9d:fb:37:d7:9b:0c:bb:00:29:42:89:0c:47:ee:b4:
36:e8:41:67:03:55:97:04:f9:10:b7:a4:e1:18:0e:b5:11:74:
8e:ed:34:d8:bf:77:89:6d:b2:fd:60:a5:97:a5:e6:55:6c:b2:
6c:b3:31:98:78:de:af:02:a9:ef:34:31:11:ee:0e:1e:98:0b:
03:ed:3d:23:a2:c7:a4:31:96:e9:52:a1:b6:ae:f5:3d:a1:24:
47:ab:5f:fe:0f:a2:7a:08:f8:5f:14:dc:c0:b7:99:a0:9e:30:
4d:0c:a9:21:f4:a1:f4:59:87:92:78:35:4a:af:c7:89:af:2d:
53:a7:12:4b:b7:16:6f:24:10:14:28:15:44:5e:26:c4:4a:70:
31:8a:af:42:c9:1f:e1:ab:2a:ff:c8:79:f8:f3:b2:08:cd:84:
53:4a:15:48:1e:26:e8:08:9a:d2:40:98:8c:0b:23:db:57:c9:
14:a1:03:73:a1:76:67:10:0b:c6:18:ad:95:da:92:63:cb:13:
cb:da:be:79:6d:67:c0:8d:2a:69:bb:dc:cf:8b:37:80:b5:75:
45:c2:3a:c4
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgISAZf5vHvRrvaGAf2V4NaHnR9xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZTk3MDMzYTM2YWE5YmNjMGMyZjE2N2U2MjBkN2NhMTQ5
M2NiZWEwHhcNMjUwNzExMTM0NjA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjdhYWY0MjE1MWE1MGZkODMyNjJmZDY2NDAzMTIyYThkMGZmOGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtb+FmOpZAGZhFanHsecyuU25HUKy
0ctBHB9kYL9lYy4PN7wpwo2DjUAHKlCXWYsB59ZvvDyj0no990DLrVyfeSM97LOC
2xICMdbYNI6rPy9ht/uvJBj9aF/M6tYWjXUp2YhqQqwbjTmeHV8QTxH6LUc4S9v5
RniuiMTaOKCER7m8qhhr4zk4AjnhMJ2EWhUBPvQUl35Dj7tj1trLMP8OfBTAUJ3D
E1ZdBsQsZt+trELaza/1G/nsfjeIDOo0LIWWuiHt7rutO4KA8tzTZDC4hMHbf2gy
HIzYY4Ynk3do8AMm8pGH3ad14DEsLKsizNPYTciZi8hQUnSQ0tWK4/VwvQIDAQAB
o4ICxjCCAsIwHQYDVR0OBBYEFDZ6r0IVGlD9gyYv1mQDEiqND/jkMB8GA1UdIwQY
MBaAFNPpcDOjaqm8wMLxZ+Yg18oUk8vqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMt
ZGJmOWQ0MWYxNzk4LzEvTm5xdlFoVWFVUDJESmlfV1pBTVNLbzBQLU9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMtZGJmOWQ0MWYxNzk4
LzEvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHbBggrBgEFBQcBBwEB/wSByzCByDBgBAIAATBaAwQBUEgU
AwQBUEgYAwQDVcZ4AwQBXHZIMAwDBAVfrmADBABfrngwDAMEAF+uewMEB1+uAAME
ALLUiwMEArL4AAMEALkJuAMEAbkJujAMAwQEuebwAwQAuebyMGQEAgACMF4wEAMF
BioAh0ADBwAqAIdAAAIDBwEqAIdAABAwEgMHACoAh0AAFQMHACoAh0AANgMHACoA
h0ABADASAwcEKgCHQAEQAwcAKgCHQAESAwcAKgCHQAIBAwcAKgCHQP8AMA0GCSqG
SIb3DQEBCwUAA4IBAQCZvtkV4ksbN59gBK2m2wC0Xi/ZMHLMZeOaBWbdgLog+Y7I
xQ0Ycmad+zfXmwy7AClCiQxH7rQ26EFnA1WXBPkQt6ThGA61EXSO7TTYv3eJbbL9
YKWXpeZVbLJsszGYeN6vAqnvNDER7g4emAsD7T0josekMZbpUqG2rvU9oSRHq1/+
D6J6CPhfFNzAt5mgnjBNDKkh9KH0WYeSeDVKr8eJry1TpxJLtxZvJBAUKBVEXibE
SnAxiq9CyR/hqyr/yHn487IIzYRTShVIHiboCJrSQJiMCyPbV8kUoQNzoXZnEAvG
GK2V2pJjyxPL2r55bWfAjSppu9zPizeAtXVFwjrE
-----END CERTIFICATE-----
Generated at Fri Jul 25 10:39:16 2025 by rpki-client