Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/f87a2e-46b1-4a66-a90c-699835c92bfe/1/NlYcoSp45z0WrpR3Tl1MptwPpME.roa
File: NlYcoSp45z0WrpR3Tl1MptwPpME.roa (raw, json)
Hash identifier: sqtBfE3kNCyJie27C2GkG5RDLoXNkpYCfVwwEjHU9tw=
Subject key identifier: 36:56:1C:A1:2A:78:E7:3D:16:AE:94:77:4E:5D:4C:A6:DC:0F:A4:C1
Certificate issuer: /CN=b66ea7359221c1b77d6cc006f7b6706a9a908299
Certificate serial: 0198122988B89F36A845F0F440F82BBA8ED6
Authority key identifier: B6:6E:A7:35:92:21:C1:B7:7D:6C:C0:06:F7:B6:70:6A:9A:90:82:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tm6nNZIhwbd9bMAG97ZwapqQgpk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/f87a2e-46b1-4a66-a90c-699835c92bfe/1/NlYcoSp45z0WrpR3Tl1MptwPpME.roa
Signing time: Wed 16 Jul 2025 07:36:08 +0000
ROA not before: Wed 16 Jul 2025 07:36:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61272
IP address blocks: 85.206.160.0/22 maxlen: 32
85.206.164.0/22 maxlen: 32
85.206.166.58/32 maxlen: 32
85.206.168.0/22 maxlen: 32
85.206.172.0/22 maxlen: 32
85.206.240.0/22 maxlen: 32
88.119.160.0/21 maxlen: 32
88.119.168.0/24 maxlen: 32
88.119.169.0/24 maxlen: 32
88.119.170.0/24 maxlen: 32
88.119.171.0/24 maxlen: 32
88.119.173.0/24 maxlen: 32
88.119.174.0/24 maxlen: 32
88.119.175.0/24 maxlen: 32
91.216.163.0/24 maxlen: 32
185.25.48.0/22 maxlen: 32
185.64.104.0/22 maxlen: 32
213.252.229.0/24 maxlen: 32
213.252.230.0/24 maxlen: 32
213.252.231.0/24 maxlen: 32
213.252.232.0/24 maxlen: 32
213.252.233.0/24 maxlen: 32
213.252.238.0/24 maxlen: 32
2a04:2180::/32 maxlen: 64
2a04:2181:c010::/48 maxlen: 64
2a04:2181:c011::/48 maxlen: 64
2a04:2181:c012::/48 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/f87a2e-46b1-4a66-a90c-699835c92bfe/1/tm6nNZIhwbd9bMAG97ZwapqQgpk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/f87a2e-46b1-4a66-a90c-699835c92bfe/1/tm6nNZIhwbd9bMAG97ZwapqQgpk.mft
rsync://rpki.ripe.net/repository/DEFAULT/tm6nNZIhwbd9bMAG97ZwapqQgpk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:12:29:88:b8:9f:36:a8:45:f0:f4:40:f8:2b:ba:8e:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b66ea7359221c1b77d6cc006f7b6706a9a908299
Validity
Not Before: Jul 16 07:36:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=36561ca12a78e73d16ae94774e5d4ca6dc0fa4c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:d7:42:a9:cc:98:ab:d5:fa:3d:b0:b6:f1:66:
f7:26:f9:25:fb:a5:eb:6f:4a:9a:d8:06:15:47:53:
9f:c7:8d:e5:c7:4b:8c:80:62:17:0f:61:02:cc:6c:
dd:19:e7:15:a5:0e:f1:79:3c:81:89:ce:90:4e:b2:
cd:b5:6e:4e:fd:51:f0:d3:af:ba:63:8a:a4:3d:62:
cf:51:0e:35:e2:c0:c3:b5:e6:ea:e7:24:19:54:bf:
18:fb:90:c6:60:f7:f3:33:f1:33:4b:9a:de:e1:90:
d6:27:93:56:65:85:2f:b3:7d:39:9c:f9:60:86:b9:
6d:da:aa:a9:f3:29:1e:a5:7e:91:14:5c:d9:24:cb:
15:a7:73:2c:6c:fe:e6:f3:b8:4b:72:d2:bb:08:0b:
31:89:d7:d0:23:61:2b:75:ed:db:c5:70:24:14:7d:
1a:50:69:83:9c:53:0e:fe:cb:40:0f:10:68:2c:8e:
ee:22:6c:82:80:a2:50:4f:58:e2:e4:d4:1d:fd:e2:
b4:29:dc:25:6b:6e:4a:c0:b3:c2:fc:d7:1e:93:e1:
50:6d:32:9c:66:b8:d3:30:fc:f8:df:fa:63:4c:42:
ac:8a:0c:eb:fc:f5:b8:e0:8e:16:1c:9e:f9:3a:94:
eb:48:6c:41:ee:94:2b:52:1d:f6:33:f1:e3:19:10:
36:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:56:1C:A1:2A:78:E7:3D:16:AE:94:77:4E:5D:4C:A6:DC:0F:A4:C1
X509v3 Authority Key Identifier:
keyid:B6:6E:A7:35:92:21:C1:B7:7D:6C:C0:06:F7:B6:70:6A:9A:90:82:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tm6nNZIhwbd9bMAG97ZwapqQgpk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/f87a2e-46b1-4a66-a90c-699835c92bfe/1/NlYcoSp45z0WrpR3Tl1MptwPpME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/f87a2e-46b1-4a66-a90c-699835c92bfe/1/tm6nNZIhwbd9bMAG97ZwapqQgpk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.206.160.0/20
85.206.240.0/22
88.119.160.0-88.119.171.255
88.119.173.0-88.119.175.255
91.216.163.0/24
185.25.48.0/22
185.64.104.0/22
213.252.229.0-213.252.233.255
213.252.238.0/24
IPv6:
2a04:2180::/32
2a04:2181:c010::-2a04:2181:c012:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
ae:92:86:a8:39:bd:c9:f6:a7:f0:f3:65:71:fe:8a:e0:24:e3:
4c:aa:b6:23:63:46:71:19:d2:62:20:bf:89:be:68:2b:11:0e:
32:f4:e4:14:61:38:61:12:31:d3:d4:c4:7c:39:5d:6f:1f:98:
0b:a3:e6:13:03:e0:ae:75:ba:df:f9:cb:80:d8:5e:20:f5:00:
e1:ea:24:58:27:a3:21:dd:70:36:d1:72:16:13:82:fe:e3:e4:
87:0c:d7:47:ee:b7:4d:a9:d1:ca:ac:d8:d0:5a:38:b6:e6:c7:
b8:ca:ba:95:9c:3e:00:ff:b1:a2:36:80:00:fb:ea:a6:1a:38:
29:43:b3:cf:08:e1:f9:99:4c:70:fe:98:ba:46:5d:92:57:5f:
fc:b2:ac:f0:18:03:72:81:c9:db:81:4a:d8:e9:66:81:b8:03:
85:10:48:12:29:5a:56:55:34:f2:46:45:1c:a4:89:7e:3f:97:
65:4c:ac:e2:64:46:b3:6b:a8:92:f9:80:8c:04:f9:ea:01:3d:
9e:7d:21:cb:e8:3a:7e:60:b9:b0:6b:33:56:39:84:70:9b:de:
24:14:3a:f5:42:e6:b5:28:9c:5b:43:c3:d3:c1:03:f8:f0:60:
e6:71:47:97:f4:9c:e0:bd:89:2f:33:96:30:d8:b5:ca:6a:e4:
e1:59:49:13
-----BEGIN CERTIFICATE-----
MIIFaTCCBFGgAwIBAgISAZgSKYi4nzaoRfD0QPgruo7WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2NmVhNzM1OTIyMWMxYjc3ZDZjYzAwNmY3YjY3MDZhOWE5
MDgyOTkwHhcNMjUwNzE2MDczNjA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjU2MWNhMTJhNzhlNzNkMTZhZTk0Nzc0ZTVkNGNhNmRjMGZhNGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxtdCqcyYq9X6PbC28Wb3Jvkl+6Xr
b0qa2AYVR1Ofx43lx0uMgGIXD2ECzGzdGecVpQ7xeTyBic6QTrLNtW5O/VHw06+6
Y4qkPWLPUQ414sDDtebq5yQZVL8Y+5DGYPfzM/EzS5re4ZDWJ5NWZYUvs305nPlg
hrlt2qqp8ykepX6RFFzZJMsVp3MsbP7m87hLctK7CAsxidfQI2Erde3bxXAkFH0a
UGmDnFMO/stADxBoLI7uImyCgKJQT1ji5NQd/eK0Kdwla25KwLPC/Ncek+FQbTKc
ZrjTMPz43/pjTEKsigzr/PW44I4WHJ75OpTrSGxB7pQrUh32M/HjGRA2uQIDAQAB
o4ICdTCCAnEwHQYDVR0OBBYEFDZWHKEqeOc9Fq6Ud05dTKbcD6TBMB8GA1UdIwQY
MBaAFLZupzWSIcG3fWzABve2cGqakIKZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdG02bk5aSWh3YmQ5Yk1BRzk3WndhcHFRZ3BrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9mODdhMmUtNDZiMS00YTY2LWE5MGMt
Njk5ODM1YzkyYmZlLzEvTmxZY29TcDQ1ejBXcnBSM1RsMU1wdHdQcE1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9mODdhMmUtNDZiMS00YTY2LWE5MGMtNjk5ODM1YzkyYmZl
LzEvdG02bk5aSWh3YmQ5Yk1BRzk3WndhcHFRZ3BrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGKBggrBgEFBQcBBwEB/wR7MHkwVAQCAAEwTgMEBFXOoAME
AlXO8DAMAwQFWHegAwQCWHeoMAwDBABYd60DBARYd6ADBABb2KMDBAK5GTADBAK5
QGgwDAMEANX85QMEAdX86AMEANX87jAhBAIAAjAbAwUAKgQhgDASAwcEKgQhgcAQ
AwcAKgQhgcASMA0GCSqGSIb3DQEBCwUAA4IBAQCukoaoOb3J9qfw82Vx/orgJONM
qrYjY0ZxGdJiIL+JvmgrEQ4y9OQUYThhEjHT1MR8OV1vH5gLo+YTA+Cudbrf+cuA
2F4g9QDh6iRYJ6Mh3XA20XIWE4L+4+SHDNdH7rdNqdHKrNjQWji25se4yrqVnD4A
/7GiNoAA++qmGjgpQ7PPCOH5mUxw/pi6Rl2SV1/8sqzwGANygcnbgUrY6WaBuAOF
EEgSKVpWVTTyRkUcpIl+P5dlTKziZEaza6iS+YCMBPnqAT2efSHL6Dp+YLmwazNW
OYRwm94kFDr1Qua1KJxbQ8PTwQP48GDmcUeX9JzgvYkvM5Yw2LXKauThWUkT
-----END CERTIFICATE-----
Generated at Sat Jul 26 11:23:29 2025 by rpki-client