Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/na7CJ5Nd_9Pf5ETjEyJ63U1pDQo.roa
File: na7CJ5Nd_9Pf5ETjEyJ63U1pDQo.roa (raw, json)
Hash identifier: Vj6QrmJGSoIcaT/T6WST7l0pBKnIWqb+rKl/+nlhCYs=
Subject key identifier: 9D:AE:C2:27:93:5D:FF:D3:DF:E4:44:E3:13:22:7A:DD:4D:69:0D:0A
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 019E3F0F259A5F538963BF52B234253E79CB
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/na7CJ5Nd_9Pf5ETjEyJ63U1pDQo.roa
Signing time: Tue 19 May 2026 07:06:57 +0000
ROA not before: Tue 19 May 2026 07:06:57 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 185.72.10.0/24 maxlen: 24
192.124.190.0/24 maxlen: 24
193.124.5.0/24 maxlen: 24
193.124.7.0/24 maxlen: 24
194.58.58.0/24 maxlen: 24
194.58.155.0/24 maxlen: 24
194.58.222.0/24 maxlen: 24
194.58.223.0/24 maxlen: 24
194.87.33.0/24 maxlen: 24
194.87.52.0/24 maxlen: 24
194.87.53.0/24 maxlen: 24
194.87.59.0/24 maxlen: 24
194.87.75.0/24 maxlen: 24
194.87.119.0/24 maxlen: 24
194.87.122.0/24 maxlen: 24
194.87.126.0/24 maxlen: 24
194.87.136.0/24 maxlen: 24
194.87.152.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
194.87.183.0/24 maxlen: 24
194.87.185.0/24 maxlen: 24
194.87.192.0/24 maxlen: 24
194.87.193.0/24 maxlen: 24
194.87.194.0/24 maxlen: 24
194.87.195.0/24 maxlen: 24
194.87.211.0/24 maxlen: 24
194.87.212.0/24 maxlen: 24
194.87.229.0/24 maxlen: 24
194.87.231.0/24 maxlen: 24
194.135.24.0/24 maxlen: 24
195.133.19.0/24 maxlen: 24
195.133.24.0/23 maxlen: 23
195.133.29.0/24 maxlen: 24
195.133.35.0/24 maxlen: 24
195.133.40.0/23 maxlen: 23
195.133.50.0/23 maxlen: 23
195.133.57.0/24 maxlen: 24
195.133.58.0/24 maxlen: 24
195.133.72.0/24 maxlen: 24
195.133.92.0/23 maxlen: 23
195.133.95.0/24 maxlen: 24
212.192.241.0/24 maxlen: 24
212.192.242.0/24 maxlen: 24
212.192.247.0/24 maxlen: 24
212.192.249.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
212.193.26.0/23 maxlen: 23
212.193.28.0/24 maxlen: 24
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 May 2026 16:01:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:3f:0f:25:9a:5f:53:89:63:bf:52:b2:34:25:3e:79:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: May 19 07:06:57 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9daec227935dffd3dfe444e313227add4d690d0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:81:42:00:dd:e8:23:eb:1c:93:60:d5:ba:8d:
25:66:50:79:60:75:9f:6e:7a:64:ad:6e:0d:07:52:
3f:be:50:36:f4:90:7a:eb:e5:49:27:dc:e0:4d:9e:
03:26:13:e8:12:93:c6:70:0a:08:a7:dc:af:92:1f:
ee:26:1b:54:c7:cb:22:cc:3f:89:b6:3e:85:69:8d:
1d:d6:66:35:8e:80:31:24:9e:bd:9b:af:72:f8:4d:
b5:17:ae:20:ad:b9:06:46:64:4e:71:5d:ff:84:4a:
2c:04:b6:be:1d:e2:2f:95:2d:af:21:28:89:f9:4d:
50:95:07:8e:7c:e6:66:4f:0f:94:c4:d3:67:7c:fc:
a8:27:1d:03:e2:3a:1b:ca:79:a9:ca:73:c5:b6:02:
4d:ca:66:2f:96:35:60:56:f3:51:7d:52:ff:6b:98:
78:6a:5e:ee:a8:61:1a:b9:7a:df:a2:56:80:c2:e4:
8f:97:7e:f8:6c:eb:25:e0:26:c3:74:e3:9c:08:f6:
d7:55:25:d7:04:9e:50:33:98:23:69:a2:33:ad:8c:
95:b9:ee:ab:4a:98:41:1b:0b:31:2a:d5:7a:9c:54:
d5:7f:05:9d:62:46:bb:a7:aa:a1:55:94:f0:53:19:
31:b8:4c:ca:24:c8:4b:4f:5c:b2:f8:9a:30:9e:a4:
c5:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:AE:C2:27:93:5D:FF:D3:DF:E4:44:E3:13:22:7A:DD:4D:69:0D:0A
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/na7CJ5Nd_9Pf5ETjEyJ63U1pDQo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.10.0/24
192.124.190.0/24
193.124.5.0/24
193.124.7.0/24
194.58.58.0/24
194.58.155.0/24
194.58.222.0/23
194.87.33.0/24
194.87.52.0/23
194.87.59.0/24
194.87.75.0/24
194.87.119.0/24
194.87.122.0/24
194.87.126.0/24
194.87.136.0/24
194.87.152.0/24
194.87.179.0/24
194.87.183.0/24
194.87.185.0/24
194.87.192.0/22
194.87.211.0-194.87.212.255
194.87.229.0/24
194.87.231.0/24
194.135.24.0/24
195.133.19.0/24
195.133.24.0/23
195.133.29.0/24
195.133.35.0/24
195.133.40.0/23
195.133.50.0/23
195.133.57.0-195.133.58.255
195.133.72.0/24
195.133.92.0/23
195.133.95.0/24
212.192.241.0-212.192.242.255
212.192.247.0/24
212.192.249.0/24
212.193.0.0/24
212.193.26.0-212.193.28.255
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
5a:f8:c7:9f:dd:a7:5b:84:1f:82:e7:6c:b0:3f:aa:56:81:d4:
8c:4c:91:7e:e7:b6:9a:a1:c0:db:4a:d2:c6:62:0d:b1:f0:e9:
61:94:e6:e4:43:a8:4a:72:84:2f:ba:30:5a:1d:e1:e6:f8:52:
aa:86:37:54:1f:c6:a9:32:a3:1f:12:d0:b8:97:2b:5a:53:25:
cb:35:be:80:98:5a:aa:2e:2a:81:5b:0b:6a:6d:a9:2d:ad:27:
30:23:4c:de:03:e1:16:db:78:08:8b:76:a6:07:97:21:c4:a1:
b3:ba:d4:49:fb:61:36:3d:5b:96:bd:de:26:47:c4:7d:cc:c2:
b5:d7:16:c5:2c:3e:88:4d:db:db:ef:c4:bb:02:a7:05:0e:42:
48:8c:fe:ab:0a:91:a8:eb:b5:fc:ad:03:60:af:2e:de:3e:91:
68:e2:3d:0c:87:37:aa:f1:78:96:f6:5e:cc:6c:f5:ce:e0:2f:
8a:f2:af:32:b7:d4:64:00:8b:1d:8a:9d:66:16:6a:b1:4e:20:
96:37:41:7e:ef:bd:1c:67:69:02:35:cb:b4:96:a5:36:d1:49:
07:27:0e:3e:cc:81:05:7a:a6:c5:72:a6:7b:f6:ac:c2:7f:18:
1d:f0:f1:a3:39:bf:14:6e:1e:39:cd:ba:54:43:63:12:2e:07:
17:30:f0:a1
-----BEGIN CERTIFICATE-----
MIIGITCCBQmgAwIBAgISAZ4/DyWaX1OJY79SsjQlPnnLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjYwNTE5MDcwNjU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGFlYzIyNzkzNWRmZmQzZGZlNDQ0ZTMxMzIyN2FkZDRkNjkwZDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhoFCAN3oI+sck2DVuo0lZlB5YHWf
bnpkrW4NB1I/vlA29JB66+VJJ9zgTZ4DJhPoEpPGcAoIp9yvkh/uJhtUx8sizD+J
tj6FaY0d1mY1joAxJJ69m69y+E21F64grbkGRmROcV3/hEosBLa+HeIvlS2vISiJ
+U1QlQeOfOZmTw+UxNNnfPyoJx0D4jobynmpynPFtgJNymYvljVgVvNRfVL/a5h4
al7uqGEauXrfolaAwuSPl374bOsl4CbDdOOcCPbXVSXXBJ5QM5gjaaIzrYyVue6r
SphBGwsxKtV6nFTVfwWdYka7p6qhVZTwUxkxuEzKJMhLT1yy+JownqTFFwIDAQAB
o4IDLTCCAykwHQYDVR0OBBYEFJ2uwieTXf/T3+RE4xMiet1NaQ0KMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbmE3Q0o1TmRfOVBmNUVUakV5SjYzVTFwRFFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBQQYIKwYBBQUHAQcBAf8EggEwMIIBLDCCARIEAgABMIIB
CgMEALlICgMEAMB8vgMEAMF8BQMEAMF8BwMEAMI6OgMEAMI6mwMEAcI63gMEAMJX
IQMEAcJXNAMEAMJXOwMEAMJXSwMEAMJXdwMEAMJXegMEAMJXfgMEAMJXiAMEAMJX
mAMEAMJXswMEAMJXtwMEAMJXuQMEAsJXwDAMAwQAwlfTAwQAwlfUAwQAwlflAwQA
wlfnAwQAwocYAwQAw4UTAwQBw4UYAwQAw4UdAwQAw4UjAwQBw4UoAwQBw4UyMAwD
BADDhTkDBADDhToDBADDhUgDBAHDhVwDBADDhV8wDAMEANTA8QMEANTA8gMEANTA
9wMEANTA+QMEANTBADAMAwQB1MEaAwQA1MEcMBQEAgACMA4DBQMqAVfAAwUDKgz/
QDANBgkqhkiG9w0BAQsFAAOCAQEAWvjHn92nW4QfgudssD+qVoHUjEyRfue2mqHA
20rSxmINsfDpYZTm5EOoSnKEL7owWh3h5vhSqoY3VB/GqTKjHxLQuJcrWlMlyzW+
gJhaqi4qgVsLam2pLa0nMCNM3gPhFtt4CIt2pgeXIcShs7rUSfthNj1blr3eJkfE
fczCtdcWxSw+iE3b2+/EuwKnBQ5CSIz+qwqRqOu1/K0DYK8u3j6RaOI9DIc3qvF4
lvZezGz1zuAvivKvMrfUZACLHYqdZhZqsU4gljdBfu+9HGdpAjXLtJalNtFJBycO
PsyBBXqmxXKme/aswn8YHfDxozm/FG4eOc26VENjEi4HFzDwoQ==
-----END CERTIFICATE-----
Generated at Sat May 23 03:04:06 2026 by rpki-client