Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/N66K-RwDmkzOX1JxBPFal4iPgAQ.roa
File: N66K-RwDmkzOX1JxBPFal4iPgAQ.roa (raw, json)
Hash identifier: zRRQ/gfKyYCqBKY4udN6ValCZ0XXQEEDOCduUtlfJfg=
Subject key identifier: 37:AE:8A:F9:1C:03:9A:4C:CE:5F:52:71:04:F1:5A:97:88:8F:80:04
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019A24B4DA0FF9E81582F39A8482C13B6858
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/N66K-RwDmkzOX1JxBPFal4iPgAQ.roa
Signing time: Mon 27 Oct 2025 08:07:03 +0000
ROA not before: Mon 27 Oct 2025 08:07:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 5.252.132.0/22 maxlen: 24
45.66.228.0/24 maxlen: 24
45.66.231.0/24 maxlen: 24
45.89.247.0/24 maxlen: 24
45.139.106.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
45.151.90.0/24 maxlen: 24
81.161.238.0/24 maxlen: 24
82.115.211.0/24 maxlen: 24
85.217.130.0/23 maxlen: 24
87.120.33.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.120.126.0/24 maxlen: 24
87.120.166.0/24 maxlen: 24
87.120.245.0/24 maxlen: 24
87.121.165.0/24 maxlen: 24
91.92.27.0/24 maxlen: 24
91.92.248.0/21 maxlen: 24
92.119.196.0/23 maxlen: 24
92.249.50.0/24 maxlen: 24
93.123.37.0/24 maxlen: 32
93.123.109.0/24 maxlen: 24
94.154.173.0/24 maxlen: 24
94.156.68.0/24 maxlen: 24
94.156.175.0/24 maxlen: 24
94.156.177.0/24 maxlen: 24
141.98.1.0/24 maxlen: 24
178.215.239.0/24 maxlen: 24
193.25.216.0/24 maxlen: 24
193.37.40.0/24 maxlen: 24
193.222.98.0/24 maxlen: 24
194.55.186.0/24 maxlen: 24
194.59.28.0/23 maxlen: 24
194.169.175.0/24 maxlen: 24
212.115.41.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 08:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:24:b4:da:0f:f9:e8:15:82:f3:9a:84:82:c1:3b:68:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 27 08:07:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=37ae8af91c039a4cce5f527104f15a97888f8004
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ff:28:57:a3:91:75:79:ad:b6:e3:96:d4:4f:
9b:ef:88:ab:f3:51:9c:b6:b3:fb:8d:22:64:db:9f:
c4:aa:3b:80:4c:95:f7:ad:e0:ef:3e:54:a3:6d:07:
5b:e0:08:06:65:03:f5:85:7d:de:d8:1c:77:8c:6c:
38:a1:ab:18:94:3c:9f:07:cd:39:73:da:d9:13:ed:
ea:79:ee:f4:ec:3f:b1:03:02:bf:c5:57:0a:85:3c:
3a:3b:e2:4a:c1:1f:38:07:7b:6f:37:d0:47:7a:89:
20:57:68:a9:c6:cb:1d:e3:f4:bc:04:a6:aa:ca:d0:
97:5a:e8:dd:fb:98:df:ea:bc:bc:dc:48:a4:97:a5:
23:33:c6:7c:36:14:c9:18:2d:51:6f:e6:74:97:9a:
29:65:fd:2e:e8:e5:17:aa:f7:65:81:a3:b2:a3:62:
20:3a:0a:fc:d5:8d:c1:28:0f:ca:81:7b:f9:9c:4b:
00:0f:c4:95:2a:6e:7f:25:93:57:85:c8:3c:01:6e:
fc:23:d1:d9:a9:31:46:c0:6e:c0:d7:5e:6c:44:46:
61:9e:65:08:0b:91:a4:ce:6b:25:e2:69:7b:a1:87:
69:6f:4c:49:09:fe:09:ce:bb:8e:9d:f9:4e:31:72:
55:b4:b0:c8:fd:c5:eb:4a:bb:8a:b2:b7:77:7f:41:
37:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:AE:8A:F9:1C:03:9A:4C:CE:5F:52:71:04:F1:5A:97:88:8F:80:04
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/N66K-RwDmkzOX1JxBPFal4iPgAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.132.0/22
45.66.228.0/24
45.66.231.0/24
45.89.247.0/24
45.139.106.0/24
45.141.158.0/24
45.151.90.0/24
81.161.238.0/24
82.115.211.0/24
85.217.130.0/23
87.120.33.0/24
87.120.87.0/24
87.120.126.0/24
87.120.166.0/24
87.120.245.0/24
87.121.165.0/24
91.92.27.0/24
91.92.248.0/21
92.119.196.0/23
92.249.50.0/24
93.123.37.0/24
93.123.109.0/24
94.154.173.0/24
94.156.68.0/24
94.156.175.0/24
94.156.177.0/24
141.98.1.0/24
178.215.239.0/24
193.25.216.0/24
193.37.40.0/24
193.222.98.0/24
194.55.186.0/24
194.59.28.0/23
194.169.175.0/24
212.115.41.0/24
Signature Algorithm: sha256WithRSAEncryption
17:9f:0a:3a:07:a6:78:5a:4a:09:66:3f:de:e5:36:a8:5d:16:
b6:bd:68:b7:7b:0c:6f:69:9f:ea:23:b9:e1:11:31:0a:85:4e:
4d:80:0f:31:78:6a:e6:12:54:0f:b9:d1:be:a1:61:1b:bf:e7:
55:c2:a2:54:72:77:37:2f:5e:6e:b0:d4:de:03:55:1d:f6:13:
89:a2:7a:d7:48:f4:67:1f:3d:63:10:1a:ec:c9:cd:2d:6b:8e:
1d:78:67:8d:50:7b:a0:12:8f:f2:14:3e:ed:4d:ae:0d:f4:db:
f1:13:78:f5:57:57:cb:e9:cd:32:49:ff:b2:05:84:e3:b6:26:
7e:49:70:78:8f:70:7a:49:3f:88:97:b1:29:61:9f:42:aa:54:
e7:0d:5d:33:75:68:f6:3a:67:79:4b:17:bd:8e:e8:51:08:5d:
2d:76:83:ed:4f:7e:15:94:82:2b:6a:aa:dc:bd:39:62:5a:fe:
da:59:d0:08:af:2a:fc:be:ae:21:8d:5b:e6:05:d3:6c:f1:ca:
35:db:97:ca:38:da:f0:a4:c8:1e:7d:42:d9:be:8e:fa:bf:8f:
4d:89:a4:7f:c4:db:c0:a7:79:80:3b:08:96:69:d3:32:9b:20:
8c:66:28:a9:fd:84:a8:9f:f6:65:0d:b1:4a:93:41:ab:b4:ee:
1c:78:82:52
-----BEGIN CERTIFICATE-----
MIIFzjCCBLagAwIBAgISAZoktNoP+egVgvOahILBO2hYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUxMDI3MDgwNzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2FlOGFmOTFjMDM5YTRjY2U1ZjUyNzEwNGYxNWE5Nzg4OGY4MDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsP8oV6ORdXmttuOW1E+b74ir81Gc
trP7jSJk25/EqjuATJX3reDvPlSjbQdb4AgGZQP1hX3e2Bx3jGw4oasYlDyfB805
c9rZE+3qee707D+xAwK/xVcKhTw6O+JKwR84B3tvN9BHeokgV2ipxssd4/S8BKaq
ytCXWujd+5jf6ry83Eikl6UjM8Z8NhTJGC1Rb+Z0l5opZf0u6OUXqvdlgaOyo2Ig
Ogr81Y3BKA/KgXv5nEsAD8SVKm5/JZNXhcg8AW78I9HZqTFGwG7A115sREZhnmUI
C5Gkzmsl4ml7oYdpb0xJCf4JzruOnflOMXJVtLDI/cXrSruKsrd3f0E3gwIDAQAB
o4IC2jCCAtYwHQYDVR0OBBYEFDeuivkcA5pMzl9ScQTxWpeIj4AEMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvTjY2Sy1Sd0Rta3pPWDFKeEJQRmFsNGlQZ0FRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHvBggrBgEFBQcBBwEB/wSB3zCB3DCB2QQCAAEwgdIDBAIF
/IQDBAAtQuQDBAAtQucDBAAtWfcDBAAti2oDBAAtjZ4DBAAtl1oDBABRoe4DBABS
c9MDBAFV2YIDBABXeCEDBABXeFcDBABXeH4DBABXeKYDBABXePUDBABXeaUDBABb
XBsDBANbXPgDBAFcd8QDBABc+TIDBABdeyUDBABde20DBABemq0DBABenEQDBABe
nK8DBABenLEDBACNYgEDBACy1+8DBADBGdgDBADBJSgDBADB3mIDBADCN7oDBAHC
OxwDBADCqa8DBADUcykwDQYJKoZIhvcNAQELBQADggEBABefCjoHpnhaSglmP97l
NqhdFra9aLd7DG9pn+ojueERMQqFTk2ADzF4auYSVA+50b6hYRu/51XColRydzcv
Xm6w1N4DVR32E4mietdI9GcfPWMQGuzJzS1rjh14Z41Qe6ASj/IUPu1Nrg302/ET
ePVXV8vpzTJJ/7IFhOO2Jn5JcHiPcHpJP4iXsSlhn0KqVOcNXTN1aPY6Z3lLF72O
6FEIXS12g+1PfhWUgitqqty9OWJa/tpZ0AivKvy+riGNW+YF02zxyjXbl8o42vCk
yB59Qtm+jvq/j02JpH/E28CneYA7CJZp0zKbIIxmKKn9hKif9mUNsUqTQau07hx4
glI=
-----END CERTIFICATE-----
Generated at Mon Oct 27 13:23:02 2025 by rpki-client