Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/1NK7YoWfwTLRCCR-wFT3kdXdqck.roa
File: 1NK7YoWfwTLRCCR-wFT3kdXdqck.roa (raw, json)
Hash identifier: qBWC7JwED2bMGPv/LLQ6LS1QujaT8RlTtPvOhnt5NDc=
Subject key identifier: D4:D2:BB:62:85:9F:C1:32:D1:08:24:7E:C0:54:F7:91:D5:DD:A9:C9
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 019903FB2D9E3C89968F8E7774FF81B509DA
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/1NK7YoWfwTLRCCR-wFT3kdXdqck.roa
Signing time: Mon 01 Sep 2025 06:33:36 +0000
ROA not before: Mon 01 Sep 2025 06:33:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48753
IP address blocks: 80.97.160.0/24 maxlen: 24
80.97.161.0/24 maxlen: 24
85.121.148.0/24 maxlen: 24
194.102.104.0/24 maxlen: 24
217.156.66.0/24 maxlen: 24
217.156.67.0/24 maxlen: 24
217.156.122.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.mft
rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 02:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:03:fb:2d:9e:3c:89:96:8f:8e:77:74:ff:81:b5:09:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Sep 1 06:33:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d4d2bb62859fc132d108247ec054f791d5dda9c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:f8:ab:20:f6:0d:4f:ae:ee:0a:af:9f:2c:43:
8b:a0:44:08:1e:89:4c:29:49:9b:22:96:07:39:79:
74:c5:4a:02:8b:e0:92:a7:34:4b:90:4c:4c:e8:85:
20:f6:c8:6d:fe:43:0d:78:2a:e5:11:43:e3:aa:c8:
8d:02:2f:78:aa:4e:e5:55:00:0f:b6:86:91:8d:b0:
15:0b:dc:9f:b8:f5:8f:03:26:ac:e4:08:7b:49:3a:
6c:a3:b5:fd:bd:0a:e1:30:9a:1f:24:31:83:36:92:
9e:12:e7:30:64:d7:1b:74:3c:ff:15:4d:b1:e6:36:
27:83:76:6b:ae:e3:c1:19:94:05:36:c7:21:37:71:
d1:1d:6c:0f:75:43:c0:6a:f0:0f:49:a3:fe:77:42:
bd:72:0e:b5:81:30:fb:a8:07:84:d6:65:95:9e:c8:
ef:92:27:f3:25:dd:5c:7d:91:41:e1:ad:c5:de:69:
53:0d:4b:fb:40:99:d5:7c:72:36:1c:12:91:00:43:
00:ac:ef:97:97:a7:b8:f7:74:8a:25:a7:46:db:80:
bc:aa:a6:97:79:01:41:e1:62:0c:53:e4:41:a6:d9:
99:23:2b:d1:9b:d7:6f:23:52:ec:de:de:08:95:95:
73:ef:bc:6a:af:15:7b:6e:a3:c8:70:0f:44:87:aa:
19:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:D2:BB:62:85:9F:C1:32:D1:08:24:7E:C0:54:F7:91:D5:DD:A9:C9
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/1NK7YoWfwTLRCCR-wFT3kdXdqck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.97.160.0/23
85.121.148.0/24
194.102.104.0/24
217.156.66.0/23
217.156.122.0/24
Signature Algorithm: sha256WithRSAEncryption
21:5a:e3:bf:f8:f3:a0:58:01:f2:94:d4:54:55:3b:25:81:84:
ba:6a:67:cc:b9:6b:9e:58:d6:aa:04:e4:2e:59:03:df:ea:7f:
09:3f:74:a0:d2:69:55:27:49:3b:6d:69:5f:57:bc:aa:56:a7:
d2:2a:bb:01:23:38:99:d0:1a:39:99:c0:a3:e8:52:0d:56:e9:
88:c0:16:d5:b6:50:f9:f7:25:8d:e6:23:d6:d8:b3:fa:c7:fb:
c2:fe:67:55:81:e0:b0:2f:a4:44:01:37:2c:5e:73:69:53:3b:
ca:8b:49:00:08:f6:a9:12:ea:db:2b:c9:fa:78:8a:1f:05:9b:
d5:f5:eb:37:5a:c4:87:32:63:d3:25:b6:da:1c:a9:09:4d:73:
66:93:d3:4c:98:48:4d:ad:40:d1:5c:9b:eb:75:eb:2b:12:6c:
92:2d:69:52:91:e5:5f:45:88:df:5f:ec:19:f7:4e:f8:a9:15:
d9:a5:70:5b:1f:b6:55:bb:bf:ff:0d:60:60:d1:82:9d:97:ae:
a7:5b:d5:61:ad:97:28:18:35:b8:bf:39:d2:c2:35:bc:c6:2b:
d5:f4:b2:0a:bd:4a:dc:15:53:6d:d9:37:1d:28:00:53:c0:d4:
ac:a2:5e:6e:ef:fa:c4:da:f7:07:f7:49:6a:0b:e6:97:fb:34:
f0:bb:be:e0
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZkD+y2ePImWj453dP+BtQnaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjUwOTAxMDYzMzM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGQyYmI2Mjg1OWZjMTMyZDEwODI0N2VjMDU0Zjc5MWQ1ZGRhOWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfirIPYNT67uCq+fLEOLoEQIHolM
KUmbIpYHOXl0xUoCi+CSpzRLkExM6IUg9sht/kMNeCrlEUPjqsiNAi94qk7lVQAP
toaRjbAVC9yfuPWPAyas5Ah7STpso7X9vQrhMJofJDGDNpKeEucwZNcbdDz/FU2x
5jYng3ZrruPBGZQFNschN3HRHWwPdUPAavAPSaP+d0K9cg61gTD7qAeE1mWVnsjv
kifzJd1cfZFB4a3F3mlTDUv7QJnVfHI2HBKRAEMArO+Xl6e493SKJadG24C8qqaX
eQFB4WIMU+RBptmZIyvRm9dvI1Ls3t4IlZVz77xqrxV7bqPIcA9Eh6oZqQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNTSu2KFn8Ey0QgkfsBU95HV3anJMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvMU5LN1lvV2Z3VExSQ0NSLXdGVDNrZFhkcWNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBUGGgAwQA
VXmUAwQAwmZoAwQB2ZxCAwQA2Zx6MA0GCSqGSIb3DQEBCwUAA4IBAQAhWuO/+POg
WAHylNRUVTslgYS6amfMuWueWNaqBOQuWQPf6n8JP3Sg0mlVJ0k7bWlfV7yqVqfS
KrsBIziZ0Bo5mcCj6FINVumIwBbVtlD59yWN5iPW2LP6x/vC/mdVgeCwL6REATcs
XnNpUzvKi0kACPapEurbK8n6eIofBZvV9es3WsSHMmPTJbbaHKkJTXNmk9NMmEhN
rUDRXJvrdesrEmySLWlSkeVfRYjfX+wZ9074qRXZpXBbH7ZVu7//DWBg0YKdl66n
W9VhrZcoGDW4vznSwjW8xivV9LIKvUrcFVNt2TcdKABTwNSsol5u7/rE2vcH90lq
C+aX+zTwu77g
-----END CERTIFICATE-----
Generated at Sat Sep 6 07:12:32 2025 by rpki-client