Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/N8x2jNCF-N0Ey2Ds7MpAlO0w7Cc.roa
File: N8x2jNCF-N0Ey2Ds7MpAlO0w7Cc.roa (raw, json)
Hash identifier: o/HxBzUHjtWpuK/T85ztqA9BtMOAXC7PlyI+fESxoBE=
Subject key identifier: 37:CC:76:8C:D0:85:F8:DD:04:CB:60:EC:EC:CA:40:94:ED:30:EC:27
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 019A7C0166B979A5CC055C6EEBD3E6C486DF
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/N8x2jNCF-N0Ey2Ds7MpAlO0w7Cc.roa
Signing time: Thu 13 Nov 2025 06:57:37 +0000
ROA not before: Thu 13 Nov 2025 06:57:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58061
IP address blocks: 2.56.112.0/24 maxlen: 24
2.56.113.0/24 maxlen: 24
5.183.128.0/24 maxlen: 24
45.132.48.0/24 maxlen: 24
45.157.136.0/24 maxlen: 24
62.68.83.0/24 maxlen: 24
62.68.86.0/24 maxlen: 24
62.68.87.0/24 maxlen: 24
62.204.36.0/24 maxlen: 24
62.204.57.0/24 maxlen: 24
62.233.35.0/24 maxlen: 24
62.233.45.0/24 maxlen: 24
62.233.49.0/24 maxlen: 24
62.233.56.0/24 maxlen: 24
62.233.60.0/24 maxlen: 24
80.68.145.0/24 maxlen: 24
80.68.158.0/24 maxlen: 24
80.91.209.0/24 maxlen: 24
80.91.210.0/24 maxlen: 24
91.213.117.0/24 maxlen: 24
91.226.247.0/24 maxlen: 24
91.242.225.0/24 maxlen: 24
91.242.236.0/24 maxlen: 24
93.177.104.0/24 maxlen: 24
93.177.105.0/24 maxlen: 24
93.177.107.0/24 maxlen: 24
94.143.226.0/24 maxlen: 24
94.158.191.0/24 maxlen: 24
130.193.79.0/24 maxlen: 24
130.255.169.0/24 maxlen: 24
146.19.108.0/24 maxlen: 24
146.19.137.0/24 maxlen: 24
146.19.148.0/24 maxlen: 24
146.19.150.0/24 maxlen: 24
146.19.152.0/24 maxlen: 24
146.19.185.0/24 maxlen: 24
146.19.187.0/24 maxlen: 24
146.19.190.0/24 maxlen: 24
146.19.194.0/24 maxlen: 24
176.56.38.0/24 maxlen: 24
185.122.206.0/24 maxlen: 24
185.155.101.0/24 maxlen: 24
185.198.153.0/24 maxlen: 24
185.218.1.0/24 maxlen: 24
185.232.47.0/24 maxlen: 24
193.3.22.0/24 maxlen: 24
193.141.53.0/24 maxlen: 24
193.239.209.0/24 maxlen: 24
194.26.221.0/24 maxlen: 24
194.32.243.0/24 maxlen: 24
195.64.106.0/24 maxlen: 24
195.64.109.0/24 maxlen: 24
195.64.112.0/24 maxlen: 24
195.64.114.0/24 maxlen: 24
195.64.117.0/24 maxlen: 24
195.93.249.0/24 maxlen: 24
195.96.136.0/24 maxlen: 24
195.96.148.0/24 maxlen: 24
195.96.157.0/24 maxlen: 24
212.18.96.0/24 maxlen: 24
212.52.5.0/24 maxlen: 24
217.114.32.0/24 maxlen: 24
217.119.130.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.mft
rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 16 Nov 2025 15:37:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:7c:01:66:b9:79:a5:cc:05:5c:6e:eb:d3:e6:c4:86:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Nov 13 06:57:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=37cc768cd085f8dd04cb60ececca4094ed30ec27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:1a:bb:0f:36:5a:94:4c:6a:e9:6d:79:32:fc:
7e:0f:78:42:93:52:4e:fc:38:e3:e0:80:d2:c4:11:
3f:c8:09:24:f4:ec:11:67:09:3f:75:a8:ac:f2:0e:
4c:cd:48:45:7e:6d:03:ca:66:93:95:7c:a6:98:7b:
b3:03:f5:e0:c9:32:c7:2e:98:c6:75:6a:47:e7:42:
b2:4d:e2:52:77:ff:eb:b9:f1:e6:04:eb:cf:29:22:
e7:95:b9:b0:81:80:77:98:e2:9d:4e:0d:3e:e5:54:
0c:61:08:24:6e:a4:ea:f8:10:2e:4c:7d:e5:88:d5:
a8:af:25:88:dc:78:a3:e2:04:6f:2b:7b:e7:cb:9d:
0c:e8:06:a6:9e:bc:64:c3:01:67:d3:5d:7a:d6:21:
b9:58:4b:29:e4:56:5a:77:64:62:71:b4:8a:de:f6:
d6:e6:4c:30:b5:37:09:6f:27:fb:f7:5d:63:3d:f5:
ca:f2:d4:b0:15:19:53:51:62:16:b8:cd:72:bd:df:
30:b5:58:81:36:42:1f:64:9e:78:a6:06:2a:a7:41:
52:54:e5:87:cd:8d:22:44:f4:d2:38:b0:b1:e1:fa:
4a:34:5d:5c:fa:68:f2:f0:46:01:06:1e:e1:04:12:
3a:d9:f4:9e:e1:69:92:63:05:0c:e7:53:e9:fd:4e:
30:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:CC:76:8C:D0:85:F8:DD:04:CB:60:EC:EC:CA:40:94:ED:30:EC:27
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/N8x2jNCF-N0Ey2Ds7MpAlO0w7Cc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.112.0/23
5.183.128.0/24
45.132.48.0/24
45.157.136.0/24
62.68.83.0/24
62.68.86.0/23
62.204.36.0/24
62.204.57.0/24
62.233.35.0/24
62.233.45.0/24
62.233.49.0/24
62.233.56.0/24
62.233.60.0/24
80.68.145.0/24
80.68.158.0/24
80.91.209.0-80.91.210.255
91.213.117.0/24
91.226.247.0/24
91.242.225.0/24
91.242.236.0/24
93.177.104.0/23
93.177.107.0/24
94.143.226.0/24
94.158.191.0/24
130.193.79.0/24
130.255.169.0/24
146.19.108.0/24
146.19.137.0/24
146.19.148.0/24
146.19.150.0/24
146.19.152.0/24
146.19.185.0/24
146.19.187.0/24
146.19.190.0/24
146.19.194.0/24
176.56.38.0/24
185.122.206.0/24
185.155.101.0/24
185.198.153.0/24
185.218.1.0/24
185.232.47.0/24
193.3.22.0/24
193.141.53.0/24
193.239.209.0/24
194.26.221.0/24
194.32.243.0/24
195.64.106.0/24
195.64.109.0/24
195.64.112.0/24
195.64.114.0/24
195.64.117.0/24
195.93.249.0/24
195.96.136.0/24
195.96.148.0/24
195.96.157.0/24
212.18.96.0/24
212.52.5.0/24
217.114.32.0/24
217.119.130.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:c1:e7:85:e7:ff:8f:11:4a:d4:cb:ee:04:93:71:12:a8:96:
29:28:3f:cf:80:2b:cb:c3:01:f7:ae:0c:2a:7d:00:36:01:b5:
d5:a8:3e:db:b0:8f:17:c9:7b:7e:d1:ee:b5:1f:17:a4:70:80:
29:5c:50:e2:0c:9e:77:dd:f9:e2:30:f6:25:1f:8a:a8:b4:43:
9c:da:74:ba:12:e9:57:46:98:be:b6:f6:68:e2:eb:23:12:b3:
f3:0d:18:f8:2a:a9:3f:3c:17:67:dd:46:0e:67:05:0b:87:e6:
c2:88:49:e0:36:0d:70:08:94:84:08:04:55:6b:1f:f7:f8:fd:
72:4a:df:8b:ba:6b:dd:77:6c:7d:a4:92:5f:7a:16:9a:74:77:
4b:b1:eb:65:dc:b7:d9:bf:26:15:ca:73:b7:48:7e:21:e2:73:
9d:f3:56:98:cc:09:dd:d1:6a:fc:18:af:38:9b:ed:ad:66:0f:
d2:a0:90:4c:3c:21:e6:8b:03:47:9c:62:a1:d2:5f:1b:ba:e1:
b9:48:5c:bf:5e:5c:ee:40:25:50:de:76:28:fb:fe:13:29:7d:
aa:f0:4b:81:e3:11:71:16:68:e8:aa:dc:89:16:27:33:74:0d:
9f:a7:ad:07:77:8e:c5:ee:13:d0:91:20:4c:f0:b4:a7:4a:e7:
e7:b0:4d:ee
-----BEGIN CERTIFICATE-----
MIIGazCCBVOgAwIBAgISAZp8AWa5eaXMBVxu69PmxIbfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjUxMTEzMDY1NzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2NjNzY4Y2QwODVmOGRkMDRjYjYwZWNlY2NhNDA5NGVkMzBlYzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxxq7DzZalExq6W15Mvx+D3hCk1JO
/Djj4IDSxBE/yAkk9OwRZwk/dais8g5MzUhFfm0DymaTlXymmHuzA/XgyTLHLpjG
dWpH50KyTeJSd//rufHmBOvPKSLnlbmwgYB3mOKdTg0+5VQMYQgkbqTq+BAuTH3l
iNWoryWI3Hij4gRvK3vny50M6AamnrxkwwFn01161iG5WEsp5FZad2RicbSK3vbW
5kwwtTcJbyf7911jPfXK8tSwFRlTUWIWuM1yvd8wtViBNkIfZJ54pgYqp0FSVOWH
zY0iRPTSOLCx4fpKNF1c+mjy8EYBBh7hBBI62fSe4WmSYwUM51Pp/U4wuQIDAQAB
o4IDdzCCA3MwHQYDVR0OBBYEFDfMdozQhfjdBMtg7OzKQJTtMOwnMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvTjh4MmpOQ0YtTjBFeTJEczdNcEFsTzB3N0NjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBiwYIKwYBBQUHAQcBAf8EggF6MIIBdjCCAXIEAgABMIIB
agMEAQI4cAMEAAW3gAMEAC2EMAMEAC2diAMEAD5EUwMEAT5EVgMEAD7MJAMEAD7M
OQMEAD7pIwMEAD7pLQMEAD7pMQMEAD7pOAMEAD7pPAMEAFBEkQMEAFBEnjAMAwQA
UFvRAwQAUFvSAwQAW9V1AwQAW+L3AwQAW/LhAwQAW/LsAwQBXbFoAwQAXbFrAwQA
Xo/iAwQAXp6/AwQAgsFPAwQAgv+pAwQAkhNsAwQAkhOJAwQAkhOUAwQAkhOWAwQA
khOYAwQAkhO5AwQAkhO7AwQAkhO+AwQAkhPCAwQAsDgmAwQAuXrOAwQAuZtlAwQA
ucaZAwQAudoBAwQAuegvAwQAwQMWAwQAwY01AwQAwe/RAwQAwhrdAwQAwiDzAwQA
w0BqAwQAw0BtAwQAw0BwAwQAw0ByAwQAw0B1AwQAw135AwQAw2CIAwQAw2CUAwQA
w2CdAwQA1BJgAwQA1DQFAwQA2XIgAwQA2XeCMA0GCSqGSIb3DQEBCwUAA4IBAQAd
weeF5/+PEUrUy+4Ek3ESqJYpKD/PgCvLwwH3rgwqfQA2AbXVqD7bsI8XyXt+0e61
HxekcIApXFDiDJ533fniMPYlH4qotEOc2nS6EulXRpi+tvZo4usjErPzDRj4Kqk/
PBdn3UYOZwULh+bCiEngNg1wCJSECARVax/3+P1ySt+Lumvdd2x9pJJfehaadHdL
setl3LfZvyYVynO3SH4h4nOd81aYzAnd0Wr8GK84m+2tZg/SoJBMPCHmiwNHnGKh
0l8buuG5SFy/XlzuQCVQ3nYo+/4TKX2q8EuB4xFxFmjoqtyJFiczdA2fp60Hd47F
7hPQkSBM8LSnSufnsE3u
-----END CERTIFICATE-----
Generated at Sat Nov 15 23:43:01 2025 by rpki-client