Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/NuVuQpaVYj5sGSuzNBVLP-7OEhQ.roa
File: NuVuQpaVYj5sGSuzNBVLP-7OEhQ.roa (raw, json)
Hash identifier: XsemG1a9ry3NgfMb3C0eGMoRV9inDwtSEqw5UJjMBMU=
Subject key identifier: 36:E5:6E:42:96:95:62:3E:6C:19:2B:B3:34:15:4B:3F:EE:CE:12:14
Certificate issuer: /CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Certificate serial: 019CB0E88F0F963B0C31416FA94E2AD96759
Authority key identifier: 12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/NuVuQpaVYj5sGSuzNBVLP-7OEhQ.roa
Signing time: Mon 02 Mar 2026 23:35:56 +0000
ROA not before: Mon 02 Mar 2026 23:35:56 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215245
IP address blocks: 31.22.72.0/24 maxlen: 24
31.22.73.0/24 maxlen: 24
31.22.75.0/24 maxlen: 24
31.22.77.0/24 maxlen: 24
185.230.160.0/24 maxlen: 24
194.117.225.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.mft
rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Mar 2026 04:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:b0:e8:8f:0f:96:3b:0c:31:41:6f:a9:4e:2a:d9:67:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Validity
Not Before: Mar 2 23:35:56 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=36e56e429695623e6c192bb334154b3feece1214
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:85:f9:38:8e:b0:fe:31:d9:f5:97:30:7f:79:
60:a0:91:af:57:cf:21:73:d3:af:94:de:4b:7e:b7:
01:95:ee:f4:38:fc:be:4d:91:92:ca:e1:37:dd:eb:
21:ae:f2:7c:c0:e9:b6:59:b7:41:31:36:fa:28:2a:
19:59:29:a0:08:45:b4:f4:b8:83:65:3f:b0:83:2c:
46:79:59:b0:70:b1:06:a2:fd:20:9d:1a:7b:af:2a:
8c:ce:29:e4:26:a9:07:7b:31:a8:fb:20:95:56:51:
17:ca:f5:f1:eb:68:d1:4e:94:c0:77:03:05:1f:e6:
d9:8d:61:1a:01:bc:16:e1:77:7f:ae:8f:e4:32:78:
02:0c:a9:6f:21:a3:cb:3b:6c:de:29:05:64:4a:5d:
13:82:6e:af:f9:50:df:58:22:11:44:d9:87:87:9b:
05:28:35:f9:71:3d:ff:22:77:ac:a8:8e:ca:5e:09:
68:12:97:f8:51:1c:8a:f8:43:f8:7b:87:4f:d3:90:
26:71:2e:38:fc:2f:0c:a1:11:05:30:b3:37:57:98:
13:c5:d8:0c:e4:30:c4:c7:27:c7:a1:e4:71:02:e0:
3e:fd:5f:7d:76:86:2b:c1:fd:85:21:b0:8c:84:28:
cc:4c:24:f3:64:c4:37:8b:0e:1d:70:00:a1:82:b1:
c9:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:E5:6E:42:96:95:62:3E:6C:19:2B:B3:34:15:4B:3F:EE:CE:12:14
X509v3 Authority Key Identifier:
keyid:12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/NuVuQpaVYj5sGSuzNBVLP-7OEhQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.22.72.0/23
31.22.75.0/24
31.22.77.0/24
185.230.160.0/24
194.117.225.0/24
Signature Algorithm: sha256WithRSAEncryption
64:d0:51:74:d0:78:88:45:33:56:62:44:71:5a:42:09:a0:f1:
24:71:5a:1d:47:be:81:5c:63:74:ed:b0:8c:b6:85:84:15:e6:
55:a9:9b:15:0e:c0:d2:e7:2c:8a:99:89:64:4d:df:db:60:3c:
6b:63:2c:c6:37:d2:ff:8b:b5:91:d7:2d:e1:aa:6a:1b:48:bf:
4c:ff:52:9e:ac:42:1c:b9:84:1b:ea:3d:61:cf:07:ce:7f:97:
e7:d9:6a:16:20:f7:78:86:7f:ed:dd:d7:54:72:14:b6:28:d8:
7f:de:99:ff:01:bc:7d:42:71:50:cf:ee:7f:04:a5:23:bf:16:
6a:ab:8d:45:39:95:42:e5:26:a3:b4:5e:d9:67:3e:e1:19:60:
2e:97:21:72:32:06:23:79:4b:7a:c0:e9:25:55:07:f1:39:8e:
a9:d7:2b:9b:0a:cc:14:3e:ac:9d:fd:2a:cf:ce:a5:25:56:c4:
56:2e:9d:a4:8f:be:fe:85:f9:bd:7d:6e:d8:2b:d5:3b:95:2d:
af:2e:8e:51:a1:e5:a8:1c:86:97:e8:cb:7c:cb:2e:3d:72:b5:
e0:a5:00:2c:97:d9:5b:72:37:63:7d:3c:80:91:5f:f6:b3:e8:
9b:4c:70:d6:b1:33:e7:59:7b:d4:ec:c4:23:09:0c:d0:9e:ad:
78:d9:e7:fc
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZyw6I8PljsMMUFvqU4q2WdZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyYmUyOWM5NTY4OTRjNDljNmQ0YmUwZWQ5ODg4MmI5MGQx
YmM3N2YwHhcNMjYwMzAyMjMzNTU2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmU1NmU0Mjk2OTU2MjNlNmMxOTJiYjMzNDE1NGIzZmVlY2UxMjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmYX5OI6w/jHZ9Zcwf3lgoJGvV88h
c9OvlN5LfrcBle70OPy+TZGSyuE33eshrvJ8wOm2WbdBMTb6KCoZWSmgCEW09LiD
ZT+wgyxGeVmwcLEGov0gnRp7ryqMzinkJqkHezGo+yCVVlEXyvXx62jRTpTAdwMF
H+bZjWEaAbwW4Xd/ro/kMngCDKlvIaPLO2zeKQVkSl0Tgm6v+VDfWCIRRNmHh5sF
KDX5cT3/InesqI7KXgloEpf4URyK+EP4e4dP05AmcS44/C8MoREFMLM3V5gTxdgM
5DDExyfHoeRxAuA+/V99doYrwf2FIbCMhCjMTCTzZMQ3iw4dcAChgrHJoQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDblbkKWlWI+bBkrszQVSz/uzhIUMB8GA1UdIwQY
MBaAFBK+KclWiUxJxtS+DtmIgrkNG8d/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjIt
YWE2ZWQ0ZGFmYjNiLzEvTnVWdVFwYVZZajVzR1N1ek5CVkxQLTdPRWhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjItYWE2ZWQ0ZGFmYjNi
LzEvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBHxZIAwQA
HxZLAwQAHxZNAwQAueagAwQAwnXhMA0GCSqGSIb3DQEBCwUAA4IBAQBk0FF00HiI
RTNWYkRxWkIJoPEkcVodR76BXGN07bCMtoWEFeZVqZsVDsDS5yyKmYlkTd/bYDxr
YyzGN9L/i7WR1y3hqmobSL9M/1KerEIcuYQb6j1hzwfOf5fn2WoWIPd4hn/t3ddU
chS2KNh/3pn/Abx9QnFQz+5/BKUjvxZqq41FOZVC5SajtF7ZZz7hGWAulyFyMgYj
eUt6wOklVQfxOY6p1yubCswUPqyd/SrPzqUlVsRWLp2kj77+hfm9fW7YK9U7lS2v
Lo5RoeWoHIaX6Mt8yy49crXgpQAsl9lbcjdjfTyAkV/2s+ibTHDWsTPnWXvU7MQj
CQzQnq142ef8
-----END CERTIFICATE-----
Generated at Sat Mar 7 14:12:32 2026 by rpki-client