Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/ngYb5dysDArd6zc87pZvH_9DPfQ.roa
File: ngYb5dysDArd6zc87pZvH_9DPfQ.roa (raw, json)
Hash identifier: oVf/WgiUyXE0vDN0I4QS76v2ltFlGRqYE+fQikXzLYQ=
Subject key identifier: 9E:06:1B:E5:DC:AC:0C:0A:DD:EB:37:3C:EE:96:6F:1F:FF:43:3D:F4
Certificate issuer: /CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce
Certificate serial: 019A17C2A3D731BA4AB9992B71623FF81CFB
Authority key identifier: 2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/ngYb5dysDArd6zc87pZvH_9DPfQ.roa
Signing time: Fri 24 Oct 2025 19:47:03 +0000
ROA not before: Fri 24 Oct 2025 19:47:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58061
IP address blocks: 170.168.4.0/24 maxlen: 24
170.168.5.0/24 maxlen: 24
170.168.26.0/24 maxlen: 24
170.168.27.0/24 maxlen: 24
170.168.32.0/24 maxlen: 24
170.168.41.0/24 maxlen: 24
170.168.43.0/24 maxlen: 24
170.168.48.0/24 maxlen: 24
170.168.49.0/24 maxlen: 24
170.168.50.0/24 maxlen: 24
170.168.51.0/24 maxlen: 24
170.168.112.0/24 maxlen: 24
170.168.113.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.mft
rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 26 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:17:c2:a3:d7:31:ba:4a:b9:99:2b:71:62:3f:f8:1c:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce
Validity
Not Before: Oct 24 19:47:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9e061be5dcac0c0addeb373cee966f1fff433df4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:8e:eb:cb:59:73:19:cc:fe:26:5b:72:c6:66:
5c:ab:0f:e3:6d:0d:51:4c:ea:3c:b1:db:99:c2:1c:
56:d0:fe:cb:b7:a5:5f:53:ba:c1:16:55:05:42:90:
bc:b3:4c:89:ea:b6:fb:84:3b:fb:2b:a5:28:00:be:
b0:90:af:e6:c4:97:b9:0a:38:a4:75:61:3e:f1:74:
8c:4b:0d:81:2b:90:8e:38:5a:7e:5f:c8:55:b8:71:
9a:fa:4a:f8:6b:fc:e1:17:49:39:2c:77:35:c0:da:
2e:ba:c3:82:bc:b0:13:bf:38:96:04:e6:1e:cf:72:
92:7d:c0:70:3b:9a:3a:60:2c:43:9a:8e:19:97:7f:
c6:00:03:46:cd:28:16:47:cf:03:56:b2:0c:75:3c:
79:7a:8e:b2:36:c6:6e:e7:20:9d:d5:d0:33:2d:e1:
c8:c2:b3:66:f4:c7:71:c2:ab:84:e8:57:c3:bf:e1:
be:a7:f0:16:a1:8b:bf:b4:6d:b6:8b:df:ea:41:5f:
93:77:1b:30:c5:25:99:30:e1:21:87:df:1c:0c:8a:
fe:4d:42:ef:ed:1d:08:04:ac:07:6c:ff:b5:b2:93:
0d:f7:bd:e5:8d:be:b6:5e:86:2b:77:49:21:6b:9f:
82:d6:4f:cf:81:75:37:c6:8f:9a:c6:29:4f:8d:5b:
77:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:06:1B:E5:DC:AC:0C:0A:DD:EB:37:3C:EE:96:6F:1F:FF:43:3D:F4
X509v3 Authority Key Identifier:
keyid:2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/ngYb5dysDArd6zc87pZvH_9DPfQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
170.168.4.0/23
170.168.26.0/23
170.168.32.0/24
170.168.41.0/24
170.168.43.0/24
170.168.48.0/22
170.168.112.0/23
Signature Algorithm: sha256WithRSAEncryption
0d:86:2d:53:61:a6:8d:08:70:a5:c7:e2:6b:30:36:d0:25:48:
59:ba:5b:51:87:98:69:ea:2e:8b:12:42:1e:93:e1:61:34:f1:
27:a5:76:6f:db:e7:0a:f7:58:5e:0f:c3:83:6c:3b:b0:0e:db:
7f:4e:31:68:7a:86:3f:49:58:4b:90:20:e9:b5:df:82:db:da:
3f:99:7e:35:fb:ff:37:c4:2a:a2:60:00:55:f4:54:3a:90:a4:
d1:ab:05:73:80:42:3c:e3:a7:38:e8:a5:8c:2f:a4:df:a4:d9:
6b:78:8c:84:ef:b3:c7:4c:ba:db:e8:2e:20:e1:bb:b1:20:18:
2a:af:92:5d:6d:b3:cd:41:b9:bb:16:b2:1c:bd:72:2f:6c:2c:
12:07:27:0d:f0:5b:49:b9:e7:b3:69:27:d9:e0:a6:0b:61:c8:
e8:b0:fc:6e:be:f7:ca:5d:d9:cf:8e:84:a4:d9:fe:1f:ca:ba:
5d:91:7a:d1:4b:ab:50:da:5f:59:b2:2f:44:70:88:0e:a5:a4:
88:12:02:dd:ed:3d:50:50:38:c9:6f:78:bd:2d:e6:81:ba:73:
78:8c:11:a4:24:0d:74:79:ae:e5:d0:91:48:56:c4:93:9c:56:
99:6d:b4:52:d1:31:74:19:03:9f:c6:b0:ce:f9:b1:c5:a0:48:
b4:65:be:7e
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZoXwqPXMbpKuZkrcWI/+Bz7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNmE4NmU2MmYwY2U5OGUwMmU5ODA4NjlmZjQ0MTRlZTJh
MGYwY2UwHhcNMjUxMDI0MTk0NzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTA2MWJlNWRjYWMwYzBhZGRlYjM3M2NlZTk2NmYxZmZmNDMzZGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoo7ry1lzGcz+JltyxmZcqw/jbQ1R
TOo8sduZwhxW0P7Lt6VfU7rBFlUFQpC8s0yJ6rb7hDv7K6UoAL6wkK/mxJe5Cjik
dWE+8XSMSw2BK5COOFp+X8hVuHGa+kr4a/zhF0k5LHc1wNouusOCvLATvziWBOYe
z3KSfcBwO5o6YCxDmo4Zl3/GAANGzSgWR88DVrIMdTx5eo6yNsZu5yCd1dAzLeHI
wrNm9MdxwquE6FfDv+G+p/AWoYu/tG22i9/qQV+TdxswxSWZMOEhh98cDIr+TULv
7R0IBKwHbP+1spMN973ljb62XoYrd0kha5+C1k/PgXU3xo+axilPjVt39QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFJ4GG+XcrAwK3es3PO6Wbx//Qz30MB8GA1UdIwQY
MBaAFC5qhuYvDOmOAumAhp/0QU7ioPDOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2Et
YTY2N2JiNzY1MDYwLzEvbmdZYjVkeXNEQXJkNnpjODdwWnZIXzlEUGZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2EtYTY2N2JiNzY1MDYw
LzEvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBqqgEAwQB
qqgaAwQAqqggAwQAqqgpAwQAqqgrAwQCqqgwAwQBqqhwMA0GCSqGSIb3DQEBCwUA
A4IBAQANhi1TYaaNCHClx+JrMDbQJUhZultRh5hp6i6LEkIek+FhNPEnpXZv2+cK
91heD8ODbDuwDtt/TjFoeoY/SVhLkCDptd+C29o/mX41+/83xCqiYABV9FQ6kKTR
qwVzgEI846c46KWML6TfpNlreIyE77PHTLrb6C4g4buxIBgqr5JdbbPNQbm7FrIc
vXIvbCwSBycN8FtJueezaSfZ4KYLYcjosPxuvvfKXdnPjoSk2f4fyrpdkXrRS6tQ
2l9Zsi9EcIgOpaSIEgLd7T1QUDjJb3i9LeaBunN4jBGkJA10ea7l0JFIVsSTnFaZ
bbRS0TF0GQOfxrDO+bHFoEi0Zb5+
-----END CERTIFICATE-----
Generated at Sat Oct 25 09:40:02 2025 by rpki-client