Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/NkSa10rmIFUEFnDPVO8fJkIR5Jg.roa
File: NkSa10rmIFUEFnDPVO8fJkIR5Jg.roa (raw, json)
Hash identifier: x78+7zZhAXb6E1CZACyx5Mz+yiODuwL3dp3Fy/13q0Y=
Subject key identifier: 36:44:9A:D7:4A:E6:20:55:04:16:70:CF:54:EF:1F:26:42:11:E4:98
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 0198E5E45AEE8CCB474B1D77B0B32A2F8207
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/NkSa10rmIFUEFnDPVO8fJkIR5Jg.roa
Signing time: Tue 26 Aug 2025 10:20:04 +0000
ROA not before: Tue 26 Aug 2025 10:20:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 268624
IP address blocks: 77.246.245.0/24 maxlen: 24
124.198.135.0/24 maxlen: 24
124.198.145.0/24 maxlen: 24
155.2.189.0/24 maxlen: 24
170.62.161.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft
rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 10 Sep 2025 08:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:e5:e4:5a:ee:8c:cb:47:4b:1d:77:b0:b3:2a:2f:82:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Aug 26 10:20:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=36449ad74ae62055041670cf54ef1f264211e498
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:06:03:22:b2:5f:31:87:37:69:cd:70:63:25:
1c:21:7e:97:50:19:cd:73:b7:af:ef:03:71:90:e0:
a4:4d:bd:8f:73:a0:c0:c2:6e:2d:53:30:e9:f8:10:
4b:4a:81:4b:65:8c:0e:e4:d2:bd:3d:f9:b6:44:3e:
08:8b:69:24:2f:26:bc:38:ea:6a:c2:60:75:82:8f:
e4:82:b8:d9:cd:8d:2c:a9:ac:8d:57:de:45:4a:0a:
c8:67:b6:8d:4d:2a:d6:1a:98:f8:5f:01:7c:ef:91:
86:87:a0:ea:a3:43:15:7a:bf:47:0f:cc:54:db:42:
eb:03:2d:14:b9:fd:be:2c:97:07:ba:7d:08:05:6f:
2c:ab:a8:5b:53:10:f5:f0:4d:95:35:52:da:c4:99:
1d:60:e6:0b:5a:ea:35:16:70:12:6d:34:d1:cf:b1:
97:d5:86:18:64:1f:c1:d7:68:4a:c9:b7:4b:de:46:
e0:c5:e1:7e:d3:50:a4:bf:a4:fd:d8:e8:1b:31:a7:
93:48:85:fc:2e:91:13:8f:cd:1c:f9:31:89:bb:3a:
9b:5f:e2:a1:59:59:db:8d:69:64:4d:cb:a2:d6:65:
be:b1:c7:29:a9:94:33:18:b9:0b:3f:9b:8d:e3:a6:
98:02:e5:df:c4:9f:9c:4c:74:5e:a1:a3:0a:71:c5:
e1:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:44:9A:D7:4A:E6:20:55:04:16:70:CF:54:EF:1F:26:42:11:E4:98
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/NkSa10rmIFUEFnDPVO8fJkIR5Jg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.246.245.0/24
124.198.135.0/24
124.198.145.0/24
155.2.189.0/24
170.62.161.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:a0:34:8b:fb:ef:cb:2b:92:c9:7a:f0:c9:17:32:b7:6f:3a:
dc:b1:55:11:34:b1:ba:e2:a2:3c:f9:4d:90:e0:29:7a:07:bc:
b4:16:6b:40:a8:7a:c0:a7:91:5d:09:78:e4:9a:54:8d:bf:10:
ee:fd:7f:84:07:43:1b:56:f7:c4:b8:23:f2:b8:4b:d6:63:c3:
f3:96:2b:84:ae:b2:cc:8d:12:b8:d1:a4:77:7b:79:e7:e0:d8:
b7:3c:df:1d:e5:c0:94:f5:ea:05:bf:bc:01:45:d2:a8:02:6e:
7e:ab:04:0c:c9:3e:2d:a5:4e:80:e3:43:45:83:0f:fe:fc:e5:
c7:5f:ed:5d:8f:fc:41:16:e2:04:b1:48:b5:1b:4f:7e:d9:68:
23:e2:3f:dc:ff:e8:83:2e:8f:01:b0:d4:e1:70:93:74:fb:e8:
d6:ec:b3:b8:f8:ab:62:c1:14:0e:a7:18:c2:cd:3d:bf:b3:f9:
7e:6e:f5:61:e1:e5:94:7c:8d:34:41:4f:47:07:a7:82:98:e2:
8a:2c:d3:3b:ad:90:30:1f:cd:4a:84:8b:5d:47:32:38:0a:23:
0f:2c:c4:08:01:5d:1e:04:19:4d:c5:74:58:a3:2b:0d:06:25:
2b:44:6d:d7:e8:b4:b4:0a:8d:03:3c:86:23:9f:7a:04:13:98:
19:1e:b8:20
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZjl5FrujMtHSx13sLMqL4IHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjUwODI2MTAyMDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjQ0OWFkNzRhZTYyMDU1MDQxNjcwY2Y1NGVmMWYyNjQyMTFlNDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzQYDIrJfMYc3ac1wYyUcIX6XUBnN
c7ev7wNxkOCkTb2Pc6DAwm4tUzDp+BBLSoFLZYwO5NK9Pfm2RD4Ii2kkLya8OOpq
wmB1go/kgrjZzY0sqayNV95FSgrIZ7aNTSrWGpj4XwF875GGh6Dqo0MVer9HD8xU
20LrAy0Uuf2+LJcHun0IBW8sq6hbUxD18E2VNVLaxJkdYOYLWuo1FnASbTTRz7GX
1YYYZB/B12hKybdL3kbgxeF+01Ckv6T92OgbMaeTSIX8LpETj80c+TGJuzqbX+Kh
WVnbjWlkTcui1mW+sccpqZQzGLkLP5uN46aYAuXfxJ+cTHReoaMKccXhWwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDZEmtdK5iBVBBZwz1TvHyZCEeSYMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvTmtTYTEwcm1JRlVFRm5EUFZPOGZKa0lSNUpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQATfb1AwQA
fMaHAwQAfMaRAwQAmwK9AwQAqj6hMA0GCSqGSIb3DQEBCwUAA4IBAQAtoDSL++/L
K5LJevDJFzK3bzrcsVURNLG64qI8+U2Q4Cl6B7y0FmtAqHrAp5FdCXjkmlSNvxDu
/X+EB0MbVvfEuCPyuEvWY8PzliuErrLMjRK40aR3e3nn4Ni3PN8d5cCU9eoFv7wB
RdKoAm5+qwQMyT4tpU6A40NFgw/+/OXHX+1dj/xBFuIEsUi1G09+2Wgj4j/c/+iD
Lo8BsNThcJN0++jW7LO4+KtiwRQOpxjCzT2/s/l+bvVh4eWUfI00QU9HB6eCmOKK
LNM7rZAwH81KhItdRzI4CiMPLMQIAV0eBBlNxXRYoysNBiUrRG3X6LS0Co0DPIYj
n3oEE5gZHrgg
-----END CERTIFICATE-----
Generated at Tue Sep 9 13:30:41 2025 by rpki-client