Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/N8D9G-wvLuTvVfFTv73ljSzc1Pg.roa
File: N8D9G-wvLuTvVfFTv73ljSzc1Pg.roa (raw, json)
Hash identifier: RQc5huoEQDwnVdrvRBy+ejqs07QkcvNRYdOP5Xu7XNU=
Subject key identifier: 37:C0:FD:1B:EC:2F:2E:E4:EF:55:F1:53:BF:BD:E5:8D:2C:DC:D4:F8
Certificate issuer: /CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Certificate serial: 019A0617052DA7319E8C13E0BDA2D2061FA4
Authority key identifier: 67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/N8D9G-wvLuTvVfFTv73ljSzc1Pg.roa
Signing time: Tue 21 Oct 2025 09:26:03 +0000
ROA not before: Tue 21 Oct 2025 09:26:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 54994
IP address blocks: 91.194.205.0/24 maxlen: 24
91.202.200.0/24 maxlen: 24
93.188.132.0/24 maxlen: 24
93.188.135.0/24 maxlen: 24
148.253.34.0/24 maxlen: 24
148.253.36.0/24 maxlen: 24
148.253.41.0/24 maxlen: 24
148.253.42.0/24 maxlen: 24
148.253.44.0/24 maxlen: 24
148.253.47.0/24 maxlen: 24
148.253.50.0/24 maxlen: 24
148.253.60.0/24 maxlen: 24
148.253.61.0/24 maxlen: 24
148.253.62.0/24 maxlen: 24
148.253.63.0/24 maxlen: 24
148.253.228.0/24 maxlen: 24
148.253.229.0/24 maxlen: 24
148.253.231.0/24 maxlen: 24
148.253.232.0/24 maxlen: 24
148.253.233.0/24 maxlen: 24
148.253.234.0/24 maxlen: 24
148.253.235.0/24 maxlen: 24
148.253.237.0/24 maxlen: 24
148.253.239.0/24 maxlen: 24
148.253.241.0/24 maxlen: 24
148.253.244.0/24 maxlen: 24
148.253.245.0/24 maxlen: 24
148.253.246.0/24 maxlen: 24
148.253.248.0/24 maxlen: 24
151.249.92.0/24 maxlen: 24
151.249.93.0/24 maxlen: 24
151.249.94.0/24 maxlen: 24
163.171.64.0/24 maxlen: 24
163.171.67.0/24 maxlen: 24
163.171.70.0/24 maxlen: 24
163.171.71.0/24 maxlen: 24
163.171.77.0/24 maxlen: 24
163.171.84.0/24 maxlen: 24
163.171.85.0/24 maxlen: 24
163.171.87.0/24 maxlen: 24
163.171.93.0/24 maxlen: 24
163.171.94.0/24 maxlen: 24
163.171.96.0/24 maxlen: 24
163.171.97.0/24 maxlen: 24
163.171.98.0/24 maxlen: 24
163.171.101.0/24 maxlen: 24
163.171.102.0/24 maxlen: 24
163.171.103.0/24 maxlen: 24
163.171.104.0/24 maxlen: 24
163.171.110.0/24 maxlen: 24
163.171.119.0/24 maxlen: 24
163.171.126.0/24 maxlen: 24
163.171.143.0/24 maxlen: 24
163.171.149.0/24 maxlen: 24
163.171.153.0/24 maxlen: 24
163.171.166.0/24 maxlen: 24
163.171.176.0/24 maxlen: 24
163.171.177.0/24 maxlen: 24
163.171.182.0/24 maxlen: 24
163.171.188.0/24 maxlen: 24
163.171.198.0/24 maxlen: 24
163.171.207.0/24 maxlen: 24
163.171.215.0/24 maxlen: 24
163.171.216.0/24 maxlen: 24
163.171.217.0/24 maxlen: 24
163.171.218.0/24 maxlen: 24
163.171.222.0/24 maxlen: 24
163.171.224.0/24 maxlen: 24
163.171.225.0/24 maxlen: 24
163.171.230.0/24 maxlen: 24
163.171.231.0/24 maxlen: 24
163.171.234.0/24 maxlen: 24
163.171.237.0/24 maxlen: 24
163.171.249.0/24 maxlen: 24
163.171.252.0/24 maxlen: 24
185.27.230.0/24 maxlen: 24
194.107.19.0/24 maxlen: 24
2a01:53c0:ffc6::/48 maxlen: 48
2a01:53c0:ffe7::/48 maxlen: 48
2a01:53c0:fff2::/48 maxlen: 48
2a01:53c0:fff4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.mft
rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 Oct 2025 18:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:06:17:05:2d:a7:31:9e:8c:13:e0:bd:a2:d2:06:1f:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Validity
Not Before: Oct 21 09:26:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=37c0fd1bec2f2ee4ef55f153bfbde58d2cdcd4f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:00:b9:6b:1d:18:d4:36:ca:88:36:69:67:64:
06:52:63:d2:38:75:03:c2:a3:13:8d:75:6b:96:1f:
75:91:52:28:65:a0:2b:61:b3:3d:87:92:04:75:d9:
29:08:59:dd:42:d5:75:88:7d:77:9b:57:7d:c2:d5:
aa:1f:7a:08:b8:9f:ae:31:64:95:3e:be:71:44:f3:
2d:6d:97:70:24:55:4b:e4:00:48:0d:d9:e2:56:c6:
40:dd:08:91:dd:08:f6:9b:e3:a6:0e:17:a2:82:e5:
9b:5e:12:3e:e4:8b:a6:9e:72:20:4b:7b:32:6d:92:
45:24:db:a9:92:78:2f:61:28:ee:1c:80:d7:f3:08:
09:62:6f:cb:ac:3f:7f:2e:c6:c4:4d:b0:fe:62:ca:
29:73:a4:1b:4c:e8:38:fc:60:7d:1f:ae:ee:4a:af:
cf:15:47:40:d1:d8:4c:04:bf:36:c0:4d:9c:7a:51:
68:bc:03:b1:d0:f6:7a:10:cf:db:68:66:f8:02:42:
cb:22:00:bc:78:94:12:04:54:07:ba:ae:91:e3:a3:
79:57:1d:6c:25:48:53:5d:8f:e1:6d:ab:ab:2b:32:
d7:70:e2:3a:5a:5b:ce:5d:45:06:c0:24:59:e9:09:
fa:2b:d3:e4:ea:ab:4f:37:d9:66:da:f3:b8:37:a1:
30:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:C0:FD:1B:EC:2F:2E:E4:EF:55:F1:53:BF:BD:E5:8D:2C:DC:D4:F8
X509v3 Authority Key Identifier:
keyid:67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/N8D9G-wvLuTvVfFTv73ljSzc1Pg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.205.0/24
91.202.200.0/24
93.188.132.0/24
93.188.135.0/24
148.253.34.0/24
148.253.36.0/24
148.253.41.0-148.253.42.255
148.253.44.0/24
148.253.47.0/24
148.253.50.0/24
148.253.60.0/22
148.253.228.0/23
148.253.231.0-148.253.235.255
148.253.237.0/24
148.253.239.0/24
148.253.241.0/24
148.253.244.0-148.253.246.255
148.253.248.0/24
151.249.92.0-151.249.94.255
163.171.64.0/24
163.171.67.0/24
163.171.70.0/23
163.171.77.0/24
163.171.84.0/23
163.171.87.0/24
163.171.93.0-163.171.94.255
163.171.96.0-163.171.98.255
163.171.101.0-163.171.104.255
163.171.110.0/24
163.171.119.0/24
163.171.126.0/24
163.171.143.0/24
163.171.149.0/24
163.171.153.0/24
163.171.166.0/24
163.171.176.0/23
163.171.182.0/24
163.171.188.0/24
163.171.198.0/24
163.171.207.0/24
163.171.215.0-163.171.218.255
163.171.222.0/24
163.171.224.0/23
163.171.230.0/23
163.171.234.0/24
163.171.237.0/24
163.171.249.0/24
163.171.252.0/24
185.27.230.0/24
194.107.19.0/24
IPv6:
2a01:53c0:ffc6::/48
2a01:53c0:ffe7::/48
2a01:53c0:fff2::/48
2a01:53c0:fff4::/48
Signature Algorithm: sha256WithRSAEncryption
07:8e:f7:92:75:e7:32:ed:37:49:c6:ae:90:78:0d:d2:bd:e3:
21:6d:9a:0f:fa:00:3c:a3:bd:cb:eb:7f:2e:9d:e7:5c:bd:38:
a3:65:78:56:9d:a1:7e:7e:22:92:0e:fe:3a:a7:27:a8:5b:65:
10:b0:0d:c8:39:16:6e:9e:42:d8:54:e9:5f:68:e9:8f:c6:0d:
49:8b:30:a2:3b:08:e7:9b:6c:a7:4d:90:c4:60:9c:c4:f4:f3:
40:c0:63:a4:fb:91:10:c5:73:a2:0f:3b:d5:fa:45:2e:e1:b8:
1a:34:e6:27:a1:65:ae:b5:4f:67:f9:10:d4:37:3a:6e:4b:5e:
a1:33:c1:3f:4e:f6:9c:db:75:cb:ad:b1:68:b1:54:80:20:97:
ab:4e:48:ac:02:98:7b:83:af:b6:88:14:70:c7:e9:89:cb:29:
eb:d3:d6:c4:0b:a4:64:7d:85:09:5f:df:ec:bc:c0:86:55:7a:
50:dc:7d:5f:76:0d:41:29:2a:1b:7d:6e:48:59:70:07:3d:84:
32:6a:d8:8c:d8:d7:3e:fa:ac:03:12:18:be:37:46:71:10:7e:
bf:2b:00:31:19:a4:4f:43:36:15:ae:5d:5d:54:93:ee:d5:89:
09:3e:79:2f:47:4e:ab:8c:59:30:ef:c2:1d:b4:46:af:b8:ac:
3f:5e:35:1e
-----BEGIN CERTIFICATE-----
MIIGmTCCBYGgAwIBAgISAZoGFwUtpzGejBPgvaLSBh+kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YjViMDJkYzQwMTY2NmVlMDQ1YWI5MGNjODg4MTdmZTA5
ZDcwNmEwHhcNMjUxMDIxMDkyNjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2MwZmQxYmVjMmYyZWU0ZWY1NWYxNTNiZmJkZTU4ZDJjZGNkNGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzwC5ax0Y1DbKiDZpZ2QGUmPSOHUD
wqMTjXVrlh91kVIoZaArYbM9h5IEddkpCFndQtV1iH13m1d9wtWqH3oIuJ+uMWSV
Pr5xRPMtbZdwJFVL5ABIDdniVsZA3QiR3Qj2m+OmDheiguWbXhI+5IumnnIgS3sy
bZJFJNupkngvYSjuHIDX8wgJYm/LrD9/LsbETbD+Ysopc6QbTOg4/GB9H67uSq/P
FUdA0dhMBL82wE2celFovAOx0PZ6EM/baGb4AkLLIgC8eJQSBFQHuq6R46N5Vx1s
JUhTXY/hbaurKzLXcOI6WlvOXUUGwCRZ6Qn6K9Pk6qtPN9lm2vO4N6EwMQIDAQAB
o4IDpTCCA6EwHQYDVR0OBBYEFDfA/RvsLy7k71XxU7+95Y0s3NT4MB8GA1UdIwQY
MBaAFGe1sC3EAWZu4EWrkMyIgX/gnXBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQt
YjVkODg4YWRmZDM3LzEvTjhEOUctd3ZMdVR2VmZGVHY3M2xqU3pjMVBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQtYjVkODg4YWRmZDM3
LzEvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBuQYIKwYBBQUHAQcBAf8EggGoMIIBpDCCAXQEAgABMIIB
bAMEAFvCzQMEAFvKyAMEAF28hAMEAF28hwMEAJT9IgMEAJT9JDAMAwQAlP0pAwQA
lP0qAwQAlP0sAwQAlP0vAwQAlP0yAwQClP08AwQBlP3kMAwDBACU/ecDBAKU/egD
BACU/e0DBACU/e8DBACU/fEwDAMEApT99AMEAJT99gMEAJT9+DAMAwQCl/lcAwQA
l/leAwQAo6tAAwQAo6tDAwQBo6tGAwQAo6tNAwQBo6tUAwQAo6tXMAwDBACjq10D
BACjq14wDAMEBaOrYAMEAKOrYjAMAwQAo6tlAwQAo6toAwQAo6tuAwQAo6t3AwQA
o6t+AwQAo6uPAwQAo6uVAwQAo6uZAwQAo6umAwQBo6uwAwQAo6u2AwQAo6u8AwQA
o6vGAwQAo6vPMAwDBACjq9cDBACjq9oDBACjq94DBAGjq+ADBAGjq+YDBACjq+oD
BACjq+0DBACjq/kDBACjq/wDBAC5G+YDBADCaxMwKgQCAAIwJAMHACoBU8D/xgMH
ACoBU8D/5wMHACoBU8D/8gMHACoBU8D/9DANBgkqhkiG9w0BAQsFAAOCAQEAB473
knXnMu03ScaukHgN0r3jIW2aD/oAPKO9y+t/Lp3nXL04o2V4Vp2hfn4ikg7+Oqcn
qFtlELANyDkWbp5C2FTpX2jpj8YNSYswojsI55tsp02QxGCcxPTzQMBjpPuREMVz
og871fpFLuG4GjTmJ6FlrrVPZ/kQ1Dc6bkteoTPBP072nNt1y62xaLFUgCCXq05I
rAKYe4OvtogUcMfpicsp69PWxAukZH2FCV/f7LzAhlV6UNx9X3YNQSkqG31uSFlw
Bz2EMmrYjNjXPvqsAxIYvjdGcRB+vysAMRmkT0M2Fa5dXVST7tWJCT55L0dOq4xZ
MO/CHbRGr7isP141Hg==
-----END CERTIFICATE-----
Generated at Wed Oct 22 01:45:36 2025 by rpki-client