Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/njzo5FpghyrA178R2iN2wABxbLQ.roa
File: njzo5FpghyrA178R2iN2wABxbLQ.roa (raw, json)
Hash identifier: pJeg7nZllp4fswf7n6vAitKS7SQfEoBG54nvgASlMmE=
Subject key identifier: 9E:3C:E8:E4:5A:60:87:2A:C0:D7:BF:11:DA:23:76:C0:00:71:6C:B4
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019CB7D39CAA01ACDB0DBB891648E7605EB3
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/njzo5FpghyrA178R2iN2wABxbLQ.roa
Signing time: Wed 04 Mar 2026 07:50:24 +0000
ROA not before: Wed 04 Mar 2026 07:50:24 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 135402
IP address blocks: 213.130.151.0/24 maxlen: 24
213.130.157.0/24 maxlen: 24
213.218.236.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Mar 2026 16:05:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:b7:d3:9c:aa:01:ac:db:0d:bb:89:16:48:e7:60:5e:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Mar 4 07:50:24 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9e3ce8e45a60872ac0d7bf11da2376c000716cb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:33:fa:1c:bd:ca:88:e0:5a:f1:a9:7b:a2:21:
55:26:b8:1a:ee:c2:2b:67:76:16:05:5d:1c:49:55:
61:11:57:ae:ae:6d:52:74:24:24:a8:88:5d:77:23:
46:7f:4c:5c:eb:6a:a2:10:68:77:73:be:55:02:4b:
bb:33:69:6f:f8:e8:7a:4d:09:13:91:36:cc:d3:99:
6e:9e:bd:04:56:32:1c:67:10:90:d6:a8:b3:75:35:
c3:84:20:78:de:a4:30:39:07:e8:ef:fb:04:b1:0b:
f0:82:66:38:4e:eb:23:46:ab:21:58:a6:92:12:ea:
dc:a2:cb:5d:0e:c2:90:62:ad:84:5e:c5:50:fc:09:
e2:3d:1a:0f:68:77:d3:f2:7e:df:a6:23:be:f6:67:
be:b4:a8:5b:7f:07:4b:c9:28:d1:78:19:f6:58:41:
73:ea:3e:44:ed:d1:50:96:0c:8b:6f:1f:a4:e2:c2:
83:56:f7:d7:98:7e:f1:8a:f0:59:e6:c4:bd:76:6a:
56:ef:ba:11:0f:52:a2:82:01:04:a1:d3:99:91:7b:
55:85:af:76:d3:18:a6:0c:1b:e5:72:fb:34:a9:c5:
da:26:5d:39:a2:01:65:1a:12:7a:47:60:fe:8a:08:
1f:d5:98:1c:6a:a2:2e:7a:d7:c3:29:a3:a2:79:f6:
fd:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:3C:E8:E4:5A:60:87:2A:C0:D7:BF:11:DA:23:76:C0:00:71:6C:B4
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/njzo5FpghyrA178R2iN2wABxbLQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.130.151.0/24
213.130.157.0/24
213.218.236.0/24
Signature Algorithm: sha256WithRSAEncryption
97:d4:16:3f:40:e0:1c:0c:60:1f:d8:ab:78:e8:ad:57:f9:46:
c7:c6:dc:f0:0a:87:5e:8c:a0:a0:d8:54:3c:22:ca:6e:18:5a:
d2:82:87:c2:49:c3:09:01:69:4b:0e:ac:71:f3:b0:b2:11:08:
ce:be:fd:17:f6:43:1a:f5:3a:af:6d:45:2a:65:80:35:2f:3f:
52:88:9e:f1:41:25:db:3c:ac:22:25:ba:34:19:0e:fa:29:70:
bc:8d:bd:28:2b:aa:18:ce:e4:e1:2b:7f:63:b0:b3:dc:ec:0a:
bf:97:88:e6:22:b6:6b:9d:71:45:e9:ca:6f:0c:d6:fd:86:e9:
d1:db:f8:20:4e:69:ab:f3:f4:93:d0:75:04:b9:a6:33:bc:f4:
92:7a:2a:7f:fa:ea:1a:2c:e6:b7:a8:f0:c4:67:b6:13:5d:02:
8d:48:b7:3e:65:d9:cd:25:d8:cd:de:91:73:b9:5e:72:72:5a:
87:3f:ad:f0:3c:30:a8:5c:a5:fb:1a:50:83:0e:b2:ca:12:f6:
5f:5f:da:7e:23:23:38:9b:ec:02:06:e5:c5:08:42:de:bf:54:
a4:fc:82:1c:8b:d1:f8:cb:45:ef:b5:25:cd:8f:d8:95:f3:05:
97:36:c1:dd:80:bd:6d:d1:92:db:07:38:66:9f:63:3c:b0:0a:
14:b2:38:c7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZy305yqAazbDbuJFkjnYF6zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjYwMzA0MDc1MDI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTNjZThlNDVhNjA4NzJhYzBkN2JmMTFkYTIzNzZjMDAwNzE2Y2I0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkzP6HL3KiOBa8al7oiFVJrga7sIr
Z3YWBV0cSVVhEVeurm1SdCQkqIhddyNGf0xc62qiEGh3c75VAku7M2lv+Oh6TQkT
kTbM05lunr0EVjIcZxCQ1qizdTXDhCB43qQwOQfo7/sEsQvwgmY4TusjRqshWKaS
EurcostdDsKQYq2EXsVQ/AniPRoPaHfT8n7fpiO+9me+tKhbfwdLySjReBn2WEFz
6j5E7dFQlgyLbx+k4sKDVvfXmH7xivBZ5sS9dmpW77oRD1KiggEEodOZkXtVha92
0ximDBvlcvs0qcXaJl05ogFlGhJ6R2D+iggf1ZgcaqIuetfDKaOiefb9owIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJ486ORaYIcqwNe/EdojdsAAcWy0MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvbmp6bzVGcGdoeXJBMTc4UjJpTjJ3QUJ4YkxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQA1YKXAwQA
1YKdAwQA1drsMA0GCSqGSIb3DQEBCwUAA4IBAQCX1BY/QOAcDGAf2Kt46K1X+UbH
xtzwCodejKCg2FQ8IspuGFrSgofCScMJAWlLDqxx87CyEQjOvv0X9kMa9TqvbUUq
ZYA1Lz9SiJ7xQSXbPKwiJbo0GQ76KXC8jb0oK6oYzuThK39jsLPc7Aq/l4jmIrZr
nXFF6cpvDNb9hunR2/ggTmmr8/ST0HUEuaYzvPSSeip/+uoaLOa3qPDEZ7YTXQKN
SLc+ZdnNJdjN3pFzuV5yclqHP63wPDCoXKX7GlCDDrLKEvZfX9p+IyM4m+wCBuXF
CELev1Sk/IIci9H4y0XvtSXNj9iV8wWXNsHdgL1t0ZLbBzhmn2M8sAoUsjjH
-----END CERTIFICATE-----
Generated at Fri Mar 6 02:01:36 2026 by rpki-client