Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/12d6f2-f481-49fd-8f20-a043c230f30d/1/NKM0t8AsANzVWLHPsfCJliHXQOo.roa
File: NKM0t8AsANzVWLHPsfCJliHXQOo.roa (raw, json)
Hash identifier: E/fHSKpRF7b8Xy50lx7xVy0qTXM3nr5MZmJsHZDti2g=
Subject key identifier: 34:A3:34:B7:C0:2C:00:DC:D5:58:B1:CF:B1:F0:89:96:21:D7:40:EA
Certificate issuer: /CN=83f8fd7493a2fe056222db41ed693083b50eccfb
Certificate serial: 019A2A1C3553C7E154BCE139156567D56110
Authority key identifier: 83:F8:FD:74:93:A2:FE:05:62:22:DB:41:ED:69:30:83:B5:0E:CC:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g_j9dJOi_gViIttB7Wkwg7UOzPs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/12d6f2-f481-49fd-8f20-a043c230f30d/1/NKM0t8AsANzVWLHPsfCJliHXQOo.roa
Signing time: Tue 28 Oct 2025 09:18:02 +0000
ROA not before: Tue 28 Oct 2025 09:18:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205111
IP address blocks: 91.103.153.0/24 maxlen: 24
91.103.155.0/24 maxlen: 24
144.89.64.0/23 maxlen: 23
144.89.64.0/24 maxlen: 24
144.89.65.0/24 maxlen: 24
144.89.66.0/23 maxlen: 23
144.89.66.0/24 maxlen: 24
144.89.67.0/24 maxlen: 24
185.230.212.0/23 maxlen: 23
185.230.212.0/24 maxlen: 24
185.230.213.0/24 maxlen: 24
185.230.214.0/23 maxlen: 23
185.230.214.0/24 maxlen: 24
185.230.215.0/24 maxlen: 24
199.67.72.0/23 maxlen: 23
199.67.74.0/24 maxlen: 24
199.67.75.0/24 maxlen: 24
199.67.88.0/23 maxlen: 23
199.67.90.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/12d6f2-f481-49fd-8f20-a043c230f30d/1/g_j9dJOi_gViIttB7Wkwg7UOzPs.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/12d6f2-f481-49fd-8f20-a043c230f30d/1/g_j9dJOi_gViIttB7Wkwg7UOzPs.mft
rsync://rpki.ripe.net/repository/DEFAULT/g_j9dJOi_gViIttB7Wkwg7UOzPs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 31 Oct 2025 06:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:2a:1c:35:53:c7:e1:54:bc:e1:39:15:65:67:d5:61:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83f8fd7493a2fe056222db41ed693083b50eccfb
Validity
Not Before: Oct 28 09:18:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=34a334b7c02c00dcd558b1cfb1f0899621d740ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:0f:fb:5b:65:c7:a8:f7:e3:5e:74:43:c1:3e:
ea:59:4e:16:85:0e:e2:03:9a:00:f5:6c:3e:1f:b0:
7c:1c:e3:36:ec:0a:12:b5:af:55:69:a4:cd:41:38:
a3:bc:25:bc:db:86:f6:9f:6b:1a:e4:13:98:e6:c1:
95:d5:5f:27:6a:12:74:86:63:4f:b8:e3:58:72:d7:
db:44:25:89:07:28:9a:8e:08:46:8b:3f:0a:1d:21:
da:30:51:50:b0:72:eb:30:24:6f:1c:b0:40:a2:25:
9b:a8:d8:79:e5:18:49:4c:e8:dc:d8:fe:fb:df:f1:
1b:17:97:ec:5e:78:75:e2:99:6c:c7:1b:54:f2:85:
2f:1c:04:82:25:8e:01:86:d1:1b:9b:91:2a:45:4d:
1f:2b:a2:bf:a7:2e:5f:92:dd:e4:d3:18:6a:4f:76:
80:02:10:9c:a7:42:63:95:af:f3:e1:c2:a6:fe:02:
b4:cc:e8:06:eb:03:56:5c:05:44:67:60:6d:ac:a7:
2f:f8:82:75:57:a0:ce:69:a4:29:fe:67:ef:d5:40:
07:4b:19:69:ce:ce:12:bb:ab:95:3c:87:a9:3b:c9:
ec:e9:07:96:a8:cc:fc:31:23:ae:fb:e9:10:22:64:
9f:a5:38:ba:8b:1d:b3:f7:6e:94:e7:b1:0e:02:52:
c6:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:A3:34:B7:C0:2C:00:DC:D5:58:B1:CF:B1:F0:89:96:21:D7:40:EA
X509v3 Authority Key Identifier:
keyid:83:F8:FD:74:93:A2:FE:05:62:22:DB:41:ED:69:30:83:B5:0E:CC:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g_j9dJOi_gViIttB7Wkwg7UOzPs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/12d6f2-f481-49fd-8f20-a043c230f30d/1/NKM0t8AsANzVWLHPsfCJliHXQOo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/12d6f2-f481-49fd-8f20-a043c230f30d/1/g_j9dJOi_gViIttB7Wkwg7UOzPs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.103.153.0/24
91.103.155.0/24
144.89.64.0/22
185.230.212.0/22
199.67.72.0/22
199.67.88.0/22
Signature Algorithm: sha256WithRSAEncryption
16:b6:c4:f8:6c:d6:52:58:53:4d:ba:15:36:4f:9e:be:69:95:
e5:24:a5:f4:88:36:81:5c:2d:ec:1f:3b:b8:c1:c6:6a:70:1c:
f4:7b:ec:51:30:8b:ee:fb:ac:3f:c2:01:75:b4:eb:ff:ff:07:
77:f3:65:8c:12:2e:4b:2b:4d:c8:16:bf:ee:a4:9a:d0:51:67:
3a:10:87:d9:2e:2f:57:70:f0:99:31:a7:04:2d:12:b7:97:90:
69:d8:1e:a8:e2:9c:7a:d9:7f:24:42:d0:63:2b:fb:54:85:3a:
9f:2d:8e:84:13:4a:36:b4:d9:ce:e5:e6:7a:43:ed:1e:28:3d:
3a:7e:88:24:ef:b2:b1:8c:1e:da:46:f1:e1:9d:b4:b8:35:de:
06:3a:43:ff:42:6b:fe:0b:07:c1:c3:9f:38:e2:76:20:5b:d3:
d6:b4:0a:2e:98:bb:49:d9:a7:fb:53:28:07:d7:3b:e5:15:21:
29:52:5c:e1:59:34:a1:87:1d:f9:66:98:95:38:c2:2d:af:56:
17:42:cf:7f:77:f4:27:90:0d:83:14:71:81:74:cc:6d:d5:ea:
17:4a:89:6c:3b:04:25:d9:0f:80:e9:a5:30:9b:60:9f:35:e3:
c3:17:ea:35:fe:cc:6a:6f:24:ae:d0:ac:f4:1f:48:19:ad:8b:
11:fc:d1:c6
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZoqHDVTx+FUvOE5FWVn1WEQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzZjhmZDc0OTNhMmZlMDU2MjIyZGI0MWVkNjkzMDgzYjUw
ZWNjZmIwHhcNMjUxMDI4MDkxODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGEzMzRiN2MwMmMwMGRjZDU1OGIxY2ZiMWYwODk5NjIxZDc0MGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArw/7W2XHqPfjXnRDwT7qWU4WhQ7i
A5oA9Ww+H7B8HOM27AoSta9VaaTNQTijvCW824b2n2sa5BOY5sGV1V8nahJ0hmNP
uONYctfbRCWJByiajghGiz8KHSHaMFFQsHLrMCRvHLBAoiWbqNh55RhJTOjc2P77
3/EbF5fsXnh14plsxxtU8oUvHASCJY4BhtEbm5EqRU0fK6K/py5fkt3k0xhqT3aA
AhCcp0Jjla/z4cKm/gK0zOgG6wNWXAVEZ2BtrKcv+IJ1V6DOaaQp/mfv1UAHSxlp
zs4Su6uVPIepO8ns6QeWqMz8MSOu++kQImSfpTi6ix2z926U57EOAlLGWQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFDSjNLfALADc1Vixz7HwiZYh10DqMB8GA1UdIwQY
MBaAFIP4/XSTov4FYiLbQe1pMIO1Dsz7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ19qOWRKT2lfZ1ZpSXR0QjdXa3dnN1VPelBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi8xMmQ2ZjItZjQ4MS00OWZkLThmMjAt
YTA0M2MyMzBmMzBkLzEvTktNMHQ4QXNBTnpWV0xIUHNmQ0psaUhYUU9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi8xMmQ2ZjItZjQ4MS00OWZkLThmMjAtYTA0M2MyMzBmMzBk
LzEvZ19qOWRKT2lfZ1ZpSXR0QjdXa3dnN1VPelBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAW2eZAwQA
W2ebAwQCkFlAAwQCuebUAwQCx0NIAwQCx0NYMA0GCSqGSIb3DQEBCwUAA4IBAQAW
tsT4bNZSWFNNuhU2T56+aZXlJKX0iDaBXC3sHzu4wcZqcBz0e+xRMIvu+6w/wgF1
tOv//wd382WMEi5LK03IFr/upJrQUWc6EIfZLi9XcPCZMacELRK3l5Bp2B6o4px6
2X8kQtBjK/tUhTqfLY6EE0o2tNnO5eZ6Q+0eKD06fogk77KxjB7aRvHhnbS4Nd4G
OkP/Qmv+CwfBw5844nYgW9PWtAoumLtJ2af7UygH1zvlFSEpUlzhWTShhx35ZpiV
OMItr1YXQs9/d/QnkA2DFHGBdMxt1eoXSolsOwQl2Q+A6aUwm2CfNePDF+o1/sxq
bySu0Kz0H0gZrYsR/NHG
-----END CERTIFICATE-----
Generated at Thu Oct 30 14:53:25 2025 by rpki-client