Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/1af4a5-0d6c-4776-be5c-be852f644201/1/NL6VwQSpSFmL19VBMtW_UYB6cg8.roa
File: NL6VwQSpSFmL19VBMtW_UYB6cg8.roa (raw, json)
Hash identifier: MrGymgt0ELIwzkl0HWXAAGL1lAm7bepB3GT+bPeCjVo=
Subject key identifier: 34:BE:95:C1:04:A9:48:59:8B:D7:D5:41:32:D5:BF:51:80:7A:72:0F
Certificate issuer: /CN=e916dc9db4e49de71b2fd0819dae853aeb053b06
Certificate serial: 01993989C9C1DF4640D4FBDAD1BE35B44841
Authority key identifier: E9:16:DC:9D:B4:E4:9D:E7:1B:2F:D0:81:9D:AE:85:3A:EB:05:3B:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6RbcnbTknecbL9CBna6FOusFOwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/1af4a5-0d6c-4776-be5c-be852f644201/1/NL6VwQSpSFmL19VBMtW_UYB6cg8.roa
Signing time: Thu 11 Sep 2025 16:09:15 +0000
ROA not before: Thu 11 Sep 2025 16:09:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216129
IP address blocks: 107.161.154.0/24 maxlen: 24
148.253.208.0/24 maxlen: 24
148.253.209.0/24 maxlen: 24
148.253.210.0/24 maxlen: 24
148.253.211.0/24 maxlen: 24
148.253.212.0/24 maxlen: 24
185.28.84.0/24 maxlen: 24
199.83.103.0/24 maxlen: 24
202.181.188.0/24 maxlen: 24
2a13:d200::/32 maxlen: 32
2a13:d200:6::/48 maxlen: 48
2a13:d200:7::/48 maxlen: 48
2a13:d200:8::/48 maxlen: 48
2a13:d200:9::/48 maxlen: 48
2a13:d200:10::/48 maxlen: 48
2a13:d200:11::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/1af4a5-0d6c-4776-be5c-be852f644201/1/6RbcnbTknecbL9CBna6FOusFOwY.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/1af4a5-0d6c-4776-be5c-be852f644201/1/6RbcnbTknecbL9CBna6FOusFOwY.mft
rsync://rpki.ripe.net/repository/DEFAULT/6RbcnbTknecbL9CBna6FOusFOwY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 15 Sep 2025 05:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:39:89:c9:c1:df:46:40:d4:fb:da:d1:be:35:b4:48:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e916dc9db4e49de71b2fd0819dae853aeb053b06
Validity
Not Before: Sep 11 16:09:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=34be95c104a948598bd7d54132d5bf51807a720f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:fe:6b:1e:11:25:51:4a:a3:1e:c4:3f:44:11:
98:bd:21:b2:d0:68:92:0b:6e:25:82:2d:b7:e2:28:
4e:5b:86:87:98:77:67:4c:c9:78:9d:15:69:c9:68:
83:87:fc:48:66:f8:31:fd:89:42:e0:60:b2:62:79:
c5:0b:95:57:1e:cf:c1:24:17:0b:2f:77:ff:f5:af:
d5:72:ad:81:f8:54:82:b4:b0:97:a8:a6:df:fd:a1:
60:52:56:99:ad:71:d5:44:59:00:d8:a3:96:81:67:
c6:25:07:20:ec:e3:32:1d:2e:b4:c4:00:03:63:4a:
35:40:5a:5f:54:75:84:d7:64:6f:7f:9d:30:05:5c:
b7:d5:f8:90:1b:71:fa:aa:2e:e1:81:1b:1d:b7:15:
d0:cf:ac:c9:b2:4b:96:35:c9:62:3b:19:96:52:88:
65:d8:a4:e5:3b:6e:71:b0:eb:98:f1:e4:97:1d:d1:
97:71:17:28:51:a2:da:ea:82:8a:ff:91:af:3b:46:
63:34:ea:52:22:0d:29:12:bf:ed:25:89:0f:2f:45:
b3:be:1f:8e:ea:b6:39:ed:19:ce:93:c2:48:dd:d2:
9c:93:e5:4f:af:79:94:b5:8b:93:64:06:78:95:ef:
31:e2:c3:48:75:1a:d5:e8:f5:a7:81:ff:74:32:fc:
61:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:BE:95:C1:04:A9:48:59:8B:D7:D5:41:32:D5:BF:51:80:7A:72:0F
X509v3 Authority Key Identifier:
keyid:E9:16:DC:9D:B4:E4:9D:E7:1B:2F:D0:81:9D:AE:85:3A:EB:05:3B:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6RbcnbTknecbL9CBna6FOusFOwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/1af4a5-0d6c-4776-be5c-be852f644201/1/NL6VwQSpSFmL19VBMtW_UYB6cg8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/1af4a5-0d6c-4776-be5c-be852f644201/1/6RbcnbTknecbL9CBna6FOusFOwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
107.161.154.0/24
148.253.208.0-148.253.212.255
185.28.84.0/24
199.83.103.0/24
202.181.188.0/24
IPv6:
2a13:d200::/32
Signature Algorithm: sha256WithRSAEncryption
1d:cd:2a:af:cb:4b:1b:aa:78:8a:93:a3:be:52:ef:91:fc:5d:
b5:6a:4a:0e:eb:57:4a:a9:6f:14:ef:51:23:27:a8:97:1e:88:
4c:68:de:df:8f:f6:3a:e3:6c:23:e4:28:fb:7c:39:47:29:d0:
61:48:02:82:a8:bf:05:73:21:ac:1a:7e:d0:44:b6:b9:7e:6e:
ad:e0:48:c1:8e:97:6d:ee:be:76:fc:d7:9f:79:d2:a6:55:be:
47:97:b0:d2:5e:92:7d:2e:bb:49:5f:27:84:05:d6:cb:8c:90:
15:24:a2:79:1a:70:fc:f9:cf:97:9b:db:58:ab:49:ec:10:4e:
5c:99:a8:01:20:eb:48:68:9e:d6:ae:69:06:28:4a:7a:cb:1c:
02:d0:63:ab:35:98:13:40:c8:52:fc:29:82:1f:35:00:6d:a2:
79:e8:9a:1f:2e:c0:72:e6:1c:49:81:f5:97:3f:62:c5:42:03:
a8:9b:2e:5d:01:11:a2:2b:95:ad:d4:e9:e4:c3:17:17:3d:3d:
05:51:a4:2d:fe:0d:25:05:ec:2c:97:ef:b0:3f:87:e7:90:7a:
80:ad:78:0a:d8:7e:78:00:5e:f5:90:df:92:2c:fc:29:10:e0:
93:f9:e8:19:59:52:05:b5:0b:c5:ec:f7:99:3e:cd:c6:de:eb:
a2:87:ff:79
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZk5icnB30ZA1Pva0b41tEhBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5MTZkYzlkYjRlNDlkZTcxYjJmZDA4MTlkYWU4NTNhZWIw
NTNiMDYwHhcNMjUwOTExMTYwOTE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGJlOTVjMTA0YTk0ODU5OGJkN2Q1NDEzMmQ1YmY1MTgwN2E3MjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtf5rHhElUUqjHsQ/RBGYvSGy0GiS
C24lgi234ihOW4aHmHdnTMl4nRVpyWiDh/xIZvgx/YlC4GCyYnnFC5VXHs/BJBcL
L3f/9a/Vcq2B+FSCtLCXqKbf/aFgUlaZrXHVRFkA2KOWgWfGJQcg7OMyHS60xAAD
Y0o1QFpfVHWE12Rvf50wBVy31fiQG3H6qi7hgRsdtxXQz6zJskuWNcliOxmWUohl
2KTlO25xsOuY8eSXHdGXcRcoUaLa6oKK/5GvO0ZjNOpSIg0pEr/tJYkPL0Wzvh+O
6rY57RnOk8JI3dKck+VPr3mUtYuTZAZ4le8x4sNIdRrV6PWngf90MvxhZQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFDS+lcEEqUhZi9fVQTLVv1GAenIPMB8GA1UdIwQY
MBaAFOkW3J205J3nGy/QgZ2uhTrrBTsGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlJiY25iVGtuZWNiTDlDQm5hNkZPdXNGT3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS8xYWY0YTUtMGQ2Yy00Nzc2LWJlNWMt
YmU4NTJmNjQ0MjAxLzEvTkw2VndRU3BTRm1MMTlWQk10V19VWUI2Y2c4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS8xYWY0YTUtMGQ2Yy00Nzc2LWJlNWMtYmU4NTJmNjQ0MjAx
LzEvNlJiY25iVGtuZWNiTDlDQm5hNkZPdXNGT3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQAa6GaMAwD
BASU/dADBACU/dQDBAC5HFQDBADHU2cDBADKtbwwDQQCAAIwBwMFACoT0gAwDQYJ
KoZIhvcNAQELBQADggEBAB3NKq/LSxuqeIqTo75S75H8XbVqSg7rV0qpbxTvUSMn
qJceiExo3t+P9jrjbCPkKPt8OUcp0GFIAoKovwVzIawaftBEtrl+bq3gSMGOl23u
vnb815950qZVvkeXsNJekn0uu0lfJ4QF1suMkBUkonkacPz5z5eb21irSewQTlyZ
qAEg60hontauaQYoSnrLHALQY6s1mBNAyFL8KYIfNQBtonnomh8uwHLmHEmB9Zc/
YsVCA6ibLl0BEaIrla3U6eTDFxc9PQVRpC3+DSUF7CyX77A/h+eQeoCteArYfngA
XvWQ35Is/CkQ4JP56BlZUgW1C8Xs95k+zcbe66KH/3k=
-----END CERTIFICATE-----
Generated at Sun Sep 14 13:46:38 2025 by rpki-client