Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NMd6zE6q_VzXD9q9YQrchB7o_kw.roa
File: NMd6zE6q_VzXD9q9YQrchB7o_kw.roa (raw, json)
Hash identifier: ik+zg1cglYnfUyRhJ2uoOoYqys9l/vpMvh4o0/fFFJI=
Subject key identifier: 34:C7:7A:CC:4E:AA:FD:5C:D7:0F:DA:BD:61:0A:DC:84:1E:E8:FE:4C
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0198E0C37D8B5B5626344D1EC5F3A5502CCE
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NMd6zE6q_VzXD9q9YQrchB7o_kw.roa
Signing time: Mon 25 Aug 2025 10:26:04 +0000
ROA not before: Mon 25 Aug 2025 10:26:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 137409
IP address blocks: 45.8.70.0/24 maxlen: 24
45.130.202.0/23 maxlen: 24
45.133.4.0/24 maxlen: 24
45.133.5.0/24 maxlen: 24
45.133.6.0/24 maxlen: 24
45.133.7.0/24 maxlen: 24
89.34.126.0/23 maxlen: 24
185.165.45.0/24 maxlen: 24
185.245.7.0/24 maxlen: 24
188.213.202.0/24 maxlen: 24
194.5.82.0/24 maxlen: 24
194.5.83.0/24 maxlen: 24
194.61.40.0/24 maxlen: 24
194.61.41.0/24 maxlen: 24
203.25.124.0/24 maxlen: 24
204.75.229.0/24 maxlen: 24
220.158.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Sep 2025 17:17:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:e0:c3:7d:8b:5b:56:26:34:4d:1e:c5:f3:a5:50:2c:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Aug 25 10:26:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=34c77acc4eaafd5cd70fdabd610adc841ee8fe4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:f1:ed:20:34:bd:6a:f1:3b:61:46:34:55:13:
be:1c:14:bb:20:f8:6f:f0:ec:21:df:b9:9c:0d:55:
fe:3d:cf:84:a9:0f:3d:95:e4:6b:19:5f:e1:08:cd:
b8:e8:ba:59:db:b6:9c:49:46:12:0c:49:67:52:53:
ed:0d:00:1e:f6:09:45:e6:b3:30:92:a7:f1:8c:1f:
02:fc:fa:f6:04:9b:5e:2c:8c:92:d9:0b:f2:cb:63:
fe:61:fb:4b:1e:e5:a3:c5:33:93:eb:ae:f4:4e:c9:
45:f4:42:cb:87:a2:fd:2e:f4:fa:84:07:fe:9e:01:
3d:72:c2:e4:0d:f9:19:66:b6:26:6c:79:84:ab:44:
49:97:0c:c8:8b:6c:ce:22:ee:a1:76:82:e3:f9:db:
e1:e5:95:d3:df:f3:86:82:80:74:0f:11:4c:2e:16:
92:94:a4:a5:68:b5:0f:b5:09:a3:0b:96:49:b3:34:
53:bb:6e:e6:d9:57:14:62:51:58:d2:3a:31:a0:cb:
c7:a1:c6:8c:81:3a:da:0c:bd:00:ec:32:22:f4:6d:
56:8a:bb:a5:e6:60:a4:8d:ae:b3:88:37:0a:5f:b5:
55:f3:14:10:4c:fc:fa:ca:d7:64:25:03:c0:60:37:
89:1f:59:2a:86:79:db:9e:54:90:87:cd:ab:24:2a:
34:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:C7:7A:CC:4E:AA:FD:5C:D7:0F:DA:BD:61:0A:DC:84:1E:E8:FE:4C
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NMd6zE6q_VzXD9q9YQrchB7o_kw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.70.0/24
45.130.202.0/23
45.133.4.0/22
89.34.126.0/23
185.165.45.0/24
185.245.7.0/24
188.213.202.0/24
194.5.82.0/23
194.61.40.0/23
203.25.124.0/24
204.75.229.0/24
220.158.199.0/24
Signature Algorithm: sha256WithRSAEncryption
41:e3:17:84:10:ed:00:fd:6a:69:b8:7f:36:ca:a7:ec:e5:60:
ae:5d:7b:ce:a9:8d:66:03:b4:b7:48:21:a8:ec:9c:a4:fc:40:
c2:d8:b0:0a:c5:f0:73:a2:4a:be:e9:80:e1:c3:cf:1c:ce:c2:
7e:ca:76:76:fd:6c:14:7f:d9:46:54:66:4a:ed:47:0c:a4:75:
e3:f5:c2:90:d7:9e:f2:35:95:3d:e2:2a:5a:fa:f7:4c:ac:27:
f5:d5:91:3a:4e:86:fe:03:8d:9b:ca:e1:b9:3b:d4:ff:ac:c0:
19:f6:8f:82:34:45:54:7c:5b:f2:4e:5d:46:fa:a5:c0:b6:33:
96:a3:b2:13:d8:7a:d9:6e:ba:c2:8a:ba:85:73:10:53:d4:96:
8d:24:3e:ec:a0:10:f2:b8:7f:56:43:26:c1:11:34:2d:b4:05:
12:ed:72:a4:9c:84:a8:f6:0e:01:f9:fd:69:ff:77:2a:2b:80:
de:6b:a8:18:22:b9:2f:cf:52:b6:ae:a9:ff:c4:03:30:d9:6f:
24:02:fd:38:73:14:74:f8:38:4f:aa:65:ed:c6:30:a3:f8:e2:
5c:db:a3:69:84:76:97:37:7c:b1:db:d7:5c:4e:d3:a7:91:1c:
b6:16:66:08:cd:f6:e6:fe:35:8c:62:ae:9d:32:29:82:81:17:
ef:b0:13:3a
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZjgw32LW1YmNE0exfOlUCzOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjUwODI1MTAyNjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGM3N2FjYzRlYWFmZDVjZDcwZmRhYmQ2MTBhZGM4NDFlZThmZTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlvHtIDS9avE7YUY0VRO+HBS7IPhv
8Owh37mcDVX+Pc+EqQ89leRrGV/hCM246LpZ27acSUYSDElnUlPtDQAe9glF5rMw
kqfxjB8C/Pr2BJteLIyS2Qvyy2P+YftLHuWjxTOT6670TslF9ELLh6L9LvT6hAf+
ngE9csLkDfkZZrYmbHmEq0RJlwzIi2zOIu6hdoLj+dvh5ZXT3/OGgoB0DxFMLhaS
lKSlaLUPtQmjC5ZJszRTu27m2VcUYlFY0joxoMvHocaMgTraDL0A7DIi9G1Wirul
5mCkja6ziDcKX7VV8xQQTPz6ytdkJQPAYDeJH1kqhnnbnlSQh82rJCo0lQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFDTHesxOqv1c1w/avWEK3IQe6P5MMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvTk1kNnpFNnFfVnpYRDlxOVlRcmNoQjdvX2t3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQALQhGAwQB
LYLKAwQCLYUEAwQBWSJ+AwQAuaUtAwQAufUHAwQAvNXKAwQBwgVSAwQBwj0oAwQA
yxl8AwQAzEvlAwQA3J7HMA0GCSqGSIb3DQEBCwUAA4IBAQBB4xeEEO0A/WppuH82
yqfs5WCuXXvOqY1mA7S3SCGo7Jyk/EDC2LAKxfBzokq+6YDhw88czsJ+ynZ2/WwU
f9lGVGZK7UcMpHXj9cKQ157yNZU94ipa+vdMrCf11ZE6Tob+A42byuG5O9T/rMAZ
9o+CNEVUfFvyTl1G+qXAtjOWo7IT2HrZbrrCirqFcxBT1JaNJD7soBDyuH9WQybB
ETQttAUS7XKknISo9g4B+f1p/3cqK4Dea6gYIrkvz1K2rqn/xAMw2W8kAv04cxR0
+DhPqmXtxjCj+OJc26NphHaXN3yx29dcTtOnkRy2FmYIzfbm/jWMYq6dMimCgRfv
sBM6
-----END CERTIFICATE-----
Generated at Sat Sep 6 03:13:28 2025 by rpki-client