Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/53ad5a-0a37-4f65-a6c6-737e78c87012/1/NwvDc-yJwXeNivsjoY0gJyIcmR4.roa
File: NwvDc-yJwXeNivsjoY0gJyIcmR4.roa (raw, json)
Hash identifier: FEVqQwQ9gr8Xh59AeGfQNtLNsq4t+I6eMLo4jtBSrFY=
Subject key identifier: 37:0B:C3:73:EC:89:C1:77:8D:8A:FB:23:A1:8D:20:27:22:1C:99:1E
Certificate issuer: /CN=c5f152b6a0d004627d285d879aa83e58461ab2df
Certificate serial: 019CF5F0926CD5D5EB6CD07BD358894704E6
Authority key identifier: C5:F1:52:B6:A0:D0:04:62:7D:28:5D:87:9A:A8:3E:58:46:1A:B2:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xfFStqDQBGJ9KF2Hmqg-WEYast8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/53ad5a-0a37-4f65-a6c6-737e78c87012/1/NwvDc-yJwXeNivsjoY0gJyIcmR4.roa
Signing time: Mon 16 Mar 2026 09:18:29 +0000
ROA not before: Mon 16 Mar 2026 09:18:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 28686
IP address blocks: 93.191.248.0/21 maxlen: 21
103.55.232.0/22 maxlen: 22
159.168.0.0/16 maxlen: 16
159.168.0.0/24 maxlen: 24
159.168.1.0/24 maxlen: 24
159.168.7.0/24 maxlen: 24
159.168.12.0/24 maxlen: 24
159.168.14.0/24 maxlen: 24
159.168.24.0/23 maxlen: 23
159.168.112.0/20 maxlen: 20
159.168.136.0/23 maxlen: 23
159.168.138.0/24 maxlen: 24
159.168.140.0/24 maxlen: 24
159.168.141.0/24 maxlen: 24
159.168.144.0/21 maxlen: 21
159.168.152.0/21 maxlen: 21
185.94.144.0/22 maxlen: 22
185.130.140.0/22 maxlen: 22
193.222.224.0/20 maxlen: 20
193.222.240.0/24 maxlen: 24
194.147.176.0/20 maxlen: 20
2001:67c:638::/48 maxlen: 48
2a05:14c0::/29 maxlen: 29
2a06:d9c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/53ad5a-0a37-4f65-a6c6-737e78c87012/1/xfFStqDQBGJ9KF2Hmqg-WEYast8.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/53ad5a-0a37-4f65-a6c6-737e78c87012/1/xfFStqDQBGJ9KF2Hmqg-WEYast8.mft
rsync://rpki.ripe.net/repository/DEFAULT/xfFStqDQBGJ9KF2Hmqg-WEYast8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:f5:f0:92:6c:d5:d5:eb:6c:d0:7b:d3:58:89:47:04:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5f152b6a0d004627d285d879aa83e58461ab2df
Validity
Not Before: Mar 16 09:18:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=370bc373ec89c1778d8afb23a18d2027221c991e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:0f:2d:fa:d7:f8:9b:3c:fc:42:9b:d5:34:41:
77:c8:84:f1:bf:3b:21:d1:0c:2b:6f:92:ac:3e:c3:
17:0c:b8:9f:1d:4c:3f:b6:d3:ec:8b:3d:90:7e:f7:
6d:26:67:ee:7d:45:38:bf:ad:79:c2:bb:0a:22:93:
26:e6:52:8e:95:ee:07:8f:67:2a:d7:67:45:f0:da:
5c:77:43:ee:d9:4d:1b:dd:30:64:30:ca:45:6b:58:
5d:40:44:8a:1d:80:43:b5:c3:87:ac:95:fa:30:a8:
7e:cc:b0:d0:03:69:13:98:4c:95:08:b9:ca:55:52:
e0:a2:ba:fc:49:9e:ea:83:fe:f5:b1:19:ad:85:fb:
6d:ce:ca:e6:3a:fa:c4:ba:ec:4d:c7:12:a1:44:fd:
05:b6:9f:b0:cc:4f:20:c5:8c:28:7f:5a:1c:39:b2:
81:42:3b:d5:1b:75:fa:36:18:8f:96:ff:e0:a0:1d:
13:fb:95:94:ae:ac:e6:de:02:46:16:04:e8:5c:13:
14:08:b7:61:7b:16:8a:f3:0d:e4:af:14:9c:91:50:
9b:e2:fc:dd:c3:72:7e:0e:c4:7d:83:2a:13:78:5c:
03:7d:49:5a:59:ca:79:3b:9c:70:bb:bb:35:ad:3f:
6b:47:46:0b:06:10:c0:5c:56:5c:77:dc:65:fd:76:
98:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:0B:C3:73:EC:89:C1:77:8D:8A:FB:23:A1:8D:20:27:22:1C:99:1E
X509v3 Authority Key Identifier:
keyid:C5:F1:52:B6:A0:D0:04:62:7D:28:5D:87:9A:A8:3E:58:46:1A:B2:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xfFStqDQBGJ9KF2Hmqg-WEYast8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/53ad5a-0a37-4f65-a6c6-737e78c87012/1/NwvDc-yJwXeNivsjoY0gJyIcmR4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/53ad5a-0a37-4f65-a6c6-737e78c87012/1/xfFStqDQBGJ9KF2Hmqg-WEYast8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.191.248.0/21
103.55.232.0/22
159.168.0.0/16
185.94.144.0/22
185.130.140.0/22
193.222.224.0-193.222.240.255
194.147.176.0/20
IPv6:
2001:67c:638::/48
2a05:14c0::/29
2a06:d9c0::/29
Signature Algorithm: sha256WithRSAEncryption
c2:04:91:21:0c:2b:b3:57:a9:75:9e:4b:90:9a:99:39:36:c3:
df:fe:84:25:1a:af:13:d6:bf:75:64:79:32:c3:41:56:42:2f:
0a:df:ae:9d:5c:6b:9f:73:a9:ce:2a:4c:50:34:e0:f2:8a:e4:
66:01:e3:72:94:52:52:fe:7f:64:00:7c:38:6e:67:16:d4:f7:
5a:25:81:51:db:64:32:eb:2d:01:2f:ea:32:c0:2a:f5:2a:76:
fb:c4:71:eb:36:de:a5:9c:e8:85:57:84:af:e9:56:d8:2e:91:
ce:a6:e6:46:2d:ec:02:35:d5:1b:4c:64:eb:7f:b3:15:01:d4:
11:a2:e6:45:53:bf:5b:cd:b6:10:fe:4c:d2:6c:d4:04:90:34:
86:e6:d2:1b:3e:5f:0f:f6:f9:25:46:ca:4c:5d:ce:51:33:da:
2f:01:9b:ba:86:13:7a:81:32:64:a4:c1:e6:a7:4b:68:9d:e9:
ef:a2:47:38:9c:a5:48:3c:6f:0c:89:dc:38:87:71:32:e1:d2:
4c:92:64:02:30:45:87:d0:64:e5:01:0f:b7:19:63:6b:e1:62:
31:2a:2f:f5:35:b9:a7:38:32:dd:e8:c8:f5:cc:7a:d4:21:c1:
cf:3b:37:16:5c:fa:fa:f4:81:ed:88:59:f4:25:50:80:3f:8e:
c0:1d:2e:9d
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAZz18JJs1dXrbNB701iJRwTmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1ZjE1MmI2YTBkMDA0NjI3ZDI4NWQ4NzlhYTgzZTU4NDYx
YWIyZGYwHhcNMjYwMzE2MDkxODI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzBiYzM3M2VjODljMTc3OGQ4YWZiMjNhMThkMjAyNzIyMWM5OTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQ8t+tf4mzz8QpvVNEF3yITxvzsh
0Qwrb5KsPsMXDLifHUw/ttPsiz2QfvdtJmfufUU4v615wrsKIpMm5lKOle4Hj2cq
12dF8Npcd0Pu2U0b3TBkMMpFa1hdQESKHYBDtcOHrJX6MKh+zLDQA2kTmEyVCLnK
VVLgorr8SZ7qg/71sRmthfttzsrmOvrEuuxNxxKhRP0Ftp+wzE8gxYwof1ocObKB
QjvVG3X6NhiPlv/goB0T+5WUrqzm3gJGFgToXBMUCLdhexaK8w3krxSckVCb4vzd
w3J+DsR9gyoTeFwDfUlaWcp5O5xwu7s1rT9rR0YLBhDAXFZcd9xl/XaYhQIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFDcLw3PsicF3jYr7I6GNICciHJkeMB8GA1UdIwQY
MBaAFMXxUrag0ARifShdh5qoPlhGGrLfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGZGU3RxRFFCR0o5S0YySG1xZy1XRVlhc3Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi81M2FkNWEtMGEzNy00ZjY1LWE2YzYt
NzM3ZTc4Yzg3MDEyLzEvTnd2RGMteUp3WGVOaXZzam9ZMGdKeUljbVI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi81M2FkNWEtMGEzNy00ZjY1LWE2YzYtNzM3ZTc4Yzg3MDEy
LzEveGZGU3RxRFFCR0o5S0YySG1xZy1XRVlhc3Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDA3BAIAATAxAwQDXb/4AwQC
ZzfoAwMAn6gDBAK5XpADBAK5gowwDAMEBcHe4AMEAMHe8AMEBMKTsDAdBAIAAjAX
AwcAIAEGfAY4AwUDKgUUwAMFAyoG2cAwDQYJKoZIhvcNAQELBQADggEBAMIEkSEM
K7NXqXWeS5CamTk2w9/+hCUarxPWv3VkeTLDQVZCLwrfrp1ca59zqc4qTFA04PKK
5GYB43KUUlL+f2QAfDhuZxbU91olgVHbZDLrLQEv6jLAKvUqdvvEces23qWc6IVX
hK/pVtgukc6m5kYt7AI11RtMZOt/sxUB1BGi5kVTv1vNthD+TNJs1ASQNIbm0hs+
Xw/2+SVGykxdzlEz2i8Bm7qGE3qBMmSkweanS2id6e+iRzicpUg8bwyJ3DiHcTLh
0kySZAIwRYfQZOUBD7cZY2vhYjEqL/U1uac4Mt3oyPXMetQhwc87NxZc+vr0ge2I
WfQlUIA/jsAdLp0=
-----END CERTIFICATE-----
Generated at Thu Mar 26 15:45:51 2026 by rpki-client