Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/fcbcc6-739b-4f5c-ae3c-a4f08dbb85a5/1/kNjtAZnBIdDs69zL_sxo5b2kvsE.roa
File: kNjtAZnBIdDs69zL_sxo5b2kvsE.roa (raw, json)
Hash identifier: ZvUWHB49abkoN+508ycB2Kcm14s8kB/R0ioTMdmzGbc=
Subject key identifier: 90:D8:ED:01:99:C1:21:D0:EC:EB:DC:CB:FE:CC:68:E5:BD:A4:BE:C1
Certificate issuer: /CN=9b200d0e7ad3cef72238b5164c4b2cdde23a6a1e
Certificate serial: 01992E1B4E942460C6778E7BD2960B29D229
Authority key identifier: 9B:20:0D:0E:7A:D3:CE:F7:22:38:B5:16:4C:4B:2C:DD:E2:3A:6A:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/myANDnrTzvciOLUWTEss3eI6ah4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/fcbcc6-739b-4f5c-ae3c-a4f08dbb85a5/1/kNjtAZnBIdDs69zL_sxo5b2kvsE.roa
Signing time: Tue 09 Sep 2025 10:52:45 +0000
ROA not before: Tue 09 Sep 2025 10:52:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31638
IP address blocks: 5.144.184.0/21 maxlen: 24
5.144.184.0/22 maxlen: 22
5.144.188.0/22 maxlen: 22
5.144.188.0/24 maxlen: 24
5.144.190.0/24 maxlen: 24
37.156.96.0/22 maxlen: 23
37.156.96.0/23 maxlen: 23
37.156.98.0/23 maxlen: 23
37.156.148.0/22 maxlen: 24
37.156.148.0/23 maxlen: 23
37.156.150.0/23 maxlen: 23
37.156.168.0/22 maxlen: 24
37.156.168.0/23 maxlen: 23
37.156.170.0/23 maxlen: 23
37.156.208.0/22 maxlen: 24
37.156.208.0/23 maxlen: 23
37.156.210.0/23 maxlen: 23
46.255.80.0/21 maxlen: 24
46.255.80.0/22 maxlen: 22
46.255.80.0/24 maxlen: 24
46.255.83.0/24 maxlen: 24
46.255.84.0/22 maxlen: 22
46.255.85.0/24 maxlen: 24
86.104.6.0/24 maxlen: 24
86.104.229.0/24 maxlen: 24
86.105.8.0/24 maxlen: 24
86.105.179.0/24 maxlen: 24
89.33.232.0/24 maxlen: 24
89.34.6.0/24 maxlen: 24
89.39.92.0/24 maxlen: 24
89.39.224.0/20 maxlen: 21
89.39.224.0/21 maxlen: 21
89.39.232.0/21 maxlen: 21
89.42.230.0/24 maxlen: 24
89.44.206.0/24 maxlen: 24
89.45.24.0/21 maxlen: 24
89.45.24.0/24 maxlen: 24
89.45.25.0/24 maxlen: 24
89.45.26.0/24 maxlen: 24
89.45.27.0/24 maxlen: 24
89.45.95.0/24 maxlen: 24
89.45.216.0/22 maxlen: 23
89.47.32.0/23 maxlen: 24
93.113.89.0/24 maxlen: 24
93.115.170.0/23 maxlen: 23
93.118.37.0/24 maxlen: 24
94.177.18.0/23 maxlen: 23
94.177.151.0/24 maxlen: 24
176.223.164.0/24 maxlen: 24
185.82.168.0/22 maxlen: 23
185.82.168.0/23 maxlen: 23
185.82.169.0/24 maxlen: 24
185.82.170.0/23 maxlen: 23
185.82.170.0/24 maxlen: 24
185.82.171.0/24 maxlen: 24
188.209.80.0/20 maxlen: 24
188.209.80.0/21 maxlen: 21
188.209.80.0/24 maxlen: 24
188.209.81.0/24 maxlen: 24
188.209.82.0/24 maxlen: 24
188.209.83.0/24 maxlen: 24
188.209.86.0/24 maxlen: 24
188.209.87.0/24 maxlen: 24
188.209.88.0/21 maxlen: 21
188.209.88.0/24 maxlen: 24
188.209.89.0/24 maxlen: 24
188.210.239.0/24 maxlen: 24
188.212.153.0/24 maxlen: 24
188.215.44.0/22 maxlen: 24
188.215.45.0/24 maxlen: 24
188.215.65.0/24 maxlen: 24
188.215.247.0/24 maxlen: 24
188.215.248.0/24 maxlen: 24
188.241.4.0/23 maxlen: 24
188.241.190.0/23 maxlen: 24
195.62.160.0/19 maxlen: 20
195.62.160.0/20 maxlen: 20
195.62.176.0/20 maxlen: 20
2a02:20d8::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/fcbcc6-739b-4f5c-ae3c-a4f08dbb85a5/1/myANDnrTzvciOLUWTEss3eI6ah4.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/fcbcc6-739b-4f5c-ae3c-a4f08dbb85a5/1/myANDnrTzvciOLUWTEss3eI6ah4.mft
rsync://rpki.ripe.net/repository/DEFAULT/myANDnrTzvciOLUWTEss3eI6ah4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:2e:1b:4e:94:24:60:c6:77:8e:7b:d2:96:0b:29:d2:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b200d0e7ad3cef72238b5164c4b2cdde23a6a1e
Validity
Not Before: Sep 9 10:52:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=90d8ed0199c121d0ecebdccbfecc68e5bda4bec1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:06:6c:8f:2d:12:97:e1:68:27:73:9d:c0:81:
67:6c:f3:fd:5d:5f:ee:4a:03:ca:ff:68:02:c1:df:
fe:23:77:b6:bc:68:ac:49:3c:05:a8:9c:23:f9:5f:
09:f9:76:5a:a8:4c:99:ae:a8:15:14:91:57:31:b9:
98:a1:01:9e:54:b4:eb:66:99:73:62:d7:d5:32:ed:
b5:fe:ca:70:04:ce:f2:83:66:c3:55:95:39:9d:75:
47:64:ea:7e:d8:b4:e7:66:41:ca:56:b2:23:43:85:
c7:6e:d8:26:85:c6:33:b6:47:ec:6f:8a:8a:b3:e3:
a3:2c:3f:44:7f:1d:de:12:9a:1f:2f:23:12:13:c3:
dd:15:5b:45:ab:c6:68:29:e8:7c:bc:d3:ea:48:30:
6b:8b:e9:12:73:05:7c:2e:92:10:50:ca:c9:66:66:
87:8a:73:3b:be:b8:cf:a0:b8:bd:60:29:2f:b5:c3:
e1:47:66:1a:14:1f:f3:4b:32:75:41:cd:ab:82:81:
ad:13:3e:83:4f:38:5c:ac:cb:cb:d6:48:e4:48:07:
4d:1f:61:3d:de:62:25:f3:a3:41:21:9b:a8:ba:86:
1d:27:49:8f:80:42:b2:04:fb:89:0f:da:11:ff:11:
e6:71:7f:b3:0e:78:29:1d:60:1a:22:32:f6:4a:2b:
d6:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:D8:ED:01:99:C1:21:D0:EC:EB:DC:CB:FE:CC:68:E5:BD:A4:BE:C1
X509v3 Authority Key Identifier:
keyid:9B:20:0D:0E:7A:D3:CE:F7:22:38:B5:16:4C:4B:2C:DD:E2:3A:6A:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/myANDnrTzvciOLUWTEss3eI6ah4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/fcbcc6-739b-4f5c-ae3c-a4f08dbb85a5/1/kNjtAZnBIdDs69zL_sxo5b2kvsE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/fcbcc6-739b-4f5c-ae3c-a4f08dbb85a5/1/myANDnrTzvciOLUWTEss3eI6ah4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.184.0/21
37.156.96.0/22
37.156.148.0/22
37.156.168.0/22
37.156.208.0/22
46.255.80.0/21
86.104.6.0/24
86.104.229.0/24
86.105.8.0/24
86.105.179.0/24
89.33.232.0/24
89.34.6.0/24
89.39.92.0/24
89.39.224.0/20
89.42.230.0/24
89.44.206.0/24
89.45.24.0/21
89.45.95.0/24
89.45.216.0/22
89.47.32.0/23
93.113.89.0/24
93.115.170.0/23
93.118.37.0/24
94.177.18.0/23
94.177.151.0/24
176.223.164.0/24
185.82.168.0/22
188.209.80.0/20
188.210.239.0/24
188.212.153.0/24
188.215.44.0/22
188.215.65.0/24
188.215.247.0-188.215.248.255
188.241.4.0/23
188.241.190.0/23
195.62.160.0/19
IPv6:
2a02:20d8::/29
Signature Algorithm: sha256WithRSAEncryption
46:2a:72:57:e5:d0:c1:d5:ea:95:29:8e:da:b4:fb:cd:9f:fa:
1f:2f:3d:38:c6:70:06:68:d0:9d:ce:17:a3:88:b6:45:84:41:
6c:e1:a8:f9:db:6f:1c:fa:f0:73:56:ae:4e:b7:f7:ff:3f:e6:
64:98:c0:ff:e9:51:8b:f7:2f:e6:e8:34:a5:3c:4a:76:9b:2e:
83:bc:cb:a3:d2:5d:8c:f5:7f:77:d2:a0:80:71:4d:ea:4a:e5:
7b:0e:c7:80:e1:2f:4a:40:9b:b3:99:a9:7f:aa:14:65:ae:eb:
7e:4d:b8:9b:59:f2:5c:5e:f1:01:08:60:24:c6:9e:26:44:96:
36:e1:a9:33:ec:7f:14:f9:d9:02:3d:2f:dd:4e:c7:22:93:d7:
ac:d5:0c:e9:a6:5a:48:84:e2:0a:3d:fe:05:bd:7b:0b:b5:8a:
6b:58:08:71:d4:e3:64:1b:53:7d:a7:ce:93:44:c4:87:1c:ea:
f9:ab:8d:69:a2:ca:c7:82:f9:8d:f0:38:0e:97:ff:9c:9d:cd:
51:19:6f:17:e4:f8:88:b7:a6:60:76:60:5b:d0:81:9d:06:78:
83:a6:22:19:ff:9e:20:db:f2:be:37:1a:02:fc:89:64:84:c9:
ad:bc:a2:db:95:31:0b:69:01:71:70:02:22:25:ce:e8:ab:6f:
5d:fa:96:d3
-----BEGIN CERTIFICATE-----
MIIF7DCCBNSgAwIBAgISAZkuG06UJGDGd4570pYLKdIpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliMjAwZDBlN2FkM2NlZjcyMjM4YjUxNjRjNGIyY2RkZTIz
YTZhMWUwHhcNMjUwOTA5MTA1MjQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGQ4ZWQwMTk5YzEyMWQwZWNlYmRjY2JmZWNjNjhlNWJkYTRiZWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwgZsjy0Sl+FoJ3OdwIFnbPP9XV/u
SgPK/2gCwd/+I3e2vGisSTwFqJwj+V8J+XZaqEyZrqgVFJFXMbmYoQGeVLTrZplz
YtfVMu21/spwBM7yg2bDVZU5nXVHZOp+2LTnZkHKVrIjQ4XHbtgmhcYztkfsb4qK
s+OjLD9Efx3eEpofLyMSE8PdFVtFq8ZoKeh8vNPqSDBri+kScwV8LpIQUMrJZmaH
inM7vrjPoLi9YCkvtcPhR2YaFB/zSzJ1Qc2rgoGtEz6DTzhcrMvL1kjkSAdNH2E9
3mIl86NBIZuouoYdJ0mPgEKyBPuJD9oR/xHmcX+zDngpHWAaIjL2SivW9QIDAQAB
o4IC+DCCAvQwHQYDVR0OBBYEFJDY7QGZwSHQ7Ovcy/7MaOW9pL7BMB8GA1UdIwQY
MBaAFJsgDQ560873Iji1FkxLLN3iOmoeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXlBTkRuclR6dmNpT0xVV1RFc3MzZUk2YWg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9mY2JjYzYtNzM5Yi00ZjVjLWFlM2Mt
YTRmMDhkYmI4NWE1LzEva05qdEFabkJJZERzNjl6TF9zeG81YjJrdnNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9mY2JjYzYtNzM5Yi00ZjVjLWFlM2MtYTRmMDhkYmI4NWE1
LzEvbXlBTkRuclR6dmNpT0xVV1RFc3MzZUk2YWg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDAYIKwYBBQUHAQcBAf8EgfwwgfkwgecEAgABMIHgAwQD
BZC4AwQCJZxgAwQCJZyUAwQCJZyoAwQCJZzQAwQDLv9QAwQAVmgGAwQAVmjlAwQA
VmkIAwQAVmmzAwQAWSHoAwQAWSIGAwQAWSdcAwQEWSfgAwQAWSrmAwQAWSzOAwQD
WS0YAwQAWS1fAwQCWS3YAwQBWS8gAwQAXXFZAwQBXXOqAwQAXXYlAwQBXrESAwQA
XrGXAwQAsN+kAwQCuVKoAwQEvNFQAwQAvNLvAwQAvNSZAwQCvNcsAwQAvNdBMAwD
BAC81/cDBAC81/gDBAG88QQDBAG88b4DBAXDPqAwDQQCAAIwBwMFAyoCINgwDQYJ
KoZIhvcNAQELBQADggEBAEYqclfl0MHV6pUpjtq0+82f+h8vPTjGcAZo0J3OF6OI
tkWEQWzhqPnbbxz68HNWrk639/8/5mSYwP/pUYv3L+boNKU8SnabLoO8y6PSXYz1
f3fSoIBxTepK5XsOx4DhL0pAm7OZqX+qFGWu635NuJtZ8lxe8QEIYCTGniZEljbh
qTPsfxT52QI9L91OxyKT16zVDOmmWkiE4go9/gW9ewu1imtYCHHU42QbU32nzpNE
xIcc6vmrjWmiyseC+Y3wOA6X/5ydzVEZbxfk+Ii3pmB2YFvQgZ0GeIOmIhn/niDb
8r43GgL8iWSEya28otuVMQtpAXFwAiIlzuirb136ltM=
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:18:07 2025 by rpki-client