Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/NtGG7TpxKPy6KVuYJ_YsRlPznf0.roa
File: NtGG7TpxKPy6KVuYJ_YsRlPznf0.roa (raw, json)
Hash identifier: h9sUldnph3JsPwvErMM5O4Md1UjpyrbVAOlpo+5yenM=
Subject key identifier: 36:D1:86:ED:3A:71:28:FC:BA:29:5B:98:27:F6:2C:46:53:F3:9D:FD
Certificate issuer: /CN=baa0f258eef4b2bf4bbaa8430c1e58ca8c188ea7
Certificate serial: 0199F37A8DCB4FF1E3558CB674245ACCBC00
Authority key identifier: BA:A0:F2:58:EE:F4:B2:BF:4B:BA:A8:43:0C:1E:58:CA:8C:18:8E:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/NtGG7TpxKPy6KVuYJ_YsRlPznf0.roa
Signing time: Fri 17 Oct 2025 18:41:59 +0000
ROA not before: Fri 17 Oct 2025 18:41:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204909
IP address blocks: 2a11:6540::/32 maxlen: 32
2a11:6542::/32 maxlen: 32
2a11:6582::/32 maxlen: 32
2a11:6d07::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.mft
rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:f3:7a:8d:cb:4f:f1:e3:55:8c:b6:74:24:5a:cc:bc:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=baa0f258eef4b2bf4bbaa8430c1e58ca8c188ea7
Validity
Not Before: Oct 17 18:41:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=36d186ed3a7128fcba295b9827f62c4653f39dfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:16:75:ab:c1:be:c7:be:bc:82:09:dd:d3:2e:
8d:40:80:56:08:4b:73:3c:5b:9f:52:3b:dd:64:6a:
22:40:5d:aa:92:01:73:2c:3f:48:77:72:2d:91:56:
35:99:6d:b5:f1:24:2f:74:24:6b:0e:ac:1f:c7:3a:
5d:42:4f:d1:49:67:6c:03:34:bf:8d:f9:d6:b6:f5:
cc:b1:c9:45:e3:f4:d7:54:be:6d:e1:49:ec:47:8e:
d2:35:1a:70:28:00:57:dd:3b:bb:e4:d9:cf:84:a5:
61:8a:48:b5:94:4e:93:71:22:95:b0:fc:92:45:7b:
90:ca:04:1e:de:0d:5b:60:60:37:fc:b2:0a:e1:72:
b7:9f:b3:8b:87:7e:d2:69:84:42:87:28:d4:a2:22:
5c:ad:46:2b:2f:12:56:07:26:59:f8:b2:8d:16:98:
38:14:88:92:7e:d7:b9:17:75:48:b5:30:3e:9c:ed:
e3:07:5b:51:68:4b:fa:09:e7:ee:69:1c:7b:b1:5b:
fa:a0:97:24:51:91:c1:b5:db:59:6a:d9:78:3a:d4:
66:75:a2:1d:59:fc:1d:9d:b9:e5:35:e1:26:aa:0b:
ba:9f:8a:ce:24:55:cd:57:93:3b:34:aa:32:dc:b2:
af:f6:86:d1:14:ba:2f:27:ed:2c:be:27:72:82:43:
4d:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:D1:86:ED:3A:71:28:FC:BA:29:5B:98:27:F6:2C:46:53:F3:9D:FD
X509v3 Authority Key Identifier:
keyid:BA:A0:F2:58:EE:F4:B2:BF:4B:BA:A8:43:0C:1E:58:CA:8C:18:8E:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/NtGG7TpxKPy6KVuYJ_YsRlPznf0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:6540::/32
2a11:6542::/32
2a11:6582::/32
2a11:6d07::/32
Signature Algorithm: sha256WithRSAEncryption
a3:d6:82:ff:82:c7:7e:dc:55:9b:77:9f:3e:c3:d6:3d:58:c5:
e6:f0:a1:a8:ed:4a:5f:3a:b0:40:2f:f8:d2:cd:b4:0f:fc:f6:
fe:11:6b:20:fe:f8:93:69:23:2f:7e:0f:f0:18:26:46:49:be:
1d:c7:9f:db:a1:3f:23:2a:29:cd:92:3d:e7:72:f9:dd:38:db:
22:5f:5a:a3:3d:51:ef:1e:72:d0:ab:fa:64:86:9c:bf:dc:5f:
cf:ac:1f:bc:bc:fa:41:35:3a:75:04:3b:a9:23:5d:60:dc:f1:
0f:75:e2:e5:63:27:01:c7:bb:27:d3:66:32:4a:c1:8b:fa:75:
d7:0a:24:a0:6c:e6:32:fd:59:ca:e9:29:9e:4c:67:f9:53:5e:
9a:90:35:fe:8d:0f:6f:c9:8c:1c:a5:3a:07:ed:61:61:8b:91:
2b:cd:9c:4a:4b:f8:aa:0f:ba:1f:d5:c5:9c:b7:eb:db:76:82:
02:f7:52:4c:f1:63:16:e7:01:4f:0c:5c:26:55:68:1d:34:d4:
0e:3c:cb:03:d8:f0:84:9c:b6:ff:08:bf:5f:1b:db:e0:00:71:
05:83:8c:42:fa:14:89:fc:82:c3:af:36:b4:8c:cb:5d:fd:ed:
fa:14:ad:56:94:88:9d:82:32:93:38:16:47:6d:c1:f7:4f:d5:
ad:fe:cd:f4
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZnzeo3LT/HjVYy2dCRazLwAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYTBmMjU4ZWVmNGIyYmY0YmJhYTg0MzBjMWU1OGNhOGMx
ODhlYTcwHhcNMjUxMDE3MTg0MTU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmQxODZlZDNhNzEyOGZjYmEyOTViOTgyN2Y2MmM0NjUzZjM5ZGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlhZ1q8G+x768ggnd0y6NQIBWCEtz
PFufUjvdZGoiQF2qkgFzLD9Id3ItkVY1mW218SQvdCRrDqwfxzpdQk/RSWdsAzS/
jfnWtvXMsclF4/TXVL5t4UnsR47SNRpwKABX3Tu75NnPhKVhiki1lE6TcSKVsPyS
RXuQygQe3g1bYGA3/LIK4XK3n7OLh37SaYRChyjUoiJcrUYrLxJWByZZ+LKNFpg4
FIiSfte5F3VItTA+nO3jB1tRaEv6CefuaRx7sVv6oJckUZHBtdtZatl4OtRmdaId
WfwdnbnlNeEmqgu6n4rOJFXNV5M7NKoy3LKv9obRFLovJ+0svidygkNN8QIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFDbRhu06cSj8uilbmCf2LEZT8539MB8GA1UdIwQY
MBaAFLqg8lju9LK/S7qoQwweWMqMGI6nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXFEeVdPNzBzcjlMdXFoRERCNVl5b3dZanFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS81ZTBlZTEtYzgzMy00MjQxLTk2MGEt
ZTU3NjhkNmIxODJjLzEvTnRHRzdUcHhLUHk2S1Z1WUpfWXNSbFB6bmYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS81ZTBlZTEtYzgzMy00MjQxLTk2MGEtZTU3NjhkNmIxODJj
LzEvdXFEeVdPNzBzcjlMdXFoRERCNVl5b3dZanFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUAKhFlQAMF
ACoRZUIDBQAqEWWCAwUAKhFtBzANBgkqhkiG9w0BAQsFAAOCAQEAo9aC/4LHftxV
m3efPsPWPVjF5vChqO1KXzqwQC/40s20D/z2/hFrIP74k2kjL34P8BgmRkm+Hcef
26E/IyopzZI953L53TjbIl9aoz1R7x5y0Kv6ZIacv9xfz6wfvLz6QTU6dQQ7qSNd
YNzxD3Xi5WMnAce7J9NmMkrBi/p11wokoGzmMv1Zyukpnkxn+VNempA1/o0Pb8mM
HKU6B+1hYYuRK82cSkv4qg+6H9XFnLfr23aCAvdSTPFjFucBTwxcJlVoHTTUDjzL
A9jwhJy2/wi/Xxvb4ABxBYOMQvoUifyCw682tIzLXf3t+hStVpSInYIykzgWR23B
90/Vrf7N9A==
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:43:12 2025 by rpki-client