Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NLkOwJ0HmcUpvjaaCfuKbwv3TYw.roa
File: NLkOwJ0HmcUpvjaaCfuKbwv3TYw.roa (raw, json)
Hash identifier: B2Uulfo1QIolDCD4U+lno53ILX+prTT/G34KahI6yFA=
Subject key identifier: 34:B9:0E:C0:9D:07:99:C5:29:BE:36:9A:09:FB:8A:6F:0B:F7:4D:8C
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 019D1A3C4214FA68AFA72F6A90F880AACAD3
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NLkOwJ0HmcUpvjaaCfuKbwv3TYw.roa
Signing time: Mon 23 Mar 2026 10:27:29 +0000
ROA not before: Mon 23 Mar 2026 10:27:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 199967
IP address blocks: 77.36.62.0/24 maxlen: 24
91.246.192.0/24 maxlen: 24
91.246.193.0/24 maxlen: 24
91.246.194.0/24 maxlen: 24
91.246.195.0/24 maxlen: 24
93.120.112.0/24 maxlen: 24
93.120.113.0/24 maxlen: 24
93.120.114.0/24 maxlen: 24
93.120.115.0/24 maxlen: 24
93.120.116.0/24 maxlen: 24
93.120.117.0/24 maxlen: 24
93.120.118.0/24 maxlen: 24
93.120.119.0/24 maxlen: 24
176.96.94.0/24 maxlen: 24
176.113.180.0/24 maxlen: 24
176.113.181.0/24 maxlen: 24
176.113.182.0/24 maxlen: 24
176.113.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.mft
rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:1a:3c:42:14:fa:68:af:a7:2f:6a:90:f8:80:aa:ca:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Mar 23 10:27:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=34b90ec09d0799c529be369a09fb8a6f0bf74d8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:76:0b:0a:16:fd:ae:2c:eb:60:cc:80:94:96:
40:6a:05:12:89:29:d9:92:47:c8:ee:db:aa:dd:4a:
ba:be:8b:bf:1f:51:31:66:66:f7:73:7a:a1:a1:83:
81:ce:a6:68:bd:83:91:a1:87:c6:60:c8:bc:cc:d9:
42:48:7e:b9:a0:29:49:76:1c:fb:f6:3e:f6:d8:7e:
a4:ad:b8:ab:a4:65:d7:8b:94:92:da:8b:6b:3a:fb:
28:be:d6:30:17:e3:f9:44:c8:eb:e2:11:a2:eb:19:
0b:a2:ae:7e:ee:8c:f1:2f:c0:39:dd:12:70:4d:51:
44:51:37:74:de:69:e7:9c:b2:02:a7:b2:27:7d:54:
2c:3e:4c:91:6a:b8:15:e6:a4:59:29:00:87:b3:a4:
f6:e1:75:66:ab:51:e6:9b:89:26:e3:13:b4:9e:f9:
ec:5f:0a:1b:f8:e1:56:5d:dc:40:8d:26:63:43:53:
3c:8d:bf:c7:fe:f1:2c:9f:6a:7a:b1:5d:85:13:22:
d2:d0:10:ea:2c:89:06:84:4c:a2:00:5f:45:dc:6c:
79:24:c7:3e:19:0e:36:31:29:3d:90:ab:08:52:5f:
ec:57:42:ab:53:ab:42:59:d5:8c:2e:97:12:3c:bd:
7b:ed:6a:ee:86:e2:10:49:7b:6b:1d:b9:8d:c3:f6:
49:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:B9:0E:C0:9D:07:99:C5:29:BE:36:9A:09:FB:8A:6F:0B:F7:4D:8C
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NLkOwJ0HmcUpvjaaCfuKbwv3TYw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.36.62.0/24
91.246.192.0/22
93.120.112.0/21
176.96.94.0/24
176.113.180.0/22
Signature Algorithm: sha256WithRSAEncryption
22:3c:19:b4:55:7a:a2:d2:d2:3e:ce:f9:62:c8:5c:f9:64:13:
c7:db:62:e8:e4:23:b2:eb:72:27:56:e2:f8:dc:88:dc:5d:3b:
56:d3:cc:cf:a1:3d:2d:aa:c0:ad:62:33:0f:62:20:d7:79:40:
74:8c:52:e5:a7:ef:c3:94:04:15:ac:50:78:47:50:a3:29:a3:
b3:d1:23:50:cf:1a:e7:38:1b:4f:e0:f6:85:68:6c:ca:f3:6e:
85:81:6c:ce:39:06:fc:8d:14:5f:76:c0:b5:eb:a9:93:97:38:
90:94:52:1d:98:26:a1:fb:52:cc:ce:21:cb:f1:7e:05:25:4c:
26:9f:af:05:b4:d9:e2:86:c1:4b:80:b5:35:f4:b9:20:64:0c:
01:d1:91:ec:18:01:0a:56:2a:00:06:b0:18:89:fb:4a:50:04:
6d:12:d9:9f:0b:89:5c:f1:fb:6f:3e:c2:09:65:0e:3f:63:c5:
e9:58:01:9d:d5:7a:b7:e5:06:9b:45:08:ab:e9:b7:16:0a:e0:
04:78:15:c7:91:76:34:bd:46:ff:c4:e8:eb:8e:9d:bf:d8:24:
83:c5:2e:ef:5c:cd:e4:4e:b2:a3:d5:41:ec:fc:14:8e:9a:73:
52:40:6f:88:93:e7:e3:2b:64:81:6c:4e:99:31:e8:55:12:e0:
bd:78:81:8d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ0aPEIU+mivpy9qkPiAqsrTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjYwMzIzMTAyNzI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGI5MGVjMDlkMDc5OWM1MjliZTM2OWEwOWZiOGE2ZjBiZjc0ZDhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsXYLChb9rizrYMyAlJZAagUSiSnZ
kkfI7tuq3Uq6vou/H1ExZmb3c3qhoYOBzqZovYORoYfGYMi8zNlCSH65oClJdhz7
9j722H6krbirpGXXi5SS2otrOvsovtYwF+P5RMjr4hGi6xkLoq5+7ozxL8A53RJw
TVFEUTd03mnnnLICp7InfVQsPkyRargV5qRZKQCHs6T24XVmq1Hmm4km4xO0nvns
Xwob+OFWXdxAjSZjQ1M8jb/H/vEsn2p6sV2FEyLS0BDqLIkGhEyiAF9F3Gx5JMc+
GQ42MSk9kKsIUl/sV0KrU6tCWdWMLpcSPL177WruhuIQSXtrHbmNw/ZJ6wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDS5DsCdB5nFKb42mgn7im8L902MMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvTkxrT3dKMEhtY1VwdmphYUNmdUtid3YzVFl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQATSQ+AwQC
W/bAAwQDXXhwAwQAsGBeAwQCsHG0MA0GCSqGSIb3DQEBCwUAA4IBAQAiPBm0VXqi
0tI+zvliyFz5ZBPH22Lo5COy63InVuL43IjcXTtW08zPoT0tqsCtYjMPYiDXeUB0
jFLlp+/DlAQVrFB4R1CjKaOz0SNQzxrnOBtP4PaFaGzK826FgWzOOQb8jRRfdsC1
66mTlziQlFIdmCah+1LMziHL8X4FJUwmn68FtNnihsFLgLU19LkgZAwB0ZHsGAEK
VioABrAYiftKUARtEtmfC4lc8ftvPsIJZQ4/Y8XpWAGd1Xq35QabRQir6bcWCuAE
eBXHkXY0vUb/xOjrjp2/2CSDxS7vXM3kTrKj1UHs/BSOmnNSQG+Ik+fjK2SBbE6Z
MehVEuC9eIGN
-----END CERTIFICATE-----
Generated at Thu Mar 26 15:59:38 2026 by rpki-client