Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/NXK34y2TaeQVZ6jAkCgeyOiZWlE.roa
File: NXK34y2TaeQVZ6jAkCgeyOiZWlE.roa (raw, json)
Hash identifier: qXISZrTYY8PqL4Qh8biFRRnFsiZBmyen76GRf2XQYD4=
Subject key identifier: 35:72:B7:E3:2D:93:69:E4:15:67:A8:C0:90:28:1E:C8:E8:99:5A:51
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 019E00EBA1F87EA74000DBA9EE43C2CFF7A3
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/NXK34y2TaeQVZ6jAkCgeyOiZWlE.roa
Signing time: Thu 07 May 2026 05:31:42 +0000
ROA not before: Thu 07 May 2026 05:31:42 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212238
IP address blocks: 178.253.226.0/24 maxlen: 24
188.255.196.0/24 maxlen: 24
188.255.230.0/24 maxlen: 24
212.69.9.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.mft
rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:00:eb:a1:f8:7e:a7:40:00:db:a9:ee:43:c2:cf:f7:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: May 7 05:31:42 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3572b7e32d9369e41567a8c090281ec8e8995a51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:fe:9b:76:71:a9:90:6f:a3:2c:7a:45:8c:01:
36:3b:e7:1a:a1:80:49:a4:2b:e6:dd:47:2d:32:13:
b3:fe:b6:02:a3:6c:20:00:79:15:ce:e5:2e:cf:9b:
9a:c0:b3:37:f3:5a:e6:13:d8:60:a2:78:ac:34:c7:
19:34:94:7a:8f:c1:c0:40:4d:2b:20:64:03:d5:09:
c2:b2:5a:4f:6d:58:2e:5f:ff:16:a8:80:91:9b:03:
ec:7e:09:01:f5:4b:73:b1:96:f4:4b:37:80:91:41:
04:c0:57:b5:30:ca:4b:1b:dc:6b:fd:44:ab:89:66:
f3:e7:de:25:ec:13:9d:a6:fb:95:38:d0:41:a7:78:
9e:ab:41:34:2c:7b:72:8b:d9:3e:b8:c9:7c:62:e6:
c6:4e:62:ca:6e:d7:3c:1b:3f:d1:24:5f:39:c2:66:
8e:10:c4:a5:ec:14:06:bc:c2:0f:f6:a0:09:f5:00:
6b:9a:bf:fe:9a:8b:60:2f:d6:51:5a:c6:2e:84:cd:
ef:54:63:15:50:05:96:e0:21:6b:44:aa:b2:95:48:
86:0f:39:e4:0d:96:17:2b:85:a0:90:b2:5e:7f:e6:
1e:af:e3:b9:a2:d4:76:a6:50:33:af:e7:b8:fe:59:
84:79:d3:8a:c9:05:d6:27:93:e1:64:04:77:45:53:
1d:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:72:B7:E3:2D:93:69:E4:15:67:A8:C0:90:28:1E:C8:E8:99:5A:51
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/NXK34y2TaeQVZ6jAkCgeyOiZWlE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.253.226.0/24
188.255.196.0/24
188.255.230.0/24
212.69.9.0/24
Signature Algorithm: sha256WithRSAEncryption
28:ef:b1:b2:61:e3:06:2f:68:e6:ad:69:14:39:6c:c6:ea:51:
7f:bd:dd:dd:6a:14:b6:aa:0f:11:ab:21:1a:21:a4:59:64:ea:
86:ab:49:26:26:c2:2f:8b:1c:a6:96:93:74:7c:c2:91:e6:82:
04:7a:74:60:b0:d6:b7:9c:b5:76:e5:c3:91:b9:ec:52:4b:3e:
d6:c3:08:78:fd:ee:3a:77:0f:ae:42:e9:5a:19:43:86:c6:20:
6e:ee:1a:45:50:e6:e4:32:99:35:08:8d:93:8b:4d:ea:a7:12:
9d:27:2e:60:81:b5:7e:11:23:bb:c9:b7:76:42:f7:e2:9c:5c:
c2:f8:34:4f:9a:9b:73:ec:e0:9a:25:47:46:6f:9d:3b:fc:cd:
08:21:5b:3f:ee:00:7d:48:1d:88:86:1f:52:4a:53:5c:7c:b5:
f9:a8:93:c9:28:c7:a6:49:68:e8:bb:1b:62:03:2e:c9:ec:4e:
93:8d:f1:a0:41:9f:71:c9:a0:60:b3:98:90:dd:1b:c9:7a:b7:
31:78:b9:3b:67:68:1f:88:17:b9:5b:4c:49:3e:4f:dd:3c:f4:
0a:08:d1:f1:db:31:fa:86:e9:07:9f:eb:ff:f1:d0:7f:8d:da:
d4:05:0d:4e:3c:d2:82:a9:29:9d:7e:c6:9b:2f:97:d0:d5:d7:
f4:5a:1f:25
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ4A66H4fqdAANup7kPCz/ejMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjYwNTA3MDUzMTQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTcyYjdlMzJkOTM2OWU0MTU2N2E4YzA5MDI4MWVjOGU4OTk1YTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1v6bdnGpkG+jLHpFjAE2O+caoYBJ
pCvm3UctMhOz/rYCo2wgAHkVzuUuz5uawLM381rmE9hgonisNMcZNJR6j8HAQE0r
IGQD1QnCslpPbVguX/8WqICRmwPsfgkB9UtzsZb0SzeAkUEEwFe1MMpLG9xr/USr
iWbz594l7BOdpvuVONBBp3ieq0E0LHtyi9k+uMl8YubGTmLKbtc8Gz/RJF85wmaO
EMSl7BQGvMIP9qAJ9QBrmr/+motgL9ZRWsYuhM3vVGMVUAWW4CFrRKqylUiGDznk
DZYXK4WgkLJef+Yer+O5otR2plAzr+e4/lmEedOKyQXWJ5PhZAR3RVMd+wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDVyt+Mtk2nkFWeowJAoHsjomVpRMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvTlhLMzR5MlRhZVFWWjZqQWtDZ2V5T2laV2xFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAsv3iAwQA
vP/EAwQAvP/mAwQA1EUJMA0GCSqGSIb3DQEBCwUAA4IBAQAo77GyYeMGL2jmrWkU
OWzG6lF/vd3dahS2qg8RqyEaIaRZZOqGq0kmJsIvixymlpN0fMKR5oIEenRgsNa3
nLV25cORuexSSz7Wwwh4/e46dw+uQulaGUOGxiBu7hpFUObkMpk1CI2Ti03qpxKd
Jy5ggbV+ESO7ybd2QvfinFzC+DRPmptz7OCaJUdGb507/M0IIVs/7gB9SB2Ihh9S
SlNcfLX5qJPJKMemSWjouxtiAy7J7E6TjfGgQZ9xyaBgs5iQ3RvJercxeLk7Z2gf
iBe5W0xJPk/dPPQKCNHx2zH6hukHn+v/8dB/jdrUBQ1OPNKCqSmdfsabL5fQ1df0
Wh8l
-----END CERTIFICATE-----
Generated at Wed May 13 05:43:10 2026 by rpki-client