Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/60e8fa-ec5c-4594-9ec4-be7a1a001ccf/1/nPf6vPs81jX8tCyyvpUwSrOy0dE.roa
File: nPf6vPs81jX8tCyyvpUwSrOy0dE.roa (raw, json)
Hash identifier: y2CFPQ3qkO9mevFesEexkErie9IwGC/QLDLpCaVtX1k=
Subject key identifier: 9C:F7:FA:BC:FB:3C:D6:35:FC:B4:2C:B2:BE:95:30:4A:B3:B2:D1:D1
Certificate issuer: /CN=845c2379efed10056cf865d52c32e1e1eba8c140
Certificate serial: 0199608E52213FA50187051BFE14AD90AE5D
Authority key identifier: 84:5C:23:79:EF:ED:10:05:6C:F8:65:D5:2C:32:E1:E1:EB:A8:C1:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hFwjee_tEAVs-GXVLDLh4euowUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/60e8fa-ec5c-4594-9ec4-be7a1a001ccf/1/nPf6vPs81jX8tCyyvpUwSrOy0dE.roa
Signing time: Fri 19 Sep 2025 05:59:23 +0000
ROA not before: Fri 19 Sep 2025 05:59:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209061
IP address blocks: 84.21.180.0/22 maxlen: 24
212.40.64.0/22 maxlen: 24
212.40.68.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/60e8fa-ec5c-4594-9ec4-be7a1a001ccf/1/hFwjee_tEAVs-GXVLDLh4euowUA.crl
rsync://rpki.ripe.net/repository/DEFAULT/39/60e8fa-ec5c-4594-9ec4-be7a1a001ccf/1/hFwjee_tEAVs-GXVLDLh4euowUA.mft
rsync://rpki.ripe.net/repository/DEFAULT/hFwjee_tEAVs-GXVLDLh4euowUA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:60:8e:52:21:3f:a5:01:87:05:1b:fe:14:ad:90:ae:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=845c2379efed10056cf865d52c32e1e1eba8c140
Validity
Not Before: Sep 19 05:59:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9cf7fabcfb3cd635fcb42cb2be95304ab3b2d1d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:7a:ff:dc:72:60:ec:8b:21:05:01:4b:07:54:
25:ec:cb:9b:ff:29:8d:b1:67:1d:b8:4c:44:a1:d1:
f4:d5:bc:59:f2:ad:b5:4c:a8:b5:fe:35:d1:4d:ce:
cb:c1:ac:62:27:21:8b:8f:09:00:64:6c:dc:40:09:
8f:c0:b9:ac:e0:70:f6:f0:18:a8:d6:93:a2:5e:83:
94:ea:ee:54:1f:f1:f2:aa:69:d2:ae:57:66:a1:fa:
74:b7:9a:f4:a2:3d:e7:d7:f9:be:c1:e5:c4:a3:ed:
99:2d:75:a9:52:d3:fe:0d:c4:ba:0b:50:b6:7a:6e:
aa:d9:fd:ec:e5:d5:26:ac:eb:48:78:30:1b:ee:43:
53:ee:d8:49:3f:f7:3a:f8:ce:a2:35:02:97:12:d7:
af:3e:1d:c8:44:1c:39:b5:74:7d:7e:aa:47:20:de:
05:4b:ea:d2:33:d3:60:20:cf:8b:0f:af:ff:8a:86:
b2:25:f9:61:19:cf:bc:06:fc:aa:8a:1a:5a:a0:11:
fc:d6:ed:54:f1:75:16:9d:3d:7a:2a:b6:88:4f:94:
70:64:1b:ef:64:e2:fc:04:e0:f1:12:62:17:c6:d7:
a0:94:c6:1b:8f:af:2c:16:e1:72:c1:ea:43:b5:50:
7a:c7:d1:69:87:df:04:13:de:8a:50:77:e4:2a:8a:
2c:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:F7:FA:BC:FB:3C:D6:35:FC:B4:2C:B2:BE:95:30:4A:B3:B2:D1:D1
X509v3 Authority Key Identifier:
keyid:84:5C:23:79:EF:ED:10:05:6C:F8:65:D5:2C:32:E1:E1:EB:A8:C1:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hFwjee_tEAVs-GXVLDLh4euowUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/60e8fa-ec5c-4594-9ec4-be7a1a001ccf/1/nPf6vPs81jX8tCyyvpUwSrOy0dE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/60e8fa-ec5c-4594-9ec4-be7a1a001ccf/1/hFwjee_tEAVs-GXVLDLh4euowUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.21.180.0/22
212.40.64.0-212.40.69.255
Signature Algorithm: sha256WithRSAEncryption
24:08:b1:5b:85:cd:d4:67:41:7a:b4:91:73:78:8e:a0:5f:4d:
e5:8c:9f:38:a5:f7:08:26:ef:5e:9f:07:a7:a4:71:49:49:f8:
ee:f1:2d:74:f1:d6:b5:8e:2a:29:09:e0:40:d2:47:7e:90:35:
c6:f6:05:bf:ca:76:2e:b4:ab:20:47:53:90:04:5e:39:7c:7d:
14:4d:e7:20:95:df:78:bc:df:76:38:af:4a:da:41:7f:63:bd:
17:1e:0d:08:d6:f1:13:0a:da:27:cc:27:0c:3d:a4:78:c4:81:
d1:fe:6a:45:07:f9:03:9a:42:f2:a0:ea:9e:b5:40:e2:c6:66:
d2:21:7d:d0:c7:87:49:32:1f:36:9a:1d:9c:53:c0:6c:e9:f6:
1b:43:9b:f7:0c:3e:02:0a:6d:cc:9a:c5:88:ee:e2:e4:08:97:
a2:eb:77:48:54:3f:9a:5c:20:ec:26:86:74:81:8f:71:ea:d3:
95:84:4c:b5:93:06:89:17:43:1a:3c:ce:28:b8:49:b0:8f:92:
bf:62:cb:4d:a0:21:db:fc:cb:68:de:66:6f:06:74:12:db:fd:
b2:07:bd:7f:d0:5c:6a:24:9f:cc:d9:48:b3:1d:a1:40:6b:9f:
fd:4a:83:8d:e2:ef:39:e0:2b:81:7d:1b:4c:84:cc:1c:e5:ca:
4b:b9:88:4e
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZlgjlIhP6UBhwUb/hStkK5dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NWMyMzc5ZWZlZDEwMDU2Y2Y4NjVkNTJjMzJlMWUxZWJh
OGMxNDAwHhcNMjUwOTE5MDU1OTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2Y3ZmFiY2ZiM2NkNjM1ZmNiNDJjYjJiZTk1MzA0YWIzYjJkMWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3r/3HJg7IshBQFLB1Ql7Mub/ymN
sWcduExEodH01bxZ8q21TKi1/jXRTc7LwaxiJyGLjwkAZGzcQAmPwLms4HD28Bio
1pOiXoOU6u5UH/HyqmnSrldmofp0t5r0oj3n1/m+weXEo+2ZLXWpUtP+DcS6C1C2
em6q2f3s5dUmrOtIeDAb7kNT7thJP/c6+M6iNQKXEtevPh3IRBw5tXR9fqpHIN4F
S+rSM9NgIM+LD6//ioayJflhGc+8BvyqihpaoBH81u1U8XUWnT16KraIT5RwZBvv
ZOL8BODxEmIXxteglMYbj68sFuFywepDtVB6x9Fph98EE96KUHfkKoossQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJz3+rz7PNY1/LQssr6VMEqzstHRMB8GA1UdIwQY
MBaAFIRcI3nv7RAFbPhl1Swy4eHrqMFAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEZ3amVlX3RFQVZzLUdYVkxETGg0ZXVvd1VBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS82MGU4ZmEtZWM1Yy00NTk0LTllYzQt
YmU3YTFhMDAxY2NmLzEvblBmNnZQczgxalg4dEN5eXZwVXdTck95MGRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS82MGU4ZmEtZWM1Yy00NTk0LTllYzQtYmU3YTFhMDAxY2Nm
LzEvaEZ3amVlX3RFQVZzLUdYVkxETGg0ZXVvd1VBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCVBW0MAwD
BAbUKEADBAHUKEQwDQYJKoZIhvcNAQELBQADggEBACQIsVuFzdRnQXq0kXN4jqBf
TeWMnzil9wgm716fB6ekcUlJ+O7xLXTx1rWOKikJ4EDSR36QNcb2Bb/Kdi60qyBH
U5AEXjl8fRRN5yCV33i833Y4r0raQX9jvRceDQjW8RMK2ifMJww9pHjEgdH+akUH
+QOaQvKg6p61QOLGZtIhfdDHh0kyHzaaHZxTwGzp9htDm/cMPgIKbcyaxYju4uQI
l6Lrd0hUP5pcIOwmhnSBj3Hq05WETLWTBokXQxo8zii4SbCPkr9iy02gIdv8y2je
Zm8GdBLb/bIHvX/QXGokn8zZSLMdoUBrn/1Kg43i7zngK4F9G0yEzBzlyku5iE4=
-----END CERTIFICATE-----
Generated at Mon Oct 20 02:05:16 2025 by rpki-client