Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/nqKarluaIBxurSOLKoj0fda_I6o.roa
File: nqKarluaIBxurSOLKoj0fda_I6o.roa (raw, json)
Hash identifier: 0igWebpYrmPU5dIZIocnzzs4+9GsDMulHYWmTIL37ig=
Subject key identifier: 9E:A2:9A:AE:5B:9A:20:1C:6E:AD:23:8B:2A:88:F4:7D:D6:BF:23:AA
Certificate issuer: /CN=363769f8644a5a718ae62b058dd1fb62cb5a3c20
Certificate serial: 01999FF64C827E6D7D528427B67A64E9666C
Authority key identifier: 36:37:69:F8:64:4A:5A:71:8A:E6:2B:05:8D:D1:FB:62:CB:5A:3C:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Njdp-GRKWnGK5isFjdH7YstaPCA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/nqKarluaIBxurSOLKoj0fda_I6o.roa
Signing time: Wed 01 Oct 2025 13:29:02 +0000
ROA not before: Wed 01 Oct 2025 13:29:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50214
IP address blocks: 95.181.152.0/24 maxlen: 24
95.181.153.0/24 maxlen: 24
95.181.171.0/24 maxlen: 24
185.12.124.0/24 maxlen: 24
185.12.125.0/24 maxlen: 24
185.12.126.0/24 maxlen: 24
185.12.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/Njdp-GRKWnGK5isFjdH7YstaPCA.crl
rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/Njdp-GRKWnGK5isFjdH7YstaPCA.mft
rsync://rpki.ripe.net/repository/DEFAULT/Njdp-GRKWnGK5isFjdH7YstaPCA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:9f:f6:4c:82:7e:6d:7d:52:84:27:b6:7a:64:e9:66:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=363769f8644a5a718ae62b058dd1fb62cb5a3c20
Validity
Not Before: Oct 1 13:29:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9ea29aae5b9a201c6ead238b2a88f47dd6bf23aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:a1:4e:d4:2f:5f:08:30:27:a4:32:81:35:2c:
2a:bb:d4:f1:2a:7a:75:ef:9c:1f:38:bd:8c:70:a0:
ba:ee:4a:11:4e:f4:f9:fb:e1:ea:20:c7:61:fb:cc:
9c:32:92:42:38:c5:4d:3f:7d:9b:6b:13:c5:ed:a0:
70:a1:b2:67:1d:4a:7c:d7:34:e7:22:fa:e1:a9:fa:
bc:77:7f:23:b5:82:d4:c6:cc:d5:ee:8d:da:f9:97:
c6:36:9e:2d:ca:f3:33:81:ce:f7:7d:16:9e:e2:17:
92:b9:b2:c5:2b:4c:c9:e0:8b:54:a1:38:9c:7d:1c:
67:68:a9:7a:a4:86:12:f0:65:04:5d:31:d7:e7:cf:
92:70:5b:a3:e3:f9:79:6a:ab:36:f9:9f:98:9e:96:
96:9d:d3:3b:72:63:1a:2b:3e:36:42:ea:74:a8:f3:
ea:95:9d:26:bc:68:bb:36:d1:d2:d2:28:31:e4:0e:
8e:92:e7:ad:dc:a0:89:fa:1b:ac:c0:d2:ed:fe:87:
f2:b9:5c:1d:69:d9:45:5c:4b:2e:0c:62:9a:86:85:
49:c9:5c:06:01:24:8c:66:f6:78:82:e4:eb:9c:48:
2d:47:c6:0d:1b:e4:d8:5e:e2:18:67:74:c1:5f:20:
20:f5:2c:ab:76:c8:71:a0:5c:c7:12:b4:85:09:77:
ba:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:A2:9A:AE:5B:9A:20:1C:6E:AD:23:8B:2A:88:F4:7D:D6:BF:23:AA
X509v3 Authority Key Identifier:
keyid:36:37:69:F8:64:4A:5A:71:8A:E6:2B:05:8D:D1:FB:62:CB:5A:3C:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Njdp-GRKWnGK5isFjdH7YstaPCA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/nqKarluaIBxurSOLKoj0fda_I6o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/Njdp-GRKWnGK5isFjdH7YstaPCA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.181.152.0/23
95.181.171.0/24
185.12.124.0/22
Signature Algorithm: sha256WithRSAEncryption
37:81:a5:2f:a5:97:1e:8c:51:81:d6:9c:9f:15:b2:e0:c7:9c:
4e:e0:b6:86:17:d9:aa:9a:c3:ab:ed:8d:0e:c9:7f:6e:c1:af:
1e:20:c7:62:a5:fa:aa:ea:b3:23:e1:99:5c:3b:ad:1e:79:9f:
65:f4:d8:59:f4:99:04:03:0c:35:6f:7a:28:28:dc:f8:78:51:
d0:1b:b3:07:c8:59:f6:f2:4f:11:b7:17:84:61:19:cc:cc:a8:
b0:63:02:fb:1d:a0:1d:16:f2:60:5b:0a:a0:bc:6c:ca:9b:9f:
47:e8:f8:00:63:e4:07:07:ba:01:f5:50:ad:09:3c:7f:6c:35:
9f:6f:94:43:e5:c7:4b:7c:02:b3:bd:bb:97:ed:b4:0d:8a:b2:
ef:6f:69:f5:a6:79:2f:24:f5:93:f5:15:33:58:24:04:d3:2b:
a3:b0:65:69:42:0f:1d:ea:19:78:56:90:f2:40:7a:38:35:fa:
a0:42:17:d8:94:e0:82:eb:d0:0e:ed:e1:65:c3:7a:19:b8:b9:
cc:41:89:75:f2:ca:c1:ac:de:a1:ae:7d:a6:49:29:ec:8c:25:
ee:1c:0c:30:f6:ff:da:8d:ff:8f:01:27:63:99:57:fa:c7:dd:
5b:8d:18:5a:98:5b:7a:80:54:0b:04:28:21:84:2c:57:ae:82:
04:21:49:4e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZmf9kyCfm19UoQntnpk6WZsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2Mzc2OWY4NjQ0YTVhNzE4YWU2MmIwNThkZDFmYjYyY2I1
YTNjMjAwHhcNMjUxMDAxMTMyOTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWEyOWFhZTViOWEyMDFjNmVhZDIzOGIyYTg4ZjQ3ZGQ2YmYyM2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqaFO1C9fCDAnpDKBNSwqu9TxKnp1
75wfOL2McKC67koRTvT5++HqIMdh+8ycMpJCOMVNP32baxPF7aBwobJnHUp81zTn
Ivrhqfq8d38jtYLUxszV7o3a+ZfGNp4tyvMzgc73fRae4heSubLFK0zJ4ItUoTic
fRxnaKl6pIYS8GUEXTHX58+ScFuj4/l5aqs2+Z+YnpaWndM7cmMaKz42Qup0qPPq
lZ0mvGi7NtHS0igx5A6Okuet3KCJ+huswNLt/ofyuVwdadlFXEsuDGKahoVJyVwG
ASSMZvZ4guTrnEgtR8YNG+TYXuIYZ3TBXyAg9SyrdshxoFzHErSFCXe6nwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJ6imq5bmiAcbq0jiyqI9H3WvyOqMB8GA1UdIwQY
MBaAFDY3afhkSlpxiuYrBY3R+2LLWjwgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmpkcC1HUktXbkdLNWlzRmpkSDdZc3RhUENBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8wZjhmZWEtZjAwYS00NDE1LWIzOTYt
Mzk5ZmM5NjkzYjIyLzEvbnFLYXJsdWFJQnh1clNPTEtvajBmZGFfSTZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8wZjhmZWEtZjAwYS00NDE1LWIzOTYtMzk5ZmM5NjkzYjIy
LzEvTmpkcC1HUktXbkdLNWlzRmpkSDdZc3RhUENBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBX7WYAwQA
X7WrAwQCuQx8MA0GCSqGSIb3DQEBCwUAA4IBAQA3gaUvpZcejFGB1pyfFbLgx5xO
4LaGF9mqmsOr7Y0OyX9uwa8eIMdipfqq6rMj4ZlcO60eeZ9l9NhZ9JkEAww1b3oo
KNz4eFHQG7MHyFn28k8RtxeEYRnMzKiwYwL7HaAdFvJgWwqgvGzKm59H6PgAY+QH
B7oB9VCtCTx/bDWfb5RD5cdLfAKzvbuX7bQNirLvb2n1pnkvJPWT9RUzWCQE0yuj
sGVpQg8d6hl4VpDyQHo4NfqgQhfYlOCC69AO7eFlw3oZuLnMQYl18srBrN6hrn2m
SSnsjCXuHAww9v/ajf+PASdjmVf6x91bjRhamFt6gFQLBCghhCxXroIEIUlO
-----END CERTIFICATE-----
Generated at Mon Oct 20 06:12:19 2025 by rpki-client