Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/e62f95-abbd-430d-8160-04ac17881aa9/1/NfkSPmJpEQJhCXddP4ipZuAAZJM.roa
File: NfkSPmJpEQJhCXddP4ipZuAAZJM.roa (raw, json)
Hash identifier: XW0Z216+kMxDN1BtmMVO8Q0lsPdkLWE2cDPZy53bZ5M=
Subject key identifier: 35:F9:12:3E:62:69:11:02:61:09:77:5D:3F:88:A9:66:E0:00:64:93
Certificate issuer: /CN=844969780141824cd0acbfa5a784611eeb0a7ddb
Certificate serial: 0198987FB34B9C5CDCA691CA1D340AAB83C5
Authority key identifier: 84:49:69:78:01:41:82:4C:D0:AC:BF:A5:A7:84:61:1E:EB:0A:7D:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hElpeAFBgkzQrL-lp4RhHusKfds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/e62f95-abbd-430d-8160-04ac17881aa9/1/NfkSPmJpEQJhCXddP4ipZuAAZJM.roa
Signing time: Mon 11 Aug 2025 09:39:22 +0000
ROA not before: Mon 11 Aug 2025 09:39:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202561
IP address blocks: 188.125.161.0/24 maxlen: 24
188.125.167.0/24 maxlen: 24
188.125.169.0/24 maxlen: 24
195.62.50.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/e62f95-abbd-430d-8160-04ac17881aa9/1/hElpeAFBgkzQrL-lp4RhHusKfds.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/e62f95-abbd-430d-8160-04ac17881aa9/1/hElpeAFBgkzQrL-lp4RhHusKfds.mft
rsync://rpki.ripe.net/repository/DEFAULT/hElpeAFBgkzQrL-lp4RhHusKfds.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 17:19:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:98:7f:b3:4b:9c:5c:dc:a6:91:ca:1d:34:0a:ab:83:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=844969780141824cd0acbfa5a784611eeb0a7ddb
Validity
Not Before: Aug 11 09:39:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=35f9123e626911026109775d3f88a966e0006493
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:f4:3d:8a:9e:29:9f:cb:16:3a:15:35:b2:4f:
34:87:24:e4:e5:97:fb:08:8d:60:d1:28:38:9f:07:
2b:cb:50:45:d7:0b:1c:52:01:dd:61:42:d5:73:9f:
7f:56:15:fd:8f:69:91:af:f4:44:9d:99:ba:7c:51:
14:0c:c3:8c:75:c3:32:d7:75:28:79:e0:da:7a:a8:
43:b0:9d:fb:8d:af:70:ab:41:3f:70:52:d8:44:37:
37:ea:a1:a6:51:29:c8:90:28:93:c3:3b:3c:49:71:
fa:33:26:87:77:2c:59:5f:09:66:ca:eb:46:bf:f7:
bd:c1:bc:b5:bb:cf:56:3a:88:70:c7:87:cd:de:45:
1c:25:9f:b8:98:d3:68:ad:78:ba:a6:85:5a:f4:11:
98:2d:e8:de:85:33:fa:21:37:d9:d2:5a:cc:e1:5a:
f0:7d:b3:12:d8:70:08:b8:bd:6d:b0:ca:59:8b:99:
f6:64:3a:af:1d:13:ea:25:25:d9:d3:c9:93:25:a8:
27:9a:53:79:67:db:68:51:3f:2b:d2:0b:65:70:47:
3c:77:b8:a2:df:b3:55:6e:67:b7:4c:e3:77:c9:43:
84:a0:fb:fe:74:fa:34:f9:08:8f:1c:36:b5:a5:db:
4a:c0:ac:56:c0:4d:78:80:65:87:a7:55:29:f9:a5:
53:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:F9:12:3E:62:69:11:02:61:09:77:5D:3F:88:A9:66:E0:00:64:93
X509v3 Authority Key Identifier:
keyid:84:49:69:78:01:41:82:4C:D0:AC:BF:A5:A7:84:61:1E:EB:0A:7D:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hElpeAFBgkzQrL-lp4RhHusKfds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/e62f95-abbd-430d-8160-04ac17881aa9/1/NfkSPmJpEQJhCXddP4ipZuAAZJM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/e62f95-abbd-430d-8160-04ac17881aa9/1/hElpeAFBgkzQrL-lp4RhHusKfds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.125.161.0/24
188.125.167.0/24
188.125.169.0/24
195.62.50.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:63:2e:64:18:69:24:cc:81:7a:a3:03:81:6a:9c:cc:42:25:
06:aa:f8:c9:67:a7:3b:d3:88:e7:00:db:af:0e:e0:0a:69:d2:
ab:ff:85:6f:51:61:8c:81:6a:d1:d2:79:f3:c7:75:67:aa:b5:
51:eb:4a:b3:c1:34:e3:11:fb:6e:3b:be:2a:42:f4:8b:52:bc:
25:33:53:77:a9:73:53:95:de:1d:09:93:19:bd:8e:c6:b9:93:
3a:6b:df:bf:20:51:7c:03:77:19:96:c0:69:41:31:3a:d2:74:
99:a9:c5:53:ba:97:9c:42:a3:01:fa:ef:c4:cd:48:6c:1d:09:
74:03:b0:52:84:7d:71:d8:2d:51:36:38:59:28:5d:77:21:36:
1d:c4:79:8d:0b:db:24:6f:ea:01:02:8d:e3:ed:77:ea:6b:66:
79:26:1a:44:7d:f2:b0:f2:ea:e0:55:fd:ee:03:60:21:df:18:
e9:1b:04:05:61:29:0d:5c:22:a2:d7:29:bd:7f:61:6e:5c:ea:
82:8b:28:97:f1:8b:97:48:cd:ff:88:53:14:26:7c:64:32:d0:
85:66:94:13:ab:39:1a:48:af:3f:4f:79:5e:19:7d:08:c9:69:
8d:81:e7:be:7d:06:b8:0d:fd:6c:fb:33:f8:6e:07:4c:87:73:
98:79:1f:78
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZiYf7NLnFzcppHKHTQKq4PFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NDk2OTc4MDE0MTgyNGNkMGFjYmZhNWE3ODQ2MTFlZWIw
YTdkZGIwHhcNMjUwODExMDkzOTIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWY5MTIzZTYyNjkxMTAyNjEwOTc3NWQzZjg4YTk2NmUwMDA2NDkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/Q9ip4pn8sWOhU1sk80hyTk5Zf7
CI1g0Sg4nwcry1BF1wscUgHdYULVc59/VhX9j2mRr/REnZm6fFEUDMOMdcMy13Uo
eeDaeqhDsJ37ja9wq0E/cFLYRDc36qGmUSnIkCiTwzs8SXH6MyaHdyxZXwlmyutG
v/e9wby1u89WOohwx4fN3kUcJZ+4mNNorXi6poVa9BGYLejehTP6ITfZ0lrM4Vrw
fbMS2HAIuL1tsMpZi5n2ZDqvHRPqJSXZ08mTJagnmlN5Z9toUT8r0gtlcEc8d7ii
37NVbme3TON3yUOEoPv+dPo0+QiPHDa1pdtKwKxWwE14gGWHp1Up+aVTpwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDX5Ej5iaRECYQl3XT+IqWbgAGSTMB8GA1UdIwQY
MBaAFIRJaXgBQYJM0Ky/paeEYR7rCn3bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEVscGVBRkJna3pRckwtbHA0UmhIdXNLZmRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9lNjJmOTUtYWJiZC00MzBkLTgxNjAt
MDRhYzE3ODgxYWE5LzEvTmZrU1BtSnBFUUpoQ1hkZFA0aXBadUFBWkpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9lNjJmOTUtYWJiZC00MzBkLTgxNjAtMDRhYzE3ODgxYWE5
LzEvaEVscGVBRkJna3pRckwtbHA0UmhIdXNLZmRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAvH2hAwQA
vH2nAwQAvH2pAwQAwz4yMA0GCSqGSIb3DQEBCwUAA4IBAQA9Yy5kGGkkzIF6owOB
apzMQiUGqvjJZ6c704jnANuvDuAKadKr/4VvUWGMgWrR0nnzx3VnqrVR60qzwTTj
EftuO74qQvSLUrwlM1N3qXNTld4dCZMZvY7GuZM6a9+/IFF8A3cZlsBpQTE60nSZ
qcVTupecQqMB+u/EzUhsHQl0A7BShH1x2C1RNjhZKF13ITYdxHmNC9skb+oBAo3j
7Xfqa2Z5JhpEffKw8urgVf3uA2Ah3xjpGwQFYSkNXCKi1ym9f2FuXOqCiyiX8YuX
SM3/iFMUJnxkMtCFZpQTqzkaSK8/T3leGX0IyWmNgee+fQa4Df1s+zP4bgdMh3OY
eR94
-----END CERTIFICATE-----
Generated at Sun Aug 24 02:29:15 2025 by rpki-client