Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/nXybJsFL4j5LMPPKi8QoIMg_Sj0.roa
File: nXybJsFL4j5LMPPKi8QoIMg_Sj0.roa (raw, json)
Hash identifier: GakzKhW3+IghhsdVP7qvmniDLOx3RIlModwIj2icuec=
Subject key identifier: 9D:7C:9B:26:C1:4B:E2:3E:4B:30:F3:CA:8B:C4:28:20:C8:3F:4A:3D
Certificate issuer: /CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce
Certificate serial: 01992F85816F18164168D55D6A8A38003617
Authority key identifier: 2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/nXybJsFL4j5LMPPKi8QoIMg_Sj0.roa
Signing time: Tue 09 Sep 2025 17:28:22 +0000
ROA not before: Tue 09 Sep 2025 17:28:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214238
IP address blocks: 170.168.56.0/24 maxlen: 24
170.168.108.0/24 maxlen: 24
170.168.157.0/24 maxlen: 24
170.168.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.mft
rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:2f:85:81:6f:18:16:41:68:d5:5d:6a:8a:38:00:36:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce
Validity
Not Before: Sep 9 17:28:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9d7c9b26c14be23e4b30f3ca8bc42820c83f4a3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:8a:2b:ad:97:e6:97:46:6c:c1:90:15:f9:73:
82:90:37:0e:da:99:27:af:1c:92:1f:8f:7f:ee:1c:
fb:ef:25:2e:6b:98:ef:01:5b:76:df:61:24:ad:a9:
1c:df:ec:6b:34:17:44:9e:9c:de:f2:dd:da:da:ef:
b4:66:f0:5c:ce:c8:ed:b0:b1:4e:53:c4:e9:ac:c2:
2f:0b:f8:88:3a:8d:3c:61:a8:12:d0:14:36:4a:4e:
04:fd:92:71:e5:d9:d5:ba:f8:00:37:de:3e:fa:e2:
14:95:63:f8:ef:e4:9b:b7:fc:ec:2a:2f:93:7c:1f:
7e:14:89:ef:5a:e3:7a:ce:6d:d1:1b:1c:93:ae:15:
70:03:6f:7c:24:b4:6f:19:fd:4e:48:5d:eb:2b:ac:
5c:98:35:75:b3:d7:8b:e7:56:0b:04:b8:b7:d0:58:
15:a3:65:80:96:0a:b4:7e:32:b2:1e:ad:78:6f:ff:
6b:03:98:e6:79:b0:ee:22:69:20:9b:d9:2b:49:12:
d0:f9:9a:1c:40:9d:a7:75:a7:9d:fe:76:76:1d:ac:
07:45:97:1f:46:6e:95:47:b4:2b:df:37:c2:ee:f2:
36:3c:b9:70:53:a0:62:a9:87:57:4e:bc:d5:a7:85:
e7:16:1b:e3:49:a4:4c:c8:a1:fe:0c:17:18:33:98:
c6:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:7C:9B:26:C1:4B:E2:3E:4B:30:F3:CA:8B:C4:28:20:C8:3F:4A:3D
X509v3 Authority Key Identifier:
keyid:2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/nXybJsFL4j5LMPPKi8QoIMg_Sj0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
170.168.56.0/24
170.168.108.0/24
170.168.157.0/24
170.168.247.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:7f:80:69:bc:85:1b:77:a3:92:ae:7b:15:7d:28:92:21:72:
0c:66:15:c1:1e:39:3d:5d:4b:f2:90:68:07:a5:5c:fb:8c:65:
41:64:0f:0c:57:bc:eb:1c:54:a7:a1:82:ea:b7:0c:e1:62:96:
74:3f:cc:8d:74:5b:3b:2c:d0:ae:88:ca:40:9d:e3:26:0e:75:
97:39:9e:17:a3:32:ca:6f:7b:38:a6:2b:6d:71:13:4f:e6:ef:
e2:7b:e6:4a:18:c4:8e:1f:13:06:95:5c:58:2b:40:94:0a:38:
56:01:a3:b3:c9:99:aa:54:a9:1d:1b:86:da:0c:d1:0a:67:f7:
cf:e6:ef:48:51:cd:f8:a8:12:57:2b:91:60:0f:7c:25:3b:b3:
72:b2:78:be:cf:b6:f9:78:46:5e:18:a0:6a:b9:af:f1:4d:1a:
dc:e7:28:20:5b:23:2c:ce:ff:4b:0d:97:f7:ba:ea:54:ff:f5:
23:97:da:67:20:3f:84:72:fe:7d:32:c4:e5:3a:70:38:f2:0d:
4c:a9:02:3b:ec:54:66:40:24:c7:a4:b3:3e:87:73:57:c0:3f:
ba:3a:f3:7a:91:92:35:01:46:25:76:1f:f3:b4:05:ec:11:2e:
50:b9:ab:96:a1:4b:ba:7d:2d:62:63:2d:b5:6e:07:dd:08:b8:
a7:dc:ee:ab
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZkvhYFvGBZBaNVdaoo4ADYXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNmE4NmU2MmYwY2U5OGUwMmU5ODA4NjlmZjQ0MTRlZTJh
MGYwY2UwHhcNMjUwOTA5MTcyODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDdjOWIyNmMxNGJlMjNlNGIzMGYzY2E4YmM0MjgyMGM4M2Y0YTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxYorrZfml0ZswZAV+XOCkDcO2pkn
rxySH49/7hz77yUua5jvAVt232Ekrakc3+xrNBdEnpze8t3a2u+0ZvBczsjtsLFO
U8TprMIvC/iIOo08YagS0BQ2Sk4E/ZJx5dnVuvgAN94++uIUlWP47+Sbt/zsKi+T
fB9+FInvWuN6zm3RGxyTrhVwA298JLRvGf1OSF3rK6xcmDV1s9eL51YLBLi30FgV
o2WAlgq0fjKyHq14b/9rA5jmebDuImkgm9krSRLQ+ZocQJ2ndaed/nZ2HawHRZcf
Rm6VR7Qr3zfC7vI2PLlwU6BiqYdXTrzVp4XnFhvjSaRMyKH+DBcYM5jGFwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJ18mybBS+I+SzDzyovEKCDIP0o9MB8GA1UdIwQY
MBaAFC5qhuYvDOmOAumAhp/0QU7ioPDOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2Et
YTY2N2JiNzY1MDYwLzEvblh5YkpzRkw0ajVMTVBQS2k4UW9JTWdfU2owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2EtYTY2N2JiNzY1MDYw
LzEvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAqqg4AwQA
qqhsAwQAqqidAwQAqqj3MA0GCSqGSIb3DQEBCwUAA4IBAQB9f4BpvIUbd6OSrnsV
fSiSIXIMZhXBHjk9XUvykGgHpVz7jGVBZA8MV7zrHFSnoYLqtwzhYpZ0P8yNdFs7
LNCuiMpAneMmDnWXOZ4XozLKb3s4pittcRNP5u/ie+ZKGMSOHxMGlVxYK0CUCjhW
AaOzyZmqVKkdG4baDNEKZ/fP5u9IUc34qBJXK5FgD3wlO7Nysni+z7b5eEZeGKBq
ua/xTRrc5yggWyMszv9LDZf3uupU//Ujl9pnID+Ecv59MsTlOnA48g1MqQI77FRm
QCTHpLM+h3NXwD+6OvN6kZI1AUYldh/ztAXsES5QuauWoUu6fS1iYy21bgfdCLin
3O6r
-----END CERTIFICATE-----
Generated at Sun Oct 19 21:09:28 2025 by rpki-client