Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/Nz1KJF0V2hRcXfHJWEfzhGmhuQg.roa
File: Nz1KJF0V2hRcXfHJWEfzhGmhuQg.roa (raw, json)
Hash identifier: Xs+mAvdnu1+N8aWDBGgl9Kqsl2ZRvQ0uzOwBsB3pCYY=
Subject key identifier: 37:3D:4A:24:5D:15:DA:14:5C:5D:F1:C9:58:47:F3:84:69:A1:B9:08
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 019CE0DC2B14D19F85F4BD1C30CA8F0CBBF3
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/Nz1KJF0V2hRcXfHJWEfzhGmhuQg.roa
Signing time: Thu 12 Mar 2026 07:04:11 +0000
ROA not before: Thu 12 Mar 2026 07:04:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212477
IP address blocks: 89.125.50.0/24 maxlen: 24
89.125.66.0/24 maxlen: 24
89.125.69.0/24 maxlen: 24
89.125.187.0/24 maxlen: 24
89.125.209.0/24 maxlen: 24
89.125.255.0/24 maxlen: 24
103.245.231.0/24 maxlen: 24
185.198.234.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.mft
rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 07:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e0:dc:2b:14:d1:9f:85:f4:bd:1c:30:ca:8f:0c:bb:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Mar 12 07:04:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=373d4a245d15da145c5df1c95847f38469a1b908
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ad:30:98:2e:a8:e9:06:ac:fb:e4:c3:47:4f:
55:15:43:a4:f3:4d:dc:36:15:e6:04:00:43:bb:c9:
72:65:45:e6:19:96:6a:f8:cd:e2:e3:59:39:dd:4e:
9a:25:55:c1:7d:a6:05:a7:89:b7:79:84:cf:ca:91:
5d:35:c0:dc:4b:16:34:52:55:1b:4d:d1:f4:d4:ce:
65:4c:88:2f:54:5c:6f:21:89:cc:fb:be:07:bf:be:
5b:3d:00:1d:a0:0f:67:b1:c7:03:cf:61:16:ab:bd:
27:8f:75:a5:38:c4:2e:20:3a:49:cc:99:c5:0c:ba:
b3:12:2f:6f:8e:89:e4:8c:ec:11:c8:2b:11:f2:2f:
3d:1b:7b:84:e4:27:f7:d4:2f:4f:4c:3f:ff:58:7e:
9f:f9:5b:b7:6c:fa:c1:6b:6d:2a:d0:3b:8a:db:81:
1d:4d:50:c5:c5:18:5f:c9:9a:53:9a:27:f2:47:84:
ca:4e:c0:17:28:53:94:c3:77:99:e0:35:e1:c3:3e:
0b:35:88:12:d5:de:a2:73:91:46:29:ad:33:b4:85:
3d:73:62:1f:34:d1:a3:5a:85:e1:08:a8:8b:3e:36:
5d:cb:7b:f7:83:36:e4:5a:41:e2:b9:02:18:0b:7a:
5b:d7:93:5b:49:c3:21:88:27:56:3c:4a:1a:e5:b8:
f3:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:3D:4A:24:5D:15:DA:14:5C:5D:F1:C9:58:47:F3:84:69:A1:B9:08
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/Nz1KJF0V2hRcXfHJWEfzhGmhuQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.125.50.0/24
89.125.66.0/24
89.125.69.0/24
89.125.187.0/24
89.125.209.0/24
89.125.255.0/24
103.245.231.0/24
185.198.234.0/24
Signature Algorithm: sha256WithRSAEncryption
59:40:d0:79:bc:de:fd:fb:86:b8:88:d9:3c:86:ae:3c:3c:02:
88:f5:c9:60:24:f2:81:80:cd:a8:71:5a:e1:1e:29:ab:8d:2e:
26:bc:b0:b5:b4:76:a9:de:5e:b6:b8:8e:f0:43:4d:17:a3:c7:
dd:c3:ed:b2:27:82:c9:f0:14:31:95:12:ce:f7:c8:fc:64:2e:
26:0f:d1:75:e9:51:c4:ec:92:b2:1c:01:48:8b:1f:af:03:75:
50:9a:a6:64:90:0f:e3:df:c7:fe:43:87:da:c6:42:e9:83:b2:
cb:78:25:ad:0c:e5:2f:58:58:5c:fb:8e:6e:df:37:5e:c5:ec:
32:d3:9c:6d:b5:4f:8a:4b:a6:50:a3:d8:fe:86:19:a1:dc:97:
ab:7e:1a:cf:0b:47:4a:7f:25:91:c3:32:dd:1f:e3:28:22:6c:
14:d6:b6:dd:58:b3:1f:7f:11:54:83:c6:af:da:c1:ed:b3:57:
9e:d6:54:f0:c1:8a:0f:99:c1:d7:6e:2c:dc:6b:c8:74:6c:ec:
3a:17:f4:b6:5c:50:da:f3:73:db:6b:9e:9a:65:88:02:3c:58:
30:33:73:f1:e8:77:d0:33:c3:d1:7e:2e:af:ca:e7:85:29:2f:
5c:49:76:6a:33:b7:fb:7b:2b:ff:1c:38:2b:ea:bc:26:d9:9f:
14:8e:57:29
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZzg3CsU0Z+F9L0cMMqPDLvzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjYwMzEyMDcwNDExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzNkNGEyNDVkMTVkYTE0NWM1ZGYxYzk1ODQ3ZjM4NDY5YTFiOTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsa0wmC6o6Qas++TDR09VFUOk803c
NhXmBABDu8lyZUXmGZZq+M3i41k53U6aJVXBfaYFp4m3eYTPypFdNcDcSxY0UlUb
TdH01M5lTIgvVFxvIYnM+74Hv75bPQAdoA9nsccDz2EWq70nj3WlOMQuIDpJzJnF
DLqzEi9vjonkjOwRyCsR8i89G3uE5Cf31C9PTD//WH6f+Vu3bPrBa20q0DuK24Ed
TVDFxRhfyZpTmifyR4TKTsAXKFOUw3eZ4DXhwz4LNYgS1d6ic5FGKa0ztIU9c2If
NNGjWoXhCKiLPjZdy3v3gzbkWkHiuQIYC3pb15NbScMhiCdWPEoa5bjzmQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFDc9SiRdFdoUXF3xyVhH84RpobkIMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvTnoxS0pGMFYyaFJjWGZISldFZnpoR21odVFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAWX0yAwQA
WX1CAwQAWX1FAwQAWX27AwQAWX3RAwQAWX3/AwQAZ/XnAwQAucbqMA0GCSqGSIb3
DQEBCwUAA4IBAQBZQNB5vN79+4a4iNk8hq48PAKI9clgJPKBgM2ocVrhHimrjS4m
vLC1tHap3l62uI7wQ00Xo8fdw+2yJ4LJ8BQxlRLO98j8ZC4mD9F16VHE7JKyHAFI
ix+vA3VQmqZkkA/j38f+Q4faxkLpg7LLeCWtDOUvWFhc+45u3zdexewy05xttU+K
S6ZQo9j+hhmh3JerfhrPC0dKfyWRwzLdH+MoImwU1rbdWLMffxFUg8av2sHts1ee
1lTwwYoPmcHXbizca8h0bOw6F/S2XFDa83Pba56aZYgCPFgwM3Px6HfQM8PRfi6v
yueFKS9cSXZqM7f7eyv/HDgr6rwm2Z8Ujlcp
-----END CERTIFICATE-----
Generated at Thu Mar 26 13:43:30 2026 by rpki-client