Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/NPUEpZ4h19WtFvLgpubAEAvedaY.roa
File: NPUEpZ4h19WtFvLgpubAEAvedaY.roa (raw, json)
Hash identifier: 3sPH63d3TcoprXu5QSKKo21b+DlJWtRetrDy8WvW554=
Subject key identifier: 34:F5:04:A5:9E:21:D7:D5:AD:16:F2:E0:A6:E6:C0:10:0B:DE:75:A6
Certificate issuer: /CN=7e20b034e2c497b1884488def106972704765029
Certificate serial: 0198CC4AAF691E8C1950E20C8DB7A66E9A6F
Authority key identifier: 7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/NPUEpZ4h19WtFvLgpubAEAvedaY.roa
Signing time: Thu 21 Aug 2025 11:01:43 +0000
ROA not before: Thu 21 Aug 2025 11:01:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 138160
IP address blocks: 95.177.63.0/24 maxlen: 24
95.177.67.0/24 maxlen: 24
95.177.74.0/24 maxlen: 24
95.177.85.0/24 maxlen: 24
213.177.226.0/23 maxlen: 24
213.177.230.0/23 maxlen: 24
213.177.234.0/23 maxlen: 24
213.177.238.0/23 maxlen: 24
213.177.242.0/23 maxlen: 24
213.177.246.0/23 maxlen: 24
213.177.250.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.mft
rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 08:00:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:cc:4a:af:69:1e:8c:19:50:e2:0c:8d:b7:a6:6e:9a:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e20b034e2c497b1884488def106972704765029
Validity
Not Before: Aug 21 11:01:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=34f504a59e21d7d5ad16f2e0a6e6c0100bde75a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:fb:af:5b:d9:b1:06:36:1c:a6:9c:21:9a:cf:
b7:9c:1a:ac:00:2c:35:c4:d7:b4:b7:bc:30:a7:84:
9a:58:46:71:7b:8b:43:69:c9:68:30:ef:c3:66:2d:
f3:ae:1e:76:d6:45:1c:4b:ed:e9:ee:f3:fb:64:65:
d3:dd:34:b5:ee:7a:94:4c:33:3b:22:67:32:e2:25:
4d:98:87:52:23:d9:e9:d9:57:40:42:42:e0:9d:59:
d4:36:12:78:2f:61:b9:c3:1b:96:78:cf:01:5f:14:
73:d3:cf:04:42:82:a8:17:8c:f8:36:91:a4:92:9b:
30:d9:9b:04:3a:d5:26:46:95:27:e5:95:fb:3f:15:
0d:e8:f9:86:ec:4c:24:54:0a:46:ca:79:45:ad:ff:
13:5f:be:f0:b6:a0:cc:a6:29:df:7a:e3:35:08:48:
ed:81:67:4c:e1:62:f5:44:dc:4d:01:5b:0d:57:37:
c1:e4:9f:4c:fd:5d:da:cb:f1:bb:84:06:27:9f:92:
0e:aa:ee:98:d7:aa:ad:ba:a5:9b:da:34:02:9a:3e:
e9:0a:89:8d:36:a7:dc:3d:61:1a:f2:e2:04:8f:50:
4d:1e:e2:72:db:04:46:a7:70:6e:53:97:7b:98:35:
4c:ca:f2:dd:c3:28:57:d2:6a:bc:a7:ef:fd:c8:f8:
28:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:F5:04:A5:9E:21:D7:D5:AD:16:F2:E0:A6:E6:C0:10:0B:DE:75:A6
X509v3 Authority Key Identifier:
keyid:7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/NPUEpZ4h19WtFvLgpubAEAvedaY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.177.63.0/24
95.177.67.0/24
95.177.74.0/24
95.177.85.0/24
213.177.226.0/23
213.177.230.0/23
213.177.234.0/23
213.177.238.0/23
213.177.242.0/23
213.177.246.0/23
213.177.250.0/23
Signature Algorithm: sha256WithRSAEncryption
2e:89:c8:f6:2a:65:66:7b:bd:cb:0a:f8:65:9e:4f:4d:89:30:
26:6c:0e:b6:74:a3:ad:ce:1b:84:08:dd:90:29:37:f4:cb:3b:
f0:a5:0b:e7:ad:51:49:5b:fb:63:72:9c:7a:14:6f:d7:df:3f:
b8:59:8a:55:55:96:78:b8:d3:65:4a:ac:1c:28:67:0b:2e:0a:
0f:11:0d:87:d8:36:28:1e:ea:fc:d5:f2:34:68:ba:37:c4:34:
03:5a:55:4d:32:13:3f:92:46:a3:16:a4:2d:3c:9d:14:a1:79:
2b:f5:b4:70:37:1a:13:df:e7:6f:f7:38:ff:db:43:fb:67:e5:
33:26:93:f8:21:49:18:b8:24:28:a0:28:8b:d7:d1:b8:15:9f:
e9:07:b6:14:99:19:98:d8:32:c5:d9:a2:14:3e:9b:e1:3b:13:
d5:e5:38:3f:e1:bf:f1:22:10:10:15:66:12:47:a3:3d:dc:9d:
4a:c2:5a:0d:a2:db:53:f5:0f:06:0b:6d:85:f7:c8:3d:99:4c:
63:b3:d4:3c:ce:f0:02:14:ae:14:de:a1:90:46:9a:81:45:fd:
54:b8:db:68:9e:25:e8:91:4b:cb:2c:63:c6:6e:08:3c:1c:69:
02:af:c1:fb:19:c0:b0:dd:f9:7f:14:d7:b8:e5:93:c2:35:1f:
ee:c1:81:ae
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZjMSq9pHowZUOIMjbembppvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjBiMDM0ZTJjNDk3YjE4ODQ0ODhkZWYxMDY5NzI3MDQ3
NjUwMjkwHhcNMjUwODIxMTEwMTQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGY1MDRhNTllMjFkN2Q1YWQxNmYyZTBhNmU2YzAxMDBiZGU3NWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxPuvW9mxBjYcppwhms+3nBqsACw1
xNe0t7wwp4SaWEZxe4tDacloMO/DZi3zrh521kUcS+3p7vP7ZGXT3TS17nqUTDM7
Imcy4iVNmIdSI9np2VdAQkLgnVnUNhJ4L2G5wxuWeM8BXxRz088EQoKoF4z4NpGk
kpsw2ZsEOtUmRpUn5ZX7PxUN6PmG7EwkVApGynlFrf8TX77wtqDMpinfeuM1CEjt
gWdM4WL1RNxNAVsNVzfB5J9M/V3ay/G7hAYnn5IOqu6Y16qtuqWb2jQCmj7pComN
NqfcPWEa8uIEj1BNHuJy2wRGp3BuU5d7mDVMyvLdwyhX0mq8p+/9yPgofwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFDT1BKWeIdfVrRby4KbmwBAL3nWmMB8GA1UdIwQY
MBaAFH4gsDTixJexiESI3vEGlycEdlApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2Qt
MDM1ZDk3N2Y0MjE2LzEvTlBVRXBaNGgxOVd0RnZMZ3B1YkFFQXZlZGFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2QtMDM1ZDk3N2Y0MjE2
LzEvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAX7E/AwQA
X7FDAwQAX7FKAwQAX7FVAwQB1bHiAwQB1bHmAwQB1bHqAwQB1bHuAwQB1bHyAwQB
1bH2AwQB1bH6MA0GCSqGSIb3DQEBCwUAA4IBAQAuicj2KmVme73LCvhlnk9NiTAm
bA62dKOtzhuECN2QKTf0yzvwpQvnrVFJW/tjcpx6FG/X3z+4WYpVVZZ4uNNlSqwc
KGcLLgoPEQ2H2DYoHur81fI0aLo3xDQDWlVNMhM/kkajFqQtPJ0UoXkr9bRwNxoT
3+dv9zj/20P7Z+UzJpP4IUkYuCQooCiL19G4FZ/pB7YUmRmY2DLF2aIUPpvhOxPV
5Tg/4b/xIhAQFWYSR6M93J1KwloNottT9Q8GC22F98g9mUxjs9Q8zvACFK4U3qGQ
RpqBRf1UuNtoniXokUvLLGPGbgg8HGkCr8H7GcCw3fl/FNe45ZPCNR/uwYGu
-----END CERTIFICATE-----
Generated at Sat Aug 23 17:22:32 2025 by rpki-client