Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/00df29-5022-405e-895d-77ca89cf436a/1/NVT5ElowawlO6xhtgnjNVI-MrRY.roa
File: NVT5ElowawlO6xhtgnjNVI-MrRY.roa (raw, json)
Hash identifier: eokuWXBRCzzEFTJDGG6W73lsSws+UPHi7dsJni5axaU=
Subject key identifier: 35:54:F9:12:5A:30:6B:09:4E:EB:18:6D:82:78:CD:54:8F:8C:AD:16
Certificate issuer: /CN=bab5e5e601cbf5d19d10d4db476a923b3b36f827
Certificate serial: 01994E521B58EAD0CE4C0E07EFCDF096307A
Authority key identifier: BA:B5:E5:E6:01:CB:F5:D1:9D:10:D4:DB:47:6A:92:3B:3B:36:F8:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/urXl5gHL9dGdENTbR2qSOzs2-Cc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/00df29-5022-405e-895d-77ca89cf436a/1/NVT5ElowawlO6xhtgnjNVI-MrRY.roa
Signing time: Mon 15 Sep 2025 17:00:27 +0000
ROA not before: Mon 15 Sep 2025 17:00:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24904
IP address blocks: 2.59.236.0/22 maxlen: 24
45.15.60.0/22 maxlen: 24
45.83.228.0/22 maxlen: 24
81.28.192.0/20 maxlen: 24
83.243.124.0/22 maxlen: 24
92.118.96.0/22 maxlen: 24
171.22.0.0/22 maxlen: 24
178.250.208.0/21 maxlen: 24
178.250.208.64/27 maxlen: 27
178.250.208.128/28 maxlen: 28
185.4.76.0/22 maxlen: 24
185.45.32.0/22 maxlen: 24
185.66.100.0/22 maxlen: 24
185.73.232.0/22 maxlen: 24
185.164.232.0/22 maxlen: 24
185.200.200.0/22 maxlen: 24
185.202.60.0/22 maxlen: 24
185.207.80.0/22 maxlen: 24
185.215.12.0/22 maxlen: 24
185.216.240.0/22 maxlen: 24
185.219.204.0/22 maxlen: 24
185.229.160.0/22 maxlen: 24
185.238.4.0/22 maxlen: 24
185.251.160.0/22 maxlen: 24
194.29.74.0/23 maxlen: 24
194.38.32.0/22 maxlen: 24
194.147.0.0/22 maxlen: 24
2a03:4980::/32 maxlen: 32
2a03:4980::/40 maxlen: 40
2a03:4980:100::/40 maxlen: 40
2a03:4980:200::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/00df29-5022-405e-895d-77ca89cf436a/1/urXl5gHL9dGdENTbR2qSOzs2-Cc.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/00df29-5022-405e-895d-77ca89cf436a/1/urXl5gHL9dGdENTbR2qSOzs2-Cc.mft
rsync://rpki.ripe.net/repository/DEFAULT/urXl5gHL9dGdENTbR2qSOzs2-Cc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:4e:52:1b:58:ea:d0:ce:4c:0e:07:ef:cd:f0:96:30:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bab5e5e601cbf5d19d10d4db476a923b3b36f827
Validity
Not Before: Sep 15 17:00:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3554f9125a306b094eeb186d8278cd548f8cad16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:0c:54:59:71:fd:55:1b:16:a7:0f:7d:4e:1d:
cc:9e:3f:47:ed:53:03:71:d5:9b:06:e5:50:1d:38:
94:0d:78:68:17:79:e6:0b:5d:f4:bf:3c:3f:d8:8d:
bf:da:94:bc:ea:72:fc:9d:b4:87:05:74:73:c4:73:
4d:ab:09:de:0a:fc:d6:ca:e3:a8:9d:a3:dc:02:14:
f9:2e:9d:43:70:4c:ed:23:2f:70:1d:03:7c:c3:ae:
ec:39:73:b1:b4:52:b0:73:54:d1:3e:e0:76:0f:37:
32:f5:93:89:59:63:c1:ea:2b:f0:fa:1f:cf:48:37:
1e:54:f5:2f:c1:8c:ea:1a:18:82:65:ee:1a:84:41:
1e:db:19:b6:b3:7b:c0:b7:5d:9e:d6:49:cd:c9:d3:
c8:cd:c2:e8:6c:b4:71:a1:f9:c3:f1:6c:75:25:6c:
1c:f9:d2:3f:6d:bb:00:1d:48:13:8e:b9:43:22:36:
a3:b7:38:42:95:82:6e:f1:2e:d1:42:f5:7a:70:31:
df:c2:63:0b:08:bd:7f:1c:ab:06:09:2d:d9:71:3c:
b0:82:73:c2:db:57:ff:fe:7a:37:3a:59:31:27:06:
d8:43:de:d1:c9:39:cb:6f:bc:5a:f6:63:38:cd:95:
bf:a0:7c:b2:92:94:97:44:e7:67:16:8d:22:a5:bf:
3a:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:54:F9:12:5A:30:6B:09:4E:EB:18:6D:82:78:CD:54:8F:8C:AD:16
X509v3 Authority Key Identifier:
keyid:BA:B5:E5:E6:01:CB:F5:D1:9D:10:D4:DB:47:6A:92:3B:3B:36:F8:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/urXl5gHL9dGdENTbR2qSOzs2-Cc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/00df29-5022-405e-895d-77ca89cf436a/1/NVT5ElowawlO6xhtgnjNVI-MrRY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/00df29-5022-405e-895d-77ca89cf436a/1/urXl5gHL9dGdENTbR2qSOzs2-Cc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.236.0/22
45.15.60.0/22
45.83.228.0/22
81.28.192.0/20
83.243.124.0/22
92.118.96.0/22
171.22.0.0/22
178.250.208.0/21
185.4.76.0/22
185.45.32.0/22
185.66.100.0/22
185.73.232.0/22
185.164.232.0/22
185.200.200.0/22
185.202.60.0/22
185.207.80.0/22
185.215.12.0/22
185.216.240.0/22
185.219.204.0/22
185.229.160.0/22
185.238.4.0/22
185.251.160.0/22
194.29.74.0/23
194.38.32.0/22
194.147.0.0/22
IPv6:
2a03:4980::/32
Signature Algorithm: sha256WithRSAEncryption
50:f0:53:a4:bd:99:47:44:7e:cd:51:a8:dc:f6:b9:35:f6:61:
0c:07:c7:35:eb:fa:0a:9f:d8:53:b0:5e:e3:93:0a:94:19:29:
62:79:ae:d2:5d:b5:26:37:ca:2f:40:31:82:ab:8f:99:d1:08:
16:f2:14:84:3e:5b:c8:74:97:5e:9e:9f:6b:f9:59:e4:97:eb:
20:44:09:5e:1b:2e:b1:09:e1:46:4d:fc:9c:ae:89:f2:ab:d0:
fc:e3:c5:47:65:52:4c:07:b1:a5:1e:25:31:3c:68:c7:d3:fe:
8f:44:84:e8:f5:be:b7:e2:b7:9b:d5:32:b5:6b:fd:c9:51:95:
6c:c2:f1:ea:55:ad:3c:2a:22:0d:38:9f:4e:44:09:26:b2:42:
c8:45:32:a4:3f:0d:50:8d:94:66:b6:5f:ff:1d:79:54:fa:f6:
46:fa:49:7f:35:05:18:18:ac:9a:1c:ad:e8:9a:be:1b:e3:05:
a8:c2:7a:2a:73:6a:6a:39:b0:9c:35:df:46:d6:2a:7e:31:46:
ec:66:6e:3d:ca:4f:0c:88:57:6f:03:ce:3a:a2:4b:22:e5:9f:
b5:a3:d5:1f:21:39:93:68:39:37:f8:b5:61:fd:c2:cc:c4:59:
5c:a0:b6:e8:5e:2e:0f:7e:f1:69:67:ee:8c:0a:0a:a8:cd:5e:
d1:49:9b:8f
-----BEGIN CERTIFICATE-----
MIIFoTCCBImgAwIBAgISAZlOUhtY6tDOTA4H783wljB6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYjVlNWU2MDFjYmY1ZDE5ZDEwZDRkYjQ3NmE5MjNiM2Iz
NmY4MjcwHhcNMjUwOTE1MTcwMDI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTU0ZjkxMjVhMzA2YjA5NGVlYjE4NmQ4Mjc4Y2Q1NDhmOGNhZDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqAxUWXH9VRsWpw99Th3Mnj9H7VMD
cdWbBuVQHTiUDXhoF3nmC130vzw/2I2/2pS86nL8nbSHBXRzxHNNqwneCvzWyuOo
naPcAhT5Lp1DcEztIy9wHQN8w67sOXOxtFKwc1TRPuB2Dzcy9ZOJWWPB6ivw+h/P
SDceVPUvwYzqGhiCZe4ahEEe2xm2s3vAt12e1knNydPIzcLobLRxofnD8Wx1JWwc
+dI/bbsAHUgTjrlDIjajtzhClYJu8S7RQvV6cDHfwmMLCL1/HKsGCS3ZcTywgnPC
21f//no3OlkxJwbYQ97RyTnLb7xa9mM4zZW/oHyykpSXROdnFo0ipb86VwIDAQAB
o4ICrTCCAqkwHQYDVR0OBBYEFDVU+RJaMGsJTusYbYJ4zVSPjK0WMB8GA1UdIwQY
MBaAFLq15eYBy/XRnRDU20dqkjs7NvgnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXJYbDVnSEw5ZEdkRU5UYlIycVNPenMyLUNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy8wMGRmMjktNTAyMi00MDVlLTg5NWQt
NzdjYTg5Y2Y0MzZhLzEvTlZUNUVsb3dhd2xPNnhodGduak5WSS1NclJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy8wMGRmMjktNTAyMi00MDVlLTg5NWQtNzdjYTg5Y2Y0MzZh
LzEvdXJYbDVnSEw5ZEdkRU5UYlIycVNPenMyLUNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHCBggrBgEFBQcBBwEB/wSBsjCBrzCBnQQCAAEwgZYDBAIC
O+wDBAItDzwDBAItU+QDBARRHMADBAJT83wDBAJcdmADBAKrFgADBAOy+tADBAK5
BEwDBAK5LSADBAK5QmQDBAK5SegDBAK5pOgDBAK5yMgDBAK5yjwDBAK5z1ADBAK5
1wwDBAK52PADBAK528wDBAK55aADBAK57gQDBAK5+6ADBAHCHUoDBALCJiADBALC
kwAwDQQCAAIwBwMFACoDSYAwDQYJKoZIhvcNAQELBQADggEBAFDwU6S9mUdEfs1R
qNz2uTX2YQwHxzXr+gqf2FOwXuOTCpQZKWJ5rtJdtSY3yi9AMYKrj5nRCBbyFIQ+
W8h0l16en2v5WeSX6yBECV4bLrEJ4UZN/JyuifKr0PzjxUdlUkwHsaUeJTE8aMfT
/o9EhOj1vrfit5vVMrVr/clRlWzC8epVrTwqIg04n05ECSayQshFMqQ/DVCNlGa2
X/8deVT69kb6SX81BRgYrJocreiavhvjBajCeipzamo5sJw130bWKn4xRuxmbj3K
TwyIV28DzjqiSyLln7Wj1R8hOZNoOTf4tWH9wszEWVygtuheLg9+8Wln7owKCqjN
XtFJm48=
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:59:03 2025 by rpki-client