Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/kRZEd5OY9Cu6a2l2TEzeftlVgoU.roa
File: kRZEd5OY9Cu6a2l2TEzeftlVgoU.roa (raw, json)
Hash identifier: UVlhyiF5TZu6DhLANb/sUOu9bmKtoxO9eP3MsMY0pYc=
Subject key identifier: 91:16:44:77:93:98:F4:2B:BA:6B:69:76:4C:4C:DE:7E:D9:55:82:85
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0199D1FD3CC433425B56E9941B754927656B
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/kRZEd5OY9Cu6a2l2TEzeftlVgoU.roa
Signing time: Sat 11 Oct 2025 06:37:38 +0000
ROA not before: Sat 11 Oct 2025 06:37:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 37.46.150.0/24 maxlen: 24
45.80.156.0/24 maxlen: 24
45.90.184.0/22 maxlen: 24
91.190.106.0/24 maxlen: 24
185.241.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:d1:fd:3c:c4:33:42:5b:56:e9:94:1b:75:49:27:65:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Oct 11 06:37:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=911644779398f42bba6b69764c4cde7ed9558285
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:be:e6:83:e5:d2:72:39:b5:19:68:bd:b5:88:
da:de:fd:f0:52:ac:05:a8:f3:23:7b:99:68:04:fe:
63:48:08:ba:35:7b:9c:da:57:ee:3d:7a:88:7e:a5:
2f:5c:2f:09:3d:3e:d2:3e:82:92:61:fd:81:0e:ce:
d7:85:5a:8f:d8:c6:30:19:c6:d1:c4:fc:bf:b7:fe:
40:91:de:81:53:5e:70:c3:fc:17:43:9f:15:33:6a:
3e:ef:3b:76:5b:b5:e1:2a:d0:cb:63:ca:c8:72:cd:
11:62:53:46:14:ab:07:ba:d8:c3:83:50:6f:d2:b0:
5f:a8:66:53:1e:a5:6a:d6:f6:47:99:01:68:71:22:
a2:fc:62:e8:ca:4d:28:d3:4a:56:b2:dd:7b:51:61:
f6:2d:3e:d8:75:44:0b:aa:0e:c6:d3:24:bd:5d:f8:
0a:ee:18:89:6b:b2:1f:b6:4e:b2:0b:1f:ff:27:bd:
76:b9:b8:31:3b:59:2a:6d:0b:5f:f2:87:25:d0:79:
c2:c6:b8:65:37:15:4d:04:b8:10:50:7c:03:20:36:
86:07:66:d9:36:e1:0e:88:e5:8b:be:15:11:45:19:
c8:d5:46:a2:b6:43:50:af:da:d7:c6:e1:bd:75:c0:
9c:b2:f9:0e:22:0b:85:48:4b:0c:18:69:43:29:9f:
2a:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:16:44:77:93:98:F4:2B:BA:6B:69:76:4C:4C:DE:7E:D9:55:82:85
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/kRZEd5OY9Cu6a2l2TEzeftlVgoU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.150.0/24
45.80.156.0/24
45.90.184.0/22
91.190.106.0/24
185.241.211.0/24
Signature Algorithm: sha256WithRSAEncryption
38:fa:e2:82:06:12:2b:3f:90:5f:a8:8e:f1:da:a8:72:9e:46:
36:15:33:94:12:35:29:47:b3:43:1b:21:2e:7e:44:b2:74:ba:
c8:c4:8f:05:6f:a0:c9:f8:86:f1:cc:b4:64:aa:7a:4c:03:e2:
fb:a5:37:e1:1b:eb:45:1c:b5:46:34:be:27:89:57:01:7d:e4:
aa:bf:f9:00:32:20:37:bb:c9:c2:e2:b9:e1:3e:02:7f:76:50:
0f:83:27:21:a8:33:ba:89:5f:3a:69:68:a3:c3:28:f8:16:ae:
e0:e5:48:94:32:f6:4b:3b:b4:43:99:33:98:78:53:0c:6d:9f:
ab:57:e6:bb:66:3a:0c:c5:73:5b:e4:9a:13:28:26:35:65:3c:
fd:5a:08:86:5d:0d:4c:1d:7d:ea:96:b0:92:8a:ad:04:7b:1f:
7d:41:6b:17:0e:a8:cd:de:2a:33:dd:b7:75:67:ad:08:19:90:
e3:c7:04:79:65:cb:a4:9c:2f:c3:98:ac:a1:4c:f0:81:ac:1c:
dc:ce:b8:88:24:51:14:a2:cc:35:d5:d4:d8:23:b3:a8:9b:6b:
36:5e:4d:3d:73:50:ef:f5:30:e9:1b:c4:cb:90:25:9c:01:fe:
22:d0:e0:dd:a8:3f:c4:b7:e3:42:0e:1f:47:2d:75:cb:02:45:
d3:6b:db:3a
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZnR/TzEM0JbVumUG3VJJ2VrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjUxMDExMDYzNzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTE2NDQ3NzkzOThmNDJiYmE2YjY5NzY0YzRjZGU3ZWQ5NTU4Mjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy77mg+XScjm1GWi9tYja3v3wUqwF
qPMje5loBP5jSAi6NXuc2lfuPXqIfqUvXC8JPT7SPoKSYf2BDs7XhVqP2MYwGcbR
xPy/t/5Akd6BU15ww/wXQ58VM2o+7zt2W7XhKtDLY8rIcs0RYlNGFKsHutjDg1Bv
0rBfqGZTHqVq1vZHmQFocSKi/GLoyk0o00pWst17UWH2LT7YdUQLqg7G0yS9XfgK
7hiJa7Iftk6yCx//J712ubgxO1kqbQtf8ocl0HnCxrhlNxVNBLgQUHwDIDaGB2bZ
NuEOiOWLvhURRRnI1UaitkNQr9rXxuG9dcCcsvkOIguFSEsMGGlDKZ8qsQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJEWRHeTmPQrumtpdkxM3n7ZVYKFMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEva1JaRWQ1T1k5Q3U2YTJsMlRFemVmdGxWZ29VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAJS6WAwQA
LVCcAwQCLVq4AwQAW75qAwQAufHTMA0GCSqGSIb3DQEBCwUAA4IBAQA4+uKCBhIr
P5BfqI7x2qhynkY2FTOUEjUpR7NDGyEufkSydLrIxI8Fb6DJ+IbxzLRkqnpMA+L7
pTfhG+tFHLVGNL4niVcBfeSqv/kAMiA3u8nC4rnhPgJ/dlAPgychqDO6iV86aWij
wyj4Fq7g5UiUMvZLO7RDmTOYeFMMbZ+rV+a7ZjoMxXNb5JoTKCY1ZTz9WgiGXQ1M
HX3qlrCSiq0Eex99QWsXDqjN3ioz3bd1Z60IGZDjxwR5ZcuknC/DmKyhTPCBrBzc
zriIJFEUosw11dTYI7Oom2s2Xk09c1Dv9TDpG8TLkCWcAf4i0ODdqD/Et+NCDh9H
LXXLAkXTa9s6
-----END CERTIFICATE-----
Generated at Sun Oct 19 21:10:30 2025 by rpki-client