Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/2d958c-8878-4323-bedc-25e535c8a5b9/1/NLcJ1zHiWemoNGCQqxBLJZM1epY.roa
File: NLcJ1zHiWemoNGCQqxBLJZM1epY.roa (raw, json)
Hash identifier: sN7g+z3kFVXgkKd1egNCxj+JRztRoGDD2QPyWEFToRI=
Subject key identifier: 34:B7:09:D7:31:E2:59:E9:A8:34:60:90:AB:10:4B:25:93:35:7A:96
Certificate issuer: /CN=8624f3f661f24be5fef641dc722e5cf5ac87389e
Certificate serial: 0197A5F7A8D5616427E9F0B3EA0A60EFFBC0
Authority key identifier: 86:24:F3:F6:61:F2:4B:E5:FE:F6:41:DC:72:2E:5C:F5:AC:87:38:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hiTz9mHyS-X-9kHcci5c9ayHOJ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/2d958c-8878-4323-bedc-25e535c8a5b9/1/NLcJ1zHiWemoNGCQqxBLJZM1epY.roa
Signing time: Wed 25 Jun 2025 07:22:40 +0000
ROA not before: Wed 25 Jun 2025 07:22:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8784
IP address blocks: 83.169.64.0/18 maxlen: 18
83.169.64.0/23 maxlen: 23
83.169.66.0/24 maxlen: 24
83.169.67.0/24 maxlen: 24
83.169.69.0/24 maxlen: 24
83.169.70.0/23 maxlen: 23
83.169.70.0/24 maxlen: 24
83.169.71.0/24 maxlen: 24
83.169.72.0/24 maxlen: 24
83.169.73.0/24 maxlen: 24
83.169.74.0/24 maxlen: 24
83.169.80.0/24 maxlen: 24
83.169.81.0/24 maxlen: 24
83.169.83.0/24 maxlen: 24
83.169.84.0/24 maxlen: 24
83.169.85.0/24 maxlen: 24
83.169.89.0/24 maxlen: 24
83.169.92.0/24 maxlen: 24
83.169.99.0/24 maxlen: 24
83.169.100.0/22 maxlen: 22
83.169.100.0/24 maxlen: 24
83.169.102.0/24 maxlen: 24
83.169.103.0/24 maxlen: 24
83.169.114.0/23 maxlen: 23
83.169.114.0/24 maxlen: 24
83.169.115.0/24 maxlen: 24
83.169.116.0/22 maxlen: 22
83.169.116.0/24 maxlen: 24
83.169.117.0/24 maxlen: 24
83.169.118.0/24 maxlen: 24
83.169.119.0/24 maxlen: 24
83.169.120.0/22 maxlen: 22
83.169.120.0/24 maxlen: 24
83.169.121.0/24 maxlen: 24
83.169.122.0/24 maxlen: 24
83.169.123.0/24 maxlen: 24
83.169.124.0/24 maxlen: 24
83.169.125.0/24 maxlen: 24
178.22.152.0/21 maxlen: 21
194.117.208.0/20 maxlen: 20
194.117.208.0/24 maxlen: 24
194.117.211.0/24 maxlen: 24
194.117.216.0/24 maxlen: 24
194.117.219.0/24 maxlen: 24
194.153.214.0/24 maxlen: 24
195.46.192.0/19 maxlen: 19
195.46.193.0/24 maxlen: 24
195.46.195.0/24 maxlen: 24
195.46.198.0/24 maxlen: 24
195.46.199.0/24 maxlen: 24
195.46.204.0/24 maxlen: 24
195.46.209.0/24 maxlen: 24
195.46.210.0/24 maxlen: 24
195.46.213.0/24 maxlen: 24
195.46.214.0/24 maxlen: 24
195.46.216.0/24 maxlen: 24
195.46.219.0/24 maxlen: 24
195.46.223.0/24 maxlen: 24
212.37.192.0/19 maxlen: 19
213.139.96.0/19 maxlen: 19
213.139.111.0/24 maxlen: 24
213.139.112.0/24 maxlen: 24
213.139.117.0/24 maxlen: 24
213.139.123.0/24 maxlen: 24
2001:4b90::/32 maxlen: 32
2a02:d50::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/2d958c-8878-4323-bedc-25e535c8a5b9/1/hiTz9mHyS-X-9kHcci5c9ayHOJ4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c2/2d958c-8878-4323-bedc-25e535c8a5b9/1/hiTz9mHyS-X-9kHcci5c9ayHOJ4.mft
rsync://rpki.ripe.net/repository/DEFAULT/hiTz9mHyS-X-9kHcci5c9ayHOJ4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 07:42:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a5:f7:a8:d5:61:64:27:e9:f0:b3:ea:0a:60:ef:fb:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8624f3f661f24be5fef641dc722e5cf5ac87389e
Validity
Not Before: Jun 25 07:22:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=34b709d731e259e9a8346090ab104b2593357a96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:7f:df:76:80:8f:de:71:aa:73:d7:3f:30:91:
66:9c:f7:a9:2b:0a:b3:82:8e:84:97:79:55:92:56:
f6:4e:64:4e:7e:58:3c:a8:58:e8:40:01:0d:91:ef:
10:6d:a8:94:21:47:f6:77:50:be:f3:63:04:4a:e4:
52:15:23:2b:32:5f:31:d1:6f:68:63:d9:59:bb:b6:
fa:15:bc:61:81:00:b2:ff:67:9b:29:b7:9c:2f:46:
22:44:a7:8e:1b:80:34:4f:52:3b:c2:ff:05:93:32:
6a:b9:cf:a9:25:28:32:db:ae:19:49:f8:44:84:45:
fc:74:45:d0:81:73:bb:ca:fb:a1:b1:de:cd:5a:44:
35:7a:9d:1d:ea:c0:f2:8c:f3:be:00:0a:93:c4:37:
57:fe:f2:b0:05:4a:90:74:30:4a:d4:67:e9:d5:ea:
08:9a:45:b3:d1:c7:fb:14:f3:55:87:62:78:2b:a8:
35:54:10:a4:e1:a1:03:39:cf:de:47:e8:d9:68:db:
54:01:e5:7e:f5:42:63:8f:5a:27:fd:cf:0e:b6:a2:
e5:29:47:4e:21:34:c5:54:18:bb:4d:d0:a5:b2:0f:
15:a4:b0:10:dc:53:f6:75:4f:f8:0c:b6:3e:d4:04:
ca:05:4a:43:01:ea:26:a5:67:4e:ec:00:62:99:57:
1b:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:B7:09:D7:31:E2:59:E9:A8:34:60:90:AB:10:4B:25:93:35:7A:96
X509v3 Authority Key Identifier:
keyid:86:24:F3:F6:61:F2:4B:E5:FE:F6:41:DC:72:2E:5C:F5:AC:87:38:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hiTz9mHyS-X-9kHcci5c9ayHOJ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/2d958c-8878-4323-bedc-25e535c8a5b9/1/NLcJ1zHiWemoNGCQqxBLJZM1epY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/2d958c-8878-4323-bedc-25e535c8a5b9/1/hiTz9mHyS-X-9kHcci5c9ayHOJ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.169.64.0/18
178.22.152.0/21
194.117.208.0/20
194.153.214.0/24
195.46.192.0/19
212.37.192.0/19
213.139.96.0/19
IPv6:
2001:4b90::/32
2a02:d50::/32
Signature Algorithm: sha256WithRSAEncryption
85:2f:5b:ee:d3:3b:5b:d0:ac:eb:b1:3d:5f:cb:90:57:a8:1e:
24:85:ac:99:32:cb:c7:dd:71:2d:b2:ac:f1:c6:aa:20:2b:34:
58:69:b3:6e:30:30:ce:9f:68:e3:5a:af:24:98:a5:8a:b1:15:
d7:88:3d:5b:ec:8d:80:9a:e4:50:e9:7a:cb:99:cc:ef:37:df:
cf:ab:52:a3:cf:a0:51:50:7f:06:7d:49:98:26:6f:52:d5:19:
85:d8:55:de:98:71:a6:e3:8c:97:3a:88:5b:a8:af:34:cf:cf:
4e:50:4e:88:c1:55:33:72:1d:d6:db:e7:9f:74:54:25:c4:c0:
03:6c:04:09:61:ec:80:43:24:75:60:9e:f5:1f:e5:c2:6f:3d:
4e:ce:63:07:cc:f3:2f:0b:e0:dd:31:fd:d8:cc:0a:cf:21:c0:
90:7d:a8:aa:6c:43:e3:36:87:e1:7c:31:50:d6:9e:48:54:5f:
7f:f6:5b:a9:72:4a:80:7b:e9:85:fb:02:9a:2b:29:ad:a6:0b:
bc:52:f7:49:4e:76:f4:b6:db:86:4d:bd:b9:de:0c:18:66:ba:
a6:30:ae:45:58:de:e9:88:12:af:3f:b7:e0:be:5e:ce:49:c7:
aa:e4:4e:54:9e:a3:f1:91:e6:9f:67:ef:04:75:8f:8a:84:23:
19:e1:81:fe
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAZel96jVYWQn6fCz6gpg7/vAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2MjRmM2Y2NjFmMjRiZTVmZWY2NDFkYzcyMmU1Y2Y1YWM4
NzM4OWUwHhcNMjUwNjI1MDcyMjQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGI3MDlkNzMxZTI1OWU5YTgzNDYwOTBhYjEwNGIyNTkzMzU3YTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtH/fdoCP3nGqc9c/MJFmnPepKwqz
go6El3lVklb2TmROflg8qFjoQAENke8QbaiUIUf2d1C+82MESuRSFSMrMl8x0W9o
Y9lZu7b6FbxhgQCy/2ebKbecL0YiRKeOG4A0T1I7wv8FkzJquc+pJSgy264ZSfhE
hEX8dEXQgXO7yvuhsd7NWkQ1ep0d6sDyjPO+AAqTxDdX/vKwBUqQdDBK1Gfp1eoI
mkWz0cf7FPNVh2J4K6g1VBCk4aEDOc/eR+jZaNtUAeV+9UJjj1on/c8OtqLlKUdO
ITTFVBi7TdClsg8VpLAQ3FP2dU/4DLY+1ATKBUpDAeompWdO7ABimVcbpQIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFDS3Cdcx4lnpqDRgkKsQSyWTNXqWMB8GA1UdIwQY
MBaAFIYk8/Zh8kvl/vZB3HIuXPWshzieMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGlUejltSHlTLVgtOWtIY2NpNWM5YXlIT0o0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi8yZDk1OGMtODg3OC00MzIzLWJlZGMt
MjVlNTM1YzhhNWI5LzEvTkxjSjF6SGlXZW1vTkdDUXF4QkxKWk0xZXBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi8yZDk1OGMtODg3OC00MzIzLWJlZGMtMjVlNTM1YzhhNWI5
LzEvaGlUejltSHlTLVgtOWtIY2NpNWM5YXlIT0o0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAwBAIAATAqAwQGU6lAAwQD
shaYAwQEwnXQAwQAwpnWAwQFwy7AAwQF1CXAAwQF1YtgMBQEAgACMA4DBQAgAUuQ
AwUAKgINUDANBgkqhkiG9w0BAQsFAAOCAQEAhS9b7tM7W9Cs67E9X8uQV6geJIWs
mTLLx91xLbKs8caqICs0WGmzbjAwzp9o41qvJJilirEV14g9W+yNgJrkUOl6y5nM
7zffz6tSo8+gUVB/Bn1JmCZvUtUZhdhV3phxpuOMlzqIW6ivNM/PTlBOiMFVM3Id
1tvnn3RUJcTAA2wECWHsgEMkdWCe9R/lwm89Ts5jB8zzLwvg3TH92MwKzyHAkH2o
qmxD4zaH4XwxUNaeSFRff/ZbqXJKgHvphfsCmispraYLvFL3SU529Lbbhk29ud4M
GGa6pjCuRVje6YgSrz+34L5ezknHquROVJ6j8ZHmn2fvBHWPioQjGeGB/g==
-----END CERTIFICATE-----
Generated at Sun Jun 29 16:33:32 2025 by rpki-client