Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/638a8e-7f08-42f5-a98c-4c5e67e5ee25/1/NK7cFKYMK_Qez5H6Ab99v18EXKw.roa
File: NK7cFKYMK_Qez5H6Ab99v18EXKw.roa (raw, json)
Hash identifier: Sy/Cc4qG/1KQp17eadKsXuNu4rKNRwOKSF7+JL5tyF4=
Subject key identifier: 34:AE:DC:14:A6:0C:2B:F4:1E:CF:91:FA:01:BF:7D:BF:5F:04:5C:AC
Certificate issuer: /CN=b945d22d376fca197b2e84e1ee5732034432ffad
Certificate serial: 019B7C80940126253C3564B51C284FD7A8CF
Authority key identifier: B9:45:D2:2D:37:6F:CA:19:7B:2E:84:E1:EE:57:32:03:44:32:FF:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uUXSLTdvyhl7LoTh7lcyA0Qy_60.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/638a8e-7f08-42f5-a98c-4c5e67e5ee25/1/NK7cFKYMK_Qez5H6Ab99v18EXKw.roa
Signing time: Fri 02 Jan 2026 02:19:19 +0000
ROA not before: Fri 02 Jan 2026 02:19:19 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 24732
IP address blocks: 195.234.16.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/638a8e-7f08-42f5-a98c-4c5e67e5ee25/1/uUXSLTdvyhl7LoTh7lcyA0Qy_60.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/638a8e-7f08-42f5-a98c-4c5e67e5ee25/1/uUXSLTdvyhl7LoTh7lcyA0Qy_60.mft
rsync://rpki.ripe.net/repository/DEFAULT/uUXSLTdvyhl7LoTh7lcyA0Qy_60.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 23:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7c:80:94:01:26:25:3c:35:64:b5:1c:28:4f:d7:a8:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b945d22d376fca197b2e84e1ee5732034432ffad
Validity
Not Before: Jan 2 02:19:19 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=34aedc14a60c2bf41ecf91fa01bf7dbf5f045cac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:5d:35:6a:86:e7:a8:e1:39:9c:13:2e:68:d0:
e8:45:67:e7:25:12:24:64:a7:7d:16:ca:99:0e:7f:
aa:84:aa:05:da:cf:76:eb:98:a7:bf:65:e2:03:7b:
3b:21:e4:b8:6f:ae:3b:19:d5:1d:f1:b3:34:eb:34:
37:fa:a9:2b:b2:31:9c:7a:4e:11:a8:d1:26:23:97:
e6:c6:89:67:04:59:b0:b1:a0:4d:5c:26:26:a8:b8:
32:03:dd:1b:f6:6a:3c:fa:b2:d0:35:7d:f6:f8:c5:
49:c3:03:79:18:21:90:f3:97:99:e3:81:62:24:ea:
89:33:eb:4d:b9:ea:57:91:80:bf:b8:47:db:0f:46:
92:1f:8a:f5:e2:41:11:3e:21:e9:ec:c5:09:41:06:
9c:69:1a:29:51:70:67:69:89:38:ea:cc:2c:9e:76:
3b:dd:17:98:b1:ce:98:ab:90:c5:4e:ad:5b:9d:6d:
4b:7c:35:9b:1e:b0:56:f4:7b:82:3e:5a:62:31:05:
4d:3a:ab:7f:6e:07:3c:8f:ae:9b:11:73:a4:57:25:
4b:9c:f7:58:91:1b:b8:a8:37:94:a3:b6:32:15:92:
c4:36:57:40:58:a7:85:d1:d9:07:a0:74:7f:9c:de:
50:02:bd:f5:13:14:80:cc:f7:f0:a2:bb:66:48:42:
57:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:AE:DC:14:A6:0C:2B:F4:1E:CF:91:FA:01:BF:7D:BF:5F:04:5C:AC
X509v3 Authority Key Identifier:
keyid:B9:45:D2:2D:37:6F:CA:19:7B:2E:84:E1:EE:57:32:03:44:32:FF:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uUXSLTdvyhl7LoTh7lcyA0Qy_60.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/638a8e-7f08-42f5-a98c-4c5e67e5ee25/1/NK7cFKYMK_Qez5H6Ab99v18EXKw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/638a8e-7f08-42f5-a98c-4c5e67e5ee25/1/uUXSLTdvyhl7LoTh7lcyA0Qy_60.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.234.16.0/24
Signature Algorithm: sha256WithRSAEncryption
37:7d:57:c8:8b:c6:94:e6:f0:3b:30:f3:5c:ca:d0:c5:74:d4:
aa:2d:ff:62:5c:b4:9a:7f:02:b7:47:e1:3f:3c:74:91:ab:f0:
5e:a1:06:aa:3b:d7:ff:0b:24:19:b3:f3:0a:9e:c1:26:5d:fc:
cb:e4:6a:33:c1:b6:39:9d:3c:b2:fc:88:b3:ad:bc:7f:df:52:
9f:e0:bd:63:db:a0:3f:12:d1:5d:24:8a:40:48:fd:0a:a1:fe:
9a:bd:10:48:da:be:46:0e:26:60:a8:01:db:e4:02:68:2c:c3:
1a:25:c4:67:92:df:11:1a:21:73:f8:7a:c0:f4:dd:4b:72:a6:
31:e9:1a:f9:9b:1a:9b:1f:78:7c:98:34:ed:66:4f:df:95:94:
84:03:a6:a9:13:90:ea:36:42:93:54:8c:8d:b9:2a:85:2d:38:
75:9b:25:8a:d6:63:68:c0:22:d5:50:37:12:37:62:92:9d:4d:
8f:b8:47:2a:40:68:ac:a4:d6:0c:98:d0:9d:ba:60:9f:13:02:
6e:86:74:48:69:b6:55:27:63:09:ab:0c:af:af:88:70:68:ed:
ee:9c:3b:5b:3a:33:56:b8:76:7e:ec:95:2e:78:ca:ae:cf:c1:
57:46:1f:2b:49:74:72:0b:71:11:fc:cf:e8:35:57:43:17:34:
fb:5b:75:00
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt8gJQBJiU8NWS1HChP16jPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5NDVkMjJkMzc2ZmNhMTk3YjJlODRlMWVlNTczMjAzNDQz
MmZmYWQwHhcNMjYwMTAyMDIxOTE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGFlZGMxNGE2MGMyYmY0MWVjZjkxZmEwMWJmN2RiZjVmMDQ1Y2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoF01aobnqOE5nBMuaNDoRWfnJRIk
ZKd9FsqZDn+qhKoF2s9265inv2XiA3s7IeS4b647GdUd8bM06zQ3+qkrsjGcek4R
qNEmI5fmxolnBFmwsaBNXCYmqLgyA90b9mo8+rLQNX32+MVJwwN5GCGQ85eZ44Fi
JOqJM+tNuepXkYC/uEfbD0aSH4r14kERPiHp7MUJQQacaRopUXBnaYk46swsnnY7
3ReYsc6Yq5DFTq1bnW1LfDWbHrBW9HuCPlpiMQVNOqt/bgc8j66bEXOkVyVLnPdY
kRu4qDeUo7YyFZLENldAWKeF0dkHoHR/nN5QAr31ExSAzPfwortmSEJXTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDSu3BSmDCv0Hs+R+gG/fb9fBFysMB8GA1UdIwQY
MBaAFLlF0i03b8oZey6E4e5XMgNEMv+tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVVYU0xUZHZ5aGw3TG9UaDdsY3lBMFF5XzYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC82MzhhOGUtN2YwOC00MmY1LWE5OGMt
NGM1ZTY3ZTVlZTI1LzEvTks3Y0ZLWU1LX1FlejVINkFiOTl2MThFWEt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC82MzhhOGUtN2YwOC00MmY1LWE5OGMtNGM1ZTY3ZTVlZTI1
LzEvdVVYU0xUZHZ5aGw3TG9UaDdsY3lBMFF5XzYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw+oQMA0G
CSqGSIb3DQEBCwUAA4IBAQA3fVfIi8aU5vA7MPNcytDFdNSqLf9iXLSafwK3R+E/
PHSRq/BeoQaqO9f/CyQZs/MKnsEmXfzL5GozwbY5nTyy/Iizrbx/31Kf4L1j26A/
EtFdJIpASP0Kof6avRBI2r5GDiZgqAHb5AJoLMMaJcRnkt8RGiFz+HrA9N1LcqYx
6Rr5mxqbH3h8mDTtZk/flZSEA6apE5DqNkKTVIyNuSqFLTh1myWK1mNowCLVUDcS
N2KSnU2PuEcqQGispNYMmNCdumCfEwJuhnRIabZVJ2MJqwyvr4hwaO3unDtbOjNW
uHZ+7JUueMquz8FXRh8rSXRyC3ER/M/oNVdDFzT7W3UA
-----END CERTIFICATE-----
Generated at Thu Mar 26 08:17:48 2026 by rpki-client