Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/nE6wYHgGBuxz8FTwXNUK5B9PjQQ.roa
File: nE6wYHgGBuxz8FTwXNUK5B9PjQQ.roa (raw, json)
Hash identifier: lXZsBeZay6RXKXdRBv9xz0vCpEN1NRS9ZSpZrVGkY/o=
Subject key identifier: 9C:4E:B0:60:78:06:06:EC:73:F0:54:F0:5C:D5:0A:E4:1F:4F:8D:04
Certificate issuer: /CN=0a7327805df20fb5c1d6f4e89074743caeb24af7
Certificate serial: 019D71ECD736CF32029CDD4D44EC6901AA80
Authority key identifier: 0A:73:27:80:5D:F2:0F:B5:C1:D6:F4:E8:90:74:74:3C:AE:B2:4A:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CnMngF3yD7XB1vTokHR0PK6ySvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/nE6wYHgGBuxz8FTwXNUK5B9PjQQ.roa
Signing time: Thu 09 Apr 2026 11:07:20 +0000
ROA not before: Thu 09 Apr 2026 11:07:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 197968
IP address blocks: 82.115.54.0/24 maxlen: 24
91.147.109.0/24 maxlen: 24
109.175.175.0/24 maxlen: 24
109.175.225.0/24 maxlen: 24
212.108.86.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/CnMngF3yD7XB1vTokHR0PK6ySvc.crl
rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/CnMngF3yD7XB1vTokHR0PK6ySvc.mft
rsync://rpki.ripe.net/repository/DEFAULT/CnMngF3yD7XB1vTokHR0PK6ySvc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 16:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:71:ec:d7:36:cf:32:02:9c:dd:4d:44:ec:69:01:aa:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a7327805df20fb5c1d6f4e89074743caeb24af7
Validity
Not Before: Apr 9 11:07:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9c4eb060780606ec73f054f05cd50ae41f4f8d04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:22:11:50:28:09:70:ab:f2:b8:bb:35:dc:f8:
f5:81:79:f1:b1:bd:64:90:ce:35:49:89:e8:8b:9b:
df:66:64:d3:38:9c:1a:28:d3:2b:7c:92:9e:c2:b3:
a5:83:04:8d:de:2f:40:cb:63:72:41:a7:38:dd:39:
56:f3:8c:5a:b4:ce:39:c4:c8:bf:21:be:27:ee:a0:
2d:e4:49:f4:61:53:72:7d:73:54:85:0c:0f:02:c0:
cf:68:d5:83:05:df:a1:8e:97:f6:22:9e:b3:41:6e:
9a:93:8b:fb:ac:c0:77:33:f4:cd:02:89:ea:b6:83:
25:7a:49:70:25:4f:67:10:37:ff:81:dc:e3:7c:0a:
b4:61:32:e2:15:e9:68:9c:01:25:8d:61:38:af:9e:
79:0b:c6:8b:f6:fc:36:b8:d3:b9:75:d1:65:62:91:
94:9f:60:6c:fb:3e:18:91:82:c8:63:ac:92:67:6b:
a8:ac:da:f2:94:03:8c:2c:ad:aa:9a:7d:65:47:7c:
a4:08:7b:0c:84:94:2b:fe:17:3e:1c:50:17:cd:66:
1a:3a:c6:89:71:90:90:c1:26:2b:b2:84:07:d0:8a:
d9:cf:0e:41:fe:ff:4e:90:52:da:6f:4d:01:a1:99:
15:e6:e6:8d:86:14:d0:0c:10:ac:4d:fb:72:4b:c3:
94:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:4E:B0:60:78:06:06:EC:73:F0:54:F0:5C:D5:0A:E4:1F:4F:8D:04
X509v3 Authority Key Identifier:
keyid:0A:73:27:80:5D:F2:0F:B5:C1:D6:F4:E8:90:74:74:3C:AE:B2:4A:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CnMngF3yD7XB1vTokHR0PK6ySvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/nE6wYHgGBuxz8FTwXNUK5B9PjQQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/CnMngF3yD7XB1vTokHR0PK6ySvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.115.54.0/24
91.147.109.0/24
109.175.175.0/24
109.175.225.0/24
212.108.86.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:c2:67:b2:ca:45:01:7d:f6:6b:55:76:e0:cd:e0:25:38:c3:
60:82:5a:48:d2:7a:e1:94:e6:22:2f:52:43:72:8b:26:d3:99:
fd:f7:77:0b:49:01:cb:15:e4:be:77:4b:55:44:99:6f:d0:29:
ca:2d:f2:6a:33:aa:29:8d:ec:28:aa:b1:0c:92:67:5a:65:15:
6f:37:99:55:d3:f7:50:eb:13:68:34:da:1d:f6:82:e0:29:50:
dd:e9:41:be:88:7c:42:ee:fe:da:ac:05:b0:16:d6:28:c1:00:
38:36:f5:27:5a:a3:48:5a:16:2e:f0:08:16:e5:d9:59:1a:87:
11:66:f2:aa:35:4e:74:33:35:5e:0f:0f:10:3e:c4:6f:71:6f:
3d:2c:e4:e6:73:ff:ba:60:11:f1:85:d9:5f:0a:c0:31:20:8d:
71:22:e1:4b:05:2c:b7:30:e3:9e:93:0b:5e:c1:96:42:ae:0a:
4f:dd:f7:25:c4:72:fa:c1:cc:6e:59:ee:90:35:1a:8f:c8:8f:
63:fc:f7:91:65:eb:77:cf:c4:f3:10:36:ff:40:68:45:81:bb:
48:19:9d:1f:e4:ab:ca:1a:88:ba:bb:1c:d5:bc:77:72:1d:ca:
ce:3b:01:11:1d:47:23:e0:15:39:31:f9:46:fc:7a:ad:e2:37:
f7:8f:c5:86
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ1x7Nc2zzICnN1NROxpAaqAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhNzMyNzgwNWRmMjBmYjVjMWQ2ZjRlODkwNzQ3NDNjYWVi
MjRhZjcwHhcNMjYwNDA5MTEwNzIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzRlYjA2MDc4MDYwNmVjNzNmMDU0ZjA1Y2Q1MGFlNDFmNGY4ZDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsiIRUCgJcKvyuLs13Pj1gXnxsb1k
kM41SYnoi5vfZmTTOJwaKNMrfJKewrOlgwSN3i9Ay2NyQac43TlW84xatM45xMi/
Ib4n7qAt5En0YVNyfXNUhQwPAsDPaNWDBd+hjpf2Ip6zQW6ak4v7rMB3M/TNAonq
toMleklwJU9nEDf/gdzjfAq0YTLiFelonAEljWE4r555C8aL9vw2uNO5ddFlYpGU
n2Bs+z4YkYLIY6ySZ2uorNrylAOMLK2qmn1lR3ykCHsMhJQr/hc+HFAXzWYaOsaJ
cZCQwSYrsoQH0IrZzw5B/v9OkFLab00BoZkV5uaNhhTQDBCsTftyS8OULwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJxOsGB4Bgbsc/BU8FzVCuQfT40EMB8GA1UdIwQY
MBaAFApzJ4Bd8g+1wdb06JB0dDyuskr3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ25NbmdGM3lEN1hCMXZUb2tIUjBQSzZ5U3ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS84YjFmYWMtNWEyMS00ODQ4LWE2NmEt
MTBiYjQ1NzlkNTI4LzEvbkU2d1lIZ0dCdXh6OEZUd1hOVUs1QjlQalFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS84YjFmYWMtNWEyMS00ODQ4LWE2NmEtMTBiYjQ1NzlkNTI4
LzEvQ25NbmdGM3lEN1hCMXZUb2tIUjBQSzZ5U3ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAUnM2AwQA
W5NtAwQAba+vAwQAba/hAwQA1GxWMA0GCSqGSIb3DQEBCwUAA4IBAQBrwmeyykUB
ffZrVXbgzeAlOMNgglpI0nrhlOYiL1JDcosm05n993cLSQHLFeS+d0tVRJlv0CnK
LfJqM6opjewoqrEMkmdaZRVvN5lV0/dQ6xNoNNod9oLgKVDd6UG+iHxC7v7arAWw
FtYowQA4NvUnWqNIWhYu8AgW5dlZGocRZvKqNU50MzVeDw8QPsRvcW89LOTmc/+6
YBHxhdlfCsAxII1xIuFLBSy3MOOekwtewZZCrgpP3fclxHL6wcxuWe6QNRqPyI9j
/PeRZet3z8TzEDb/QGhFgbtIGZ0f5KvKGoi6uxzVvHdyHcrOOwERHUcj4BU5MflG
/Hqt4jf3j8WG
-----END CERTIFICATE-----
Generated at Fri Apr 17 19:09:51 2026 by rpki-client