Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/nfSZBgblqY4hDbV-RAcbJ9qyUpc.roa
File: nfSZBgblqY4hDbV-RAcbJ9qyUpc.roa (raw, json)
Hash identifier: 8ijpB21chkCGF/aduPmL2pt7xjwG/XOf0XxCs4lLVxo=
Subject key identifier: 9D:F4:99:06:06:E5:A9:8E:21:0D:B5:7E:44:07:1B:27:DA:B2:52:97
Certificate issuer: /CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
Certificate serial: 019E856D8243C849F53B659C3B3BCD66E225
Authority key identifier: 83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/nfSZBgblqY4hDbV-RAcbJ9qyUpc.roa
Signing time: Mon 01 Jun 2026 23:03:26 +0000
ROA not before: Mon 01 Jun 2026 23:03:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 42615
IP address blocks: 185.186.11.0/24 maxlen: 24
2a0b:6b81:3::/48 maxlen: 48
2a0b:6b81:4::/48 maxlen: 48
2a0b:6b81:401::/48 maxlen: 48
2a0b:6b81:403::/48 maxlen: 48
2a0b:6b86:1300::/40 maxlen: 40
2a0b:6b87::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/g1vJu1R-J3iNIhvIu9X7AuAkSA8.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/g1vJu1R-J3iNIhvIu9X7AuAkSA8.mft
rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:85:6d:82:43:c8:49:f5:3b:65:9c:3b:3b:cd:66:e2:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
Validity
Not Before: Jun 1 23:03:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9df4990606e5a98e210db57e44071b27dab25297
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:d9:b7:c8:c8:49:b7:4a:2e:49:f6:76:cf:ae:
46:76:48:a4:88:0c:f9:bb:1f:6c:8c:44:6c:86:8a:
86:58:fe:8a:e4:dd:f4:a4:0c:9c:5c:89:7b:db:17:
b9:3f:61:60:c0:88:ac:ed:09:76:5c:e8:0f:e8:9f:
e2:1c:d4:37:98:14:ed:8c:ad:a6:40:20:5e:54:d5:
8f:d8:7c:d6:47:f0:69:94:3a:b3:a9:50:f3:09:22:
3d:34:52:7e:b0:b3:12:53:b2:fc:e0:80:50:98:46:
7f:76:97:c1:c8:a9:fb:22:cb:0f:7d:bc:f2:ad:d1:
79:4f:4b:e1:43:c3:64:29:28:6d:31:f5:c4:e2:f8:
3a:8f:37:71:4b:f3:70:c1:c4:c0:90:09:67:f2:7c:
43:99:09:4b:40:2b:a9:2d:92:d9:2b:27:f3:99:0a:
13:9c:56:a5:4d:ad:fe:8b:c8:cc:91:24:64:c3:dd:
9a:c0:31:68:d1:dd:85:b3:62:7b:b1:2c:62:b5:25:
6b:15:7e:29:47:b5:66:8a:6b:13:23:4f:27:69:da:
40:47:7a:84:20:e1:e0:13:48:9d:19:2d:e4:ee:99:
7c:54:46:d1:d1:28:c3:e6:74:af:26:2f:de:6f:0e:
85:0d:f4:b0:0a:b6:36:73:09:a2:e0:ab:5a:b9:33:
ea:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:F4:99:06:06:E5:A9:8E:21:0D:B5:7E:44:07:1B:27:DA:B2:52:97
X509v3 Authority Key Identifier:
keyid:83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/nfSZBgblqY4hDbV-RAcbJ9qyUpc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/g1vJu1R-J3iNIhvIu9X7AuAkSA8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.186.11.0/24
IPv6:
2a0b:6b81:3::-2a0b:6b81:4:ffff:ffff:ffff:ffff:ffff
2a0b:6b81:401::/48
2a0b:6b81:403::/48
2a0b:6b86:1300::/40
2a0b:6b87::/32
Signature Algorithm: sha256WithRSAEncryption
a4:76:22:46:5e:5b:a3:7f:f9:0d:32:1d:2f:a8:23:e0:67:06:
24:b1:60:07:57:26:90:29:93:b9:00:77:fb:f7:24:92:05:4d:
60:50:da:fd:e3:5c:21:6d:47:0b:a1:02:4b:49:1d:2e:7d:82:
30:86:60:52:59:63:b2:d9:0d:d4:33:c2:6c:3a:36:8c:df:a4:
94:2c:09:b9:c3:13:58:3c:e1:14:85:2e:70:c5:26:7f:04:01:
5c:95:82:43:66:2d:6a:ae:c3:7a:d7:c8:4b:d1:c6:1f:80:47:
5e:0a:07:20:91:35:d7:4c:a3:97:15:3d:0e:2a:81:29:10:29:
3f:01:32:7f:54:4f:3c:16:9e:26:84:6d:d5:7e:d9:f2:42:81:
9b:e1:ec:0a:69:eb:98:ed:20:b6:8c:67:ab:e4:26:cc:8e:63:
eb:7d:f3:f2:40:b6:c4:97:40:5d:c8:0a:45:7e:bb:7e:7c:2b:
d2:3d:27:0f:51:eb:6c:dc:0d:1c:b6:d8:56:e0:2e:6a:dd:07:
bd:92:ff:91:ed:f2:69:30:d1:7a:bc:d9:fc:92:c4:d6:b0:01:
d0:0f:46:8c:07:8e:62:70:7c:53:f5:c3:9c:96:27:4b:7f:3f:
04:07:de:f3:32:a3:79:8d:b2:8e:fa:d7:d1:e6:22:32:52:ca:
bc:57:50:6f
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgISAZ6FbYJDyEn1O2WcOzvNZuIlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzNWJjOWJiNTQ3ZTI3Nzg4ZDIyMWJjOGJiZDVmYjAyZTAy
NDQ4MGYwHhcNMjYwNjAxMjMwMzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGY0OTkwNjA2ZTVhOThlMjEwZGI1N2U0NDA3MWIyN2RhYjI1Mjk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Nm3yMhJt0ouSfZ2z65GdkikiAz5
ux9sjERshoqGWP6K5N30pAycXIl72xe5P2FgwIis7Ql2XOgP6J/iHNQ3mBTtjK2m
QCBeVNWP2HzWR/BplDqzqVDzCSI9NFJ+sLMSU7L84IBQmEZ/dpfByKn7IssPfbzy
rdF5T0vhQ8NkKShtMfXE4vg6jzdxS/NwwcTAkAln8nxDmQlLQCupLZLZKyfzmQoT
nFalTa3+i8jMkSRkw92awDFo0d2Fs2J7sSxitSVrFX4pR7VmimsTI08nadpAR3qE
IOHgE0idGS3k7pl8VEbR0SjD5nSvJi/ebw6FDfSwCrY2cwmi4KtauTPqIwIDAQAB
o4ICRjCCAkIwHQYDVR0OBBYEFJ30mQYG5amOIQ21fkQHGyfaslKXMB8GA1UdIwQY
MBaAFINbybtUfid4jSIbyLvV+wLgJEgPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzF2SnUxUi1KM2lOSWh2SXU5WDdBdUFrU0E4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC85NjJmYjEtM2RmMC00ZWMyLWI1MGEt
YjM2YTI0ZDM5NDI3LzEvbmZTWkJnYmxxWTRoRGJWLVJBY2JKOXF5VXBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC85NjJmYjEtM2RmMC00ZWMyLWI1MGEtYjM2YTI0ZDM5NDI3
LzEvZzF2SnUxUi1KM2lOSWh2SXU5WDdBdUFrU0E4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFwGCCsGAQUFBwEHAQH/BE0wSzAMBAIAATAGAwQAuboLMDsE
AgACMDUwEgMHACoLa4EAAwMHACoLa4EABAMHACoLa4EEAQMHACoLa4EEAwMGACoL
a4YTAwUAKgtrhzANBgkqhkiG9w0BAQsFAAOCAQEApHYiRl5bo3/5DTIdL6gj4GcG
JLFgB1cmkCmTuQB3+/ckkgVNYFDa/eNcIW1HC6ECS0kdLn2CMIZgUlljstkN1DPC
bDo2jN+klCwJucMTWDzhFIUucMUmfwQBXJWCQ2Ytaq7DetfIS9HGH4BHXgoHIJE1
10yjlxU9DiqBKRApPwEyf1RPPBaeJoRt1X7Z8kKBm+HsCmnrmO0gtoxnq+QmzI5j
633z8kC2xJdAXcgKRX67fnwr0j0nD1HrbNwNHLbYVuAuat0HvZL/ke3yaTDRerzZ
/JLE1rAB0A9GjAeOYnB8U/XDnJYnS38/BAfe8zKjeY2yjvrX0eYiMlLKvFdQbw==
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:56:30 2026 by rpki-client