Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/b659fc-6b9b-4847-b6a3-4660fad83985/1/nN1vJKXnh7cBHLy2sd7dD0QgOGI.roa
File: nN1vJKXnh7cBHLy2sd7dD0QgOGI.roa (raw, json)
Hash identifier: 5guFUg6Oi5MmxQ+r87vyLbR34PherKnPHqG39PlmmF4=
Subject key identifier: 9C:DD:6F:24:A5:E7:87:B7:01:1C:BC:B6:B1:DE:DD:0F:44:20:38:62
Certificate issuer: /CN=ec3d3d7e5cbf18af66b7f5b4a5e0ac19ecd39876
Certificate serial: 019E6CDAEB770F6E93791D4B634824E9DDA0
Authority key identifier: EC:3D:3D:7E:5C:BF:18:AF:66:B7:F5:B4:A5:E0:AC:19:EC:D3:98:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7D09fly_GK9mt_W0peCsGezTmHY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/b659fc-6b9b-4847-b6a3-4660fad83985/1/nN1vJKXnh7cBHLy2sd7dD0QgOGI.roa
Signing time: Thu 28 May 2026 04:32:26 +0000
ROA not before: Thu 28 May 2026 04:32:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 51483
IP address blocks: 46.235.112.0/21 maxlen: 21
46.235.118.0/24 maxlen: 24
46.235.119.0/24 maxlen: 24
46.254.136.0/21 maxlen: 21
95.142.64.0/20 maxlen: 20
128.0.192.0/21 maxlen: 21
185.74.224.0/22 maxlen: 22
2a00:1100::/29 maxlen: 29
2a00:1100::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/b659fc-6b9b-4847-b6a3-4660fad83985/1/7D09fly_GK9mt_W0peCsGezTmHY.crl
rsync://rpki.ripe.net/repository/DEFAULT/e8/b659fc-6b9b-4847-b6a3-4660fad83985/1/7D09fly_GK9mt_W0peCsGezTmHY.mft
rsync://rpki.ripe.net/repository/DEFAULT/7D09fly_GK9mt_W0peCsGezTmHY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:6c:da:eb:77:0f:6e:93:79:1d:4b:63:48:24:e9:dd:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec3d3d7e5cbf18af66b7f5b4a5e0ac19ecd39876
Validity
Not Before: May 28 04:32:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9cdd6f24a5e787b7011cbcb6b1dedd0f44203862
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:33:fc:59:9f:ee:ad:d5:f2:d7:3f:7a:39:86:
b8:91:27:b8:36:a9:e9:67:e6:fd:c5:bd:be:03:eb:
d3:01:49:7d:f8:64:5b:45:ef:96:12:16:bc:59:2c:
2d:aa:0c:f9:40:64:e6:6b:2e:03:c2:56:5d:01:2a:
5c:4a:95:03:79:f0:ee:ad:7d:f6:fc:1d:ce:c3:12:
c0:28:d2:a0:15:9a:88:18:15:e1:ef:d4:73:24:a8:
ee:46:68:21:74:df:b7:4a:96:73:4f:1a:d5:5c:20:
ad:c4:e1:bd:97:0e:00:54:51:de:ba:ce:79:ec:4a:
09:e3:f7:16:bc:4e:b5:d5:f2:bd:8a:ff:60:11:6b:
2a:ee:68:14:3f:eb:30:9d:54:55:c7:91:19:51:57:
7e:02:e0:86:3d:4d:e7:a5:23:f5:5c:35:48:49:6b:
64:3b:74:01:6c:19:75:37:76:b4:c2:21:3b:0e:a3:
b4:3b:e5:10:77:81:e1:bf:cd:97:44:1e:04:70:ed:
1a:48:61:a6:da:7e:0d:80:c9:ad:dc:19:14:4d:34:
e5:41:1b:e5:8a:db:db:13:18:62:48:24:b6:12:b2:
d7:45:75:04:3f:8a:18:d5:1e:3c:ed:b2:4d:79:e7:
75:b6:21:3d:04:4b:cf:af:82:37:54:9f:dd:59:15:
3a:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:DD:6F:24:A5:E7:87:B7:01:1C:BC:B6:B1:DE:DD:0F:44:20:38:62
X509v3 Authority Key Identifier:
keyid:EC:3D:3D:7E:5C:BF:18:AF:66:B7:F5:B4:A5:E0:AC:19:EC:D3:98:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7D09fly_GK9mt_W0peCsGezTmHY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/b659fc-6b9b-4847-b6a3-4660fad83985/1/nN1vJKXnh7cBHLy2sd7dD0QgOGI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/b659fc-6b9b-4847-b6a3-4660fad83985/1/7D09fly_GK9mt_W0peCsGezTmHY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.235.112.0/21
46.254.136.0/21
95.142.64.0/20
128.0.192.0/21
185.74.224.0/22
IPv6:
2a00:1100::/29
Signature Algorithm: sha256WithRSAEncryption
bb:67:31:3c:99:58:bc:bb:25:bf:19:51:af:d5:e4:be:07:ba:
1e:f4:7a:76:e1:13:c2:2d:34:9d:c6:68:7f:19:69:6d:b4:4c:
f1:92:93:84:cb:20:58:39:0c:37:f7:f0:05:35:40:05:f5:e2:
e2:f7:ea:04:ff:8c:16:da:a0:a7:9e:68:29:17:b9:cd:9a:1b:
57:75:ff:92:4d:8e:57:4b:cc:ca:57:52:18:86:6b:d7:13:86:
75:a3:2e:06:0d:cf:51:c8:5b:32:7e:7b:8b:d7:ae:80:48:ff:
9e:e6:6b:4e:a8:43:75:58:e6:ef:c4:b4:af:d7:0c:d3:bf:e9:
3c:af:03:f9:e6:79:76:58:65:9b:58:ea:9e:45:2d:bd:8e:2d:
d4:f0:4d:26:82:a5:9c:ad:11:8b:9b:1d:b3:c7:5a:e6:35:d1:
0d:27:7c:6b:e3:7d:ce:2b:f9:c5:80:9b:c4:de:67:7c:64:f3:
44:c3:d4:bb:63:95:a0:98:c9:5a:62:dc:d5:db:e0:fa:3d:62:
e0:52:cd:01:5e:2c:e8:16:3c:54:1f:7f:37:68:28:64:9a:a2:
8e:ad:a7:8c:90:57:dc:bb:c0:85:0e:1c:0c:11:25:3a:fd:a1:
c1:58:e8:ff:b5:de:3f:7a:88:56:ad:46:ac:f9:82:c7:b8:1f:
40:09:da:5b
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZ5s2ut3D26TeR1LY0gk6d2gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjM2QzZDdlNWNiZjE4YWY2NmI3ZjViNGE1ZTBhYzE5ZWNk
Mzk4NzYwHhcNMjYwNTI4MDQzMjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2RkNmYyNGE1ZTc4N2I3MDExY2JjYjZiMWRlZGQwZjQ0MjAzODYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzjP8WZ/urdXy1z96OYa4kSe4Nqnp
Z+b9xb2+A+vTAUl9+GRbRe+WEha8WSwtqgz5QGTmay4DwlZdASpcSpUDefDurX32
/B3OwxLAKNKgFZqIGBXh79RzJKjuRmghdN+3SpZzTxrVXCCtxOG9lw4AVFHeus55
7EoJ4/cWvE611fK9iv9gEWsq7mgUP+swnVRVx5EZUVd+AuCGPU3npSP1XDVISWtk
O3QBbBl1N3a0wiE7DqO0O+UQd4Hhv82XRB4EcO0aSGGm2n4NgMmt3BkUTTTlQRvl
itvbExhiSCS2ErLXRXUEP4oY1R487bJNeed1tiE9BEvPr4I3VJ/dWRU6oQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFJzdbySl54e3ARy8trHe3Q9EIDhiMB8GA1UdIwQY
MBaAFOw9PX5cvxivZrf1tKXgrBns05h2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0QwOWZseV9HSzltdF9XMHBlQ3NHZXpUbUhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC9iNjU5ZmMtNmI5Yi00ODQ3LWI2YTMt
NDY2MGZhZDgzOTg1LzEvbk4xdkpLWG5oN2NCSEx5MnNkN2REMFFnT0dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC9iNjU5ZmMtNmI5Yi00ODQ3LWI2YTMtNDY2MGZhZDgzOTg1
LzEvN0QwOWZseV9HSzltdF9XMHBlQ3NHZXpUbUhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDLutwAwQD
Lv6IAwQEX45AAwQDgADAAwQCuUrgMA0EAgACMAcDBQMqABEAMA0GCSqGSIb3DQEB
CwUAA4IBAQC7ZzE8mVi8uyW/GVGv1eS+B7oe9Hp24RPCLTSdxmh/GWlttEzxkpOE
yyBYOQw39/AFNUAF9eLi9+oE/4wW2qCnnmgpF7nNmhtXdf+STY5XS8zKV1IYhmvX
E4Z1oy4GDc9RyFsyfnuL166ASP+e5mtOqEN1WObvxLSv1wzTv+k8rwP55nl2WGWb
WOqeRS29ji3U8E0mgqWcrRGLmx2zx1rmNdENJ3xr433OK/nFgJvE3md8ZPNEw9S7
Y5WgmMlaYtzV2+D6PWLgUs0BXizoFjxUH383aChkmqKOraeMkFfcu8CFDhwMESU6
/aHBWOj/td4/eohWrUas+YLHuB9ACdpb
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:50:09 2026 by rpki-client