Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/e11224-61c7-4786-86e9-238fee692430/1/nW3IwE5roVsnBgu9z0_CgUuzIkE.roa
File: nW3IwE5roVsnBgu9z0_CgUuzIkE.roa (raw, json)
Hash identifier: W9YQgHEfBWzENVLpd45FQgo4EBkxudFGiV0/tWzb3uI=
Subject key identifier: 9D:6D:C8:C0:4E:6B:A1:5B:27:06:0B:BD:CF:4F:C2:81:4B:B3:22:41
Certificate issuer: /CN=0e2e4fd219f5b77ce80cdfaf9e3a6441dec50042
Certificate serial: 019D911FE7344D51D284AE56F7D598C8F478
Authority key identifier: 0E:2E:4F:D2:19:F5:B7:7C:E8:0C:DF:AF:9E:3A:64:41:DE:C5:00:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Di5P0hn1t3zoDN-vnjpkQd7FAEI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/e11224-61c7-4786-86e9-238fee692430/1/nW3IwE5roVsnBgu9z0_CgUuzIkE.roa
Signing time: Wed 15 Apr 2026 12:31:20 +0000
ROA not before: Wed 15 Apr 2026 12:31:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 44574
IP address blocks: 91.230.181.0/24 maxlen: 24
95.215.174.0/24 maxlen: 24
193.9.248.0/24 maxlen: 24
193.104.113.0/24 maxlen: 24
193.150.34.0/24 maxlen: 24
193.238.80.0/22 maxlen: 22
2001:678:498::/48 maxlen: 48
2001:678:49c::/48 maxlen: 48
2001:678:4a0::/48 maxlen: 48
2001:678:4a4::/48 maxlen: 48
2001:67c:16d0::/48 maxlen: 48
2001:67c:16d1::/48 maxlen: 48
2001:67c:1954::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/e11224-61c7-4786-86e9-238fee692430/1/Di5P0hn1t3zoDN-vnjpkQd7FAEI.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/e11224-61c7-4786-86e9-238fee692430/1/Di5P0hn1t3zoDN-vnjpkQd7FAEI.mft
rsync://rpki.ripe.net/repository/DEFAULT/Di5P0hn1t3zoDN-vnjpkQd7FAEI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 16:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:91:1f:e7:34:4d:51:d2:84:ae:56:f7:d5:98:c8:f4:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e2e4fd219f5b77ce80cdfaf9e3a6441dec50042
Validity
Not Before: Apr 15 12:31:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9d6dc8c04e6ba15b27060bbdcf4fc2814bb32241
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:cc:61:da:29:44:be:36:5f:70:56:17:78:1a:
cc:89:7a:3c:08:c6:1c:9c:7b:af:64:8a:8e:4a:70:
87:e4:c9:db:dd:ef:00:70:29:a0:ee:e3:8c:cd:6d:
f9:d5:c1:32:05:61:dd:fb:7f:9d:49:76:2b:40:ec:
10:7d:63:3a:95:fe:ba:eb:43:43:35:bc:e2:a9:40:
a5:cc:8c:48:a8:ec:c9:81:13:dc:1c:d1:db:8c:2d:
a5:d3:bd:77:da:28:0f:d0:a8:38:bf:27:98:bd:6d:
fa:5a:27:6d:a4:20:9f:45:57:a4:24:30:5d:5f:0f:
88:d7:9b:1a:8d:7f:ba:b6:3c:ad:b6:50:4a:41:69:
9d:8c:59:81:e7:a0:df:51:4e:26:07:b7:f9:5a:88:
3c:d9:c0:0c:35:2b:36:02:43:b2:a9:87:fd:08:4a:
e0:df:12:cc:63:df:6e:67:f4:7d:e4:19:3f:6e:85:
c7:a4:8e:da:c1:8d:c6:3e:33:5b:0b:20:a9:a9:cb:
0c:02:09:1c:c5:be:f9:41:16:39:cc:20:cf:c8:2c:
71:0f:58:ab:07:58:e8:c8:07:76:c1:ec:54:e1:a0:
bd:90:30:76:93:ab:b7:67:fe:20:a4:3c:32:05:e2:
22:8f:62:7b:12:a1:c9:b8:d7:93:44:4d:c1:08:31:
0b:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:6D:C8:C0:4E:6B:A1:5B:27:06:0B:BD:CF:4F:C2:81:4B:B3:22:41
X509v3 Authority Key Identifier:
keyid:0E:2E:4F:D2:19:F5:B7:7C:E8:0C:DF:AF:9E:3A:64:41:DE:C5:00:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Di5P0hn1t3zoDN-vnjpkQd7FAEI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/e11224-61c7-4786-86e9-238fee692430/1/nW3IwE5roVsnBgu9z0_CgUuzIkE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/e11224-61c7-4786-86e9-238fee692430/1/Di5P0hn1t3zoDN-vnjpkQd7FAEI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.181.0/24
95.215.174.0/24
193.9.248.0/24
193.104.113.0/24
193.150.34.0/24
193.238.80.0/22
IPv6:
2001:678:498::/48
2001:678:49c::/48
2001:678:4a0::/48
2001:678:4a4::/48
2001:67c:16d0::/47
2001:67c:1954::/48
Signature Algorithm: sha256WithRSAEncryption
47:13:73:52:a2:02:cf:92:65:f2:f8:0d:86:b3:f1:89:6f:8d:
c8:c4:ff:71:91:da:ee:ea:eb:fa:cd:83:c9:4b:74:c2:31:aa:
5f:62:b1:9b:bd:1a:07:44:47:6c:1b:d4:15:21:a4:e1:4f:7a:
7a:35:f9:3f:c5:00:d4:67:6c:07:ef:73:15:93:4f:1d:b6:54:
d5:92:e6:9a:9c:13:4b:36:d2:d4:6d:a8:1c:d9:4f:4a:48:a0:
1c:ab:38:7b:17:e6:ff:53:c0:03:0b:6b:6a:aa:a6:67:64:7f:
94:3e:a5:9e:bf:46:f9:7c:47:25:df:b5:8b:da:b5:79:f7:37:
30:e0:ec:a0:c4:af:29:4c:67:40:95:44:cd:1f:0d:3d:44:6c:
37:13:a5:30:36:2f:e6:75:f2:1b:cc:0e:60:46:21:ea:71:2d:
b8:a9:78:38:78:df:77:bc:ee:50:4b:8d:87:3c:22:ae:88:7e:
0d:2e:69:8c:30:69:f5:9c:71:e3:f2:30:19:3f:8a:a2:f7:a1:
4d:c8:b6:43:75:34:76:6b:fb:2f:44:d1:ca:0b:82:8f:23:4c:
41:b3:a3:ca:78:93:bb:51:28:42:af:8d:87:74:98:6f:6f:34:
09:33:10:50:ff:cb:05:12:28:85:d3:8e:65:50:cb:1a:6d:40:
24:d8:09:3b
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAZ2RH+c0TVHShK5W99WYyPR4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlMmU0ZmQyMTlmNWI3N2NlODBjZGZhZjllM2E2NDQxZGVj
NTAwNDIwHhcNMjYwNDE1MTIzMTIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDZkYzhjMDRlNmJhMTViMjcwNjBiYmRjZjRmYzI4MTRiYjMyMjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx8xh2ilEvjZfcFYXeBrMiXo8CMYc
nHuvZIqOSnCH5Mnb3e8AcCmg7uOMzW351cEyBWHd+3+dSXYrQOwQfWM6lf6660ND
NbziqUClzIxIqOzJgRPcHNHbjC2l07132igP0Kg4vyeYvW36WidtpCCfRVekJDBd
Xw+I15sajX+6tjyttlBKQWmdjFmB56DfUU4mB7f5Wog82cAMNSs2AkOyqYf9CErg
3xLMY99uZ/R95Bk/boXHpI7awY3GPjNbCyCpqcsMAgkcxb75QRY5zCDPyCxxD1ir
B1joyAd2wexU4aC9kDB2k6u3Z/4gpDwyBeIij2J7EqHJuNeTRE3BCDELVwIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFJ1tyMBOa6FbJwYLvc9PwoFLsyJBMB8GA1UdIwQY
MBaAFA4uT9IZ9bd86Azfr546ZEHexQBCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGk1UDBobjF0M3pvRE4tdm5qcGtRZDdGQUVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS9lMTEyMjQtNjFjNy00Nzg2LTg2ZTkt
MjM4ZmVlNjkyNDMwLzEvblczSXdFNXJvVnNuQmd1OXowX0NnVXV6SWtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS9lMTEyMjQtNjFjNy00Nzg2LTg2ZTktMjM4ZmVlNjkyNDMw
LzEvRGk1UDBobjF0M3pvRE4tdm5qcGtRZDdGQUVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajAqBAIAATAkAwQAW+a1AwQA
X9euAwQAwQn4AwQAwWhxAwQAwZYiAwQCwe5QMDwEAgACMDYDBwAgAQZ4BJgDBwAg
AQZ4BJwDBwAgAQZ4BKADBwAgAQZ4BKQDBwEgAQZ8FtADBwAgAQZ8GVQwDQYJKoZI
hvcNAQELBQADggEBAEcTc1KiAs+SZfL4DYaz8YlvjcjE/3GR2u7q6/rNg8lLdMIx
ql9isZu9GgdER2wb1BUhpOFPeno1+T/FANRnbAfvcxWTTx22VNWS5pqcE0s20tRt
qBzZT0pIoByrOHsX5v9TwAMLa2qqpmdkf5Q+pZ6/Rvl8RyXftYvatXn3NzDg7KDE
rylMZ0CVRM0fDT1EbDcTpTA2L+Z18hvMDmBGIepxLbipeDh433e87lBLjYc8Iq6I
fg0uaYwwafWccePyMBk/iqL3oU3ItkN1NHZr+y9E0coLgo8jTEGzo8p4k7tRKEKv
jYd0mG9vNAkzEFD/ywUSKIXTjmVQyxptQCTYCTs=
-----END CERTIFICATE-----
Generated at Fri Apr 17 21:13:21 2026 by rpki-client