Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/cd15c7-476a-4c57-baf4-de5f7bf59839/1/nFvWfDmdA4w-eOPl1iI29l0M11o.roa
File: nFvWfDmdA4w-eOPl1iI29l0M11o.roa (raw, json)
Hash identifier: YH4sjz1pTNKzvb/IKs7YTBao+YJ5rAwc92PaA6bK114=
Subject key identifier: 9C:5B:D6:7C:39:9D:03:8C:3E:78:E3:E5:D6:22:36:F6:5D:0C:D7:5A
Certificate issuer: /CN=11e2a78ddc7f139f0c22a2a63662b4812ae5132e
Certificate serial: 019E63282942A14431F1374A0F24E8093202
Authority key identifier: 11:E2:A7:8D:DC:7F:13:9F:0C:22:A2:A6:36:62:B4:81:2A:E5:13:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EeKnjdx_E58MIqKmNmK0gSrlEy4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/cd15c7-476a-4c57-baf4-de5f7bf59839/1/nFvWfDmdA4w-eOPl1iI29l0M11o.roa
Signing time: Tue 26 May 2026 07:20:36 +0000
ROA not before: Tue 26 May 2026 07:20:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 198121
IP address blocks: 86.54.11.0/24 maxlen: 24
86.54.105.0/24 maxlen: 24
2a13:1001::/48 maxlen: 48
2a13:1002:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/cd15c7-476a-4c57-baf4-de5f7bf59839/1/EeKnjdx_E58MIqKmNmK0gSrlEy4.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/cd15c7-476a-4c57-baf4-de5f7bf59839/1/EeKnjdx_E58MIqKmNmK0gSrlEy4.mft
rsync://rpki.ripe.net/repository/DEFAULT/EeKnjdx_E58MIqKmNmK0gSrlEy4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 10:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:63:28:29:42:a1:44:31:f1:37:4a:0f:24:e8:09:32:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11e2a78ddc7f139f0c22a2a63662b4812ae5132e
Validity
Not Before: May 26 07:20:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9c5bd67c399d038c3e78e3e5d62236f65d0cd75a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:48:a1:4d:9e:ca:69:1d:62:c7:00:ed:19:5b:
4a:e3:09:35:74:34:24:2f:dd:f5:30:86:56:e9:f9:
e3:a7:be:35:fe:46:a1:a9:c5:cc:76:2d:c7:43:30:
c5:64:23:b3:8e:43:9c:0f:00:98:b5:56:31:00:4a:
b7:c0:45:7e:c2:f9:a3:53:79:52:62:45:1a:5f:05:
57:64:32:95:fb:39:28:cd:18:aa:5a:bb:de:d5:07:
ce:89:fc:ef:58:30:53:3d:a8:fc:69:6c:b5:85:56:
43:f1:04:d7:f2:47:b1:70:32:26:cc:3f:69:7f:a5:
22:aa:91:59:b5:58:7f:21:9b:ff:61:1d:b3:80:02:
1a:26:53:0d:bf:de:42:49:be:34:b9:3f:3b:f3:3d:
fd:4b:e4:63:b3:70:01:c3:e6:9a:da:a4:ef:a5:66:
05:7c:31:ea:39:10:d9:a5:38:56:cf:6c:95:00:b2:
5a:52:85:29:0a:51:08:70:31:97:57:74:93:4b:e7:
43:96:f3:f1:b0:ce:40:b1:3f:c3:99:c1:d4:e2:2e:
2d:73:42:14:be:10:1e:cc:ee:a5:6f:fc:b3:43:db:
0c:7a:54:a6:e6:a3:fb:13:35:80:ce:ea:7a:29:e7:
eb:c0:a9:84:e9:e8:18:09:6b:e3:0b:07:13:15:95:
9b:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:5B:D6:7C:39:9D:03:8C:3E:78:E3:E5:D6:22:36:F6:5D:0C:D7:5A
X509v3 Authority Key Identifier:
keyid:11:E2:A7:8D:DC:7F:13:9F:0C:22:A2:A6:36:62:B4:81:2A:E5:13:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EeKnjdx_E58MIqKmNmK0gSrlEy4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/cd15c7-476a-4c57-baf4-de5f7bf59839/1/nFvWfDmdA4w-eOPl1iI29l0M11o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/cd15c7-476a-4c57-baf4-de5f7bf59839/1/EeKnjdx_E58MIqKmNmK0gSrlEy4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.54.11.0/24
86.54.105.0/24
IPv6:
2a13:1001::/48
2a13:1002:2::/48
Signature Algorithm: sha256WithRSAEncryption
65:39:c4:46:9e:26:e8:5d:37:b2:d5:21:92:66:85:0c:71:76:
75:41:fd:bc:a1:4a:69:cd:f8:c1:38:47:8b:45:5b:2f:ba:82:
1f:64:d1:a9:fd:95:5c:52:bb:a7:f8:54:aa:76:31:22:26:61:
70:b1:95:9b:52:c1:5b:20:61:f2:15:d3:30:a7:f9:c2:db:32:
ad:c2:8e:68:b3:96:dd:8d:a4:72:1c:e9:63:80:1d:7c:31:6d:
e0:43:d0:aa:aa:d8:23:0e:31:04:f7:77:8a:a0:08:5f:9e:18:
37:46:61:a7:2c:2a:8e:9f:f7:c2:a5:ba:2a:f0:94:67:d8:00:
c9:8a:23:c0:74:5d:ba:41:32:5a:85:70:01:d7:85:49:16:ee:
ab:1d:2f:24:15:e8:54:3b:79:a4:ba:9e:06:16:9a:a6:4f:ce:
41:1a:b8:7f:8b:19:de:91:29:fc:46:b0:7f:fe:f4:d1:40:d0:
a0:42:6b:9f:07:f3:35:e2:ee:48:3e:36:3e:68:7e:b5:35:8a:
d7:50:06:d5:80:a9:9e:a4:58:9f:9b:a3:8d:79:be:7b:30:fb:
af:8d:4f:bc:dc:0a:f7:22:97:2d:53:88:5f:24:75:95:70:76:
05:bb:67:af:ef:ea:de:cf:b6:6b:15:9d:ca:0d:0d:9a:5e:af:
89:b0:a5:e7
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZ5jKClCoUQx8TdKDyToCTICMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExZTJhNzhkZGM3ZjEzOWYwYzIyYTJhNjM2NjJiNDgxMmFl
NTEzMmUwHhcNMjYwNTI2MDcyMDM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzViZDY3YzM5OWQwMzhjM2U3OGUzZTVkNjIyMzZmNjVkMGNkNzVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvUihTZ7KaR1ixwDtGVtK4wk1dDQk
L931MIZW6fnjp741/kahqcXMdi3HQzDFZCOzjkOcDwCYtVYxAEq3wEV+wvmjU3lS
YkUaXwVXZDKV+zkozRiqWrve1QfOifzvWDBTPaj8aWy1hVZD8QTX8kexcDImzD9p
f6UiqpFZtVh/IZv/YR2zgAIaJlMNv95CSb40uT878z39S+Rjs3ABw+aa2qTvpWYF
fDHqORDZpThWz2yVALJaUoUpClEIcDGXV3STS+dDlvPxsM5AsT/DmcHU4i4tc0IU
vhAezO6lb/yzQ9sMelSm5qP7EzWAzup6KefrwKmE6egYCWvjCwcTFZWbRQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFJxb1nw5nQOMPnjj5dYiNvZdDNdaMB8GA1UdIwQY
MBaAFBHip43cfxOfDCKipjZitIEq5RMuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWVLbmpkeF9FNThNSXFLbU5tSzBnU3JsRXk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9jZDE1YzctNDc2YS00YzU3LWJhZjQt
ZGU1ZjdiZjU5ODM5LzEvbkZ2V2ZEbWRBNHctZU9QbDFpSTI5bDBNMTFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9jZDE1YzctNDc2YS00YzU3LWJhZjQtZGU1ZjdiZjU5ODM5
LzEvRWVLbmpkeF9FNThNSXFLbU5tSzBnU3JsRXk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAVjYLAwQA
VjZpMBgEAgACMBIDBwAqExABAAADBwAqExACAAIwDQYJKoZIhvcNAQELBQADggEB
AGU5xEaeJuhdN7LVIZJmhQxxdnVB/byhSmnN+ME4R4tFWy+6gh9k0an9lVxSu6f4
VKp2MSImYXCxlZtSwVsgYfIV0zCn+cLbMq3Cjmizlt2NpHIc6WOAHXwxbeBD0Kqq
2CMOMQT3d4qgCF+eGDdGYacsKo6f98KluirwlGfYAMmKI8B0XbpBMlqFcAHXhUkW
7qsdLyQV6FQ7eaS6ngYWmqZPzkEauH+LGd6RKfxGsH/+9NFA0KBCa58H8zXi7kg+
Nj5ofrU1itdQBtWAqZ6kWJ+bo415vnsw+6+NT7zcCvcily1TiF8kdZVwdgW7Z6/v
6t7PtmsVncoNDZper4mwpec=
-----END CERTIFICATE-----
Generated at Thu Jun 11 17:01:04 2026 by rpki-client