Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/NimS2haV6BsSO0lRuNWmEj3PQqw.roa
File: NimS2haV6BsSO0lRuNWmEj3PQqw.roa (raw, json)
Hash identifier: Gvy9QYjbsqCpfWWOoNpUt5dD4fcLY+FK9YrLcr/hC40=
Subject key identifier: 36:29:92:DA:16:95:E8:1B:12:3B:49:51:B8:D5:A6:12:3D:CF:42:AC
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 019E3A67BA1D49C33ACD7DEAEC9FC19C650A
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/NimS2haV6BsSO0lRuNWmEj3PQqw.roa
Signing time: Mon 18 May 2026 09:25:36 +0000
ROA not before: Mon 18 May 2026 09:25:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 200105
IP address blocks: 185.232.85.0/24 maxlen: 24
2a0b:3c40:14::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.mft
rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Jun 2026 01:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:3a:67:ba:1d:49:c3:3a:cd:7d:ea:ec:9f:c1:9c:65:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: May 18 09:25:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=362992da1695e81b123b4951b8d5a6123dcf42ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:af:7a:5b:21:18:f5:8e:f5:6b:81:b3:ca:3a:
bf:41:00:ab:39:65:f9:08:07:2e:01:a3:2a:ed:da:
6b:8c:0d:77:d6:13:f7:7a:5f:d1:be:22:b5:bb:97:
f8:9e:98:2f:30:2d:9b:45:a8:80:7d:53:57:74:b4:
fb:87:1e:90:63:c4:7b:55:d2:86:f2:a5:2a:30:6a:
45:00:6e:14:5e:2e:b8:4f:b8:ca:c6:58:cd:51:84:
89:bb:6f:b4:31:74:f4:5e:59:34:e4:7f:58:5a:8c:
36:97:01:2f:b2:b6:50:4b:f1:79:34:e8:17:43:a0:
85:57:b2:ca:63:37:1d:7b:ce:a6:aa:48:18:c0:5a:
35:5e:92:2d:63:7b:75:f4:e6:a7:90:b9:1d:89:d7:
9c:c2:13:c6:53:5e:d0:bb:08:bc:2b:7f:e3:51:2f:
02:95:48:e8:78:3f:46:1c:63:b8:8d:b6:de:6c:95:
e2:ee:ce:a1:41:e9:02:48:60:9a:b8:07:3c:f5:32:
92:fc:8c:c0:fc:ce:b6:7d:5c:63:27:e3:db:02:1f:
31:83:ff:6b:c5:9c:e3:e5:b4:09:45:e2:c7:75:3d:
ff:92:8c:c6:3f:6b:4c:c4:af:da:a3:3d:d3:95:ed:
89:d1:b4:b0:c5:cf:fa:b8:60:0a:0d:ea:bc:09:11:
e9:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:29:92:DA:16:95:E8:1B:12:3B:49:51:B8:D5:A6:12:3D:CF:42:AC
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/NimS2haV6BsSO0lRuNWmEj3PQqw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.232.85.0/24
IPv6:
2a0b:3c40:14::/48
Signature Algorithm: sha256WithRSAEncryption
31:2a:2b:ef:37:a2:eb:22:01:4b:f8:74:57:36:a8:53:a1:1a:
56:4f:56:8a:34:45:7d:85:fb:61:cc:4c:42:9b:6a:43:c0:4b:
df:4b:ef:e0:99:57:58:d3:35:f0:3f:52:aa:f9:0c:08:05:41:
dc:df:cd:08:8a:e4:f4:dc:04:37:d8:c0:37:09:07:ca:b4:12:
e8:1f:e1:f7:f6:b1:d5:48:f9:88:08:a5:19:ee:63:ac:ee:56:
3f:a4:08:61:88:10:40:ad:c5:5f:db:0d:bf:f0:84:c1:5e:cb:
a1:ff:65:26:98:ee:5d:26:18:77:77:14:2d:c3:92:78:55:f1:
70:28:60:6f:dd:7a:fa:fc:04:fa:f0:ed:27:64:98:43:a7:8d:
a6:f2:47:66:e6:f3:31:7c:62:99:e9:d3:24:b3:26:4c:fb:6a:
9c:38:d1:83:50:1d:4b:03:21:6c:51:fc:5d:f2:a5:e2:72:30:
a6:a0:4e:a1:22:89:92:dc:fa:4b:57:54:ab:b3:85:bb:63:bd:
17:fd:d8:27:d0:ec:93:2e:f5:32:a2:83:c6:d2:74:af:48:99:
52:2f:51:aa:40:a6:ae:94:cf:1b:48:36:0a:9b:3c:29:04:dc:
9a:a4:cb:65:ac:33:c1:75:bb:7e:cc:c8:b4:74:bd:ac:81:1e:
b5:aa:95:ad
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZ46Z7odScM6zX3q7J/BnGUKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjYwNTE4MDkyNTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjI5OTJkYTE2OTVlODFiMTIzYjQ5NTFiOGQ1YTYxMjNkY2Y0MmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAya96WyEY9Y71a4Gzyjq/QQCrOWX5
CAcuAaMq7dprjA131hP3el/RviK1u5f4npgvMC2bRaiAfVNXdLT7hx6QY8R7VdKG
8qUqMGpFAG4UXi64T7jKxljNUYSJu2+0MXT0Xlk05H9YWow2lwEvsrZQS/F5NOgX
Q6CFV7LKYzcde86mqkgYwFo1XpItY3t19OankLkdidecwhPGU17Quwi8K3/jUS8C
lUjoeD9GHGO4jbbebJXi7s6hQekCSGCauAc89TKS/IzA/M62fVxjJ+PbAh8xg/9r
xZzj5bQJReLHdT3/kozGP2tMxK/aoz3Tle2J0bSwxc/6uGAKDeq8CRHptwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDYpktoWlegbEjtJUbjVphI9z0KsMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvTmltUzJoYVY2QnNTTzBsUnVOV21FajNQUXF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuehVMA8E
AgACMAkDBwAqCzxAABQwDQYJKoZIhvcNAQELBQADggEBADEqK+83ousiAUv4dFc2
qFOhGlZPVoo0RX2F+2HMTEKbakPAS99L7+CZV1jTNfA/Uqr5DAgFQdzfzQiK5PTc
BDfYwDcJB8q0Eugf4ff2sdVI+YgIpRnuY6zuVj+kCGGIEECtxV/bDb/whMFey6H/
ZSaY7l0mGHd3FC3DknhV8XAoYG/devr8BPrw7SdkmEOnjabyR2bm8zF8Ypnp0ySz
Jkz7apw40YNQHUsDIWxR/F3ypeJyMKagTqEiiZLc+ktXVKuzhbtjvRf92CfQ7JMu
9TKig8bSdK9ImVIvUapApq6UzxtINgqbPCkE3Jqky2WsM8F1u37MyLR0vayBHrWq
la0=
-----END CERTIFICATE-----
Generated at Sat Jun 6 08:03:44 2026 by rpki-client