Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/nhmQr7u42dyqZvrYim3pZc2G_CY.roa
File: nhmQr7u42dyqZvrYim3pZc2G_CY.roa (raw, json)
Hash identifier: X1/yztCtRXMMyQnlbp4uz5MgrrXqkYknxw5l3YaKzXY=
Subject key identifier: 9E:19:90:AF:BB:B8:D9:DC:AA:66:FA:D8:8A:6D:E9:65:CD:86:FC:26
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 019E0218FB01D0A19D3ADE31C0160D74B6EC
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/nhmQr7u42dyqZvrYim3pZc2G_CY.roa
Signing time: Thu 07 May 2026 11:00:51 +0000
ROA not before: Thu 07 May 2026 11:00:51 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 10753
IP address blocks: 85.254.29.0/24 maxlen: 24
85.254.178.0/23 maxlen: 23
159.148.169.0/24 maxlen: 24
159.148.177.0/24 maxlen: 24
185.27.92.0/24 maxlen: 24
185.27.93.0/24 maxlen: 24
185.27.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.mft
rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 May 2026 08:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:02:18:fb:01:d0:a1:9d:3a:de:31:c0:16:0d:74:b6:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: May 7 11:00:51 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9e1990afbbb8d9dcaa66fad88a6de965cd86fc26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:e4:c6:f5:7b:e5:fc:fe:07:33:45:e5:87:1e:
38:ed:a9:06:a1:b8:70:1b:90:8b:31:b1:a1:b7:12:
0c:57:ce:c9:2a:11:6b:fe:e0:a4:e0:ef:1f:f5:af:
23:6d:a1:77:e1:2b:53:48:85:6a:b1:fa:e1:22:71:
28:9b:f7:57:c2:b4:e4:b6:20:6a:d3:4b:6e:a8:ba:
b0:22:6a:2c:d0:4a:a6:1c:6d:86:d7:4d:a0:c9:d6:
1f:05:eb:0b:09:03:c2:e9:96:7b:0b:b4:30:f2:82:
3c:48:50:63:50:88:b6:44:cc:48:8e:9c:43:f2:9f:
81:66:02:e8:9b:dd:66:2b:17:55:e0:d2:1f:28:43:
f9:04:aa:b0:09:26:29:87:05:81:34:96:83:6e:3a:
bd:26:92:cc:49:f2:8a:dc:97:b3:a3:75:7b:56:e0:
37:37:f2:31:6f:99:1b:33:21:7f:61:87:ea:03:c7:
05:01:bd:4a:4a:ed:42:f6:e7:29:b6:10:57:fd:2d:
e9:1b:19:ee:19:27:ff:ff:59:24:79:96:51:57:89:
ad:ba:59:9c:85:1d:17:9d:c8:bd:51:0f:6b:ac:92:
cf:8a:9b:61:79:84:0d:13:81:a7:28:61:63:52:d8:
5b:a9:ee:45:a2:81:e6:73:65:5a:d5:6c:78:87:43:
e3:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:19:90:AF:BB:B8:D9:DC:AA:66:FA:D8:8A:6D:E9:65:CD:86:FC:26
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/nhmQr7u42dyqZvrYim3pZc2G_CY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.29.0/24
85.254.178.0/23
159.148.169.0/24
159.148.177.0/24
185.27.92.0/23
185.27.95.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:4b:4e:68:36:d7:a7:10:40:fd:a7:8b:95:d4:72:c3:98:82:
e4:a3:2b:7b:c1:87:df:94:21:2a:d9:27:8f:ea:09:68:94:a2:
78:58:1f:4b:08:12:b1:1b:cd:56:d0:44:66:03:43:de:15:56:
ae:6e:9b:28:6e:cf:f3:a7:97:cf:37:fd:ee:eb:2f:65:f2:4c:
cc:ff:31:81:8d:24:d2:d0:62:21:f7:a3:62:97:96:b4:ae:44:
e2:78:64:9b:cf:18:22:3a:10:e5:39:66:6c:f0:86:03:7d:73:
7c:eb:19:31:68:cd:8a:57:68:f5:dd:1a:0f:0a:3e:46:34:32:
f6:1c:29:bb:41:f9:43:15:aa:16:88:f5:89:41:92:8e:33:ec:
de:df:02:8f:33:a4:94:9e:e4:83:64:a4:43:d2:8d:f7:b7:d4:
d1:9d:db:3b:5f:5f:9a:62:1e:95:87:9f:3c:a3:5b:7a:a2:4b:
4e:e4:12:df:08:cc:15:0c:7e:e1:e4:29:c5:de:98:b2:a2:76:
4e:a3:55:c3:74:79:14:91:55:96:03:32:cd:33:2e:31:19:da:
58:a4:1f:c5:ff:96:f3:17:32:3a:2b:4f:67:de:0a:e9:7c:4e:
44:05:f8:30:80:e4:a4:7b:b0:95:8f:3f:da:36:45:45:00:2c:
7e:99:07:38
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZ4CGPsB0KGdOt4xwBYNdLbsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjYwNTA3MTEwMDUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTE5OTBhZmJiYjhkOWRjYWE2NmZhZDg4YTZkZTk2NWNkODZmYzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtuTG9Xvl/P4HM0Xlhx447akGobhw
G5CLMbGhtxIMV87JKhFr/uCk4O8f9a8jbaF34StTSIVqsfrhInEom/dXwrTktiBq
00tuqLqwImos0EqmHG2G102gydYfBesLCQPC6ZZ7C7Qw8oI8SFBjUIi2RMxIjpxD
8p+BZgLom91mKxdV4NIfKEP5BKqwCSYphwWBNJaDbjq9JpLMSfKK3Jezo3V7VuA3
N/Ixb5kbMyF/YYfqA8cFAb1KSu1C9ucpthBX/S3pGxnuGSf//1kkeZZRV4mtulmc
hR0Xnci9UQ9rrJLPiptheYQNE4GnKGFjUthbqe5FooHmc2Va1Wx4h0Pj+wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJ4ZkK+7uNncqmb62Ipt6WXNhvwmMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvbmhtUXI3dTQyZHlxWnZyWWltM3BaYzJHX0NZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAVf4dAwQB
Vf6yAwQAn5SpAwQAn5SxAwQBuRtcAwQAuRtfMA0GCSqGSIb3DQEBCwUAA4IBAQBv
S05oNtenEED9p4uV1HLDmILkoyt7wYfflCEq2SeP6glolKJ4WB9LCBKxG81W0ERm
A0PeFVaubpsobs/zp5fPN/3u6y9l8kzM/zGBjSTS0GIh96Nil5a0rkTieGSbzxgi
OhDlOWZs8IYDfXN86xkxaM2KV2j13RoPCj5GNDL2HCm7QflDFaoWiPWJQZKOM+ze
3wKPM6SUnuSDZKRD0o33t9TRnds7X1+aYh6Vh588o1t6oktO5BLfCMwVDH7h5CnF
3piyonZOo1XDdHkUkVWWAzLNMy4xGdpYpB/F/5bzFzI6K09n3grpfE5EBfgwgOSk
e7CVjz/aNkVFACx+mQc4
-----END CERTIFICATE-----
Generated at Mon May 11 19:13:38 2026 by rpki-client