Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/fd6069-4179-45be-b82a-af3f794ae607/1/n1nIclOaJw_aQb4q8btbLFqGpQU.roa
File: n1nIclOaJw_aQb4q8btbLFqGpQU.roa (raw, json)
Hash identifier: nmhiq38PxO1BhjZibnUs8MlryiCwumiyU38AQzH8p/Y=
Subject key identifier: 9F:59:C8:72:53:9A:27:0F:DA:41:BE:2A:F1:BB:5B:2C:5A:86:A5:05
Certificate issuer: /CN=af121cd6e11da095f856d79deec469d0c6358494
Certificate serial: 019E6FA507BE8E3CDA79D3A74830EC7B74B9
Authority key identifier: AF:12:1C:D6:E1:1D:A0:95:F8:56:D7:9D:EE:C4:69:D0:C6:35:84:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rxIc1uEdoJX4Vted7sRp0MY1hJQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/fd6069-4179-45be-b82a-af3f794ae607/1/n1nIclOaJw_aQb4q8btbLFqGpQU.roa
Signing time: Thu 28 May 2026 17:32:26 +0000
ROA not before: Thu 28 May 2026 17:32:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 209341
IP address blocks: 85.187.152.0/22 maxlen: 24
114.129.152.0/22 maxlen: 24
185.62.136.0/22 maxlen: 24
185.141.188.0/22 maxlen: 24
185.143.44.0/22 maxlen: 24
185.146.20.0/22 maxlen: 24
185.166.145.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/fd6069-4179-45be-b82a-af3f794ae607/1/rxIc1uEdoJX4Vted7sRp0MY1hJQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/fd6069-4179-45be-b82a-af3f794ae607/1/rxIc1uEdoJX4Vted7sRp0MY1hJQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/rxIc1uEdoJX4Vted7sRp0MY1hJQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 22:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:6f:a5:07:be:8e:3c:da:79:d3:a7:48:30:ec:7b:74:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af121cd6e11da095f856d79deec469d0c6358494
Validity
Not Before: May 28 17:32:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9f59c872539a270fda41be2af1bb5b2c5a86a505
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:45:5c:26:82:2a:4f:88:68:18:96:80:f5:ea:
3c:3c:61:5b:2d:59:34:20:df:7f:cd:67:44:4f:92:
cf:e7:81:5b:e7:64:de:a2:df:f5:a9:71:9a:f3:c5:
33:6e:f2:3c:51:c9:89:9c:fa:3a:99:e9:49:ad:7f:
71:cc:07:6d:38:e9:55:8f:3d:ca:91:d4:34:41:db:
78:e4:b0:66:9d:59:4b:df:cf:e9:f1:64:18:df:05:
99:a1:a8:8e:e6:bb:12:e9:73:8c:d1:16:f3:74:7f:
3c:da:52:59:6a:a7:92:82:a8:10:4f:30:fa:10:36:
a3:e1:c2:b1:5e:90:ea:8e:e3:bb:b7:84:84:ee:d0:
91:03:65:01:dc:02:69:8d:3e:b8:fa:51:ec:4a:f3:
1d:08:e4:bd:b2:f6:b1:d8:3c:69:71:25:ae:9b:fe:
ef:81:56:7f:b4:38:2c:a8:50:16:e3:fb:3a:b4:b4:
dc:4e:ae:3d:2c:46:cb:29:79:d8:9a:cf:2e:9e:12:
db:fa:e2:5d:15:e7:ac:fa:1a:26:55:a4:a4:40:23:
e1:41:7b:13:e3:04:ce:5b:cb:e8:e8:95:ed:a9:cc:
b9:80:23:7a:07:83:95:c1:cf:20:d5:0e:0d:ea:49:
e4:1b:41:34:c1:91:7d:a6:56:92:0b:8b:b4:32:6b:
06:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:59:C8:72:53:9A:27:0F:DA:41:BE:2A:F1:BB:5B:2C:5A:86:A5:05
X509v3 Authority Key Identifier:
keyid:AF:12:1C:D6:E1:1D:A0:95:F8:56:D7:9D:EE:C4:69:D0:C6:35:84:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rxIc1uEdoJX4Vted7sRp0MY1hJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/fd6069-4179-45be-b82a-af3f794ae607/1/n1nIclOaJw_aQb4q8btbLFqGpQU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/fd6069-4179-45be-b82a-af3f794ae607/1/rxIc1uEdoJX4Vted7sRp0MY1hJQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.187.152.0/22
114.129.152.0/22
185.62.136.0/22
185.141.188.0/22
185.143.44.0/22
185.146.20.0/22
185.166.145.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:2d:ed:6e:82:86:44:62:fc:20:f6:fa:db:f1:c0:ab:42:cd:
84:22:16:44:7a:30:65:f7:82:d6:6c:bc:30:51:32:b0:3b:a3:
2c:17:c5:8b:a9:3e:51:93:42:38:61:51:ab:7c:11:c9:a7:4d:
62:c7:0c:45:68:6f:70:58:d7:e0:83:eb:e1:94:2c:5e:09:13:
02:dd:e0:05:13:df:8a:d1:76:b7:14:b5:2b:89:a0:9f:84:cb:
0f:f7:c8:1e:05:4b:0e:ba:f9:0c:da:10:c5:c6:a1:48:f6:da:
ff:09:0e:da:ee:17:70:c6:cb:52:21:3e:ae:94:21:ef:4c:2b:
46:d0:32:fe:91:65:cc:d3:72:c7:07:1a:06:f1:bd:f0:bd:36:
2b:d1:9f:75:76:75:6f:ad:00:81:16:b9:10:ce:60:fc:97:38:
c7:d6:9f:3f:ca:9c:bd:ec:1b:54:b5:e3:32:fc:81:33:d5:cc:
12:71:cb:50:4c:82:e4:19:34:d6:0d:27:11:05:b0:0d:67:d4:
44:50:7a:26:18:a1:ef:f4:a4:8a:f0:60:37:dd:f1:88:b3:4c:
48:41:c1:5e:bb:69:2e:04:db:68:95:f0:02:5c:b0:57:41:93:
47:f8:18:05:43:aa:03:19:83:79:89:74:64:32:b8:07:f9:1a:
b3:2a:ba:76
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZ5vpQe+jjzaedOnSDDse3S5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMTIxY2Q2ZTExZGEwOTVmODU2ZDc5ZGVlYzQ2OWQwYzYz
NTg0OTQwHhcNMjYwNTI4MTczMjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjU5Yzg3MjUzOWEyNzBmZGE0MWJlMmFmMWJiNWIyYzVhODZhNTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0VcJoIqT4hoGJaA9eo8PGFbLVk0
IN9/zWdET5LP54Fb52Teot/1qXGa88UzbvI8UcmJnPo6melJrX9xzAdtOOlVjz3K
kdQ0Qdt45LBmnVlL38/p8WQY3wWZoaiO5rsS6XOM0RbzdH882lJZaqeSgqgQTzD6
EDaj4cKxXpDqjuO7t4SE7tCRA2UB3AJpjT64+lHsSvMdCOS9svax2DxpcSWum/7v
gVZ/tDgsqFAW4/s6tLTcTq49LEbLKXnYms8unhLb+uJdFees+homVaSkQCPhQXsT
4wTOW8vo6JXtqcy5gCN6B4OVwc8g1Q4N6knkG0E0wZF9plaSC4u0MmsGbwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFJ9ZyHJTmicP2kG+KvG7WyxahqUFMB8GA1UdIwQY
MBaAFK8SHNbhHaCV+FbXne7EadDGNYSUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnhJYzF1RWRvSlg0VnRlZDdzUnAwTVkxaEpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9mZDYwNjktNDE3OS00NWJlLWI4MmEt
YWYzZjc5NGFlNjA3LzEvbjFuSWNsT2FKd19hUWI0cThidGJMRnFHcFFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9mZDYwNjktNDE3OS00NWJlLWI4MmEtYWYzZjc5NGFlNjA3
LzEvcnhJYzF1RWRvSlg0VnRlZDdzUnAwTVkxaEpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCVbuYAwQC
coGYAwQCuT6IAwQCuY28AwQCuY8sAwQCuZIUAwQAuaaRMA0GCSqGSIb3DQEBCwUA
A4IBAQC6Le1ugoZEYvwg9vrb8cCrQs2EIhZEejBl94LWbLwwUTKwO6MsF8WLqT5R
k0I4YVGrfBHJp01ixwxFaG9wWNfgg+vhlCxeCRMC3eAFE9+K0Xa3FLUriaCfhMsP
98geBUsOuvkM2hDFxqFI9tr/CQ7a7hdwxstSIT6ulCHvTCtG0DL+kWXM03LHBxoG
8b3wvTYr0Z91dnVvrQCBFrkQzmD8lzjH1p8/ypy97BtUteMy/IEz1cwScctQTILk
GTTWDScRBbANZ9REUHomGKHv9KSK8GA33fGIs0xIQcFeu2kuBNtolfACXLBXQZNH
+BgFQ6oDGYN5iXRkMrgH+RqzKrp2
-----END CERTIFICATE-----
Generated at Fri Jun 12 07:00:43 2026 by rpki-client