Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/nBlXDAiT_Wng92PFMtZofGqrzlI.roa
File: nBlXDAiT_Wng92PFMtZofGqrzlI.roa (raw, json)
Hash identifier: 17HoTb5D5iDBYkObiQL/pnAYowT3zKEFMEy3UK5ZIyw=
Subject key identifier: 9C:19:57:0C:08:93:FD:69:E0:F7:63:C5:32:D6:68:7C:6A:AB:CE:52
Certificate issuer: /CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Certificate serial: 019E3B120495558E3F8786FD14AA1E7C63F2
Authority key identifier: 8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/nBlXDAiT_Wng92PFMtZofGqrzlI.roa
Signing time: Mon 18 May 2026 12:31:37 +0000
ROA not before: Mon 18 May 2026 12:31:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 206959
IP address blocks: 213.14.251.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.mft
rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 May 2026 20:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:3b:12:04:95:55:8e:3f:87:86:fd:14:aa:1e:7c:63:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Validity
Not Before: May 18 12:31:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9c19570c0893fd69e0f763c532d6687c6aabce52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:9e:d8:26:b2:f0:b8:be:7d:ab:f1:2c:29:65:
5a:e3:4f:0f:72:ec:24:6f:dd:94:39:24:d0:a3:22:
81:16:37:43:ac:73:4b:6f:c4:69:af:56:ad:6f:b0:
19:a0:32:a1:1d:82:2c:aa:73:38:3f:8d:09:c3:36:
df:7e:52:20:47:5a:96:b8:cc:35:57:be:a5:1b:49:
b0:e5:37:3b:06:51:75:e7:7e:32:0d:2b:9e:72:ee:
e0:02:9c:ca:e8:87:60:82:00:54:15:04:91:82:d4:
73:b2:2e:97:99:d7:29:bd:37:c6:29:a9:a9:ef:07:
fe:97:07:2a:11:26:07:71:3e:26:c6:a3:43:7f:c3:
31:7a:85:da:a4:fe:3e:70:ef:5e:bd:e5:2f:d3:00:
97:a0:b8:24:05:45:0b:f0:49:0d:69:b5:97:bb:2e:
ae:ee:f5:19:c7:97:5f:c3:7d:15:a4:0a:65:d8:dd:
37:10:99:98:98:b1:07:5a:54:45:3e:d4:47:b5:f3:
94:2e:3c:f8:6c:b6:96:95:ba:a3:fe:c6:ec:df:c4:
d4:7c:fe:e5:29:36:5c:93:6f:bc:dd:fa:37:3d:86:
62:2b:33:23:64:b2:fa:02:26:d0:9b:91:ce:b0:00:
89:87:9f:30:af:42:1c:03:23:8f:c6:f5:62:f4:1f:
6f:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:19:57:0C:08:93:FD:69:E0:F7:63:C5:32:D6:68:7C:6A:AB:CE:52
X509v3 Authority Key Identifier:
keyid:8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/nBlXDAiT_Wng92PFMtZofGqrzlI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.14.251.0/24
Signature Algorithm: sha256WithRSAEncryption
69:ae:3b:2b:c0:90:2d:27:0a:6b:7e:6c:89:d4:d1:f0:ae:87:
0e:95:03:0b:a8:b6:74:e1:95:25:58:2d:4e:67:df:ee:1c:94:
eb:28:9d:c1:7f:c2:1b:c8:f9:54:d9:58:28:19:46:a4:82:03:
27:d1:75:20:66:a1:b7:a4:92:e6:dc:c3:ad:b5:05:4e:78:3f:
83:6f:48:91:ab:f9:49:7a:c7:82:2a:d7:b7:a2:3f:a3:36:9a:
ff:19:54:ff:f6:0d:03:21:7e:e7:51:01:9b:d6:d6:83:08:62:
27:04:f5:c6:70:35:4a:5c:bf:71:45:f1:d8:5c:75:1b:97:48:
27:0c:e9:93:de:3b:46:12:10:21:f9:58:74:ca:2b:90:e5:17:
e7:b1:21:53:a4:cd:7c:21:06:2a:d0:44:14:79:03:b8:db:de:
ef:98:fc:48:f9:96:a5:15:cb:1d:04:dc:ac:71:3a:a6:e0:36:
56:91:81:00:2e:67:40:68:38:da:58:4f:e8:87:21:29:dd:19:
4b:89:22:7a:70:11:5c:96:07:c9:1e:60:e2:05:0c:d2:d2:ba:
6a:94:12:1e:7e:49:08:8c:ce:82:f1:15:7a:75:b5:6e:67:ce:
23:08:99:31:8b:8f:98:3b:d0:f7:e8:93:8d:af:c0:55:b0:a5:
12:70:59:04
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ47EgSVVY4/h4b9FKoefGPyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkNTljNDMyM2Y3NjdjZTRmZmM4NWRhYWQyMDhiOTBjMDRm
YmQzZTkwHhcNMjYwNTE4MTIzMTM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzE5NTcwYzA4OTNmZDY5ZTBmNzYzYzUzMmQ2Njg3YzZhYWJjZTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0J7YJrLwuL59q/EsKWVa408Pcuwk
b92UOSTQoyKBFjdDrHNLb8Rpr1atb7AZoDKhHYIsqnM4P40JwzbfflIgR1qWuMw1
V76lG0mw5Tc7BlF1534yDSuecu7gApzK6IdgggBUFQSRgtRzsi6XmdcpvTfGKamp
7wf+lwcqESYHcT4mxqNDf8MxeoXapP4+cO9eveUv0wCXoLgkBUUL8EkNabWXuy6u
7vUZx5dfw30VpApl2N03EJmYmLEHWlRFPtRHtfOULjz4bLaWlbqj/sbs38TUfP7l
KTZck2+83fo3PYZiKzMjZLL6AibQm5HOsACJh58wr0IcAyOPxvVi9B9v6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJwZVwwIk/1p4PdjxTLWaHxqq85SMB8GA1UdIwQY
MBaAFI1ZxDI/dnzk/8hdqtIIuQwE+9PpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUt
ZjJiZTlmNmM2NjRjLzEvbkJsWERBaVRfV25nOTJQRk10Wm9mR3FyemxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUtZjJiZTlmNmM2NjRj
LzEvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1Q77MA0G
CSqGSIb3DQEBCwUAA4IBAQBprjsrwJAtJwprfmyJ1NHwrocOlQMLqLZ04ZUlWC1O
Z9/uHJTrKJ3Bf8IbyPlU2VgoGUakggMn0XUgZqG3pJLm3MOttQVOeD+Db0iRq/lJ
eseCKte3oj+jNpr/GVT/9g0DIX7nUQGb1taDCGInBPXGcDVKXL9xRfHYXHUbl0gn
DOmT3jtGEhAh+Vh0yiuQ5RfnsSFTpM18IQYq0EQUeQO4297vmPxI+ZalFcsdBNys
cTqm4DZWkYEALmdAaDjaWE/ohyEp3RlLiSJ6cBFclgfJHmDiBQzS0rpqlBIefkkI
jM6C8RV6dbVuZ84jCJkxi4+YO9D36JONr8BVsKUScFkE
-----END CERTIFICATE-----
Generated at Sun May 24 06:42:56 2026 by rpki-client