Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/9-3_QvwXtOHHG58UKiynTLu14jQ.roa
File: 9-3_QvwXtOHHG58UKiynTLu14jQ.roa (raw, json)
Hash identifier: ySs8H3K/teKJ9R4r0VNoDDtNDBiXRJngnMoTb8cTLeo=
Subject key identifier: F7:ED:FF:42:FC:17:B4:E1:C7:1B:9F:14:2A:2C:A7:4C:BB:B5:E2:34
Certificate issuer: /CN=0a0214a1bf1d3afd2dd66b23a9973106b5d316ca
Certificate serial: 019EE13FFF0143633FB3CE32A47469E6373E
Authority key identifier: 0A:02:14:A1:BF:1D:3A:FD:2D:D6:6B:23:A9:97:31:06:B5:D3:16:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CgIUob8dOv0t1msjqZcxBrXTFso.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/9-3_QvwXtOHHG58UKiynTLu14jQ.roa
Signing time: Fri 19 Jun 2026 18:58:48 +0000
ROA not before: Fri 19 Jun 2026 18:58:48 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 185.11.218.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/CgIUob8dOv0t1msjqZcxBrXTFso.crl
rsync://rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/CgIUob8dOv0t1msjqZcxBrXTFso.mft
rsync://rpki.ripe.net/repository/DEFAULT/CgIUob8dOv0t1msjqZcxBrXTFso.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Jun 2026 02:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:e1:3f:ff:01:43:63:3f:b3:ce:32:a4:74:69:e6:37:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a0214a1bf1d3afd2dd66b23a9973106b5d316ca
Validity
Not Before: Jun 19 18:58:48 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f7edff42fc17b4e1c71b9f142a2ca74cbbb5e234
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:4f:02:66:24:84:dc:87:db:6f:b9:b1:31:ff:
22:cd:39:5a:7e:3c:3f:4f:46:89:20:47:8a:05:1e:
e7:77:b8:dd:5f:18:69:bf:c9:06:26:21:98:f6:c7:
33:09:55:63:0d:4c:56:da:05:27:3d:06:8b:41:0c:
74:2a:20:d9:29:dd:df:a2:cf:a1:29:81:59:72:81:
d8:d1:31:ad:70:b4:87:d6:08:33:70:8f:50:43:c9:
19:b5:5f:e8:73:b9:49:5b:6f:79:57:05:3a:30:33:
cb:9f:b4:fb:d1:c1:31:10:08:e0:43:ea:cd:6f:12:
a8:3b:12:bb:3d:d6:5f:96:5d:df:98:f1:2a:de:a7:
b0:16:d9:d0:b7:ec:26:54:9c:5e:3d:24:82:c4:d3:
3a:28:86:0e:97:69:5d:1b:cf:51:3c:22:9c:ef:0f:
dc:f5:4a:19:3b:32:d8:1c:3d:b5:31:63:be:87:f9:
cb:54:27:25:40:f5:ed:81:a4:83:45:b3:97:08:70:
e0:0b:94:50:fd:60:18:cf:12:47:49:5a:08:81:ae:
83:d3:4c:38:1f:e1:45:a7:ba:dc:13:b4:7f:72:1f:
39:20:d9:ec:8c:99:a4:09:96:27:7e:5a:08:3a:42:
e2:26:49:24:55:80:75:39:b8:00:9d:df:39:aa:f0:
d1:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:ED:FF:42:FC:17:B4:E1:C7:1B:9F:14:2A:2C:A7:4C:BB:B5:E2:34
X509v3 Authority Key Identifier:
keyid:0A:02:14:A1:BF:1D:3A:FD:2D:D6:6B:23:A9:97:31:06:B5:D3:16:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CgIUob8dOv0t1msjqZcxBrXTFso.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/9-3_QvwXtOHHG58UKiynTLu14jQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/CgIUob8dOv0t1msjqZcxBrXTFso.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.11.218.0/24
Signature Algorithm: sha256WithRSAEncryption
95:38:29:6f:00:3b:ca:83:12:2c:5c:74:b4:97:7a:54:53:f4:
b9:ea:bf:8e:8d:e9:00:c1:6a:d4:1c:16:cd:9e:46:b2:e0:29:
dd:01:5a:ef:18:06:80:07:06:49:f6:f9:91:e1:04:23:96:cd:
71:89:3c:8f:22:4e:f9:aa:bc:bf:ba:bc:87:0c:05:28:bc:1a:
b6:e0:91:96:a0:19:42:01:b2:f1:cd:03:0c:4f:9d:2b:dc:5c:
38:12:70:66:d9:11:4b:10:a9:58:a9:e6:cb:39:22:4d:e6:28:
54:52:0f:f8:dc:d7:cd:a9:82:94:e8:14:ee:da:d5:b2:3c:2c:
9f:a7:bf:10:0b:20:12:fa:e4:df:32:15:12:f9:e2:0c:93:b6:
a6:aa:26:34:99:2e:7c:54:55:5a:d1:b6:7c:cb:ed:cb:22:77:
70:11:b4:96:f9:03:f1:06:d5:68:d2:31:c7:67:af:32:78:7f:
e5:d6:9b:40:c1:48:a9:18:e4:30:95:f6:c3:db:45:85:f9:78:
e8:96:6e:7b:ba:3b:9b:fe:4d:e9:e8:12:19:65:82:f8:1d:71:
07:cb:19:85:42:ad:36:55:df:97:0c:ae:63:ff:a5:f9:44:71:
4b:b3:9d:b3:09:12:87:63:d2:87:dc:2c:37:a3:58:b1:8e:91:
3b:a4:c7:ca
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ7hP/8BQ2M/s84ypHRp5jc+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhMDIxNGExYmYxZDNhZmQyZGQ2NmIyM2E5OTczMTA2YjVk
MzE2Y2EwHhcNMjYwNjE5MTg1ODQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2VkZmY0MmZjMTdiNGUxYzcxYjlmMTQyYTJjYTc0Y2JiYjVlMjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtE8CZiSE3Ifbb7mxMf8izTlafjw/
T0aJIEeKBR7nd7jdXxhpv8kGJiGY9sczCVVjDUxW2gUnPQaLQQx0KiDZKd3fos+h
KYFZcoHY0TGtcLSH1ggzcI9QQ8kZtV/oc7lJW295VwU6MDPLn7T70cExEAjgQ+rN
bxKoOxK7PdZfll3fmPEq3qewFtnQt+wmVJxePSSCxNM6KIYOl2ldG89RPCKc7w/c
9UoZOzLYHD21MWO+h/nLVCclQPXtgaSDRbOXCHDgC5RQ/WAYzxJHSVoIga6D00w4
H+FFp7rcE7R/ch85INnsjJmkCZYnfloIOkLiJkkkVYB1ObgAnd85qvDRZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPft/0L8F7ThxxufFCosp0y7teI0MB8GA1UdIwQY
MBaAFAoCFKG/HTr9LdZrI6mXMQa10xbKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2dJVW9iOGRPdjB0MW1zanFaY3hCclhURnNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS8wNGVjYzAtNjYzYy00NjBlLTkyMGQt
MzMyZWU1NDI1YzdhLzEvOS0zX1F2d1h0T0hIRzU4VUtpeW5UTHUxNGpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS8wNGVjYzAtNjYzYy00NjBlLTkyMGQtMzMyZWU1NDI1Yzdh
LzEvQ2dJVW9iOGRPdjB0MW1zanFaY3hCclhURnNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQvaMA0G
CSqGSIb3DQEBCwUAA4IBAQCVOClvADvKgxIsXHS0l3pUU/S56r+OjekAwWrUHBbN
nkay4CndAVrvGAaABwZJ9vmR4QQjls1xiTyPIk75qry/uryHDAUovBq24JGWoBlC
AbLxzQMMT50r3Fw4EnBm2RFLEKlYqebLOSJN5ihUUg/43NfNqYKU6BTu2tWyPCyf
p78QCyAS+uTfMhUS+eIMk7amqiY0mS58VFVa0bZ8y+3LIndwEbSW+QPxBtVo0jHH
Z68yeH/l1ptAwUipGOQwlfbD20WF+Xjolm57ujub/k3p6BIZZYL4HXEHyxmFQq02
Vd+XDK5j/6X5RHFLs52zCRKHY9KH3Cw3o1ixjpE7pMfK
-----END CERTIFICATE-----
Generated at Mon Jun 29 10:00:17 2026 by rpki-client