Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/sLW9QUPl2doaDpkVMgscvJSFTPA.roa
File: sLW9QUPl2doaDpkVMgscvJSFTPA.roa (raw, json)
Hash identifier: Gq/TJtCE6wPwEUtIEF1+84a/2wA7uiRfAtKneXSPPHM=
Subject key identifier: B0:B5:BD:41:43:E5:D9:DA:1A:0E:99:15:32:0B:1C:BC:94:85:4C:F0
Certificate issuer: /CN=0a0214a1bf1d3afd2dd66b23a9973106b5d316ca
Certificate serial: 019E889C54361E33D9200D3FE5662F283A7B
Authority key identifier: 0A:02:14:A1:BF:1D:3A:FD:2D:D6:6B:23:A9:97:31:06:B5:D3:16:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CgIUob8dOv0t1msjqZcxBrXTFso.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/sLW9QUPl2doaDpkVMgscvJSFTPA.roa
Signing time: Tue 02 Jun 2026 13:53:26 +0000
ROA not before: Tue 02 Jun 2026 13:53:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 40352
IP address blocks: 185.11.218.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/CgIUob8dOv0t1msjqZcxBrXTFso.crl
rsync://rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/CgIUob8dOv0t1msjqZcxBrXTFso.mft
rsync://rpki.ripe.net/repository/DEFAULT/CgIUob8dOv0t1msjqZcxBrXTFso.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Jun 2026 02:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:88:9c:54:36:1e:33:d9:20:0d:3f:e5:66:2f:28:3a:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a0214a1bf1d3afd2dd66b23a9973106b5d316ca
Validity
Not Before: Jun 2 13:53:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b0b5bd4143e5d9da1a0e9915320b1cbc94854cf0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:5f:a0:7c:d1:a2:ca:0a:89:f5:f4:67:ac:f5:
5c:ca:e3:c4:61:a0:26:10:90:0f:b1:19:b3:13:97:
25:0d:2d:f9:26:52:4d:83:43:9c:70:58:f2:89:10:
16:9d:8e:6c:c2:d4:9b:65:9c:50:3c:81:89:7d:9a:
de:b7:99:dd:e8:4e:38:e8:31:46:7d:a3:19:d1:a9:
94:ef:8a:bb:cf:3e:cb:27:0a:fc:4f:bb:ed:6f:45:
16:de:f3:6f:c1:e8:3e:59:94:e7:b8:9f:7f:ce:0c:
17:fb:6c:c1:cd:89:bd:70:c3:6b:bb:19:92:61:93:
48:c6:e6:2f:94:31:5c:b6:27:12:70:b4:01:b1:47:
81:48:27:e9:1e:f5:33:3b:24:f0:ea:c4:17:b8:bc:
a3:ce:da:c7:b3:5c:85:3e:79:c6:71:65:af:7b:eb:
6a:37:25:f5:20:7a:d0:b7:7d:41:6c:c0:76:76:2b:
87:f5:e6:0a:88:51:50:9e:03:84:b9:ef:be:11:6d:
de:bb:cd:b9:76:c4:54:cf:8d:d5:13:eb:4c:52:54:
7a:5b:ba:42:ba:63:fa:9d:39:be:0f:b8:a9:e1:c9:
1e:6c:a1:05:f9:bc:ec:59:bf:36:67:d8:65:29:7c:
14:6d:2f:65:5d:86:1a:c3:ad:2c:2f:8b:1a:09:be:
61:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:B5:BD:41:43:E5:D9:DA:1A:0E:99:15:32:0B:1C:BC:94:85:4C:F0
X509v3 Authority Key Identifier:
keyid:0A:02:14:A1:BF:1D:3A:FD:2D:D6:6B:23:A9:97:31:06:B5:D3:16:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CgIUob8dOv0t1msjqZcxBrXTFso.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/sLW9QUPl2doaDpkVMgscvJSFTPA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/CgIUob8dOv0t1msjqZcxBrXTFso.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.11.218.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:77:3f:3e:1c:5b:57:5a:78:86:05:40:f9:30:94:a8:95:ee:
8e:98:bf:b7:aa:1d:3b:47:31:f7:3c:67:49:b4:21:4c:4d:02:
e3:6e:8d:2d:7c:4f:53:1a:ad:4f:8b:e6:c6:11:3f:4a:dc:af:
c0:aa:28:08:0a:27:9b:09:d1:6b:09:f8:1a:b5:af:43:32:12:
8b:fa:2e:6d:51:a1:b6:48:c3:b1:1d:ab:c9:e1:31:bc:79:62:
cb:5f:1b:43:af:03:aa:ea:7f:98:42:9e:3b:99:fe:1c:f4:db:
8b:f0:8a:62:ae:c5:3a:22:c9:54:c4:84:85:e1:8d:5d:6c:7f:
c7:9a:92:f9:7a:b5:bb:62:a6:d4:e6:6b:c5:87:a7:33:08:4e:
3f:a3:b3:3b:bc:9f:eb:4b:82:50:fc:32:9d:fc:35:bd:f3:a1:
16:e5:46:fe:44:76:2d:2d:b9:b7:5c:0f:71:d8:04:02:c7:40:
27:9c:d0:1c:d6:1b:11:66:88:ae:e6:6d:27:fb:30:6a:46:7e:
86:79:2f:09:ce:01:17:3c:40:45:9f:95:7b:19:4c:b8:7c:6b:
71:be:77:46:9e:38:7b:87:3a:de:4e:cd:47:4d:a8:2b:0c:5e:
f1:e0:43:f6:50:a2:65:68:2a:16:74:78:c6:2b:9a:42:2a:24:
43:ee:a0:9b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ6InFQ2HjPZIA0/5WYvKDp7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhMDIxNGExYmYxZDNhZmQyZGQ2NmIyM2E5OTczMTA2YjVk
MzE2Y2EwHhcNMjYwNjAyMTM1MzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGI1YmQ0MTQzZTVkOWRhMWEwZTk5MTUzMjBiMWNiYzk0ODU0Y2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3l+gfNGiygqJ9fRnrPVcyuPEYaAm
EJAPsRmzE5clDS35JlJNg0OccFjyiRAWnY5swtSbZZxQPIGJfZret5nd6E446DFG
faMZ0amU74q7zz7LJwr8T7vtb0UW3vNvweg+WZTnuJ9/zgwX+2zBzYm9cMNruxmS
YZNIxuYvlDFcticScLQBsUeBSCfpHvUzOyTw6sQXuLyjztrHs1yFPnnGcWWve+tq
NyX1IHrQt31BbMB2diuH9eYKiFFQngOEue++EW3eu825dsRUz43VE+tMUlR6W7pC
umP6nTm+D7ip4ckebKEF+bzsWb82Z9hlKXwUbS9lXYYaw60sL4saCb5hgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLC1vUFD5dnaGg6ZFTILHLyUhUzwMB8GA1UdIwQY
MBaAFAoCFKG/HTr9LdZrI6mXMQa10xbKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2dJVW9iOGRPdjB0MW1zanFaY3hCclhURnNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS8wNGVjYzAtNjYzYy00NjBlLTkyMGQt
MzMyZWU1NDI1YzdhLzEvc0xXOVFVUGwyZG9hRHBrVk1nc2N2SlNGVFBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS8wNGVjYzAtNjYzYy00NjBlLTkyMGQtMzMyZWU1NDI1Yzdh
LzEvQ2dJVW9iOGRPdjB0MW1zanFaY3hCclhURnNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQvaMA0G
CSqGSIb3DQEBCwUAA4IBAQAqdz8+HFtXWniGBUD5MJSole6OmL+3qh07RzH3PGdJ
tCFMTQLjbo0tfE9TGq1Pi+bGET9K3K/AqigICiebCdFrCfgata9DMhKL+i5tUaG2
SMOxHavJ4TG8eWLLXxtDrwOq6n+YQp47mf4c9NuL8IpirsU6IslUxISF4Y1dbH/H
mpL5erW7YqbU5mvFh6czCE4/o7M7vJ/rS4JQ/DKd/DW986EW5Ub+RHYtLbm3XA9x
2AQCx0AnnNAc1hsRZoiu5m0n+zBqRn6GeS8JzgEXPEBFn5V7GUy4fGtxvndGnjh7
hzreTs1HTagrDF7x4EP2UKJlaCoWdHjGK5pCKiRD7qCb
-----END CERTIFICATE-----
Generated at Sat Jun 6 08:41:09 2026 by rpki-client