Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/bH05psW5cIfUYH8QzrXv6ithRvY.roa
File: bH05psW5cIfUYH8QzrXv6ithRvY.roa (raw, json)
Hash identifier: +wO/Lw8KTK5zo4bBCXbe2PrdFb8jLw6lK5twip8IMPA=
Subject key identifier: 6C:7D:39:A6:C5:B9:70:87:D4:60:7F:10:CE:B5:EF:EA:2B:61:46:F6
Certificate issuer: /CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
Certificate serial: 019E12BF718642A98E50F84350962FE11B02
Authority key identifier: 83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/bH05psW5cIfUYH8QzrXv6ithRvY.roa
Signing time: Sun 10 May 2026 16:36:36 +0000
ROA not before: Sun 10 May 2026 16:36:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 42615
IP address blocks: 185.186.8.0/24 maxlen: 24
185.186.11.0/24 maxlen: 24
2a0b:6b81:3::/48 maxlen: 48
2a0b:6b81:4::/48 maxlen: 48
2a0b:6b81:401::/48 maxlen: 48
2a0b:6b81:403::/48 maxlen: 48
2a0b:6b86:1300::/40 maxlen: 40
2a0b:6b87::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/g1vJu1R-J3iNIhvIu9X7AuAkSA8.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/g1vJu1R-J3iNIhvIu9X7AuAkSA8.mft
rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 13:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:12:bf:71:86:42:a9:8e:50:f8:43:50:96:2f:e1:1b:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
Validity
Not Before: May 10 16:36:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6c7d39a6c5b97087d4607f10ceb5efea2b6146f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:5a:e4:74:16:60:40:af:66:29:03:fd:3f:5e:
59:f5:d1:54:29:1b:93:c3:fc:e9:4a:15:15:8e:da:
72:39:14:4c:a3:0f:ab:11:72:79:a1:db:4c:d3:58:
e6:43:76:13:c9:ab:ea:90:a1:ba:7b:72:fc:e3:90:
20:c4:ee:ef:ea:c2:23:7a:34:66:66:1c:82:94:1e:
e8:da:58:ce:78:17:19:2a:36:64:28:4b:ec:12:53:
b6:2d:83:23:58:03:aa:de:ba:e2:24:c2:6e:24:cb:
fb:cf:5d:a2:e3:d5:cc:76:d2:ac:23:11:1a:95:a5:
eb:eb:5c:8b:b9:e4:1b:74:f4:63:35:5c:c5:69:e0:
1d:02:37:81:b1:49:7e:cc:06:a9:d8:80:73:2b:62:
1d:36:38:57:52:fa:b4:01:9d:46:d0:b6:8e:9d:0c:
8d:48:bc:62:7a:6f:86:ca:82:c3:8b:17:ed:9c:c6:
5a:05:d3:36:54:14:07:dc:a9:0f:9b:cd:0c:e6:62:
16:2d:ee:45:c7:31:ab:f0:b2:26:ed:63:c7:d4:78:
c4:4b:2b:d7:a7:76:f5:d5:a0:d4:a0:c4:e1:6e:3c:
62:e1:5b:3d:a8:95:de:aa:34:c9:77:0b:b1:b9:b0:
f0:b8:2b:ce:cd:ab:8c:88:95:f2:07:9b:56:04:38:
a9:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:7D:39:A6:C5:B9:70:87:D4:60:7F:10:CE:B5:EF:EA:2B:61:46:F6
X509v3 Authority Key Identifier:
keyid:83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/bH05psW5cIfUYH8QzrXv6ithRvY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/g1vJu1R-J3iNIhvIu9X7AuAkSA8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.186.8.0/24
185.186.11.0/24
IPv6:
2a0b:6b81:3::-2a0b:6b81:4:ffff:ffff:ffff:ffff:ffff
2a0b:6b81:401::/48
2a0b:6b81:403::/48
2a0b:6b86:1300::/40
2a0b:6b87::/32
Signature Algorithm: sha256WithRSAEncryption
15:58:75:4b:75:20:00:8d:80:51:a3:16:9d:32:98:a4:26:20:
74:44:0d:63:86:c1:f0:7c:ea:14:25:f3:79:f6:6a:a0:13:d8:
00:9e:4f:03:4e:8a:70:59:73:e5:65:52:ed:79:83:c1:bd:c8:
b3:05:43:ad:fe:4d:99:fc:ee:c2:fe:fd:91:eb:91:3f:b8:84:
2d:2e:c6:86:69:11:25:d4:62:fd:e1:ac:ed:aa:3e:76:ec:9f:
dd:4a:2e:fb:82:a4:d5:ab:7f:75:a5:d9:fd:ae:69:45:b5:61:
4b:17:20:ee:63:fb:96:5c:4b:fe:be:37:97:ec:38:66:3f:31:
b8:08:f2:65:61:64:6b:1b:25:79:88:34:1f:79:96:58:84:f1:
ec:11:a5:be:ad:74:b9:39:85:72:3f:0f:29:5e:51:32:a7:b7:
c4:fa:da:c6:13:e9:f9:3c:c9:5d:f9:2b:2c:82:6e:53:e1:45:
00:eb:9b:28:7f:4b:d9:40:e1:31:3c:bb:d5:29:16:0d:53:dd:
1d:6b:c5:4f:25:2d:dc:4e:e9:31:80:8b:de:05:ba:0b:d5:25:
95:2f:6d:9b:4f:94:7c:83:42:d0:8b:c9:a9:8d:14:6c:5d:4b:
e9:d9:51:d5:85:75:56:fd:bc:b4:8f:87:4c:a8:07:83:83:3c:
6b:87:6f:90
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgISAZ4Sv3GGQqmOUPhDUJYv4RsCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzNWJjOWJiNTQ3ZTI3Nzg4ZDIyMWJjOGJiZDVmYjAyZTAy
NDQ4MGYwHhcNMjYwNTEwMTYzNjM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzdkMzlhNmM1Yjk3MDg3ZDQ2MDdmMTBjZWI1ZWZlYTJiNjE0NmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjlrkdBZgQK9mKQP9P15Z9dFUKRuT
w/zpShUVjtpyORRMow+rEXJ5odtM01jmQ3YTyavqkKG6e3L845AgxO7v6sIjejRm
ZhyClB7o2ljOeBcZKjZkKEvsElO2LYMjWAOq3rriJMJuJMv7z12i49XMdtKsIxEa
laXr61yLueQbdPRjNVzFaeAdAjeBsUl+zAap2IBzK2IdNjhXUvq0AZ1G0LaOnQyN
SLxiem+GyoLDixftnMZaBdM2VBQH3KkPm80M5mIWLe5FxzGr8LIm7WPH1HjESyvX
p3b11aDUoMThbjxi4Vs9qJXeqjTJdwuxubDwuCvOzauMiJXyB5tWBDipTwIDAQAB
o4ICTDCCAkgwHQYDVR0OBBYEFGx9OabFuXCH1GB/EM617+orYUb2MB8GA1UdIwQY
MBaAFINbybtUfid4jSIbyLvV+wLgJEgPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzF2SnUxUi1KM2lOSWh2SXU5WDdBdUFrU0E4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC85NjJmYjEtM2RmMC00ZWMyLWI1MGEt
YjM2YTI0ZDM5NDI3LzEvYkgwNXBzVzVjSWZVWUg4UXpyWHY2aXRoUnZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC85NjJmYjEtM2RmMC00ZWMyLWI1MGEtYjM2YTI0ZDM5NDI3
LzEvZzF2SnUxUi1KM2lOSWh2SXU5WDdBdUFrU0E4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGIGCCsGAQUFBwEHAQH/BFMwUTASBAIAATAMAwQAuboIAwQA
uboLMDsEAgACMDUwEgMHACoLa4EAAwMHACoLa4EABAMHACoLa4EEAQMHACoLa4EE
AwMGACoLa4YTAwUAKgtrhzANBgkqhkiG9w0BAQsFAAOCAQEAFVh1S3UgAI2AUaMW
nTKYpCYgdEQNY4bB8HzqFCXzefZqoBPYAJ5PA06KcFlz5WVS7XmDwb3IswVDrf5N
mfzuwv79keuRP7iELS7GhmkRJdRi/eGs7ao+duyf3Uou+4Kk1at/daXZ/a5pRbVh
Sxcg7mP7llxL/r43l+w4Zj8xuAjyZWFkaxsleYg0H3mWWITx7BGlvq10uTmFcj8P
KV5RMqe3xPraxhPp+TzJXfkrLIJuU+FFAOubKH9L2UDhMTy71SkWDVPdHWvFTyUt
3E7pMYCL3gW6C9UllS9tm0+UfINC0IvJqY0UbF1L6dlR1YV1Vv28tI+HTKgHg4M8
a4dvkA==
-----END CERTIFICATE-----
Generated at Tue May 12 21:38:57 2026 by rpki-client