Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/a3d2ee-174c-48c3-bd26-7fa9d94024f0/1/Nb8A-vgy3w6OmSHNpfdTE4Sq0lc.roa
File: Nb8A-vgy3w6OmSHNpfdTE4Sq0lc.roa (raw, json)
Hash identifier: i/BzMuMNpx2QMA0UsLDLIIFwuC9xx8eEb11QlO+afMY=
Subject key identifier: 35:BF:00:FA:F8:32:DF:0E:8E:99:21:CD:A5:F7:53:13:84:AA:D2:57
Certificate issuer: /CN=8cef146d85c09aa59687fd6315b13271c1c292ad
Certificate serial: 019E161CF4D612F10D7365182BCEA35788D3
Authority key identifier: 8C:EF:14:6D:85:C0:9A:A5:96:87:FD:63:15:B1:32:71:C1:C2:92:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jO8UbYXAmqWWh_1jFbEyccHCkq0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/a3d2ee-174c-48c3-bd26-7fa9d94024f0/1/Nb8A-vgy3w6OmSHNpfdTE4Sq0lc.roa
Signing time: Mon 11 May 2026 08:17:36 +0000
ROA not before: Mon 11 May 2026 08:17:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 199124
IP address blocks: 69.30.89.0/24 maxlen: 24
91.218.78.0/23 maxlen: 23
91.218.79.0/24 maxlen: 24
2a09:a380::/40 maxlen: 40
2a09:a380:1::/48 maxlen: 48
2a09:a380:3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/a3d2ee-174c-48c3-bd26-7fa9d94024f0/1/jO8UbYXAmqWWh_1jFbEyccHCkq0.crl
rsync://rpki.ripe.net/repository/DEFAULT/b3/a3d2ee-174c-48c3-bd26-7fa9d94024f0/1/jO8UbYXAmqWWh_1jFbEyccHCkq0.mft
rsync://rpki.ripe.net/repository/DEFAULT/jO8UbYXAmqWWh_1jFbEyccHCkq0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 20:01:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:16:1c:f4:d6:12:f1:0d:73:65:18:2b:ce:a3:57:88:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8cef146d85c09aa59687fd6315b13271c1c292ad
Validity
Not Before: May 11 08:17:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=35bf00faf832df0e8e9921cda5f7531384aad257
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:fd:fd:ad:cc:e2:1b:47:8d:b4:0a:cd:ab:cf:
87:e6:dd:7b:ab:32:d3:a8:42:1c:7c:81:4d:29:e6:
e6:eb:e0:62:76:d1:b6:3e:d1:18:32:e6:f0:bf:ee:
4b:7b:81:f3:90:bf:3f:63:6c:95:1b:4a:a4:02:55:
63:45:06:7f:af:cc:49:b6:39:47:a6:41:0f:d3:0c:
16:43:ef:b7:0f:31:8e:65:d9:83:07:55:d5:d9:a2:
d6:0b:5b:62:ee:a6:23:df:1c:b9:a3:0d:fa:4c:6d:
e4:0f:71:c9:a5:7b:e3:d0:44:7c:c0:96:52:05:49:
91:45:3a:dd:20:3d:2a:16:83:c6:52:06:3c:6f:6d:
e5:40:bc:69:69:be:79:3c:38:5e:87:1d:6d:17:04:
a7:ba:5f:ee:8c:e4:54:75:43:a7:5a:c3:14:5a:87:
cb:fc:54:4e:f8:c3:7b:a8:24:e8:bd:ef:ef:b7:3c:
2e:74:df:fd:e0:65:da:88:9d:07:5a:0f:1b:01:c3:
a7:8a:e0:b4:83:8a:12:93:65:6f:77:5a:81:d1:b8:
a8:ef:82:56:e2:5c:9e:85:98:77:a7:ec:96:e7:88:
b8:31:6a:d2:0a:e1:0c:8f:dd:a1:c1:a1:7c:77:79:
03:8e:68:a5:39:3e:5d:02:f6:af:63:3c:df:e9:b7:
0d:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:BF:00:FA:F8:32:DF:0E:8E:99:21:CD:A5:F7:53:13:84:AA:D2:57
X509v3 Authority Key Identifier:
keyid:8C:EF:14:6D:85:C0:9A:A5:96:87:FD:63:15:B1:32:71:C1:C2:92:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jO8UbYXAmqWWh_1jFbEyccHCkq0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/a3d2ee-174c-48c3-bd26-7fa9d94024f0/1/Nb8A-vgy3w6OmSHNpfdTE4Sq0lc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/a3d2ee-174c-48c3-bd26-7fa9d94024f0/1/jO8UbYXAmqWWh_1jFbEyccHCkq0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
69.30.89.0/24
91.218.78.0/23
IPv6:
2a09:a380::/40
Signature Algorithm: sha256WithRSAEncryption
47:34:2a:c8:3f:03:e6:93:d7:75:8b:01:9b:4d:2f:93:23:b3:
40:5d:ec:82:18:e7:21:23:ad:d3:2a:29:47:0c:1d:58:b7:20:
73:29:a2:96:e9:4f:82:73:82:81:43:cb:61:2e:cf:85:d9:94:
a9:c6:66:8d:f6:0c:09:33:6a:01:bd:4f:00:36:2b:a9:b5:a6:
e4:9e:f1:fb:42:5e:c4:c0:92:be:05:82:3e:b3:a4:ee:50:b4:
66:81:e1:54:3d:4d:c4:a7:58:1a:e4:d7:ae:99:08:55:c5:96:
e4:23:67:61:11:cf:60:d6:5e:02:92:dc:3a:22:d3:7e:85:f1:
a6:a0:72:d2:2e:71:af:fa:af:ff:43:9a:c9:17:4a:26:42:d2:
88:03:c8:93:58:3e:89:e7:f1:b6:f8:b7:f6:34:63:88:02:52:
c9:5a:66:48:d6:37:72:27:d5:bd:af:b6:5d:23:08:7d:df:80:
35:e1:87:b5:1b:76:06:71:2d:de:02:c9:b3:20:a5:06:b6:7d:
be:b0:96:77:1b:bc:c8:22:52:50:51:d5:f9:ea:9b:30:81:e6:
16:63:a7:d8:a7:26:70:c9:72:83:3a:56:89:81:96:63:83:b6:
c0:21:b4:7f:9e:85:29:8e:80:1b:52:f6:3e:f4:9e:42:cd:a3:
36:1c:79:cd
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZ4WHPTWEvENc2UYK86jV4jTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjZWYxNDZkODVjMDlhYTU5Njg3ZmQ2MzE1YjEzMjcxYzFj
MjkyYWQwHhcNMjYwNTExMDgxNzM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWJmMDBmYWY4MzJkZjBlOGU5OTIxY2RhNWY3NTMxMzg0YWFkMjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy/39rcziG0eNtArNq8+H5t17qzLT
qEIcfIFNKebm6+BidtG2PtEYMubwv+5Le4HzkL8/Y2yVG0qkAlVjRQZ/r8xJtjlH
pkEP0wwWQ++3DzGOZdmDB1XV2aLWC1ti7qYj3xy5ow36TG3kD3HJpXvj0ER8wJZS
BUmRRTrdID0qFoPGUgY8b23lQLxpab55PDhehx1tFwSnul/ujORUdUOnWsMUWofL
/FRO+MN7qCTove/vtzwudN/94GXaiJ0HWg8bAcOniuC0g4oSk2Vvd1qB0bio74JW
4lyehZh3p+yW54i4MWrSCuEMj92hwaF8d3kDjmilOT5dAvavYzzf6bcNQwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFDW/APr4Mt8OjpkhzaX3UxOEqtJXMB8GA1UdIwQY
MBaAFIzvFG2FwJqllof9YxWxMnHBwpKtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvak84VWJZWEFtcVdXaF8xakZiRXljY0hDa3EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9hM2QyZWUtMTc0Yy00OGMzLWJkMjYt
N2ZhOWQ5NDAyNGYwLzEvTmI4QS12Z3kzdzZPbVNITnBmZFRFNFNxMGxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9hM2QyZWUtMTc0Yy00OGMzLWJkMjYtN2ZhOWQ5NDAyNGYw
LzEvak84VWJZWEFtcVdXaF8xakZiRXljY0hDa3EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQARR5ZAwQB
W9pOMA4EAgACMAgDBgAqCaOAADANBgkqhkiG9w0BAQsFAAOCAQEARzQqyD8D5pPX
dYsBm00vkyOzQF3sghjnISOt0yopRwwdWLcgcymilulPgnOCgUPLYS7PhdmUqcZm
jfYMCTNqAb1PADYrqbWm5J7x+0JexMCSvgWCPrOk7lC0ZoHhVD1NxKdYGuTXrpkI
VcWW5CNnYRHPYNZeApLcOiLTfoXxpqBy0i5xr/qv/0OayRdKJkLSiAPIk1g+iefx
tvi39jRjiAJSyVpmSNY3cifVva+2XSMIfd+ANeGHtRt2BnEt3gLJsyClBrZ9vrCW
dxu8yCJSUFHV+eqbMIHmFmOn2KcmcMlygzpWiYGWY4O2wCG0f56FKY6AG1L2PvSe
Qs2jNhx5zQ==
-----END CERTIFICATE-----
Generated at Wed May 13 04:26:58 2026 by rpki-client