Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/b34cb0-2f71-4f59-bd5e-67efcb3d86fe/1/NOncOo0ID7OFhBxkxahXCWMkSks.roa
File: NOncOo0ID7OFhBxkxahXCWMkSks.roa (raw, json)
Hash identifier: eW58ef5cup8x8SSubU4LarAJsD4cHKXH22VsKckNWME=
Subject key identifier: 34:E9:DC:3A:8D:08:0F:B3:85:84:1C:64:C5:A8:57:09:63:24:4A:4B
Certificate issuer: /CN=421bae989898d9402424aadafbb47c3a6d4c25b3
Certificate serial: 019DD81DA3E8A89E02AE49774C4ED182C657
Authority key identifier: 42:1B:AE:98:98:98:D9:40:24:24:AA:DA:FB:B4:7C:3A:6D:4C:25:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QhuumJiY2UAkJKra-7R8Om1MJbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/b34cb0-2f71-4f59-bd5e-67efcb3d86fe/1/NOncOo0ID7OFhBxkxahXCWMkSks.roa
Signing time: Wed 29 Apr 2026 07:21:54 +0000
ROA not before: Wed 29 Apr 2026 07:21:54 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 197580
IP address blocks: 46.245.136.0/21 maxlen: 21
83.174.148.0/23 maxlen: 23
83.174.151.0/24 maxlen: 24
83.174.152.0/23 maxlen: 23
83.174.154.0/24 maxlen: 24
83.174.156.0/23 maxlen: 23
185.42.208.0/24 maxlen: 24
2a01:6320::/32 maxlen: 32
2a05:dec0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/b34cb0-2f71-4f59-bd5e-67efcb3d86fe/1/QhuumJiY2UAkJKra-7R8Om1MJbM.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/b34cb0-2f71-4f59-bd5e-67efcb3d86fe/1/QhuumJiY2UAkJKra-7R8Om1MJbM.mft
rsync://rpki.ripe.net/repository/DEFAULT/QhuumJiY2UAkJKra-7R8Om1MJbM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d8:1d:a3:e8:a8:9e:02:ae:49:77:4c:4e:d1:82:c6:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=421bae989898d9402424aadafbb47c3a6d4c25b3
Validity
Not Before: Apr 29 07:21:54 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=34e9dc3a8d080fb385841c64c5a8570963244a4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:8b:91:e8:17:a8:65:77:79:a8:61:d0:11:fb:
54:da:ab:8e:bd:69:bf:04:0a:02:d6:cb:72:52:47:
5d:de:88:54:02:1f:46:e5:86:63:f9:46:06:87:45:
59:8b:05:de:4c:ae:2b:fb:83:91:29:0e:bf:f6:a7:
ca:bb:9c:5d:53:71:7c:7f:35:0b:95:b1:40:c9:b3:
cb:b2:a6:d5:24:fd:02:cf:c6:f4:4d:37:33:e8:61:
2a:99:0f:06:68:50:15:cc:47:c0:99:5d:6c:43:06:
12:13:4f:7c:da:7d:a5:19:68:8f:dd:50:b0:e8:1c:
14:ba:8d:a4:80:a2:6a:9d:5f:21:00:18:49:60:cc:
95:ce:37:13:ea:6d:82:34:52:de:dc:e4:f4:9b:4e:
a1:37:6c:0b:35:9f:d5:1c:ad:a2:cd:a6:cb:44:99:
6d:c1:60:9f:5d:66:a2:88:b1:56:2a:61:3d:53:3b:
14:81:54:6a:4a:99:c9:05:94:7a:0b:9c:bc:f8:bf:
13:96:2b:8f:b1:99:1c:9e:a8:f0:3d:3c:68:ec:60:
17:9d:42:e9:f2:76:43:bd:5c:d8:0c:e7:6e:7f:ca:
85:17:76:5c:68:8c:95:8f:03:c4:56:fc:fa:51:7d:
ac:f6:b2:99:91:c4:25:31:93:de:1f:6a:e6:71:a9:
8a:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:E9:DC:3A:8D:08:0F:B3:85:84:1C:64:C5:A8:57:09:63:24:4A:4B
X509v3 Authority Key Identifier:
keyid:42:1B:AE:98:98:98:D9:40:24:24:AA:DA:FB:B4:7C:3A:6D:4C:25:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QhuumJiY2UAkJKra-7R8Om1MJbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/b34cb0-2f71-4f59-bd5e-67efcb3d86fe/1/NOncOo0ID7OFhBxkxahXCWMkSks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/b34cb0-2f71-4f59-bd5e-67efcb3d86fe/1/QhuumJiY2UAkJKra-7R8Om1MJbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.245.136.0/21
83.174.148.0/23
83.174.151.0-83.174.154.255
83.174.156.0/23
185.42.208.0/24
IPv6:
2a01:6320::/32
2a05:dec0::/29
Signature Algorithm: sha256WithRSAEncryption
21:28:40:ce:63:24:46:ec:82:79:e5:a4:f6:54:c3:63:48:3f:
d6:e7:bf:34:ad:1f:d7:c5:26:e4:15:eb:55:9b:eb:67:62:76:
eb:bb:7a:e0:d3:99:29:4f:83:47:59:0d:31:29:1e:41:cb:fc:
e0:66:dc:a2:ee:f2:65:b1:b4:ae:73:6f:23:9f:3c:0e:a8:1c:
c6:82:31:45:1c:bb:48:bc:b6:d8:fe:fa:02:82:be:a5:3d:3a:
ba:26:b4:39:44:8f:dd:70:6e:57:db:89:7e:d8:df:5d:2f:c6:
85:4e:4e:c0:80:da:46:ca:b2:64:8c:3b:18:26:f8:3a:6c:74:
f7:65:c6:d8:0e:f8:bb:05:d5:37:d6:71:0d:17:49:43:e9:18:
77:47:c9:f3:81:08:fe:e7:8d:2a:42:af:d6:34:b4:99:0d:21:
61:a3:2e:5b:d7:93:76:f9:0d:8c:e8:a0:50:44:2c:7f:9d:34:
8e:9e:f4:d1:7c:e4:ae:bb:97:6c:cc:da:b1:15:0e:d4:b3:c0:
92:9f:73:76:9d:0e:80:28:26:b5:95:cc:db:8d:50:c6:b3:91:
a2:05:2e:87:c5:e4:d7:84:3a:cf:31:e8:24:29:0d:f2:f7:cd:
1b:af:eb:cc:93:6d:20:42:ac:a8:87:f5:65:a7:b6:8e:40:f7:
b9:75:3f:f6
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZ3YHaPoqJ4Crkl3TE7RgsZXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyMWJhZTk4OTg5OGQ5NDAyNDI0YWFkYWZiYjQ3YzNhNmQ0
YzI1YjMwHhcNMjYwNDI5MDcyMTU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGU5ZGMzYThkMDgwZmIzODU4NDFjNjRjNWE4NTcwOTYzMjQ0YTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3YuR6BeoZXd5qGHQEftU2quOvWm/
BAoC1styUkdd3ohUAh9G5YZj+UYGh0VZiwXeTK4r+4ORKQ6/9qfKu5xdU3F8fzUL
lbFAybPLsqbVJP0Cz8b0TTcz6GEqmQ8GaFAVzEfAmV1sQwYSE0982n2lGWiP3VCw
6BwUuo2kgKJqnV8hABhJYMyVzjcT6m2CNFLe3OT0m06hN2wLNZ/VHK2izabLRJlt
wWCfXWaiiLFWKmE9UzsUgVRqSpnJBZR6C5y8+L8TliuPsZkcnqjwPTxo7GAXnULp
8nZDvVzYDOduf8qFF3ZcaIyVjwPEVvz6UX2s9rKZkcQlMZPeH2rmcamK8QIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFDTp3DqNCA+zhYQcZMWoVwljJEpLMB8GA1UdIwQY
MBaAFEIbrpiYmNlAJCSq2vu0fDptTCWzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWh1dW1KaVkyVUFrSktyYS03UjhPbTFNSmJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9iMzRjYjAtMmY3MS00ZjU5LWJkNWUt
NjdlZmNiM2Q4NmZlLzEvTk9uY09vMElEN09GaEJ4a3hhaFhDV01rU2tzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9iMzRjYjAtMmY3MS00ZjU5LWJkNWUtNjdlZmNiM2Q4NmZl
LzEvUWh1dW1KaVkyVUFrSktyYS03UjhPbTFNSmJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDAsBAIAATAmAwQDLvWIAwQB
U66UMAwDBABTrpcDBABTrpoDBAFTrpwDBAC5KtAwFAQCAAIwDgMFACoBYyADBQMq
Bd7AMA0GCSqGSIb3DQEBCwUAA4IBAQAhKEDOYyRG7IJ55aT2VMNjSD/W5780rR/X
xSbkFetVm+tnYnbru3rg05kpT4NHWQ0xKR5By/zgZtyi7vJlsbSuc28jnzwOqBzG
gjFFHLtIvLbY/voCgr6lPTq6JrQ5RI/dcG5X24l+2N9dL8aFTk7AgNpGyrJkjDsY
Jvg6bHT3ZcbYDvi7BdU31nENF0lD6Rh3R8nzgQj+540qQq/WNLSZDSFhoy5b15N2
+Q2M6KBQRCx/nTSOnvTRfOSuu5dszNqxFQ7Us8CSn3N2nQ6AKCa1lczbjVDGs5Gi
BS6HxeTXhDrPMegkKQ3y980br+vMk20gQqyoh/Vlp7aOQPe5dT/2
-----END CERTIFICATE-----
Generated at Tue May 12 21:39:24 2026 by rpki-client