Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/aa6192-0427-41c4-97ad-6ee745156844/1/NRS-0uUbswncqM8KIwfjilxDBN0.roa
File: NRS-0uUbswncqM8KIwfjilxDBN0.roa (raw, json)
Hash identifier: i49wPw/CLvbX4iObJwtkIvCUvCkJyhHLrD1P/rLnHts=
Subject key identifier: 35:14:BE:D2:E5:1B:B3:09:DC:A8:CF:0A:23:07:E3:8A:5C:43:04:DD
Certificate issuer: /CN=fde577faa235717ae13438e1d52ea4b4e3da5498
Certificate serial: 019E167EEB13524BE1216886AA1A8846A5E8
Authority key identifier: FD:E5:77:FA:A2:35:71:7A:E1:34:38:E1:D5:2E:A4:B4:E3:DA:54:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_eV3-qI1cXrhNDjh1S6ktOPaVJg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/aa6192-0427-41c4-97ad-6ee745156844/1/NRS-0uUbswncqM8KIwfjilxDBN0.roa
Signing time: Mon 11 May 2026 10:04:36 +0000
ROA not before: Mon 11 May 2026 10:04:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 214060
IP address blocks: 185.242.202.0/23 maxlen: 23
194.48.92.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/aa6192-0427-41c4-97ad-6ee745156844/1/_eV3-qI1cXrhNDjh1S6ktOPaVJg.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/aa6192-0427-41c4-97ad-6ee745156844/1/_eV3-qI1cXrhNDjh1S6ktOPaVJg.mft
rsync://rpki.ripe.net/repository/DEFAULT/_eV3-qI1cXrhNDjh1S6ktOPaVJg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 13:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:16:7e:eb:13:52:4b:e1:21:68:86:aa:1a:88:46:a5:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fde577faa235717ae13438e1d52ea4b4e3da5498
Validity
Not Before: May 11 10:04:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3514bed2e51bb309dca8cf0a2307e38a5c4304dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:c8:83:ef:87:37:70:7e:d1:51:b0:50:f9:a1:
4c:62:4a:04:c2:d6:0e:64:5e:2d:fd:44:0a:cb:a4:
31:5c:85:3e:9e:55:79:30:ec:7c:21:a4:d9:56:17:
00:24:68:c8:82:71:6d:ea:77:3e:0c:db:75:88:b5:
63:3e:a2:42:df:df:11:42:91:ac:fc:54:12:63:ad:
28:e1:32:42:b6:2a:91:6a:21:8e:da:ef:41:a8:2e:
95:8f:ce:63:1a:10:cd:52:ba:df:bc:3c:cd:10:12:
16:24:38:28:55:da:ab:82:a4:98:ed:1e:7c:7a:5e:
e2:8b:2a:d6:b0:aa:8f:dd:0e:bc:dc:60:bb:13:93:
60:27:4c:1b:1d:14:c6:54:12:06:77:85:04:d2:9c:
ff:45:b4:67:73:7f:a6:2e:e6:e6:0a:1b:57:23:3c:
70:12:8b:cb:0e:70:aa:af:4c:e8:49:11:ab:b7:f9:
9d:6d:68:df:bb:92:71:31:37:f4:65:bc:16:6f:bb:
74:20:e4:5c:fd:bd:bc:bf:bd:8f:2d:5b:81:ef:e8:
bf:18:b4:59:39:da:55:97:ce:1e:e4:23:81:18:24:
7d:84:b3:a3:d2:b3:ba:59:ea:a7:70:15:4f:11:96:
2c:6d:51:e9:ac:2f:64:71:b7:9c:30:f0:ee:08:94:
c0:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:14:BE:D2:E5:1B:B3:09:DC:A8:CF:0A:23:07:E3:8A:5C:43:04:DD
X509v3 Authority Key Identifier:
keyid:FD:E5:77:FA:A2:35:71:7A:E1:34:38:E1:D5:2E:A4:B4:E3:DA:54:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_eV3-qI1cXrhNDjh1S6ktOPaVJg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/aa6192-0427-41c4-97ad-6ee745156844/1/NRS-0uUbswncqM8KIwfjilxDBN0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/aa6192-0427-41c4-97ad-6ee745156844/1/_eV3-qI1cXrhNDjh1S6ktOPaVJg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.242.202.0/23
194.48.92.0/24
Signature Algorithm: sha256WithRSAEncryption
88:75:43:62:d8:eb:ea:85:61:e9:db:e2:2c:df:df:ba:78:5f:
48:9e:b4:95:93:e4:3d:5c:67:d9:8b:1f:ad:50:00:9a:3f:ae:
69:cb:e2:6e:8b:db:e2:05:51:34:c1:f1:4c:87:7e:22:0a:f5:
ba:f7:84:2c:61:55:b9:75:cf:ff:a8:bc:e7:0b:bd:df:18:11:
67:9a:95:ae:fa:e4:df:c6:6a:8f:25:8a:44:01:19:ae:b1:9f:
9c:73:7f:7b:fb:0c:cb:12:3f:de:09:07:4c:8a:9d:bc:c1:29:
9d:a1:13:fd:63:3b:4d:a2:11:97:a9:eb:98:8e:ec:08:26:98:
9f:2f:05:50:88:ca:9c:08:20:f4:3e:46:9c:8e:d1:88:00:17:
52:f6:9d:85:03:aa:c9:91:b9:c8:6d:a6:1f:ee:b9:0f:d5:59:
dd:f4:ff:42:c0:0c:b9:43:d5:f5:c4:51:b8:98:ce:4b:31:16:
d2:20:2c:7a:4c:0b:91:7e:23:97:51:26:68:9e:5d:a5:da:b5:
a4:47:a7:dd:9e:ea:ed:96:99:01:0c:26:9d:b0:d7:9f:69:e5:
30:e8:fb:c9:f1:66:21:4d:29:b4:70:fa:13:e2:3c:aa:af:e1:
4e:7f:ae:3b:46:8e:48:f2:66:74:a6:ab:ab:bd:e4:1f:22:16:
cf:85:31:7c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ4WfusTUkvhIWiGqhqIRqXoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkZTU3N2ZhYTIzNTcxN2FlMTM0MzhlMWQ1MmVhNGI0ZTNk
YTU0OTgwHhcNMjYwNTExMTAwNDM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTE0YmVkMmU1MWJiMzA5ZGNhOGNmMGEyMzA3ZTM4YTVjNDMwNGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1MiD74c3cH7RUbBQ+aFMYkoEwtYO
ZF4t/UQKy6QxXIU+nlV5MOx8IaTZVhcAJGjIgnFt6nc+DNt1iLVjPqJC398RQpGs
/FQSY60o4TJCtiqRaiGO2u9BqC6Vj85jGhDNUrrfvDzNEBIWJDgoVdqrgqSY7R58
el7iiyrWsKqP3Q683GC7E5NgJ0wbHRTGVBIGd4UE0pz/RbRnc3+mLubmChtXIzxw
EovLDnCqr0zoSRGrt/mdbWjfu5JxMTf0ZbwWb7t0IORc/b28v72PLVuB7+i/GLRZ
OdpVl84e5COBGCR9hLOj0rO6WeqncBVPEZYsbVHprC9kcbecMPDuCJTA5wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDUUvtLlG7MJ3KjPCiMH44pcQwTdMB8GA1UdIwQY
MBaAFP3ld/qiNXF64TQ44dUupLTj2lSYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2VWMy1xSTFjWHJoTkRqaDFTNmt0T1BhVkpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9hYTYxOTItMDQyNy00MWM0LTk3YWQt
NmVlNzQ1MTU2ODQ0LzEvTlJTLTB1VWJzd25jcU04S0l3ZmppbHhEQk4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9hYTYxOTItMDQyNy00MWM0LTk3YWQtNmVlNzQ1MTU2ODQ0
LzEvX2VWMy1xSTFjWHJoTkRqaDFTNmt0T1BhVkpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBufLKAwQA
wjBcMA0GCSqGSIb3DQEBCwUAA4IBAQCIdUNi2OvqhWHp2+Is39+6eF9InrSVk+Q9
XGfZix+tUACaP65py+Jui9viBVE0wfFMh34iCvW694QsYVW5dc//qLznC73fGBFn
mpWu+uTfxmqPJYpEARmusZ+cc397+wzLEj/eCQdMip28wSmdoRP9YztNohGXqeuY
juwIJpifLwVQiMqcCCD0PkacjtGIABdS9p2FA6rJkbnIbaYf7rkP1Vnd9P9CwAy5
Q9X1xFG4mM5LMRbSICx6TAuRfiOXUSZonl2l2rWkR6fdnurtlpkBDCadsNefaeUw
6PvJ8WYhTSm0cPoT4jyqr+FOf647Ro5I8mZ0pqurveQfIhbPhTF8
-----END CERTIFICATE-----
Generated at Tue May 12 21:42:15 2026 by rpki-client