Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/8d939f-9ef9-4076-a8f3-7a70b787d2ef/1/0FNoMbgseYV17utwVKA14r42r7I.roa
File: 0FNoMbgseYV17utwVKA14r42r7I.roa (raw, json)
Hash identifier: lwJ39ipwWaadQK6jaqfxoBx/Ygl4WEu8BGQ2H3nMeS0=
Subject key identifier: D0:53:68:31:B8:2C:79:85:75:EE:EB:70:54:A0:35:E2:BE:36:AF:B2
Certificate issuer: /CN=e9bfd0410c7bf3bb1d75b18acb1e96393ad21b26
Certificate serial: 019E436ADAD81C5BE43B3D1A870E657DDF48
Authority key identifier: E9:BF:D0:41:0C:7B:F3:BB:1D:75:B1:8A:CB:1E:96:39:3A:D2:1B:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6b_QQQx787sddbGKyx6WOTrSGyY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/8d939f-9ef9-4076-a8f3-7a70b787d2ef/1/0FNoMbgseYV17utwVKA14r42r7I.roa
Signing time: Wed 20 May 2026 03:25:36 +0000
ROA not before: Wed 20 May 2026 03:25:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 214494
IP address blocks: 185.196.4.0/22 maxlen: 24
185.196.4.0/24 maxlen: 24
185.196.5.0/24 maxlen: 24
185.196.6.0/24 maxlen: 24
2a0a:62c0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/8d939f-9ef9-4076-a8f3-7a70b787d2ef/1/6b_QQQx787sddbGKyx6WOTrSGyY.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/8d939f-9ef9-4076-a8f3-7a70b787d2ef/1/6b_QQQx787sddbGKyx6WOTrSGyY.mft
rsync://rpki.ripe.net/repository/DEFAULT/6b_QQQx787sddbGKyx6WOTrSGyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 13:27:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:43:6a:da:d8:1c:5b:e4:3b:3d:1a:87:0e:65:7d:df:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9bfd0410c7bf3bb1d75b18acb1e96393ad21b26
Validity
Not Before: May 20 03:25:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d0536831b82c798575eeeb7054a035e2be36afb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:99:45:af:a2:a8:d7:f0:c2:36:86:3f:03:e0:
f8:4f:73:48:b6:99:6b:c2:f9:62:bb:c3:8b:e6:00:
bb:fa:b4:79:d8:be:6a:b7:76:74:db:94:ee:ce:5e:
fa:06:70:62:3f:92:ac:1b:bb:dc:88:5e:78:98:2b:
71:ad:a3:11:47:3f:26:a8:11:54:31:c1:d7:1d:03:
5c:9c:50:bc:e2:97:b3:e6:b5:cc:d7:2f:c4:ae:68:
41:05:81:df:34:64:cb:05:85:3d:a1:a8:a8:ee:19:
6e:15:8c:39:80:c3:74:c9:6a:e8:90:c3:6b:8a:96:
89:9e:92:55:c9:44:d5:51:43:47:a5:d1:3e:ea:1e:
e3:6f:88:84:85:0b:92:96:5e:cb:e9:8c:7a:90:ad:
08:67:96:88:d6:d4:e2:c1:92:d9:e8:bb:fe:66:45:
3b:de:fa:54:83:1a:d7:86:a3:9f:74:a9:da:73:ef:
22:1a:ea:64:87:d0:f7:57:7c:10:18:da:a5:43:96:
5b:c8:db:54:4b:da:cb:97:9c:27:95:54:45:83:f2:
48:94:38:73:8f:98:b2:b9:12:65:b3:3d:52:d1:0e:
d9:04:f1:8c:d0:50:ec:24:ea:09:65:b1:a9:ab:b2:
3d:24:8a:5e:45:22:b3:5b:22:69:8d:08:98:c5:eb:
1a:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:53:68:31:B8:2C:79:85:75:EE:EB:70:54:A0:35:E2:BE:36:AF:B2
X509v3 Authority Key Identifier:
keyid:E9:BF:D0:41:0C:7B:F3:BB:1D:75:B1:8A:CB:1E:96:39:3A:D2:1B:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b_QQQx787sddbGKyx6WOTrSGyY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/8d939f-9ef9-4076-a8f3-7a70b787d2ef/1/0FNoMbgseYV17utwVKA14r42r7I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/8d939f-9ef9-4076-a8f3-7a70b787d2ef/1/6b_QQQx787sddbGKyx6WOTrSGyY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.196.4.0/22
IPv6:
2a0a:62c0::/32
Signature Algorithm: sha256WithRSAEncryption
5e:34:5f:3f:9e:a9:4e:98:5c:6d:97:b5:25:12:cb:69:ef:27:
11:8a:37:98:57:2a:0e:85:cc:5b:22:85:f3:a2:a4:0e:47:b6:
b1:96:8f:e0:8b:9f:91:4b:b4:22:28:55:c3:e5:ca:78:5b:c9:
d8:48:83:9b:e8:fe:83:da:d4:e3:72:65:55:35:86:fc:11:3c:
60:b6:de:5e:4d:2b:b4:63:c5:11:17:2b:aa:de:da:dc:e7:ff:
9d:f7:eb:b1:7b:87:d6:b0:02:5e:46:49:02:20:83:6c:d2:5a:
01:f0:d2:51:ab:c1:8d:56:db:b2:6d:5f:1a:19:d1:e0:df:61:
43:49:fd:29:d1:a6:10:e1:a6:33:a8:01:74:fb:82:05:ac:cc:
ee:9f:84:3c:f0:bb:29:49:0e:38:9b:33:a3:7b:a3:c6:1e:d2:
77:db:36:96:56:d1:b8:06:32:78:5f:85:33:b5:01:ad:38:c6:
9d:b9:83:b4:1a:df:56:a0:52:88:ff:a1:bf:ac:69:dd:f7:4b:
ad:b6:e4:4a:bf:e0:e1:85:6b:cc:90:c6:0d:63:9d:74:27:fb:
d1:99:3e:7b:72:32:9e:11:38:ff:e2:98:cd:3f:ae:43:98:cd:
d0:c1:22:5d:89:8e:df:4e:55:cc:74:1d:41:74:71:33:cb:5f:
1c:a0:e9:e9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZ5DatrYHFvkOz0ahw5lfd9IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5YmZkMDQxMGM3YmYzYmIxZDc1YjE4YWNiMWU5NjM5M2Fk
MjFiMjYwHhcNMjYwNTIwMDMyNTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDUzNjgzMWI4MmM3OTg1NzVlZWViNzA1NGEwMzVlMmJlMzZhZmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8JlFr6Ko1/DCNoY/A+D4T3NItplr
wvliu8OL5gC7+rR52L5qt3Z025Tuzl76BnBiP5KsG7vciF54mCtxraMRRz8mqBFU
McHXHQNcnFC84pez5rXM1y/ErmhBBYHfNGTLBYU9oaio7hluFYw5gMN0yWrokMNr
ipaJnpJVyUTVUUNHpdE+6h7jb4iEhQuSll7L6Yx6kK0IZ5aI1tTiwZLZ6Lv+ZkU7
3vpUgxrXhqOfdKnac+8iGupkh9D3V3wQGNqlQ5ZbyNtUS9rLl5wnlVRFg/JIlDhz
j5iyuRJlsz1S0Q7ZBPGM0FDsJOoJZbGpq7I9JIpeRSKzWyJpjQiYxesaKwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNBTaDG4LHmFde7rcFSgNeK+Nq+yMB8GA1UdIwQY
MBaAFOm/0EEMe/O7HXWxisseljk60hsmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmJfUVFReDc4N3NkZGJHS3l4NldPVHJTR3lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi84ZDkzOWYtOWVmOS00MDc2LWE4ZjMt
N2E3MGI3ODdkMmVmLzEvMEZOb01iZ3NlWVYxN3V0d1ZLQTE0cjQycjdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi84ZDkzOWYtOWVmOS00MDc2LWE4ZjMtN2E3MGI3ODdkMmVm
LzEvNmJfUVFReDc4N3NkZGJHS3l4NldPVHJTR3lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCucQEMA0E
AgACMAcDBQAqCmLAMA0GCSqGSIb3DQEBCwUAA4IBAQBeNF8/nqlOmFxtl7UlEstp
7ycRijeYVyoOhcxbIoXzoqQOR7axlo/gi5+RS7QiKFXD5cp4W8nYSIOb6P6D2tTj
cmVVNYb8ETxgtt5eTSu0Y8URFyuq3trc5/+d9+uxe4fWsAJeRkkCIINs0loB8NJR
q8GNVtuybV8aGdHg32FDSf0p0aYQ4aYzqAF0+4IFrMzun4Q88LspSQ44mzOje6PG
HtJ32zaWVtG4BjJ4X4UztQGtOMaduYO0Gt9WoFKI/6G/rGnd90uttuRKv+DhhWvM
kMYNY510J/vRmT57cjKeETj/4pjNP65DmM3QwSJdiY7fTlXMdB1BdHEzy18coOnp
-----END CERTIFICATE-----
Generated at Thu Jun 11 23:33:09 2026 by rpki-client