Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/bd9ca8-179b-4322-a094-50dd3a58154b/1/IiDxsemJXJ9syn7DVcgqBSOdwiU.roa
File: IiDxsemJXJ9syn7DVcgqBSOdwiU.roa (raw, json)
Hash identifier: Mg74FQv3qsWZUHALx/g3ZFqZVMyPoPwX8V5c9fFl5ko=
Subject key identifier: 22:20:F1:B1:E9:89:5C:9F:6C:CA:7E:C3:55:C8:2A:05:23:9D:C2:25
Certificate issuer: /CN=e8bd26dce48161c7fbf9ff67b907f1e605c25a66
Certificate serial: 019ECC882074B14570E1681D43CC715BF2F4
Authority key identifier: E8:BD:26:DC:E4:81:61:C7:FB:F9:FF:67:B9:07:F1:E6:05:C2:5A:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6L0m3OSBYcf7-f9nuQfx5gXCWmY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/bd9ca8-179b-4322-a094-50dd3a58154b/1/IiDxsemJXJ9syn7DVcgqBSOdwiU.roa
Signing time: Mon 15 Jun 2026 18:25:33 +0000
ROA not before: Mon 15 Jun 2026 18:25:33 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 35133
IP address blocks: 77.73.114.0/24 maxlen: 24
217.18.95.0/24 maxlen: 32
2a07:5500::/29 maxlen: 29
2a07:5506::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/bd9ca8-179b-4322-a094-50dd3a58154b/1/6L0m3OSBYcf7-f9nuQfx5gXCWmY.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/bd9ca8-179b-4322-a094-50dd3a58154b/1/6L0m3OSBYcf7-f9nuQfx5gXCWmY.mft
rsync://rpki.ripe.net/repository/DEFAULT/6L0m3OSBYcf7-f9nuQfx5gXCWmY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Jun 2026 00:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:cc:88:20:74:b1:45:70:e1:68:1d:43:cc:71:5b:f2:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8bd26dce48161c7fbf9ff67b907f1e605c25a66
Validity
Not Before: Jun 15 18:25:33 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2220f1b1e9895c9f6cca7ec355c82a05239dc225
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:a8:c1:78:f2:db:3a:01:99:77:31:95:4b:c6:
89:8f:23:79:ee:ab:b6:b5:15:35:8c:8d:a4:83:f7:
bc:7e:7a:f4:dc:7b:f0:b4:b8:5f:71:36:cc:53:21:
e1:7b:31:97:96:c0:c3:7e:31:a1:63:45:1f:32:bf:
a2:36:59:4a:7b:3c:cd:d6:70:6b:f3:ac:15:55:c2:
3b:28:74:20:5a:0e:87:94:7f:e2:1e:db:5a:42:15:
42:f7:55:8d:3e:66:fc:5d:4e:f3:a0:85:83:6c:67:
b0:d3:4f:68:d5:82:c7:6c:dd:60:2e:2f:3e:71:39:
1b:ba:87:43:97:b4:cb:06:d0:1a:e0:0c:b8:e1:e2:
b3:7c:38:bd:0c:ca:14:e0:d0:da:0e:c3:89:7a:4c:
00:d6:8b:b3:15:2e:8e:65:31:83:c1:cd:40:8e:8e:
71:1f:99:21:6a:8f:6e:2c:f3:d0:45:ab:54:9a:11:
30:00:4c:43:c6:80:df:bb:c8:75:1a:50:49:e9:93:
92:31:95:f3:db:50:34:40:7a:a2:66:81:7e:d6:68:
45:22:b7:5d:af:60:7d:da:6a:fc:3f:e0:db:34:58:
cf:22:99:a8:1f:0e:ae:e4:b5:d9:74:5d:be:82:60:
4a:ae:81:b4:68:c0:eb:36:21:8b:35:9e:6f:c8:5d:
2c:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:20:F1:B1:E9:89:5C:9F:6C:CA:7E:C3:55:C8:2A:05:23:9D:C2:25
X509v3 Authority Key Identifier:
keyid:E8:BD:26:DC:E4:81:61:C7:FB:F9:FF:67:B9:07:F1:E6:05:C2:5A:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6L0m3OSBYcf7-f9nuQfx5gXCWmY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/bd9ca8-179b-4322-a094-50dd3a58154b/1/IiDxsemJXJ9syn7DVcgqBSOdwiU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/bd9ca8-179b-4322-a094-50dd3a58154b/1/6L0m3OSBYcf7-f9nuQfx5gXCWmY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.73.114.0/24
217.18.95.0/24
IPv6:
2a07:5500::/29
Signature Algorithm: sha256WithRSAEncryption
67:78:eb:82:cf:a4:82:8d:ad:45:d7:b3:e8:77:30:26:21:62:
9a:ff:9f:0c:0c:f0:a5:89:6e:a0:88:87:37:19:be:7d:4a:7c:
04:ca:12:b8:a1:2f:de:e3:2c:d5:25:f7:0f:ca:a2:5d:97:87:
9b:9b:8e:c9:80:55:0f:39:05:51:d1:65:fb:53:20:e5:65:c8:
8f:26:87:42:4d:07:dc:ff:fa:2a:52:56:b2:14:ca:ab:2c:3b:
88:85:d6:80:88:ef:0b:7d:e4:1e:01:15:89:a6:46:1c:67:fe:
4c:f0:84:37:c7:46:22:e2:f9:4f:ac:f6:25:7b:ee:43:0f:1b:
91:55:76:56:15:f6:59:11:33:80:18:0a:4a:6c:13:23:bb:7e:
0b:15:ff:a3:c9:36:ff:1b:87:6c:0b:0a:c0:59:e6:40:3e:d9:
1b:1d:c6:5b:7c:aa:76:ee:b0:03:3c:eb:11:52:9a:94:5e:3e:
f8:e8:9e:50:c8:c1:e5:77:4d:52:f4:8a:4b:34:41:3f:4d:ec:
03:6b:48:ba:30:24:fd:54:f9:43:88:f8:0b:82:0d:f2:d6:50:
fd:8b:d4:1a:4d:61:29:4b:43:e2:44:c4:76:98:fa:4e:62:d2:
5e:5e:52:aa:23:77:87:b2:37:06:3a:c0:63:94:5e:0a:b8:d7:
14:fd:56:4f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZ7MiCB0sUVw4WgdQ8xxW/L0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4YmQyNmRjZTQ4MTYxYzdmYmY5ZmY2N2I5MDdmMWU2MDVj
MjVhNjYwHhcNMjYwNjE1MTgyNTMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjIwZjFiMWU5ODk1YzlmNmNjYTdlYzM1NWM4MmEwNTIzOWRjMjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApqjBePLbOgGZdzGVS8aJjyN57qu2
tRU1jI2kg/e8fnr03HvwtLhfcTbMUyHhezGXlsDDfjGhY0UfMr+iNllKezzN1nBr
86wVVcI7KHQgWg6HlH/iHttaQhVC91WNPmb8XU7zoIWDbGew009o1YLHbN1gLi8+
cTkbuodDl7TLBtAa4Ay44eKzfDi9DMoU4NDaDsOJekwA1ouzFS6OZTGDwc1Ajo5x
H5khao9uLPPQRatUmhEwAExDxoDfu8h1GlBJ6ZOSMZXz21A0QHqiZoF+1mhFIrdd
r2B92mr8P+DbNFjPIpmoHw6u5LXZdF2+gmBKroG0aMDrNiGLNZ5vyF0sjwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCIg8bHpiVyfbMp+w1XIKgUjncIlMB8GA1UdIwQY
MBaAFOi9JtzkgWHH+/n/Z7kH8eYFwlpmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkwwbTNPU0JZY2Y3LWY5bnVRZng1Z1hDV21ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9iZDljYTgtMTc5Yi00MzIyLWEwOTQt
NTBkZDNhNTgxNTRiLzEvSWlEeHNlbUpYSjlzeW43RFZjZ3FCU09kd2lVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9iZDljYTgtMTc5Yi00MzIyLWEwOTQtNTBkZDNhNTgxNTRi
LzEvNkwwbTNPU0JZY2Y3LWY5bnVRZng1Z1hDV21ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQATUlyAwQA
2RJfMA0EAgACMAcDBQMqB1UAMA0GCSqGSIb3DQEBCwUAA4IBAQBneOuCz6SCja1F
17PodzAmIWKa/58MDPCliW6giIc3Gb59SnwEyhK4oS/e4yzVJfcPyqJdl4ebm47J
gFUPOQVR0WX7UyDlZciPJodCTQfc//oqUlayFMqrLDuIhdaAiO8LfeQeARWJpkYc
Z/5M8IQ3x0Yi4vlPrPYle+5DDxuRVXZWFfZZETOAGApKbBMju34LFf+jyTb/G4ds
CwrAWeZAPtkbHcZbfKp27rADPOsRUpqUXj746J5QyMHld01S9IpLNEE/TewDa0i6
MCT9VPlDiPgLgg3y1lD9i9QaTWEpS0PiRMR2mPpOYtJeXlKqI3eHsjcGOsBjlF4K
uNcU/VZP
-----END CERTIFICATE-----
Generated at Mon Jun 29 10:35:32 2026 by rpki-client