Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/b263a2-0f6f-4f5d-af9e-a39ac2539fc5/1/X7CGjQ6kolsVGBd3Sboy5Nls_1U.roa
File: X7CGjQ6kolsVGBd3Sboy5Nls_1U.roa (raw, json)
Hash identifier: 2lpGN3OQtP78oSaTegP8Ye3aHPb2JHLswc6FAKv3QGs=
Subject key identifier: 5F:B0:86:8D:0E:A4:A2:5B:15:18:17:77:49:BA:32:E4:D9:6C:FF:55
Certificate issuer: /CN=ffa3e55141c1a1f9f2e28811ed7e77fad378a579
Certificate serial: 019EF4D1E274D1824C660A3D1F402ECC60C7
Authority key identifier: FF:A3:E5:51:41:C1:A1:F9:F2:E2:88:11:ED:7E:77:FA:D3:78:A5:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_6PlUUHBofny4ogR7X53-tN4pXk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/b263a2-0f6f-4f5d-af9e-a39ac2539fc5/1/X7CGjQ6kolsVGBd3Sboy5Nls_1U.roa
Signing time: Tue 23 Jun 2026 14:10:56 +0000
ROA not before: Tue 23 Jun 2026 14:10:56 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 198138
IP address blocks: 109.122.9.0/24 maxlen: 24
109.122.22.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/b263a2-0f6f-4f5d-af9e-a39ac2539fc5/1/_6PlUUHBofny4ogR7X53-tN4pXk.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/b263a2-0f6f-4f5d-af9e-a39ac2539fc5/1/_6PlUUHBofny4ogR7X53-tN4pXk.mft
rsync://rpki.ripe.net/repository/DEFAULT/_6PlUUHBofny4ogR7X53-tN4pXk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Jun 2026 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:f4:d1:e2:74:d1:82:4c:66:0a:3d:1f:40:2e:cc:60:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ffa3e55141c1a1f9f2e28811ed7e77fad378a579
Validity
Not Before: Jun 23 14:10:56 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5fb0868d0ea4a25b1518177749ba32e4d96cff55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:02:4f:1a:a6:20:7b:ec:4e:b3:a9:4b:e3:89:
cc:ce:3a:fe:e1:dc:0b:b9:6d:f7:8b:4b:1f:73:31:
30:07:80:08:fa:8d:b0:e2:7b:cf:53:ac:b8:f4:49:
18:14:5d:eb:ba:58:3c:b9:94:a1:a3:93:fa:e2:89:
68:24:d0:a1:e7:41:67:2b:1b:74:48:51:67:b9:a7:
00:1c:66:f1:fa:3f:01:9a:36:df:90:0d:5c:fe:ab:
a2:87:ae:e7:e1:35:ac:2a:db:38:fc:e4:19:73:fa:
be:d2:4a:b2:e0:25:5a:92:6c:4f:6f:b8:d0:8b:c4:
d7:93:d0:15:e1:4e:e5:23:71:e3:e9:e9:3a:cd:83:
cc:95:b9:3a:38:4e:e2:93:45:7c:42:42:31:08:ba:
aa:59:5b:60:ee:83:f2:02:5d:c1:c6:ee:ef:45:f3:
a6:ff:d4:39:01:25:30:8e:c0:0c:b2:e5:a6:27:fd:
86:97:32:09:b5:f2:10:0b:46:78:bb:31:f4:06:22:
77:65:3d:f4:68:98:39:39:e7:aa:e4:c7:44:fe:47:
28:c2:74:dc:1b:5f:22:10:df:58:15:6f:a9:de:cc:
e2:a3:45:90:88:ca:c6:1a:29:34:34:21:3d:d8:c0:
8f:a6:c9:c3:55:45:e9:d2:c5:fb:08:20:2a:da:b8:
26:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:B0:86:8D:0E:A4:A2:5B:15:18:17:77:49:BA:32:E4:D9:6C:FF:55
X509v3 Authority Key Identifier:
keyid:FF:A3:E5:51:41:C1:A1:F9:F2:E2:88:11:ED:7E:77:FA:D3:78:A5:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_6PlUUHBofny4ogR7X53-tN4pXk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b263a2-0f6f-4f5d-af9e-a39ac2539fc5/1/X7CGjQ6kolsVGBd3Sboy5Nls_1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b263a2-0f6f-4f5d-af9e-a39ac2539fc5/1/_6PlUUHBofny4ogR7X53-tN4pXk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.9.0/24
109.122.22.0/24
Signature Algorithm: sha256WithRSAEncryption
23:c9:7d:e6:13:a2:33:4c:a0:a2:d7:07:1e:5c:8e:2b:f3:a9:
ee:a3:5e:bc:18:94:a0:ee:5a:51:d0:81:17:fc:45:a8:09:b3:
f2:5e:3e:12:65:51:9f:78:81:d4:a2:fa:d0:67:74:75:41:62:
84:55:65:b4:cf:37:ca:8d:64:a3:ed:e5:d1:af:96:74:1e:4e:
7e:d8:d3:f0:23:0b:67:88:2f:be:44:9f:61:93:c1:09:f1:7f:
65:f5:74:e7:41:08:1b:af:8b:9b:20:5b:22:cc:fc:0d:0b:f7:
9e:74:6f:74:c5:be:82:7a:bd:51:a1:d0:6d:63:0a:d6:49:e9:
94:7e:92:67:ed:b7:dc:62:2f:a7:c7:2f:e1:27:ea:8a:c7:ec:
56:8c:9d:74:1c:bc:8e:f6:df:46:99:f0:34:41:51:8d:6a:b6:
8e:46:60:0b:4f:73:e9:14:0b:55:d7:4b:66:04:43:3a:48:e0:
10:84:54:85:fb:fa:09:1d:1a:59:e1:9c:18:2b:48:c8:b7:b7:
27:eb:b2:43:c2:cd:49:20:95:55:48:75:0c:04:db:9a:02:5e:
53:b7:a5:66:ad:09:b1:56:8b:be:8b:93:9b:6e:3d:a7:e7:65:
62:36:fe:09:72:e3:dc:8a:d3:25:ef:eb:29:78:26:89:df:21:
a6:65:cf:1b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ700eJ00YJMZgo9H0AuzGDHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmYTNlNTUxNDFjMWExZjlmMmUyODgxMWVkN2U3N2ZhZDM3
OGE1NzkwHhcNMjYwNjIzMTQxMDU2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmIwODY4ZDBlYTRhMjViMTUxODE3Nzc0OWJhMzJlNGQ5NmNmZjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmwJPGqYge+xOs6lL44nMzjr+4dwL
uW33i0sfczEwB4AI+o2w4nvPU6y49EkYFF3rulg8uZSho5P64oloJNCh50FnKxt0
SFFnuacAHGbx+j8BmjbfkA1c/quih67n4TWsKts4/OQZc/q+0kqy4CVakmxPb7jQ
i8TXk9AV4U7lI3Hj6ek6zYPMlbk6OE7ik0V8QkIxCLqqWVtg7oPyAl3Bxu7vRfOm
/9Q5ASUwjsAMsuWmJ/2GlzIJtfIQC0Z4uzH0BiJ3ZT30aJg5Oeeq5MdE/kcownTc
G18iEN9YFW+p3szio0WQiMrGGik0NCE92MCPpsnDVUXp0sX7CCAq2rgmzQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFF+who0OpKJbFRgXd0m6MuTZbP9VMB8GA1UdIwQY
MBaAFP+j5VFBwaH58uKIEe1+d/rTeKV5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzZQbFVVSEJvZm55NG9nUjdYNTMtdE40cFhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9iMjYzYTItMGY2Zi00ZjVkLWFmOWUt
YTM5YWMyNTM5ZmM1LzEvWDdDR2pRNmtvbHNWR0JkM1Nib3k1TmxzXzFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9iMjYzYTItMGY2Zi00ZjVkLWFmOWUtYTM5YWMyNTM5ZmM1
LzEvXzZQbFVVSEJvZm55NG9nUjdYNTMtdE40cFhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbXoJAwQA
bXoWMA0GCSqGSIb3DQEBCwUAA4IBAQAjyX3mE6IzTKCi1wceXI4r86nuo168GJSg
7lpR0IEX/EWoCbPyXj4SZVGfeIHUovrQZ3R1QWKEVWW0zzfKjWSj7eXRr5Z0Hk5+
2NPwIwtniC++RJ9hk8EJ8X9l9XTnQQgbr4ubIFsizPwNC/eedG90xb6Cer1RodBt
YwrWSemUfpJn7bfcYi+nxy/hJ+qKx+xWjJ10HLyO9t9GmfA0QVGNaraORmALT3Pp
FAtV10tmBEM6SOAQhFSF+/oJHRpZ4ZwYK0jIt7cn67JDws1JIJVVSHUMBNuaAl5T
t6VmrQmxVou+i5Obbj2n52ViNv4JcuPcitMl7+speCaJ3yGmZc8b
-----END CERTIFICATE-----
Generated at Mon Jun 29 10:35:30 2026 by rpki-client