Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/RxV2hKb9FcPXNRV7HyZ5MrOTGuo.roa
File: RxV2hKb9FcPXNRV7HyZ5MrOTGuo.roa (raw, json)
Hash identifier: FR6w8QrfwOjOjN58EI++kUY7Skt2p1rD0rHJqD1VkWY=
Subject key identifier: 47:15:76:84:A6:FD:15:C3:D7:35:15:7B:1F:26:79:32:B3:93:1A:EA
Certificate issuer: /CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Certificate serial: 019E7E80223BE63164ABD8AA8B84081E77E7
Authority key identifier: D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/RxV2hKb9FcPXNRV7HyZ5MrOTGuo.roa
Signing time: Sun 31 May 2026 14:46:27 +0000
ROA not before: Sun 31 May 2026 14:46:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 91.109.40.0/24 maxlen: 24
91.109.41.0/24 maxlen: 24
91.109.43.0/24 maxlen: 24
91.109.44.0/24 maxlen: 24
91.109.45.0/24 maxlen: 24
91.109.46.0/24 maxlen: 24
147.185.196.0/24 maxlen: 24
193.168.200.0/24 maxlen: 24
193.168.203.0/24 maxlen: 24
207.244.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.mft
rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:7e:80:22:3b:e6:31:64:ab:d8:aa:8b:84:08:1e:77:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Validity
Not Before: May 31 14:46:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=47157684a6fd15c3d735157b1f267932b3931aea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:cc:53:b6:a3:b4:38:a1:58:8c:44:1c:b4:d7:
6e:9a:3d:97:14:eb:4b:db:85:58:0c:93:b2:52:3e:
45:f3:06:70:bc:8e:ae:04:43:67:e2:c7:8c:f4:b7:
fe:6f:a7:84:31:e2:e0:a0:c6:41:ff:de:20:a6:d2:
ab:29:9a:15:6a:0a:59:e8:72:d3:6b:43:fe:41:8a:
9c:a5:41:87:00:67:8d:cf:5c:4a:cd:40:bf:48:77:
38:e2:66:37:0d:fd:4b:b0:b8:0e:41:24:ba:df:b3:
6f:12:8c:0f:36:31:f6:65:3d:92:af:5a:d9:8e:a2:
88:c3:05:3a:63:12:a4:0d:1f:11:41:47:4c:9b:8f:
ff:9e:33:fb:15:f3:c1:39:45:f8:8d:20:bb:12:f3:
dd:88:fe:c2:b3:7b:7f:35:e4:b7:4a:09:f3:b5:77:
4d:34:a1:1b:c5:b6:7a:43:49:3b:97:ac:f5:2d:45:
ef:db:a4:17:b9:68:f0:34:88:6a:6d:17:81:84:c3:
28:e6:17:67:fa:09:41:2b:59:16:8b:87:f0:8b:b2:
d5:9d:75:d6:33:3d:ac:1d:42:d0:77:22:2b:a0:d5:
7e:0c:30:06:94:aa:b3:10:07:9e:4a:8f:f3:a8:40:
5c:f9:5f:76:c7:96:33:c3:bd:29:d3:b4:67:40:dc:
a7:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:15:76:84:A6:FD:15:C3:D7:35:15:7B:1F:26:79:32:B3:93:1A:EA
X509v3 Authority Key Identifier:
keyid:D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/RxV2hKb9FcPXNRV7HyZ5MrOTGuo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.109.40.0/23
91.109.43.0-91.109.46.255
147.185.196.0/24
193.168.200.0/24
193.168.203.0/24
207.244.198.0/24
Signature Algorithm: sha256WithRSAEncryption
51:7e:95:34:fe:a4:89:64:d9:d4:99:0d:db:db:d1:fe:06:f3:
3c:50:b4:e5:40:6e:09:56:fe:6a:5c:62:c7:27:67:27:48:49:
7d:e0:7f:51:ad:26:35:a6:e9:07:97:93:95:aa:f1:74:5f:ce:
d7:3e:a0:40:53:f7:21:0f:74:60:cb:a7:1f:e2:18:fd:c9:2f:
9f:c2:08:88:d2:7e:a2:ff:ad:ea:a6:33:70:80:6f:58:f6:1d:
cf:e1:17:ee:da:69:ce:bc:27:48:2a:9a:68:a7:08:a9:e8:a3:
48:bd:fa:03:02:d8:5a:4e:ed:57:48:5a:05:3c:27:8b:a3:1a:
68:e0:1c:84:59:af:55:31:c0:39:e4:41:b9:0a:3d:c7:e6:c7:
20:56:88:c6:57:be:f1:d0:d5:06:aa:28:0e:99:20:ed:ac:fe:
a5:eb:98:09:3e:9a:d3:2e:ea:26:78:55:9f:e1:56:4c:b2:23:
24:02:df:73:f9:f6:61:f5:b4:7a:ca:b1:00:14:63:c7:9a:16:
eb:c0:f5:b5:da:73:9f:ce:15:10:d3:4a:aa:f9:25:ec:28:ef:
d2:fe:e1:1f:57:d1:3c:f1:8c:5d:da:7b:75:dd:77:e8:99:82:
0f:97:a1:d9:85:3d:f1:9b:a7:ed:7f:79:6d:a9:5b:c5:e3:0d:
b6:9f:ed:02
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZ5+gCI75jFkq9iqi4QIHnfnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwOGRhOWNmMDBkNGQ1OGI4NTRmZmM2MjAxMGYyMzViMDZk
ZjM1NGEwHhcNMjYwNTMxMTQ0NjI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzE1NzY4NGE2ZmQxNWMzZDczNTE1N2IxZjI2NzkzMmIzOTMxYWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgsxTtqO0OKFYjEQctNdumj2XFOtL
24VYDJOyUj5F8wZwvI6uBENn4seM9Lf+b6eEMeLgoMZB/94gptKrKZoVagpZ6HLT
a0P+QYqcpUGHAGeNz1xKzUC/SHc44mY3Df1LsLgOQSS637NvEowPNjH2ZT2Sr1rZ
jqKIwwU6YxKkDR8RQUdMm4//njP7FfPBOUX4jSC7EvPdiP7Cs3t/NeS3SgnztXdN
NKEbxbZ6Q0k7l6z1LUXv26QXuWjwNIhqbReBhMMo5hdn+glBK1kWi4fwi7LVnXXW
Mz2sHULQdyIroNV+DDAGlKqzEAeeSo/zqEBc+V92x5Yzw70p07RnQNynbwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFEcVdoSm/RXD1zUVex8meTKzkxrqMB8GA1UdIwQY
MBaAFNCNqc8A1NWLhU/8YgEPI1sG3zVKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYt
MjBlMTk3ODBjYjJlLzEvUnhWMmhLYjlGY1BYTlJWN0h5WjVNck9UR3VvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYtMjBlMTk3ODBjYjJl
LzEvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQBW20oMAwD
BABbbSsDBABbbS4DBACTucQDBADBqMgDBADBqMsDBADP9MYwDQYJKoZIhvcNAQEL
BQADggEBAFF+lTT+pIlk2dSZDdvb0f4G8zxQtOVAbglW/mpcYscnZydISX3gf1Gt
JjWm6QeXk5Wq8XRfztc+oEBT9yEPdGDLpx/iGP3JL5/CCIjSfqL/reqmM3CAb1j2
Hc/hF+7aac68J0gqmminCKnoo0i9+gMC2FpO7VdIWgU8J4ujGmjgHIRZr1UxwDnk
QbkKPcfmxyBWiMZXvvHQ1QaqKA6ZIO2s/qXrmAk+mtMu6iZ4VZ/hVkyyIyQC33P5
9mH1tHrKsQAUY8eaFuvA9bXac5/OFRDTSqr5Jewo79L+4R9X0TzxjF3ae3Xdd+iZ
gg+XodmFPfGbp+1/eW2pW8XjDbaf7QI=
-----END CERTIFICATE-----
Generated at Thu Jun 4 05:11:20 2026 by rpki-client