Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/pNtboFl06Lty34pLyGZetPTju-E.roa
File: pNtboFl06Lty34pLyGZetPTju-E.roa (raw, json)
Hash identifier: +Btqth7rIB1CG0SDOA/XuuXuL98YSrTU4vYsceK/kD0=
Subject key identifier: A4:DB:5B:A0:59:74:E8:BB:72:DF:8A:4B:C8:66:5E:B4:F4:E3:BB:E1
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 019EA68F9D50A8265ACE2F1321179B04F3D7
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/pNtboFl06Lty34pLyGZetPTju-E.roa
Signing time: Mon 08 Jun 2026 09:28:10 +0000
ROA not before: Mon 08 Jun 2026 09:28:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 198566
IP address blocks: 91.201.87.0/24 maxlen: 24
91.208.108.0/24 maxlen: 24
146.19.21.0/24 maxlen: 24
160.19.94.0/24 maxlen: 24
160.19.95.0/24 maxlen: 24
194.26.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 11 Jun 2026 14:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:a6:8f:9d:50:a8:26:5a:ce:2f:13:21:17:9b:04:f3:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Jun 8 09:28:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a4db5ba05974e8bb72df8a4bc8665eb4f4e3bbe1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:76:6f:a7:f2:60:d9:94:14:ac:69:09:25:67:
1c:e0:6e:63:38:50:e3:c7:4d:4e:03:db:c7:06:9a:
1d:cc:0d:21:d1:f2:86:80:3f:9e:25:25:b3:c4:57:
95:16:1f:aa:24:18:0e:c8:f1:79:2a:e5:6d:c0:6b:
55:09:70:76:05:02:43:11:5f:00:03:59:74:52:64:
fe:64:e7:90:51:2b:3f:18:ff:d5:09:83:53:6b:cc:
86:0f:9a:7f:93:ad:50:3a:34:a1:80:51:a8:cf:b8:
fb:c7:b4:7c:a9:70:1e:03:8a:ca:35:5c:fa:1a:2d:
f7:8c:20:2a:dc:20:c4:38:4c:22:8e:aa:62:4d:3d:
2b:95:d6:9e:25:42:e5:d8:6d:7b:26:67:42:ee:c9:
04:14:ec:54:ab:a2:01:f9:85:a6:cf:16:c3:90:07:
08:37:62:bf:5c:61:1f:c7:1f:7a:77:a1:80:01:8e:
95:a5:49:20:07:06:a5:df:64:56:ac:5f:0c:86:53:
91:cb:09:46:94:5b:ab:14:dd:d6:fc:91:8b:86:89:
5f:ca:75:06:3c:ae:1c:69:c0:da:0f:c3:62:f3:84:
d1:cf:de:f6:09:f8:da:79:62:62:e4:45:e5:07:59:
f8:34:a1:ef:ba:81:75:14:c0:d2:0c:58:51:06:91:
81:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:DB:5B:A0:59:74:E8:BB:72:DF:8A:4B:C8:66:5E:B4:F4:E3:BB:E1
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/pNtboFl06Lty34pLyGZetPTju-E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.201.87.0/24
91.208.108.0/24
146.19.21.0/24
160.19.94.0/23
194.26.215.0/24
Signature Algorithm: sha256WithRSAEncryption
cf:08:22:72:9d:5e:f2:39:8c:97:56:51:8a:3b:5e:97:11:bf:
e3:d8:ae:47:3d:15:04:14:76:a6:d5:c7:f7:92:95:18:36:98:
4c:67:75:dc:32:b1:c0:fb:db:cb:fc:97:b5:45:e9:13:3f:63:
9c:75:96:00:a9:6f:62:89:97:05:52:e0:28:07:b0:9a:86:61:
97:76:6a:ef:a2:0f:e7:90:18:f7:47:50:1c:2f:a9:e6:67:12:
90:84:7a:36:fc:6e:97:51:7b:b6:be:25:f6:94:c7:11:5b:32:
c0:ab:97:bb:ff:c9:7c:da:2a:47:01:d2:ba:7b:6d:b6:06:e3:
93:71:39:a7:c4:4a:ba:c7:fa:3d:61:23:21:02:ad:a8:ce:52:
b7:df:a2:5b:36:bd:30:eb:7e:2f:23:6f:33:88:45:95:be:6b:
de:6a:45:75:39:7f:ef:63:c2:86:de:79:dc:e0:7f:69:2b:3a:
b9:83:cb:8d:50:a1:d7:df:b1:ef:b3:5e:ad:d8:69:e6:55:89:
1b:2d:72:74:67:2e:4b:0d:e7:a8:04:a0:b0:96:4c:32:bf:11:
20:b3:fc:24:81:d0:44:98:36:cb:1a:bd:fc:44:18:28:f9:a4:
30:75:15:d8:45:b5:13:60:ec:b9:93:90:8b:d9:59:50:8a:29:
b7:2f:38:28
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ6mj51QqCZazi8TIRebBPPXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjYwNjA4MDkyODEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGRiNWJhMDU5NzRlOGJiNzJkZjhhNGJjODY2NWViNGY0ZTNiYmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1HZvp/Jg2ZQUrGkJJWcc4G5jOFDj
x01OA9vHBpodzA0h0fKGgD+eJSWzxFeVFh+qJBgOyPF5KuVtwGtVCXB2BQJDEV8A
A1l0UmT+ZOeQUSs/GP/VCYNTa8yGD5p/k61QOjShgFGoz7j7x7R8qXAeA4rKNVz6
Gi33jCAq3CDEOEwijqpiTT0rldaeJULl2G17JmdC7skEFOxUq6IB+YWmzxbDkAcI
N2K/XGEfxx96d6GAAY6VpUkgBwal32RWrF8MhlORywlGlFurFN3W/JGLholfynUG
PK4cacDaD8Ni84TRz972CfjaeWJi5EXlB1n4NKHvuoF1FMDSDFhRBpGBIQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKTbW6BZdOi7ct+KS8hmXrT047vhMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvcE50Ym9GbDA2THR5MzRwTHlHWmV0UFRqdS1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAW8lXAwQA
W9BsAwQAkhMVAwQBoBNeAwQAwhrXMA0GCSqGSIb3DQEBCwUAA4IBAQDPCCJynV7y
OYyXVlGKO16XEb/j2K5HPRUEFHam1cf3kpUYNphMZ3XcMrHA+9vL/Je1RekTP2Oc
dZYAqW9iiZcFUuAoB7CahmGXdmrvog/nkBj3R1AcL6nmZxKQhHo2/G6XUXu2viX2
lMcRWzLAq5e7/8l82ipHAdK6e222BuOTcTmnxEq6x/o9YSMhAq2ozlK336JbNr0w
634vI28ziEWVvmveakV1OX/vY8KG3nnc4H9pKzq5g8uNUKHX37Hvs16t2GnmVYkb
LXJ0Zy5LDeeoBKCwlkwyvxEgs/wkgdBEmDbLGr38RBgo+aQwdRXYRbUTYOy5k5CL
2VlQiim3Lzgo
-----END CERTIFICATE-----
Generated at Wed Jun 10 23:18:58 2026 by rpki-client