Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/1028e7-fe04-4ad7-9ebe-b7f72815df7c/1/TGOOYRcNmV295qXxS4iLaJusiBo.roa
File: TGOOYRcNmV295qXxS4iLaJusiBo.roa (raw, json)
Hash identifier: oqdkVui8+d5XgQplzUQ+/bNjoHy7U9CmnNlp4TiyCZ0=
Subject key identifier: 4C:63:8E:61:17:0D:99:5D:BD:E6:A5:F1:4B:88:8B:68:9B:AC:88:1A
Certificate issuer: /CN=dae9df4576e5c654ff557d9f9bea31f2b6778608
Certificate serial: 019E4F14635037C10D28094E0DDC3CC0177D
Authority key identifier: DA:E9:DF:45:76:E5:C6:54:FF:55:7D:9F:9B:EA:31:F2:B6:77:86:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2unfRXblxlT_VX2fm-ox8rZ3hgg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/1028e7-fe04-4ad7-9ebe-b7f72815df7c/1/TGOOYRcNmV295qXxS4iLaJusiBo.roa
Signing time: Fri 22 May 2026 09:46:36 +0000
ROA not before: Fri 22 May 2026 09:46:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 39464
IP address blocks: 91.196.44.0/22 maxlen: 22
185.160.92.0/22 maxlen: 22
185.189.168.0/22 maxlen: 22
193.84.185.0/24 maxlen: 24
195.74.71.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/1028e7-fe04-4ad7-9ebe-b7f72815df7c/1/2unfRXblxlT_VX2fm-ox8rZ3hgg.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/1028e7-fe04-4ad7-9ebe-b7f72815df7c/1/2unfRXblxlT_VX2fm-ox8rZ3hgg.mft
rsync://rpki.ripe.net/repository/DEFAULT/2unfRXblxlT_VX2fm-ox8rZ3hgg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Jun 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:4f:14:63:50:37:c1:0d:28:09:4e:0d:dc:3c:c0:17:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dae9df4576e5c654ff557d9f9bea31f2b6778608
Validity
Not Before: May 22 09:46:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4c638e61170d995dbde6a5f14b888b689bac881a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:43:48:b1:f8:57:bd:86:4c:3d:75:85:f6:2c:
90:77:3d:01:c9:57:7a:32:48:f4:69:46:5f:0f:8d:
96:39:0c:38:6e:a5:97:81:85:fb:9c:23:01:08:5b:
dd:2d:dd:37:d5:21:be:98:70:75:c9:be:aa:c7:39:
4e:cc:16:5c:7f:34:5d:a1:9e:1c:99:82:2e:ea:cd:
9a:56:62:2c:ae:69:b0:99:a0:27:1e:9f:e6:77:8c:
34:d7:af:3f:19:e4:1a:5a:11:4e:e3:e5:06:ec:5f:
60:1f:4a:75:9c:8e:03:dd:89:f7:ae:8c:0e:2a:35:
4f:05:b3:a9:8b:d8:ef:0b:20:48:e7:e3:b0:37:f8:
5c:ef:f4:ee:bc:09:37:fb:b4:86:74:c4:69:e1:61:
53:2f:30:76:47:f7:11:4b:6f:6d:f6:d5:c4:e7:c3:
db:e5:c9:4e:d7:5e:97:f7:91:fc:45:90:3a:e0:bf:
36:d7:e4:13:94:0a:30:0d:d6:cc:60:ec:e7:dd:b6:
54:b1:be:24:30:72:e2:6f:1c:84:5d:a7:9c:77:28:
63:d7:6b:15:8e:15:2f:43:c5:d0:cc:18:f7:90:9e:
fd:39:3e:2a:14:22:3e:13:a3:5a:26:f7:51:71:45:
96:32:6a:ec:31:4e:47:ec:0d:64:63:21:7e:65:20:
92:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:63:8E:61:17:0D:99:5D:BD:E6:A5:F1:4B:88:8B:68:9B:AC:88:1A
X509v3 Authority Key Identifier:
keyid:DA:E9:DF:45:76:E5:C6:54:FF:55:7D:9F:9B:EA:31:F2:B6:77:86:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2unfRXblxlT_VX2fm-ox8rZ3hgg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/1028e7-fe04-4ad7-9ebe-b7f72815df7c/1/TGOOYRcNmV295qXxS4iLaJusiBo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/1028e7-fe04-4ad7-9ebe-b7f72815df7c/1/2unfRXblxlT_VX2fm-ox8rZ3hgg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.44.0/22
185.160.92.0/22
185.189.168.0/22
193.84.185.0/24
195.74.71.0/24
Signature Algorithm: sha256WithRSAEncryption
85:18:4c:3d:56:6c:77:97:57:2c:d8:2c:e6:93:cb:a5:25:42:
4b:ad:f3:41:d8:6d:6b:29:e0:87:e4:23:1f:97:6d:81:0c:3b:
9f:de:28:5b:cf:52:b1:a7:94:2b:f8:21:b8:2c:db:5d:20:a4:
48:00:02:ee:78:44:f6:bb:fe:e8:c6:12:e0:ee:03:f3:07:97:
7f:17:82:ac:43:7e:64:f7:ab:54:37:88:93:05:f4:a1:31:8d:
b5:64:18:34:0c:8f:01:aa:69:22:3c:33:3b:b8:71:36:e9:47:
02:20:35:b5:7e:c9:a9:08:ec:48:5e:f1:86:62:e7:06:23:35:
5a:ce:87:7a:2b:e8:64:bf:8c:c7:a2:b2:22:dd:8c:79:f6:fe:
9b:88:98:3c:b7:4f:08:2c:8a:fa:cf:df:55:b3:de:14:d6:8e:
65:9e:a0:1d:6f:65:6d:0c:e9:67:81:99:6c:31:3b:12:45:36:
68:91:28:25:23:18:c3:d3:8c:8d:20:0e:7d:03:31:88:9e:c1:
e9:a9:81:ce:95:b4:8d:1a:e3:5e:e0:eb:25:6e:80:b9:7a:eb:
85:a5:ec:64:f2:6b:9e:62:c8:df:5e:d1:cf:e6:3d:92:2b:5f:
9a:bb:7c:96:5f:f0:18:46:40:f4:85:ec:22:fc:f8:36:86:07:
7a:ca:17:9c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ5PFGNQN8ENKAlODdw8wBd9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhZTlkZjQ1NzZlNWM2NTRmZjU1N2Q5ZjliZWEzMWYyYjY3
Nzg2MDgwHhcNMjYwNTIyMDk0NjM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzYzOGU2MTE3MGQ5OTVkYmRlNmE1ZjE0Yjg4OGI2ODliYWM4ODFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwENIsfhXvYZMPXWF9iyQdz0ByVd6
Mkj0aUZfD42WOQw4bqWXgYX7nCMBCFvdLd031SG+mHB1yb6qxzlOzBZcfzRdoZ4c
mYIu6s2aVmIsrmmwmaAnHp/md4w0168/GeQaWhFO4+UG7F9gH0p1nI4D3Yn3rowO
KjVPBbOpi9jvCyBI5+OwN/hc7/TuvAk3+7SGdMRp4WFTLzB2R/cRS29t9tXE58Pb
5clO116X95H8RZA64L821+QTlAowDdbMYOzn3bZUsb4kMHLibxyEXaecdyhj12sV
jhUvQ8XQzBj3kJ79OT4qFCI+E6NaJvdRcUWWMmrsMU5H7A1kYyF+ZSCSqwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFExjjmEXDZldveal8UuIi2ibrIgaMB8GA1UdIwQY
MBaAFNrp30V25cZU/1V9n5vqMfK2d4YIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnVuZlJYYmx4bFRfVlgyZm0tb3g4clozaGdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi8xMDI4ZTctZmUwNC00YWQ3LTllYmUt
YjdmNzI4MTVkZjdjLzEvVEdPT1lSY05tVjI5NXFYeFM0aUxhSnVzaUJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi8xMDI4ZTctZmUwNC00YWQ3LTllYmUtYjdmNzI4MTVkZjdj
LzEvMnVuZlJYYmx4bFRfVlgyZm0tb3g4clozaGdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCW8QsAwQC
uaBcAwQCub2oAwQAwVS5AwQAw0pHMA0GCSqGSIb3DQEBCwUAA4IBAQCFGEw9Vmx3
l1cs2Czmk8ulJUJLrfNB2G1rKeCH5CMfl22BDDuf3ihbz1Kxp5Qr+CG4LNtdIKRI
AALueET2u/7oxhLg7gPzB5d/F4KsQ35k96tUN4iTBfShMY21ZBg0DI8BqmkiPDM7
uHE26UcCIDW1fsmpCOxIXvGGYucGIzVazod6K+hkv4zHorIi3Yx59v6biJg8t08I
LIr6z99Vs94U1o5lnqAdb2VtDOlngZlsMTsSRTZokSglIxjD04yNIA59AzGInsHp
qYHOlbSNGuNe4OslboC5euuFpexk8mueYsjfXtHP5j2SK1+au3yWX/AYRkD0hewi
/Pg2hgd6yhec
-----END CERTIFICATE-----
Generated at Sat Jun 6 16:45:57 2026 by rpki-client