Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/I19Hbh49tBdBYqRQavOF16Zk_kU.roa
File: I19Hbh49tBdBYqRQavOF16Zk_kU.roa (raw, json)
Hash identifier: +yICwOhaB3ZAtcNdMQBEK5G5o0sCVxa7qFYQ35Fqfw0=
Subject key identifier: 23:5F:47:6E:1E:3D:B4:17:41:62:A4:50:6A:F3:85:D7:A6:64:FE:45
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 019E2510C6CF94F2D0D1C3FCC3422849B739
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/I19Hbh49tBdBYqRQavOF16Zk_kU.roa
Signing time: Thu 14 May 2026 05:58:36 +0000
ROA not before: Thu 14 May 2026 05:58:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 81.18.48.0/24 maxlen: 24
178.219.6.0/24 maxlen: 24
178.253.224.0/24 maxlen: 24
185.47.91.0/24 maxlen: 24
188.255.198.0/24 maxlen: 24
212.69.8.0/24 maxlen: 24
212.69.11.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.mft
rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 16 May 2026 02:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:25:10:c6:cf:94:f2:d0:d1:c3:fc:c3:42:28:49:b7:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: May 14 05:58:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=235f476e1e3db4174162a4506af385d7a664fe45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:2f:da:eb:42:30:90:18:47:14:89:d7:95:1f:
6a:56:79:b5:40:2c:29:be:e2:ea:ea:53:8f:6e:f9:
bb:95:1d:6a:d3:b8:09:0f:72:9f:97:96:0f:e9:bf:
8f:7e:38:2d:8b:36:d5:27:e8:b9:6a:c0:19:92:c6:
3a:5f:43:3a:2a:8e:27:ed:7e:b0:c4:aa:0f:0d:f1:
67:6f:9e:0c:39:93:ac:49:f8:04:a1:f2:b4:fb:69:
70:09:bb:29:93:11:85:51:95:dd:a1:d8:44:a3:dc:
5f:4a:f1:f3:05:50:56:2c:18:d6:62:b8:86:06:70:
4c:b6:c0:b3:33:18:cd:ed:e5:8d:15:a9:69:d9:05:
c1:31:ae:85:9a:0a:50:9e:9f:3f:b3:ca:0b:57:8c:
32:61:ec:46:b2:2b:a3:bd:4c:94:91:18:65:8b:b2:
30:fb:a8:db:8d:05:44:7d:b4:96:7a:d5:8c:19:91:
35:90:90:c8:b0:0c:01:fc:02:63:29:b8:9b:dd:2c:
a5:2f:4a:c0:df:06:97:6b:f2:db:ce:07:ff:b9:03:
de:90:5d:84:0c:65:d2:81:9f:7a:a3:f6:dd:51:b7:
64:ea:64:7b:97:ea:c4:b7:f7:85:c4:f3:3a:87:64:
15:78:05:4c:18:28:75:87:ae:e1:36:fe:b8:77:61:
5d:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:5F:47:6E:1E:3D:B4:17:41:62:A4:50:6A:F3:85:D7:A6:64:FE:45
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/I19Hbh49tBdBYqRQavOF16Zk_kU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.18.48.0/24
178.219.6.0/24
178.253.224.0/24
185.47.91.0/24
188.255.198.0/24
212.69.8.0/24
212.69.11.0/24
Signature Algorithm: sha256WithRSAEncryption
00:b6:96:44:c5:fc:ce:c7:34:1a:06:6a:25:f4:52:43:29:ec:
74:53:6f:92:d2:e6:8e:34:89:c9:c1:5c:da:90:ef:bc:ba:f7:
14:a7:c8:7a:56:a3:61:17:d1:11:ed:d3:10:a0:ad:77:0a:ec:
94:69:3e:c5:f9:63:84:92:32:33:a3:71:a6:25:40:e0:cb:3e:
51:51:23:81:c4:49:3d:75:96:b3:b6:64:56:77:70:1d:1d:c3:
86:19:24:98:5d:ea:11:87:7f:2c:77:07:ae:57:53:3c:25:9a:
de:0e:64:e9:34:87:eb:6c:3c:f7:25:44:f3:35:eb:4f:46:fc:
65:64:9c:cb:51:5d:69:bd:84:d6:09:87:8d:c6:6b:63:cb:7e:
6e:eb:e4:ac:3a:4c:d9:2f:66:b3:96:48:4f:13:f1:44:75:54:
c1:f6:a9:21:bf:66:10:0d:d8:a6:32:75:01:ba:28:a5:d1:45:
65:fc:b5:f5:73:14:e5:f6:17:83:46:89:48:62:fd:c0:84:0e:
b0:90:bd:ae:a8:de:f0:8d:8f:64:02:e5:1c:11:2f:63:6c:99:
ec:ce:a3:8d:da:19:c3:f3:26:6c:6e:01:07:46:27:a6:eb:0f:
51:5b:8e:5a:ab:a3:b3:ea:b2:e7:6c:bf:9a:8c:7a:6d:a9:c1:
70:6e:9b:9d
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZ4lEMbPlPLQ0cP8w0IoSbc5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjYwNTE0MDU1ODM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzVmNDc2ZTFlM2RiNDE3NDE2MmE0NTA2YWYzODVkN2E2NjRmZTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+y/a60IwkBhHFInXlR9qVnm1QCwp
vuLq6lOPbvm7lR1q07gJD3Kfl5YP6b+PfjgtizbVJ+i5asAZksY6X0M6Ko4n7X6w
xKoPDfFnb54MOZOsSfgEofK0+2lwCbspkxGFUZXdodhEo9xfSvHzBVBWLBjWYriG
BnBMtsCzMxjN7eWNFalp2QXBMa6FmgpQnp8/s8oLV4wyYexGsiujvUyUkRhli7Iw
+6jbjQVEfbSWetWMGZE1kJDIsAwB/AJjKbib3SylL0rA3waXa/Lbzgf/uQPekF2E
DGXSgZ96o/bdUbdk6mR7l+rEt/eFxPM6h2QVeAVMGCh1h67hNv64d2Fd8QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFCNfR24ePbQXQWKkUGrzhdemZP5FMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvSTE5SGJoNDl0QmRCWXFSUWF2T0YxNlprX2tVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAURIwAwQA
stsGAwQAsv3gAwQAuS9bAwQAvP/GAwQA1EUIAwQA1EULMA0GCSqGSIb3DQEBCwUA
A4IBAQAAtpZExfzOxzQaBmol9FJDKex0U2+S0uaONInJwVzakO+8uvcUp8h6VqNh
F9ER7dMQoK13CuyUaT7F+WOEkjIzo3GmJUDgyz5RUSOBxEk9dZaztmRWd3AdHcOG
GSSYXeoRh38sdweuV1M8JZreDmTpNIfrbDz3JUTzNetPRvxlZJzLUV1pvYTWCYeN
xmtjy35u6+SsOkzZL2azlkhPE/FEdVTB9qkhv2YQDdimMnUBuiil0UVl/LX1cxTl
9heDRolIYv3AhA6wkL2uqN7wjY9kAuUcES9jbJnszqON2hnD8yZsbgEHRiem6w9R
W45aq6Oz6rLnbL+ajHptqcFwbpud
-----END CERTIFICATE-----
Generated at Fri May 15 08:18:03 2026 by rpki-client