Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/Y2DL0trssrIsEB-UYHjIB6x3XYQ.roa
File: Y2DL0trssrIsEB-UYHjIB6x3XYQ.roa (raw, json)
Hash identifier: nC0vMY6z/CuXTWjNENp/W7E2NJntE8wqo1tH2jZ81hQ=
Subject key identifier: 63:60:CB:D2:DA:EC:B2:B2:2C:10:1F:94:60:78:C8:07:AC:77:5D:84
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 019E7F91E24BBC05C15863467A2F85A0F1B7
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/Y2DL0trssrIsEB-UYHjIB6x3XYQ.roa
Signing time: Sun 31 May 2026 19:45:27 +0000
ROA not before: Sun 31 May 2026 19:45:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 7488
IP address blocks: 178.253.221.0/24 maxlen: 24
178.253.252.0/24 maxlen: 24
188.255.156.0/24 maxlen: 24
188.255.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.mft
rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:7f:91:e2:4b:bc:05:c1:58:63:46:7a:2f:85:a0:f1:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: May 31 19:45:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6360cbd2daecb2b22c101f946078c807ac775d84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:26:db:0c:ed:c2:cf:84:ce:26:27:26:4a:da:
c4:71:66:b8:3e:1d:e5:49:6d:cf:3e:09:0f:0d:ce:
a7:86:86:dd:9f:c3:1b:8c:5c:4b:53:d2:55:a1:6f:
73:7a:6d:47:4e:cb:b0:30:df:d7:6d:0f:7c:ac:0f:
9b:f1:f0:7d:ea:5a:e7:72:6f:96:7c:82:4c:85:a1:
49:d9:fa:c8:2f:ef:b4:5c:50:64:51:ec:68:05:f2:
9c:ee:74:f2:82:d3:91:0f:6b:5d:40:8a:c8:5f:7e:
04:ad:83:3d:0f:9c:e7:81:16:a3:44:58:5c:53:17:
a4:ce:7c:f7:9a:cf:65:eb:0f:c9:c8:b1:18:29:56:
9d:85:97:37:ad:07:6e:d9:bb:a5:bf:94:f3:f8:48:
76:2a:7e:f8:e1:08:71:85:28:7a:90:f0:d9:2c:75:
51:7a:fd:8b:06:cf:14:8d:a5:a9:d3:09:d8:b7:40:
34:fe:63:4a:e3:cf:ca:39:cb:19:9f:4c:db:a8:d4:
aa:b3:68:7a:bb:1d:3e:a7:ff:a8:1e:4b:eb:e5:40:
59:0f:63:ad:86:21:46:c9:0d:74:87:8f:78:19:85:
a7:95:ea:2e:dc:29:21:99:bd:4e:de:00:8a:41:94:
b2:4f:9a:f8:a9:13:15:f9:2f:87:0c:13:22:13:86:
20:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:60:CB:D2:DA:EC:B2:B2:2C:10:1F:94:60:78:C8:07:AC:77:5D:84
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/Y2DL0trssrIsEB-UYHjIB6x3XYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.253.221.0/24
178.253.252.0/24
188.255.156.0/23
Signature Algorithm: sha256WithRSAEncryption
40:cc:bd:b1:6c:cf:42:5b:e5:16:5d:2c:15:6a:51:3f:12:d7:
28:68:26:23:b3:8d:7c:ec:d5:09:a0:2e:a4:f0:32:3f:20:f7:
f2:f0:ff:b6:f6:e9:1e:f9:6c:ad:36:77:56:0b:52:39:c3:26:
4f:d6:78:8e:00:fe:83:81:38:53:ba:28:cc:97:94:14:63:b0:
4e:3d:05:a8:77:29:9b:89:75:16:ba:65:67:e6:38:2f:08:4c:
6e:9d:25:d8:18:80:af:05:d6:07:30:86:e7:40:11:bd:cc:f4:
88:e7:e2:13:dd:63:b2:e1:a7:27:38:d1:00:d9:69:16:f7:ef:
6b:05:90:14:52:53:50:ad:e0:39:e2:92:1a:2c:fc:2d:ab:c8:
61:d2:0e:3e:a8:c0:a5:24:9f:7c:67:16:4c:7c:24:73:27:9b:
2a:68:ab:1f:b7:fa:dd:1e:de:e4:49:87:54:19:d3:60:d7:ea:
f0:cb:37:b2:0d:1c:9f:4d:43:7c:6f:8f:40:66:5b:88:93:b2:
15:45:b4:05:df:2e:da:93:1a:06:a7:d4:b0:db:4d:e7:12:ae:
4b:98:42:65:31:a7:bc:e7:af:fc:48:83:72:4d:7f:93:87:47:
dc:9d:25:ef:50:84:cc:fe:0e:ad:b7:cd:19:b6:19:fb:65:ef:
6e:8a:31:01
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZ5/keJLvAXBWGNGei+FoPG3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjYwNTMxMTk0NTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzYwY2JkMmRhZWNiMmIyMmMxMDFmOTQ2MDc4YzgwN2FjNzc1ZDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCbbDO3Cz4TOJicmStrEcWa4Ph3l
SW3PPgkPDc6nhobdn8MbjFxLU9JVoW9zem1HTsuwMN/XbQ98rA+b8fB96lrncm+W
fIJMhaFJ2frIL++0XFBkUexoBfKc7nTygtORD2tdQIrIX34ErYM9D5zngRajRFhc
Uxekznz3ms9l6w/JyLEYKVadhZc3rQdu2bulv5Tz+Eh2Kn744QhxhSh6kPDZLHVR
ev2LBs8UjaWp0wnYt0A0/mNK48/KOcsZn0zbqNSqs2h6ux0+p/+oHkvr5UBZD2Ot
hiFGyQ10h494GYWnleou3Ckhmb1O3gCKQZSyT5r4qRMV+S+HDBMiE4YgWwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGNgy9La7LKyLBAflGB4yAesd12EMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvWTJETDB0cnNzcklzRUItVVlIaklCNngzWFlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAsv3dAwQA
sv38AwQBvP+cMA0GCSqGSIb3DQEBCwUAA4IBAQBAzL2xbM9CW+UWXSwValE/Etco
aCYjs4187NUJoC6k8DI/IPfy8P+29uke+WytNndWC1I5wyZP1niOAP6DgThTuijM
l5QUY7BOPQWodymbiXUWumVn5jgvCExunSXYGICvBdYHMIbnQBG9zPSI5+IT3WOy
4acnONEA2WkW9+9rBZAUUlNQreA54pIaLPwtq8hh0g4+qMClJJ98ZxZMfCRzJ5sq
aKsft/rdHt7kSYdUGdNg1+rwyzeyDRyfTUN8b49AZluIk7IVRbQF3y7akxoGp9Sw
203nEq5LmEJlMae856/8SINyTX+Th0fcnSXvUITM/g6tt80Zthn7Ze9uijEB
-----END CERTIFICATE-----
Generated at Thu Jun 4 05:17:04 2026 by rpki-client