Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/4fA4aGdtqTA9TqlTwECf-vE_96w.roa
File: 4fA4aGdtqTA9TqlTwECf-vE_96w.roa (raw, json)
Hash identifier: hECSJPtMUEDPkTJIfnux+BM/fONbP6FDLt7anI4npac=
Subject key identifier: E1:F0:38:68:67:6D:A9:30:3D:4E:A9:53:C0:40:9F:FA:F1:3F:F7:AC
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 019E5F47BAAC42E573EFD5AA9802FC4CF66B
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/4fA4aGdtqTA9TqlTwECf-vE_96w.roa
Signing time: Mon 25 May 2026 13:16:36 +0000
ROA not before: Mon 25 May 2026 13:16:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 9304
IP address blocks: 109.111.34.0/23 maxlen: 24
109.111.40.0/23 maxlen: 24
109.111.48.0/22 maxlen: 24
109.111.54.0/23 maxlen: 24
109.111.56.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.mft
rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 13:01:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:5f:47:ba:ac:42:e5:73:ef:d5:aa:98:02:fc:4c:f6:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: May 25 13:16:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e1f03868676da9303d4ea953c0409ffaf13ff7ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:6a:4d:1c:ec:14:83:fd:d5:bc:a4:c1:ea:65:
34:f8:98:26:e4:f9:21:5c:d2:80:4e:15:c8:17:8d:
30:6a:41:55:5a:4a:a1:ae:f8:ca:82:79:ec:bc:03:
51:af:0d:1a:f7:7b:78:f0:04:24:4a:d1:21:45:ea:
ac:99:6e:25:37:0e:61:e2:7d:b2:53:9e:cc:9b:6a:
7d:e1:d0:f9:a7:a6:d5:16:7c:8f:8f:61:94:f9:d7:
f3:d4:f8:d5:0d:f9:0e:2e:16:8f:57:d5:51:e9:d5:
a6:e8:30:ba:9f:7b:a5:5d:61:fe:52:d2:52:fa:6a:
cf:84:4e:da:d5:f4:bd:4d:77:dd:bc:75:c6:d7:e7:
50:47:1a:b0:a8:6a:5d:e4:04:b1:ed:77:32:44:93:
46:28:67:1a:de:61:54:7d:4f:bf:3a:fa:c5:d5:04:
df:3c:0e:8c:ed:79:3d:ee:18:f1:3e:a9:ff:cf:3a:
16:1d:6c:ea:c3:29:2e:9a:ce:9f:ab:f9:14:75:84:
40:c8:00:13:f8:b8:10:9b:a7:3f:fa:05:b5:31:07:
fa:37:d5:8d:6b:57:41:e8:60:f3:9d:29:50:b2:20:
65:3e:b0:0f:4a:17:f7:98:c7:53:7e:af:0d:4c:21:
91:f5:98:32:25:4a:f4:9c:c7:a0:16:ef:43:81:38:
81:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:F0:38:68:67:6D:A9:30:3D:4E:A9:53:C0:40:9F:FA:F1:3F:F7:AC
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/4fA4aGdtqTA9TqlTwECf-vE_96w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.111.34.0/23
109.111.40.0/23
109.111.48.0/22
109.111.54.0-109.111.59.255
Signature Algorithm: sha256WithRSAEncryption
6f:a6:6d:50:8d:41:79:15:fb:ba:e2:bf:8a:e6:de:8a:21:f8:
bd:05:85:19:8d:64:84:bf:22:38:6d:02:39:97:3f:50:3d:54:
b6:e2:da:68:13:6b:1b:fa:69:0a:df:d0:ba:a3:a0:db:73:03:
80:47:c7:94:19:d0:3e:52:ef:3c:23:4c:09:30:b3:42:04:e0:
9d:3b:c9:8c:f4:1c:77:91:e0:32:11:cd:17:0b:b4:35:d1:dd:
34:b1:a2:60:7a:48:cc:24:8d:77:8e:77:23:88:38:2a:c4:95:
ca:61:8f:e2:96:66:63:e4:31:0b:fd:6a:be:21:c9:7a:64:af:
39:da:d8:f0:38:85:c7:9a:22:a2:4f:8f:2a:01:ff:81:5a:e7:
0a:29:82:f3:92:03:9c:42:ed:d0:1f:51:78:48:47:ad:e5:88:
c1:52:92:6a:99:b1:8d:11:69:8b:4e:1c:0f:29:aa:e5:20:d8:
c5:01:04:9e:d8:f7:a9:50:22:ef:85:85:ff:f8:89:bc:0e:93:
ec:f9:12:e9:66:3c:6f:c1:97:5f:86:a7:5a:53:30:c9:31:99:
c1:f4:cb:d4:23:1c:ed:97:7c:0c:15:34:6f:e7:80:91:81:c9:
86:9b:b9:ba:de:ef:1c:bd:51:29:28:79:b0:fd:2c:af:a7:f7:
65:1d:24:39
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZ5fR7qsQuVz79WqmAL8TPZrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjYwNTI1MTMxNjM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWYwMzg2ODY3NmRhOTMwM2Q0ZWE5NTNjMDQwOWZmYWYxM2ZmN2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq2pNHOwUg/3VvKTB6mU0+Jgm5Pkh
XNKAThXIF40wakFVWkqhrvjKgnnsvANRrw0a93t48AQkStEhReqsmW4lNw5h4n2y
U57Mm2p94dD5p6bVFnyPj2GU+dfz1PjVDfkOLhaPV9VR6dWm6DC6n3ulXWH+UtJS
+mrPhE7a1fS9TXfdvHXG1+dQRxqwqGpd5ASx7XcyRJNGKGca3mFUfU+/OvrF1QTf
PA6M7Xk97hjxPqn/zzoWHWzqwykums6fq/kUdYRAyAAT+LgQm6c/+gW1MQf6N9WN
a1dB6GDznSlQsiBlPrAPShf3mMdTfq8NTCGR9ZgyJUr0nMegFu9DgTiBUQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFOHwOGhnbakwPU6pU8BAn/rxP/esMB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvNGZBNGFHZHRxVEE5VHFsVHdFQ2YtdkVfOTZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBbW8iAwQB
bW8oAwQCbW8wMAwDBAFtbzYDBAJtbzgwDQYJKoZIhvcNAQELBQADggEBAG+mbVCN
QXkV+7riv4rm3ooh+L0FhRmNZIS/IjhtAjmXP1A9VLbi2mgTaxv6aQrf0LqjoNtz
A4BHx5QZ0D5S7zwjTAkws0IE4J07yYz0HHeR4DIRzRcLtDXR3TSxomB6SMwkjXeO
dyOIOCrElcphj+KWZmPkMQv9ar4hyXpkrzna2PA4hceaIqJPjyoB/4Fa5wopgvOS
A5xC7dAfUXhIR63liMFSkmqZsY0RaYtOHA8pquUg2MUBBJ7Y96lQIu+Fhf/4ibwO
k+z5EulmPG/Bl1+Gp1pTMMkxmcH0y9QjHO2XfAwVNG/ngJGByYabubre7xy9USko
ebD9LK+n92UdJDk=
-----END CERTIFICATE-----
Generated at Tue Jun 2 20:50:32 2026 by rpki-client