Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/AeM0LgmUoYEmGTstSzlTFiuQh7I.roa
File: AeM0LgmUoYEmGTstSzlTFiuQh7I.roa (raw, json)
Hash identifier: GHOcdJvv0D+dMX+c6hQ0OGqScEH+l0F4+0w7aafLqMg=
Subject key identifier: 01:E3:34:2E:09:94:A1:81:26:19:3B:2D:4B:39:53:16:2B:90:87:B2
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 019ED08067B1188F9FA2349C0D286BF3B275
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/AeM0LgmUoYEmGTstSzlTFiuQh7I.roa
Signing time: Tue 16 Jun 2026 12:55:36 +0000
ROA not before: Tue 16 Jun 2026 12:55:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 109.111.34.0/23 maxlen: 24
109.111.48.0/20 maxlen: 20
109.111.54.0/23 maxlen: 24
109.111.56.0/22 maxlen: 24
185.65.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.mft
rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Jun 2026 02:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:d0:80:67:b1:18:8f:9f:a2:34:9c:0d:28:6b:f3:b2:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Jun 16 12:55:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=01e3342e0994a18126193b2d4b3953162b9087b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:30:bc:e3:3f:d4:cd:3f:44:05:a6:18:d8:c5:
e1:3f:6f:63:d6:39:1e:58:5a:ba:db:02:be:ab:ab:
56:81:c8:19:22:2e:ae:7a:6d:af:94:62:eb:5b:15:
d3:79:b3:6b:2b:36:fe:ab:2b:fd:22:c6:76:a1:70:
f5:b8:e6:c8:c0:59:9d:a0:e9:dd:06:6c:0a:38:1c:
3b:03:41:f1:9c:fe:1f:8c:11:df:03:a2:4f:12:c2:
93:e0:e5:c1:d2:27:4d:95:a0:e9:9b:3e:1a:65:94:
96:b2:61:1a:d9:54:6b:41:47:88:15:8a:09:4e:5a:
80:52:cb:a7:ce:1a:79:11:3b:b2:f3:69:3b:d4:09:
42:29:e9:2c:77:41:ab:00:cf:4a:1c:11:9a:7d:8a:
ff:b7:86:98:f4:dd:1c:87:3a:e9:5a:d3:ae:ad:b9:
a9:14:06:37:fa:89:3b:01:1c:6c:35:20:3f:e1:53:
1f:1c:0a:7f:76:3c:16:6c:4f:f7:99:eb:b5:8f:bb:
f7:a9:5b:f4:2b:16:ef:7b:b9:fb:3e:8c:9f:4c:23:
37:2e:00:5f:f4:27:fb:fe:1d:9e:a6:be:49:9e:81:
ea:a3:40:57:6a:91:7c:b3:80:28:11:d4:01:36:8d:
15:e6:2c:62:8e:ce:58:80:33:f8:47:e2:6b:68:7d:
ee:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:E3:34:2E:09:94:A1:81:26:19:3B:2D:4B:39:53:16:2B:90:87:B2
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/AeM0LgmUoYEmGTstSzlTFiuQh7I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.111.34.0/23
109.111.48.0/20
185.65.63.0/24
Signature Algorithm: sha256WithRSAEncryption
20:70:bc:60:60:31:bf:9b:92:6b:6b:f1:21:74:01:82:19:13:
8f:c7:9a:f8:de:1b:aa:8a:0e:ac:4c:4a:1c:b9:53:21:16:ff:
e8:4f:9a:6a:8f:d0:38:cc:c8:68:99:68:03:63:5a:ef:a4:41:
7f:93:ec:c4:97:50:a4:79:d7:72:55:ba:49:2e:6a:df:d2:91:
4d:9d:7f:9f:da:38:c0:08:a6:72:13:19:f1:5b:7f:7f:fe:cd:
03:58:e7:d2:4f:9b:ee:86:76:bf:a3:c7:59:50:a8:92:f2:e7:
bc:2c:92:cf:46:8d:83:7e:29:8c:0c:c1:b2:64:9f:45:99:65:
cb:17:bf:d2:49:00:74:d8:d0:37:f6:e7:90:ed:4c:d3:4b:21:
d7:e6:74:72:e5:ef:5b:21:83:48:8e:76:2c:10:9d:1c:24:3c:
cc:70:7a:59:b8:e6:57:70:5e:52:10:67:f4:a0:3d:ba:62:f6:
43:9a:f4:40:dd:51:9b:c8:eb:19:19:f6:22:d4:39:01:20:53:
57:3c:47:64:bb:47:81:ca:b6:d2:8b:6e:dc:0e:58:a5:ea:8b:
15:8a:19:e2:43:44:d1:fc:7e:0a:d6:de:5a:95:f0:23:24:3e:
b9:55:df:ee:71:d9:25:51:c1:08:fb:61:b1:10:e8:df:dc:83:
6e:25:08:07
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZ7QgGexGI+fojScDShr87J1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjYwNjE2MTI1NTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWUzMzQyZTA5OTRhMTgxMjYxOTNiMmQ0YjM5NTMxNjJiOTA4N2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzC84z/UzT9EBaYY2MXhP29j1jke
WFq62wK+q6tWgcgZIi6uem2vlGLrWxXTebNrKzb+qyv9IsZ2oXD1uObIwFmdoOnd
BmwKOBw7A0HxnP4fjBHfA6JPEsKT4OXB0idNlaDpmz4aZZSWsmEa2VRrQUeIFYoJ
TlqAUsunzhp5ETuy82k71AlCKeksd0GrAM9KHBGafYr/t4aY9N0chzrpWtOurbmp
FAY3+ok7ARxsNSA/4VMfHAp/djwWbE/3meu1j7v3qVv0Kxbve7n7PoyfTCM3LgBf
9Cf7/h2epr5JnoHqo0BXapF8s4AoEdQBNo0V5ixijs5YgDP4R+JraH3uKQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAHjNC4JlKGBJhk7LUs5UxYrkIeyMB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvQWVNMExnbVVvWUVtR1RzdFN6bFRGaXVRaDdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBbW8iAwQE
bW8wAwQAuUE/MA0GCSqGSIb3DQEBCwUAA4IBAQAgcLxgYDG/m5Jra/EhdAGCGROP
x5r43huqig6sTEocuVMhFv/oT5pqj9A4zMhomWgDY1rvpEF/k+zEl1CkeddyVbpJ
Lmrf0pFNnX+f2jjACKZyExnxW39//s0DWOfST5vuhna/o8dZUKiS8ue8LJLPRo2D
fimMDMGyZJ9FmWXLF7/SSQB02NA39ueQ7UzTSyHX5nRy5e9bIYNIjnYsEJ0cJDzM
cHpZuOZXcF5SEGf0oD26YvZDmvRA3VGbyOsZGfYi1DkBIFNXPEdku0eByrbSi27c
Dlil6osVihniQ0TR/H4K1t5alfAjJD65Vd/ucdklUcEI+2GxEOjf3INuJQgH
-----END CERTIFICATE-----
Generated at Mon Jun 29 09:59:53 2026 by rpki-client