Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/D_xaI01MDmBdelufOLeYytzRk3E.roa
File: D_xaI01MDmBdelufOLeYytzRk3E.roa (raw, json)
Hash identifier: MOpO0TqMrvvHHIRe1cir6J0aMXLskXmTMHZYu0QSv9s=
Subject key identifier: 0F:FC:5A:23:4D:4C:0E:60:5D:7A:5B:9F:38:B7:98:CA:DC:D1:93:71
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 019E41B1937405228BEEC42DC40FCB39ADC6
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/D_xaI01MDmBdelufOLeYytzRk3E.roa
Signing time: Tue 19 May 2026 19:23:37 +0000
ROA not before: Tue 19 May 2026 19:23:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 206077
IP address blocks: 217.26.188.0/22 maxlen: 22
217.26.188.0/23 maxlen: 23
217.26.188.0/24 maxlen: 24
217.26.189.0/24 maxlen: 24
217.76.252.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.mft
rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 00:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:41:b1:93:74:05:22:8b:ee:c4:2d:c4:0f:cb:39:ad:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: May 19 19:23:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0ffc5a234d4c0e605d7a5b9f38b798cadcd19371
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:fd:e4:26:44:5a:df:27:cb:b1:56:d4:aa:b0:
dc:56:a8:40:07:2c:f4:a3:10:a5:a3:b8:c8:c1:02:
64:2e:15:7a:40:dd:e7:23:e9:01:33:65:db:81:03:
59:15:29:2f:29:7a:6d:88:f5:20:8e:0a:f2:15:fd:
97:54:c2:ba:46:75:8f:b2:1e:30:a0:f4:49:71:68:
33:d5:19:88:8e:00:3b:f2:32:33:50:d6:ee:69:ec:
44:ac:0c:60:4c:d7:cc:f6:d5:95:03:4a:50:6b:e7:
61:8a:8a:aa:7f:f5:79:6d:72:39:c4:e6:c8:e7:f2:
27:62:0a:a3:92:98:5a:4e:d8:8d:88:96:d7:8f:b0:
b6:d1:87:da:f9:d4:78:73:9c:9b:1f:f9:1d:62:6b:
26:7e:a6:24:8a:29:80:35:0f:3f:80:46:85:18:5a:
8d:1c:f1:96:54:15:52:23:a0:18:79:ba:dd:4c:4f:
4d:20:de:cc:7a:c3:f6:93:3a:b0:8c:53:c5:12:be:
15:12:d3:85:74:2f:f0:dd:8a:66:28:a7:92:46:4c:
b2:9a:94:b1:09:67:bf:e3:dc:fd:69:22:0a:c4:88:
4d:1d:55:3c:77:f5:73:96:b8:ca:7f:13:ff:92:1f:
dd:22:ee:b7:b6:7d:c8:e4:31:ef:91:e9:f0:9d:37:
e8:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:FC:5A:23:4D:4C:0E:60:5D:7A:5B:9F:38:B7:98:CA:DC:D1:93:71
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/D_xaI01MDmBdelufOLeYytzRk3E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.26.188.0/22
217.76.252.0/24
Signature Algorithm: sha256WithRSAEncryption
71:4d:cf:c8:c8:a3:ed:24:79:f9:d8:d6:26:52:80:d2:92:db:
31:cc:c3:a3:d6:20:78:0b:79:7d:63:59:03:d4:ba:a6:6d:9f:
ae:d7:fb:4f:00:19:e7:41:f1:c5:26:8f:e2:83:c7:14:76:52:
4a:78:f9:d9:ca:ed:8e:5a:81:a5:05:b5:50:35:35:af:a3:3a:
40:0b:1f:8c:ea:6b:f3:3e:c1:f1:7a:c9:be:de:f4:65:33:77:
16:c3:5d:4f:ec:89:ce:63:81:79:11:6a:34:1d:98:30:71:e3:
62:e1:a6:c6:a0:26:7b:89:33:84:16:26:76:65:a0:ee:9a:ae:
8e:95:9e:2d:99:71:26:ae:5b:fb:bd:ba:32:62:ae:63:5b:55:
ae:8c:b4:fa:cd:f7:47:b7:96:81:59:4d:b4:26:7a:3d:46:73:
c3:9a:90:cd:36:15:30:1e:18:b8:0a:5f:3a:0e:da:0b:48:73:
33:ac:02:a3:c8:3b:5a:1a:19:5c:7a:c7:c2:b6:db:d5:8d:af:
c5:74:bf:51:d9:fd:a6:76:ab:b4:ba:e9:fa:aa:dd:7c:8a:0e:
99:9a:4c:f7:04:59:0e:39:4e:45:2f:69:67:1e:04:ed:5a:2d:
0f:f8:8d:cc:a0:7b:e6:c2:03:2f:03:96:07:9c:ea:8b:8b:a1:
99:bb:71:b0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ5BsZN0BSKL7sQtxA/LOa3GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjYwNTE5MTkyMzM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmZjNWEyMzRkNGMwZTYwNWQ3YTViOWYzOGI3OThjYWRjZDE5MzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAof3kJkRa3yfLsVbUqrDcVqhAByz0
oxClo7jIwQJkLhV6QN3nI+kBM2XbgQNZFSkvKXptiPUgjgryFf2XVMK6RnWPsh4w
oPRJcWgz1RmIjgA78jIzUNbuaexErAxgTNfM9tWVA0pQa+dhioqqf/V5bXI5xObI
5/InYgqjkphaTtiNiJbXj7C20Yfa+dR4c5ybH/kdYmsmfqYkiimANQ8/gEaFGFqN
HPGWVBVSI6AYebrdTE9NIN7MesP2kzqwjFPFEr4VEtOFdC/w3YpmKKeSRkyympSx
CWe/49z9aSIKxIhNHVU8d/VzlrjKfxP/kh/dIu63tn3I5DHvkenwnTfoWQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFA/8WiNNTA5gXXpbnzi3mMrc0ZNxMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvRF94YUkwMU1EbUJkZWx1Zk9MZVl5dHpSazNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQC2Rq8AwQA
2Uz8MA0GCSqGSIb3DQEBCwUAA4IBAQBxTc/IyKPtJHn52NYmUoDSktsxzMOj1iB4
C3l9Y1kD1LqmbZ+u1/tPABnnQfHFJo/ig8cUdlJKePnZyu2OWoGlBbVQNTWvozpA
Cx+M6mvzPsHxesm+3vRlM3cWw11P7InOY4F5EWo0HZgwceNi4abGoCZ7iTOEFiZ2
ZaDumq6OlZ4tmXEmrlv7vboyYq5jW1WujLT6zfdHt5aBWU20Jno9RnPDmpDNNhUw
Hhi4Cl86DtoLSHMzrAKjyDtaGhlcesfCttvVja/FdL9R2f2mdqu0uun6qt18ig6Z
mkz3BFkOOU5FL2lnHgTtWi0P+I3MoHvmwgMvA5YHnOqLi6GZu3Gw
-----END CERTIFICATE-----
Generated at Thu Jun 11 09:44:10 2026 by rpki-client