Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/z27O-M4IY8OdiOaiH806HgPpN74.roa
File: z27O-M4IY8OdiOaiH806HgPpN74.roa (raw, json)
Hash identifier: 6QdxbesYALXBei2YByNZ0g63r2Gn1xNz1+aqxPtSrio=
Subject key identifier: CF:6E:CE:F8:CE:08:63:C3:9D:88:E6:A2:1F:CD:3A:1E:03:E9:37:BE
Certificate issuer: /CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce
Certificate serial: 019DABFC877F1F598D233085E23F5EAEDDB6
Authority key identifier: 2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/z27O-M4IY8OdiOaiH806HgPpN74.roa
Signing time: Mon 20 Apr 2026 17:42:26 +0000
ROA not before: Mon 20 Apr 2026 17:42:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 214833
IP address blocks: 91.192.93.0/24 maxlen: 24
138.249.17.0/24 maxlen: 24
170.168.20.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.mft
rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 May 2026 18:48:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:ab:fc:87:7f:1f:59:8d:23:30:85:e2:3f:5e:ae:dd:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce
Validity
Not Before: Apr 20 17:42:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=cf6ecef8ce0863c39d88e6a21fcd3a1e03e937be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:1c:f2:95:03:0d:07:65:6b:9e:0a:87:ed:8b:
48:db:1b:40:01:6a:bb:f4:b4:2f:b2:e3:10:b2:23:
7b:13:06:3b:e7:a5:fb:74:31:f5:f3:25:9b:76:8d:
98:e3:2a:ad:1d:74:76:69:14:fc:bc:61:4c:a8:8d:
87:e0:ec:3d:a9:8f:eb:e3:10:7c:2c:a6:0d:57:fe:
cf:6a:90:28:15:dd:2f:11:42:a8:fb:0f:52:d6:f2:
84:1d:f8:fb:a0:64:a4:15:df:9c:24:4e:81:f5:06:
9f:5d:eb:60:8d:2e:4b:1c:a4:d7:bc:dc:ed:1c:77:
80:75:13:d2:33:30:23:e6:a9:89:ab:f4:82:44:ff:
6a:d6:0f:3d:39:57:87:b1:63:25:25:7d:d3:04:bc:
11:ab:55:d9:8d:82:2f:00:69:d1:b1:72:a9:e8:1e:
a1:9b:5a:12:37:80:56:00:ce:77:46:81:dd:05:1d:
60:45:eb:1e:99:2f:6a:22:bb:d7:9c:79:5c:90:85:
b9:5f:73:e9:c5:ea:1a:19:ba:9f:65:55:74:4c:6d:
a4:cc:a1:28:9b:69:56:f0:62:51:b4:2c:c6:ac:65:
ee:55:60:6b:34:23:ad:f7:8b:d2:d9:7b:5d:58:c9:
7b:eb:af:db:32:7c:98:20:22:00:42:d5:b9:cd:ec:
d5:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:6E:CE:F8:CE:08:63:C3:9D:88:E6:A2:1F:CD:3A:1E:03:E9:37:BE
X509v3 Authority Key Identifier:
keyid:2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/z27O-M4IY8OdiOaiH806HgPpN74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.192.93.0/24
138.249.17.0/24
170.168.20.0/24
Signature Algorithm: sha256WithRSAEncryption
36:a1:c3:0d:5b:f6:4a:9d:28:53:73:99:b9:38:bb:0a:6e:1d:
ca:f6:13:e0:d9:05:ef:c2:9f:4b:4f:3f:bf:2b:2c:58:8b:b5:
70:b1:75:9b:46:23:e1:aa:9c:82:12:27:2c:ea:fe:d8:7d:8f:
40:6d:ce:f5:05:62:f5:d2:bc:93:3c:3d:59:13:87:26:b3:93:
43:7e:4b:5e:a2:2a:66:eb:16:5e:f1:c0:d1:51:df:04:c8:3c:
29:43:e7:08:98:0a:0f:5e:12:1b:1b:28:b2:e7:9c:2f:31:3c:
e6:4f:38:e9:18:cf:89:f6:83:58:d9:9c:d0:aa:1f:c5:e0:50:
67:43:88:4e:7b:7b:81:26:44:98:52:c2:ad:32:d4:90:d6:06:
23:20:05:17:4e:4f:62:be:16:2c:75:71:42:e1:6d:b5:8d:7b:
39:92:d9:dc:03:78:1e:8d:bc:41:9f:d7:00:68:aa:c0:2a:68:
8c:d2:ea:0f:05:85:8f:0b:57:8b:c6:04:6d:c0:9a:65:73:ba:
da:f2:00:32:16:8c:d6:d6:b5:99:1f:a6:02:ee:b3:66:8d:b0:
da:04:5b:b3:47:ae:c0:f2:ac:de:08:84:45:e3:a6:42:e3:f5:
6c:5f:e3:39:3f:f5:35:8d:c7:b1:9b:ec:a1:56:a0:9c:c5:31:
66:d0:8c:b1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZ2r/Id/H1mNIzCF4j9ert22MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNmE4NmU2MmYwY2U5OGUwMmU5ODA4NjlmZjQ0MTRlZTJh
MGYwY2UwHhcNMjYwNDIwMTc0MjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjZlY2VmOGNlMDg2M2MzOWQ4OGU2YTIxZmNkM2ExZTAzZTkzN2JlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvBzylQMNB2VrngqH7YtI2xtAAWq7
9LQvsuMQsiN7EwY756X7dDH18yWbdo2Y4yqtHXR2aRT8vGFMqI2H4Ow9qY/r4xB8
LKYNV/7PapAoFd0vEUKo+w9S1vKEHfj7oGSkFd+cJE6B9QafXetgjS5LHKTXvNzt
HHeAdRPSMzAj5qmJq/SCRP9q1g89OVeHsWMlJX3TBLwRq1XZjYIvAGnRsXKp6B6h
m1oSN4BWAM53RoHdBR1gResemS9qIrvXnHlckIW5X3PpxeoaGbqfZVV0TG2kzKEo
m2lW8GJRtCzGrGXuVWBrNCOt94vS2XtdWMl766/bMnyYICIAQtW5zezVgwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFM9uzvjOCGPDnYjmoh/NOh4D6Te+MB8GA1UdIwQY
MBaAFC5qhuYvDOmOAumAhp/0QU7ioPDOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2Et
YTY2N2JiNzY1MDYwLzEvejI3Ty1NNElZOE9kaU9haUg4MDZIZ1BwTjc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2EtYTY2N2JiNzY1MDYw
LzEvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW8BdAwQA
ivkRAwQAqqgUMA0GCSqGSIb3DQEBCwUAA4IBAQA2ocMNW/ZKnShTc5m5OLsKbh3K
9hPg2QXvwp9LTz+/KyxYi7VwsXWbRiPhqpyCEics6v7YfY9Abc71BWL10ryTPD1Z
E4cms5NDfkteoipm6xZe8cDRUd8EyDwpQ+cImAoPXhIbGyiy55wvMTzmTzjpGM+J
9oNY2ZzQqh/F4FBnQ4hOe3uBJkSYUsKtMtSQ1gYjIAUXTk9ivhYsdXFC4W21jXs5
ktncA3gejbxBn9cAaKrAKmiM0uoPBYWPC1eLxgRtwJplc7ra8gAyFozW1rWZH6YC
7rNmjbDaBFuzR67A8qzeCIRF46ZC4/VsX+M5P/U1jcexm+yhVqCcxTFm0Iyx
-----END CERTIFICATE-----
Generated at Wed May 6 04:15:05 2026 by rpki-client