Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/1dR-ZLS5O_Gfi9apTRDO4-ZlPfc.roa
File: 1dR-ZLS5O_Gfi9apTRDO4-ZlPfc.roa (raw, json)
Hash identifier: Dc9RvzdQRTW6NH9SOIE6e7U6E6p9tYKfbASIOPtfSYI=
Subject key identifier: D5:D4:7E:64:B4:B9:3B:F1:9F:8B:D6:A9:4D:10:CE:E3:E6:65:3D:F7
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 019E86886A112293D3307B86F999B3C17E6F
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/1dR-ZLS5O_Gfi9apTRDO4-ZlPfc.roa
Signing time: Tue 02 Jun 2026 04:12:27 +0000
ROA not before: Tue 02 Jun 2026 04:12:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215468
IP address blocks: 72.35.247.0/24 maxlen: 24
78.17.234.0/24 maxlen: 24
89.125.148.0/24 maxlen: 24
206.245.154.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.mft
rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:86:88:6a:11:22:93:d3:30:7b:86:f9:99:b3:c1:7e:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jun 2 04:12:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d5d47e64b4b93bf19f8bd6a94d10cee3e6653df7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:6d:01:39:da:e5:54:b4:0f:a5:1e:38:21:ce:
b5:8a:44:df:2d:ae:5b:40:de:8f:62:21:15:bb:b9:
28:90:db:70:b7:89:19:74:ae:7c:1b:ad:9e:cd:1a:
d5:9b:a9:54:b1:de:cc:ec:1d:be:eb:a5:b5:d3:42:
0b:64:8a:b0:0c:19:67:79:c0:66:e6:5e:64:d8:d6:
5f:cf:60:05:d9:c7:4c:a9:0e:a8:c5:f0:9f:58:8f:
38:85:58:2c:83:f9:78:f9:32:9a:e1:f5:3b:fb:e1:
af:db:71:a9:22:ca:26:81:c2:5a:74:c1:25:9e:4f:
b6:b0:5e:af:78:58:0b:8d:1f:30:8f:95:92:ef:c9:
ae:fb:12:9f:72:cc:c4:0c:fb:3c:23:77:ca:5f:9f:
00:79:8d:5c:59:03:8e:de:f4:6e:9a:a0:f0:78:49:
55:2a:29:8e:85:70:04:7c:a6:5f:97:7c:3c:41:9b:
8e:1f:b3:aa:8f:e4:5e:00:2d:ec:7c:4e:0e:54:e0:
91:0f:92:7b:ad:ec:f4:4c:f9:2f:36:da:5b:2e:c6:
07:da:af:81:6c:c8:08:f2:3a:f4:de:e9:31:08:95:
d9:38:5a:40:09:03:93:5f:31:8d:78:30:5e:76:de:
35:75:1a:49:7a:89:34:3b:df:75:52:53:07:92:14:
76:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:D4:7E:64:B4:B9:3B:F1:9F:8B:D6:A9:4D:10:CE:E3:E6:65:3D:F7
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/1dR-ZLS5O_Gfi9apTRDO4-ZlPfc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
72.35.247.0/24
78.17.234.0/24
89.125.148.0/24
206.245.154.0/24
Signature Algorithm: sha256WithRSAEncryption
57:a6:0b:62:50:e2:14:85:e8:c1:d7:09:9d:3f:8d:3d:e1:2f:
a5:d0:24:ef:42:32:de:db:d6:f0:27:8e:f2:78:b7:7e:03:16:
57:08:d1:3e:70:93:cb:48:ad:7b:8f:76:f7:9a:88:1b:8a:75:
9a:66:2a:7e:7b:65:e4:3f:4d:ba:5c:81:eb:98:a9:99:c6:36:
7f:6d:bc:d2:5b:85:96:01:21:57:b7:bf:fa:2a:da:1c:99:c7:
08:7b:f8:a6:fb:d4:c1:70:d8:0e:11:e0:f3:e1:6e:c7:b7:1e:
64:72:4e:a3:17:5c:da:ab:ae:0e:e1:06:13:11:04:e9:8c:37:
d3:2e:ef:ba:bf:98:6d:ed:30:52:0b:a8:25:33:01:ab:25:b6:
1f:f3:20:ab:05:fe:c0:74:51:7c:c4:48:58:ee:2d:bc:da:9a:
4a:10:e4:88:47:79:d6:32:09:63:28:db:56:89:2f:80:0a:e3:
96:4a:8b:e8:66:3f:5b:81:23:03:91:3f:ef:ed:48:17:92:eb:
d3:37:e0:85:a3:a9:05:88:f1:07:f5:d0:15:ce:2f:eb:db:1c:
98:2f:76:6a:7d:d7:6b:5e:5c:63:06:0e:c1:54:e8:d2:56:41:
94:59:ce:be:d8:d2:d6:f4:e4:5f:d0:4a:d0:3e:7c:c2:a9:79:
ec:a3:b6:eb
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ6GiGoRIpPTMHuG+ZmzwX5vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjYwNjAyMDQxMjI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWQ0N2U2NGI0YjkzYmYxOWY4YmQ2YTk0ZDEwY2VlM2U2NjUzZGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvW0BOdrlVLQPpR44Ic61ikTfLa5b
QN6PYiEVu7kokNtwt4kZdK58G62ezRrVm6lUsd7M7B2+66W100ILZIqwDBlnecBm
5l5k2NZfz2AF2cdMqQ6oxfCfWI84hVgsg/l4+TKa4fU7++Gv23GpIsomgcJadMEl
nk+2sF6veFgLjR8wj5WS78mu+xKfcszEDPs8I3fKX58AeY1cWQOO3vRumqDweElV
KimOhXAEfKZfl3w8QZuOH7Oqj+ReAC3sfE4OVOCRD5J7rez0TPkvNtpbLsYH2q+B
bMgI8jr03ukxCJXZOFpACQOTXzGNeDBedt41dRpJeok0O991UlMHkhR2ewIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNXUfmS0uTvxn4vWqU0QzuPmZT33MB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvMWRSLVpMUzVPX0dmaTlhcFRSRE80LVpsUGZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQASCP3AwQA
ThHqAwQAWX2UAwQAzvWaMA0GCSqGSIb3DQEBCwUAA4IBAQBXpgtiUOIUhejB1wmd
P4094S+l0CTvQjLe29bwJ47yeLd+AxZXCNE+cJPLSK17j3b3mogbinWaZip+e2Xk
P026XIHrmKmZxjZ/bbzSW4WWASFXt7/6KtocmccIe/im+9TBcNgOEeDz4W7Htx5k
ck6jF1zaq64O4QYTEQTpjDfTLu+6v5ht7TBSC6glMwGrJbYf8yCrBf7AdFF8xEhY
7i282ppKEOSIR3nWMgljKNtWiS+ACuOWSovoZj9bgSMDkT/v7UgXkuvTN+CFo6kF
iPEH9dAVzi/r2xyYL3ZqfddrXlxjBg7BVOjSVkGUWc6+2NLW9ORf0ErQPnzCqXns
o7br
-----END CERTIFICATE-----
Generated at Thu Jun 4 06:20:38 2026 by rpki-client