Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/CIb8CK9uD_OE-KtoandAddENdNc.roa
File: CIb8CK9uD_OE-KtoandAddENdNc.roa (raw, json)
Hash identifier: zdbh7DIG2FQD/j0gePOqIY2e8MR1c51n3EEnWtP5V28=
Subject key identifier: 08:86:FC:08:AF:6E:0F:F3:84:F8:AB:68:6A:77:40:75:D1:0D:74:D7
Certificate issuer: /CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Certificate serial: 019E947538A5FFB6974DF2E3D07DFE555624
Authority key identifier: 17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/CIb8CK9uD_OE-KtoandAddENdNc.roa
Signing time: Thu 04 Jun 2026 21:06:10 +0000
ROA not before: Thu 04 Jun 2026 21:06:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 1101
IP address blocks: 145.99.0.0/16 maxlen: 16
145.102.4.0/23 maxlen: 23
145.102.131.0/24 maxlen: 24
145.111.0.0/16 maxlen: 16
145.192.0.0/12 maxlen: 12
145.208.0.0/13 maxlen: 13
145.216.0.0/15 maxlen: 15
145.220.0.0/16 maxlen: 16
2001:610:360::/48 maxlen: 48
2001:67c:6ec::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.crl
rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.mft
rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Jun 2026 14:52:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:94:75:38:a5:ff:b6:97:4d:f2:e3:d0:7d:fe:55:56:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Validity
Not Before: Jun 4 21:06:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0886fc08af6e0ff384f8ab686a774075d10d74d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:19:97:4c:2c:1f:74:70:09:31:a8:44:3b:18:
83:03:62:35:50:b5:86:7c:17:c0:14:3e:f2:7f:d7:
7d:55:4e:9e:24:c2:ac:3a:ee:e3:a8:86:5f:b7:50:
a5:b2:0b:4d:be:53:5a:30:6a:71:da:d1:89:57:63:
0e:cf:be:bf:15:d4:98:ac:28:b9:af:cf:10:4f:89:
4b:db:f6:51:b9:84:e2:80:62:76:22:4f:87:54:97:
63:53:cd:95:27:c6:df:32:1a:4e:65:b1:5e:a1:a6:
dd:0f:89:d9:01:48:f8:ce:0b:ed:f3:83:05:23:eb:
c1:2d:69:82:69:5b:d3:c4:57:6f:66:4f:c0:77:ec:
a5:1c:d9:1c:55:d7:9e:e2:06:59:3d:c2:b1:24:9a:
bf:5b:24:e6:a1:cc:52:d6:87:eb:15:e1:bb:7c:42:
25:3e:27:40:6c:47:8b:d5:a1:8a:d1:0b:e3:6b:f0:
e0:40:09:00:9d:29:c0:d2:54:98:98:a0:0e:5f:10:
94:fd:f9:eb:74:9a:19:e8:9a:f6:10:91:b4:0c:17:
d3:02:45:2b:be:36:d8:e1:cf:67:dd:8d:3f:ad:93:
e0:ef:61:21:86:79:85:f1:50:f6:31:47:f6:df:14:
e5:1f:37:a5:60:d5:db:d5:3d:5c:d4:6c:41:93:1c:
9a:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:86:FC:08:AF:6E:0F:F3:84:F8:AB:68:6A:77:40:75:D1:0D:74:D7
X509v3 Authority Key Identifier:
keyid:17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/CIb8CK9uD_OE-KtoandAddENdNc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.99.0.0/16
145.102.4.0/23
145.102.131.0/24
145.111.0.0/16
145.192.0.0-145.217.255.255
145.220.0.0/16
IPv6:
2001:610:360::/48
2001:67c:6ec::/48
Signature Algorithm: sha256WithRSAEncryption
88:97:5c:cd:1f:40:17:16:1d:8f:74:60:c3:5a:00:3f:4d:d6:
a3:23:7e:8c:45:78:4c:ce:ad:53:71:50:d1:1f:09:e4:8e:95:
89:35:84:c6:c6:f5:82:e1:25:ff:81:65:67:6a:58:82:b3:10:
d3:a1:53:bb:37:cf:11:ff:ee:d9:e4:c6:1b:9e:50:f5:34:14:
aa:e0:6c:fe:53:56:1b:c9:6b:b8:26:b2:c7:6a:71:04:b2:3c:
40:f3:22:6b:6f:c1:7d:06:b0:f3:50:99:a5:42:ea:9c:ed:de:
0a:85:af:c7:2b:57:f4:ba:d9:b3:31:29:51:97:17:a5:9e:45:
ac:f6:c0:71:a7:48:3d:30:c3:12:96:63:cc:96:e0:22:52:31:
f6:88:7e:12:71:40:6c:71:ac:d5:40:87:13:0a:8a:76:8b:bf:
05:01:45:38:18:11:34:7e:ce:2b:0f:66:30:0b:13:74:26:27:
d5:84:6b:8d:95:83:44:ed:85:f4:f3:ca:51:58:4e:eb:40:14:
98:fe:13:c8:61:8e:95:9d:34:0e:ec:b2:32:6b:10:74:95:4f:
a2:bb:c0:bb:00:ca:8d:c0:7f:63:f9:24:b4:47:6a:96:20:78:
ec:e6:4f:28:bd:b2:2f:39:05:02:97:a0:63:eb:f8:0d:30:5c:
92:69:2e:bc
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAZ6UdTil/7aXTfLj0H3+VVYkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NzNkYjE3Nzk1ZDJiZjFiNGI1MzQ1YzViMjkzOTBkYmFm
NDUyM2UwHhcNMjYwNjA0MjEwNjEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODg2ZmMwOGFmNmUwZmYzODRmOGFiNjg2YTc3NDA3NWQxMGQ3NGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2xmXTCwfdHAJMahEOxiDA2I1ULWG
fBfAFD7yf9d9VU6eJMKsOu7jqIZft1ClsgtNvlNaMGpx2tGJV2MOz76/FdSYrCi5
r88QT4lL2/ZRuYTigGJ2Ik+HVJdjU82VJ8bfMhpOZbFeoabdD4nZAUj4zgvt84MF
I+vBLWmCaVvTxFdvZk/Ad+ylHNkcVdee4gZZPcKxJJq/WyTmocxS1ofrFeG7fEIl
PidAbEeL1aGK0Qvja/DgQAkAnSnA0lSYmKAOXxCU/fnrdJoZ6Jr2EJG0DBfTAkUr
vjbY4c9n3Y0/rZPg72EhhnmF8VD2MUf23xTlHzelYNXb1T1c1GxBkxyaPQIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFAiG/Aivbg/zhPiraGp3QHXRDXTXMB8GA1UdIwQY
MBaAFBdz2xd5XSvxtLU0XFspOQ269FI+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYt
NTQ4NjFmMjMyNDlkLzEvQ0liOENLOXVEX09FLUt0b2FuZEFkZEVOZE5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYtNTQ4NjFmMjMyNDlk
LzEvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTAtBAIAATAnAwMAkWMDBAGR
ZgQDBACRZoMDAwCRbzAKAwMGkcADAwGR2AMDAJHcMBgEAgACMBIDBwAgAQYQA2AD
BwAgAQZ8BuwwDQYJKoZIhvcNAQELBQADggEBAIiXXM0fQBcWHY90YMNaAD9N1qMj
foxFeEzOrVNxUNEfCeSOlYk1hMbG9YLhJf+BZWdqWIKzENOhU7s3zxH/7tnkxhue
UPU0FKrgbP5TVhvJa7gmssdqcQSyPEDzImtvwX0GsPNQmaVC6pzt3gqFr8crV/S6
2bMxKVGXF6WeRaz2wHGnSD0wwxKWY8yW4CJSMfaIfhJxQGxxrNVAhxMKinaLvwUB
RTgYETR+zisPZjALE3QmJ9WEa42Vg0TthfTzylFYTutAFJj+E8hhjpWdNA7ssjJr
EHSVT6K7wLsAyo3Af2P5JLRHapYgeOzmTyi9si85BQKXoGPr+A0wXJJpLrw=
-----END CERTIFICATE-----
Generated at Mon Jun 8 19:56:41 2026 by rpki-client