Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/b3ce1b-f1f7-40cb-b3d0-6d20f5c197f6/1/TalsxsnLALDwzR9eYbJ5IPHvuw0.roa
File: TalsxsnLALDwzR9eYbJ5IPHvuw0.roa (raw, json)
Hash identifier: 5TrfT+iuoAx5Pp91gpenuYisGgHzZknoAb6QwNtFQgE=
Subject key identifier: 4D:A9:6C:C6:C9:CB:00:B0:F0:CD:1F:5E:61:B2:79:20:F1:EF:BB:0D
Certificate issuer: /CN=09b0110ae4b81794a508831fcb5edcc8d5fd2f1b
Certificate serial: 019E4C64D3BF65F81BE148D629CD220DA9C9
Authority key identifier: 09:B0:11:0A:E4:B8:17:94:A5:08:83:1F:CB:5E:DC:C8:D5:FD:2F:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CbARCuS4F5SlCIMfy17cyNX9Lxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/b3ce1b-f1f7-40cb-b3d0-6d20f5c197f6/1/TalsxsnLALDwzR9eYbJ5IPHvuw0.roa
Signing time: Thu 21 May 2026 21:15:36 +0000
ROA not before: Thu 21 May 2026 21:15:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212807
IP address blocks: 194.15.40.0/24 maxlen: 24
194.15.41.0/24 maxlen: 24
194.15.42.0/24 maxlen: 24
194.15.43.0/24 maxlen: 24
2a0f:7480::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/b3ce1b-f1f7-40cb-b3d0-6d20f5c197f6/1/CbARCuS4F5SlCIMfy17cyNX9Lxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/b3ce1b-f1f7-40cb-b3d0-6d20f5c197f6/1/CbARCuS4F5SlCIMfy17cyNX9Lxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/CbARCuS4F5SlCIMfy17cyNX9Lxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 12:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:4c:64:d3:bf:65:f8:1b:e1:48:d6:29:cd:22:0d:a9:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09b0110ae4b81794a508831fcb5edcc8d5fd2f1b
Validity
Not Before: May 21 21:15:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4da96cc6c9cb00b0f0cd1f5e61b27920f1efbb0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:40:6d:12:9c:f7:04:80:f7:25:f3:62:56:91:
a8:76:54:15:33:f3:a9:e8:4c:ba:54:6c:85:87:73:
ad:97:ff:37:d5:b4:99:6e:4c:eb:82:b3:f0:89:70:
aa:54:a4:e2:39:c9:ce:7a:06:c1:7e:2e:82:6c:7d:
02:98:e8:ef:ad:60:33:83:d9:0e:1e:b2:ec:fe:a0:
d8:1f:2b:e3:f2:9c:ef:c6:e9:79:86:24:66:5c:54:
5c:de:75:ab:cd:1b:63:b2:23:8c:ed:33:d9:d6:09:
2d:bc:06:45:4a:09:7e:dd:be:e5:a7:5e:8c:89:1f:
67:5a:c6:64:39:83:a0:c9:cf:eb:74:d6:6c:fe:4d:
c7:92:c6:aa:a5:50:d4:70:c2:a5:6e:ee:5a:9b:d9:
df:42:1a:c6:2e:39:a5:86:1a:59:ee:ad:bf:e5:81:
b5:97:48:a6:04:48:f9:af:78:32:f8:4c:5c:ea:f3:
b3:44:14:9d:2e:4a:62:70:92:23:be:89:0a:f9:08:
e9:65:ba:80:39:94:ce:ba:24:08:e7:50:e0:be:3e:
b6:48:79:a7:65:3e:0a:c7:11:99:82:35:e2:4f:5c:
53:a2:37:0e:cf:1c:b5:d1:e1:d6:01:ad:d1:24:9d:
31:fd:ba:1b:f5:5b:82:13:e3:fe:07:6a:b4:8b:44:
3f:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:A9:6C:C6:C9:CB:00:B0:F0:CD:1F:5E:61:B2:79:20:F1:EF:BB:0D
X509v3 Authority Key Identifier:
keyid:09:B0:11:0A:E4:B8:17:94:A5:08:83:1F:CB:5E:DC:C8:D5:FD:2F:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CbARCuS4F5SlCIMfy17cyNX9Lxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/b3ce1b-f1f7-40cb-b3d0-6d20f5c197f6/1/TalsxsnLALDwzR9eYbJ5IPHvuw0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/b3ce1b-f1f7-40cb-b3d0-6d20f5c197f6/1/CbARCuS4F5SlCIMfy17cyNX9Lxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.15.40.0/22
IPv6:
2a0f:7480::/29
Signature Algorithm: sha256WithRSAEncryption
04:82:97:d9:07:48:ce:c4:83:30:ce:3b:1a:5c:d9:09:2f:43:
12:aa:95:8e:ce:a6:53:b1:cd:64:06:8b:a9:cd:ea:e5:9a:c3:
1a:4c:12:6b:34:04:d6:64:fa:90:6f:d2:1d:d6:58:6c:d3:d0:
17:eb:e0:be:a1:df:4a:8e:9c:cb:3a:88:1c:3f:67:bf:03:76:
30:e6:a0:b3:35:d1:68:be:3c:27:d4:87:87:13:84:7f:32:fe:
66:54:cd:6a:32:9f:e4:0f:4c:7b:9c:7d:b2:c4:83:1b:13:05:
c8:5c:3d:b2:68:cb:2b:1c:84:d1:f1:27:4b:36:4e:71:c0:2b:
09:c0:71:0f:89:a0:28:7d:15:a9:22:eb:43:9a:b6:83:18:d1:
6b:41:d8:1d:b7:23:43:19:df:79:1c:b8:20:eb:1e:33:74:c6:
c3:bd:eb:ac:40:e4:3e:bc:73:01:af:eb:2c:07:66:4f:9d:4a:
21:5f:2a:31:ff:ab:f2:62:d8:ad:82:87:4e:cf:1a:39:c5:95:
06:e1:fb:fb:87:2b:e3:cb:f8:3a:f4:6a:82:4a:e7:e2:1b:8f:
f4:8c:17:a3:bc:94:25:e1:36:12:eb:d2:9f:3c:c2:96:17:53:
01:c9:fb:b0:6b:84:4e:cb:fb:16:1b:a7:d4:c0:c1:e6:27:56:
29:dc:c7:ce
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZ5MZNO/Zfgb4UjWKc0iDanJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5YjAxMTBhZTRiODE3OTRhNTA4ODMxZmNiNWVkY2M4ZDVm
ZDJmMWIwHhcNMjYwNTIxMjExNTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGE5NmNjNmM5Y2IwMGIwZjBjZDFmNWU2MWIyNzkyMGYxZWZiYjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4UBtEpz3BID3JfNiVpGodlQVM/Op
6Ey6VGyFh3Otl/831bSZbkzrgrPwiXCqVKTiOcnOegbBfi6CbH0CmOjvrWAzg9kO
HrLs/qDYHyvj8pzvxul5hiRmXFRc3nWrzRtjsiOM7TPZ1gktvAZFSgl+3b7lp16M
iR9nWsZkOYOgyc/rdNZs/k3HksaqpVDUcMKlbu5am9nfQhrGLjmlhhpZ7q2/5YG1
l0imBEj5r3gy+Exc6vOzRBSdLkpicJIjvokK+QjpZbqAOZTOuiQI51Dgvj62SHmn
ZT4KxxGZgjXiT1xTojcOzxy10eHWAa3RJJ0x/bob9VuCE+P+B2q0i0Q/1QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFE2pbMbJywCw8M0fXmGyeSDx77sNMB8GA1UdIwQY
MBaAFAmwEQrkuBeUpQiDH8te3MjV/S8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2JBUkN1UzRGNVNsQ0lNZnkxN2N5Tlg5THhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9iM2NlMWItZjFmNy00MGNiLWIzZDAt
NmQyMGY1YzE5N2Y2LzEvVGFsc3hzbkxBTER3elI5ZVliSjVJUEh2dXcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9iM2NlMWItZjFmNy00MGNiLWIzZDAtNmQyMGY1YzE5N2Y2
LzEvQ2JBUkN1UzRGNVNsQ0lNZnkxN2N5Tlg5THhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwg8oMA0E
AgACMAcDBQMqD3SAMA0GCSqGSIb3DQEBCwUAA4IBAQAEgpfZB0jOxIMwzjsaXNkJ
L0MSqpWOzqZTsc1kBoupzerlmsMaTBJrNATWZPqQb9Id1lhs09AX6+C+od9KjpzL
OogcP2e/A3Yw5qCzNdFovjwn1IeHE4R/Mv5mVM1qMp/kD0x7nH2yxIMbEwXIXD2y
aMsrHITR8SdLNk5xwCsJwHEPiaAofRWpIutDmraDGNFrQdgdtyNDGd95HLgg6x4z
dMbDveusQOQ+vHMBr+ssB2ZPnUohXyox/6vyYtitgodOzxo5xZUG4fv7hyvjy/g6
9GqCSufiG4/0jBejvJQl4TYS69KfPMKWF1MByfuwa4ROy/sWG6fUwMHmJ1Yp3MfO
-----END CERTIFICATE-----
Generated at Thu Jun 11 20:58:43 2026 by rpki-client