Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/d429b9-385e-430f-b2c4-81768c60ee08/1/kv9pFGmNrnrEn3iG31AcZNVME2w.roa
File: kv9pFGmNrnrEn3iG31AcZNVME2w.roa (raw, json)
Hash identifier: V3qQrFdx9pYmcJm3jWVMOZZb4mhzpn6jHrRFgXqAAtg=
Subject key identifier: 92:FF:69:14:69:8D:AE:7A:C4:9F:78:86:DF:50:1C:64:D5:4C:13:6C
Certificate issuer: /CN=09a686e370d6d0608119eeb006c8aadaab078d22
Certificate serial: 019E681A56A54CD7DF2948F36B756B2571FD
Authority key identifier: 09:A6:86:E3:70:D6:D0:60:81:19:EE:B0:06:C8:AA:DA:AB:07:8D:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CaaG43DW0GCBGe6wBsiq2qsHjSI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/d429b9-385e-430f-b2c4-81768c60ee08/1/kv9pFGmNrnrEn3iG31AcZNVME2w.roa
Signing time: Wed 27 May 2026 06:23:37 +0000
ROA not before: Wed 27 May 2026 06:23:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 48881
IP address blocks: 46.102.254.0/24 maxlen: 24
86.105.26.0/24 maxlen: 24
185.104.32.0/21 maxlen: 21
185.104.180.0/22 maxlen: 22
2a06:1fc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/73/d429b9-385e-430f-b2c4-81768c60ee08/1/CaaG43DW0GCBGe6wBsiq2qsHjSI.crl
rsync://rpki.ripe.net/repository/DEFAULT/73/d429b9-385e-430f-b2c4-81768c60ee08/1/CaaG43DW0GCBGe6wBsiq2qsHjSI.mft
rsync://rpki.ripe.net/repository/DEFAULT/CaaG43DW0GCBGe6wBsiq2qsHjSI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Jun 2026 07:00:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:68:1a:56:a5:4c:d7:df:29:48:f3:6b:75:6b:25:71:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09a686e370d6d0608119eeb006c8aadaab078d22
Validity
Not Before: May 27 06:23:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=92ff6914698dae7ac49f7886df501c64d54c136c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:2d:b5:4c:71:5b:46:ea:f8:10:ab:6d:a4:87:
a2:86:37:5d:30:b7:45:f1:1a:e8:17:bc:e4:a1:12:
23:90:f8:cd:e7:3e:93:28:c8:21:53:0b:7f:e9:d5:
e9:dc:43:f8:e9:a0:c6:f3:0d:36:f3:b6:c6:17:56:
f7:21:09:85:32:44:2a:3b:ab:b7:a4:ea:93:29:b1:
6f:64:12:64:2c:6d:ea:24:b9:73:47:06:7b:b5:cc:
a0:06:bc:81:fc:90:96:f7:2f:0f:e5:2d:cd:6b:1c:
1d:39:28:e1:4f:98:05:b1:a8:fc:27:67:29:be:1d:
8f:78:01:ca:25:6c:d4:c0:c8:06:70:24:26:e8:9f:
36:86:2a:c3:f9:66:d0:fe:2d:7c:3c:a9:a0:ab:55:
c1:d7:70:d2:d3:22:23:43:71:31:44:5e:0b:aa:9b:
7e:84:da:48:e0:31:43:b3:6a:ff:39:7b:72:9e:4c:
f0:47:30:ce:df:db:74:f8:6c:95:eb:00:c7:47:05:
48:3d:f1:cb:35:d7:25:0e:7f:f8:26:48:60:a1:55:
73:44:f4:88:ba:24:ef:77:7c:f3:1e:67:07:d0:6e:
2c:a1:ce:7b:1c:bc:9e:4e:f9:62:c5:73:61:df:77:
26:08:9b:4b:cc:77:2e:53:24:b3:1e:ae:5b:7c:d7:
82:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:FF:69:14:69:8D:AE:7A:C4:9F:78:86:DF:50:1C:64:D5:4C:13:6C
X509v3 Authority Key Identifier:
keyid:09:A6:86:E3:70:D6:D0:60:81:19:EE:B0:06:C8:AA:DA:AB:07:8D:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CaaG43DW0GCBGe6wBsiq2qsHjSI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/d429b9-385e-430f-b2c4-81768c60ee08/1/kv9pFGmNrnrEn3iG31AcZNVME2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/d429b9-385e-430f-b2c4-81768c60ee08/1/CaaG43DW0GCBGe6wBsiq2qsHjSI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.102.254.0/24
86.105.26.0/24
185.104.32.0/21
185.104.180.0/22
IPv6:
2a06:1fc0::/29
Signature Algorithm: sha256WithRSAEncryption
22:96:e7:41:df:14:04:a3:12:c7:0a:d5:dd:47:ab:60:df:d0:
66:80:86:d4:1c:93:cc:75:28:06:26:16:30:64:97:bd:6e:6a:
1f:cb:a5:c8:e5:ff:9b:45:54:89:fd:ec:1f:9b:da:f9:fa:7b:
49:b6:11:10:ae:60:13:ff:da:29:4f:01:e3:4e:45:cd:fd:e1:
ef:d8:61:eb:1b:c2:49:fc:39:86:bc:3f:d6:2b:bb:dc:21:1a:
1f:9e:a2:df:0a:21:3d:c1:58:16:af:13:42:35:fa:7e:81:91:
a8:9b:5e:3b:93:e2:d1:a5:10:90:98:33:b2:7d:15:6c:02:f7:
fe:c7:93:76:79:32:47:7f:a3:c9:c7:bf:45:32:11:c5:e1:39:
94:93:39:31:43:cd:22:b1:04:a5:e8:60:21:65:94:b8:e6:33:
20:c9:29:82:3d:87:f8:b6:04:9e:43:6b:79:f4:ac:1a:d0:3b:
84:13:e0:b1:c4:2b:51:64:61:6e:fd:cb:c8:99:3a:ec:9c:b5:
49:f1:7c:2e:98:aa:93:54:96:f8:48:ca:11:32:e8:0a:86:b9:
c7:31:4d:90:06:86:62:74:a0:c6:6b:23:cf:fe:b1:86:58:f7:
d3:ed:8b:2b:af:db:ff:c0:34:53:90:98:dd:92:82:85:13:42:
fb:35:1a:eb
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZ5oGlalTNffKUjza3VrJXH9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5YTY4NmUzNzBkNmQwNjA4MTE5ZWViMDA2YzhhYWRhYWIw
NzhkMjIwHhcNMjYwNTI3MDYyMzM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmZmNjkxNDY5OGRhZTdhYzQ5Zjc4ODZkZjUwMWM2NGQ1NGMxMzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqy21THFbRur4EKttpIeihjddMLdF
8RroF7zkoRIjkPjN5z6TKMghUwt/6dXp3EP46aDG8w0287bGF1b3IQmFMkQqO6u3
pOqTKbFvZBJkLG3qJLlzRwZ7tcygBryB/JCW9y8P5S3NaxwdOSjhT5gFsaj8J2cp
vh2PeAHKJWzUwMgGcCQm6J82hirD+WbQ/i18PKmgq1XB13DS0yIjQ3ExRF4Lqpt+
hNpI4DFDs2r/OXtynkzwRzDO39t0+GyV6wDHRwVIPfHLNdclDn/4JkhgoVVzRPSI
uiTvd3zzHmcH0G4soc57HLyeTvlixXNh33cmCJtLzHcuUySzHq5bfNeCowIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFJL/aRRpja56xJ94ht9QHGTVTBNsMB8GA1UdIwQY
MBaAFAmmhuNw1tBggRnusAbIqtqrB40iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2FhRzQzRFcwR0NCR2U2d0JzaXEycXNIalNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My9kNDI5YjktMzg1ZS00MzBmLWIyYzQt
ODE3NjhjNjBlZTA4LzEva3Y5cEZHbU5ybnJFbjNpRzMxQWNaTlZNRTJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My9kNDI5YjktMzg1ZS00MzBmLWIyYzQtODE3NjhjNjBlZTA4
LzEvQ2FhRzQzRFcwR0NCR2U2d0JzaXEycXNIalNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQALmb+AwQA
VmkaAwQDuWggAwQCuWi0MA0EAgACMAcDBQMqBh/AMA0GCSqGSIb3DQEBCwUAA4IB
AQAiludB3xQEoxLHCtXdR6tg39BmgIbUHJPMdSgGJhYwZJe9bmofy6XI5f+bRVSJ
/ewfm9r5+ntJthEQrmAT/9opTwHjTkXN/eHv2GHrG8JJ/DmGvD/WK7vcIRofnqLf
CiE9wVgWrxNCNfp+gZGom147k+LRpRCQmDOyfRVsAvf+x5N2eTJHf6PJx79FMhHF
4TmUkzkxQ80isQSl6GAhZZS45jMgySmCPYf4tgSeQ2t59Kwa0DuEE+CxxCtRZGFu
/cvImTrsnLVJ8XwumKqTVJb4SMoRMugKhrnHMU2QBoZidKDGayPP/rGGWPfT7Ysr
r9v/wDRTkJjdkoKFE0L7NRrr
-----END CERTIFICATE-----
Generated at Thu Jun 4 15:07:26 2026 by rpki-client