Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/_dci9kkWxh2-KajYtREKtYV4zuQ.roa
File: _dci9kkWxh2-KajYtREKtYV4zuQ.roa (raw, json)
Hash identifier: X4rZnyrfO2fPp4aKhUjfhgHVnIGQA3VBh8qFnXDaWq8=
Subject key identifier: FD:D7:22:F6:49:16:C6:1D:BE:29:A8:D8:B5:11:0A:B5:85:78:CE:E4
Certificate issuer: /CN=6fccdffda6a4c48914b5e8cde7da5d820b9c9718
Certificate serial: 019E2005E1497602692C0E29D7DC45D03C0B
Authority key identifier: 6F:CC:DF:FD:A6:A4:C4:89:14:B5:E8:CD:E7:DA:5D:82:0B:9C:97:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b8zf_aakxIkUtejN59pdgguclxg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/_dci9kkWxh2-KajYtREKtYV4zuQ.roa
Signing time: Wed 13 May 2026 06:28:36 +0000
ROA not before: Wed 13 May 2026 06:28:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 8254
IP address blocks: 94.131.16.0/24 maxlen: 24
94.131.48.0/24 maxlen: 24
2a06:fcc0:5::/48 maxlen: 48
2a06:fcc0:6::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/b8zf_aakxIkUtejN59pdgguclxg.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/b8zf_aakxIkUtejN59pdgguclxg.mft
rsync://rpki.ripe.net/repository/DEFAULT/b8zf_aakxIkUtejN59pdgguclxg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 06:28:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:20:05:e1:49:76:02:69:2c:0e:29:d7:dc:45:d0:3c:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fccdffda6a4c48914b5e8cde7da5d820b9c9718
Validity
Not Before: May 13 06:28:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=fdd722f64916c61dbe29a8d8b5110ab58578cee4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:40:fd:57:e1:2e:8a:3e:a0:19:55:9d:b4:f9:
1f:8f:db:cf:77:bb:a8:e9:d1:bc:1f:42:35:ad:db:
ec:63:c1:f0:3c:f9:4a:de:25:23:43:48:44:00:1c:
e5:4c:c2:d8:6b:b0:88:be:a2:50:19:03:46:8a:b6:
ec:9f:a9:ce:6a:7a:e6:d2:2c:26:c3:ea:b1:2a:1c:
c4:29:61:5a:2e:83:0b:25:15:cb:0d:9a:b3:a1:db:
e2:5e:f1:4d:a1:19:aa:10:f5:74:88:1b:93:14:3b:
c5:a6:22:1e:03:4c:14:4b:ff:b2:2f:f0:82:2c:a0:
70:0c:5b:3b:07:93:ad:e4:32:3f:4d:1b:58:59:62:
22:d9:4d:02:01:59:9b:84:ae:58:1a:21:da:7d:2d:
05:fb:e8:c7:04:7e:1c:20:52:88:12:a4:71:d9:4c:
01:78:63:ae:62:1a:cc:fa:85:d6:dc:0e:54:bb:ae:
dd:58:c3:b8:48:82:ba:5c:d9:2b:55:8d:62:c3:6c:
64:34:69:6f:ce:1f:2b:64:4a:4b:6b:e3:b9:90:39:
15:c8:8a:cb:54:ac:f6:a5:e5:a7:6a:bc:45:f2:8a:
74:56:81:d1:72:2e:9c:4b:89:40:9f:d1:13:85:45:
aa:73:28:16:02:b8:84:3b:81:bc:80:ea:be:e6:9d:
1c:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:D7:22:F6:49:16:C6:1D:BE:29:A8:D8:B5:11:0A:B5:85:78:CE:E4
X509v3 Authority Key Identifier:
keyid:6F:CC:DF:FD:A6:A4:C4:89:14:B5:E8:CD:E7:DA:5D:82:0B:9C:97:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8zf_aakxIkUtejN59pdgguclxg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/_dci9kkWxh2-KajYtREKtYV4zuQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/b8zf_aakxIkUtejN59pdgguclxg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.16.0/24
94.131.48.0/24
IPv6:
2a06:fcc0:5::-2a06:fcc0:6:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
11:4e:08:4b:55:b7:ed:2f:91:2d:c8:56:0b:57:f9:0f:30:18:
fa:7f:03:5e:54:69:e5:d1:a4:9a:c7:26:4f:32:a2:28:dc:45:
af:96:49:a2:f0:fa:27:a3:a0:37:71:04:f2:89:ae:22:91:56:
26:1a:22:e5:82:2b:40:50:5e:0f:ad:0c:22:0e:4c:d5:ac:a9:
f5:5b:a5:2d:75:44:d8:86:c7:59:2a:b7:99:65:eb:92:fe:4e:
f6:37:a2:cf:00:79:28:05:9c:7e:a8:70:68:58:41:d6:72:5b:
a8:d3:9f:b8:9a:89:6a:45:37:c4:92:fa:61:ad:d6:2c:76:a6:
64:10:cb:27:66:b0:34:65:ee:d6:ee:db:51:8f:62:b6:de:a5:
a5:9e:57:c4:88:7c:12:be:de:f3:0c:64:0c:90:87:a2:26:ba:
79:42:98:08:9c:e3:12:4f:9e:11:0d:9c:fc:e9:d7:c5:c0:2a:
d7:32:8c:e1:8b:a1:cd:9f:f0:24:79:bb:c0:46:3d:ee:61:a5:
1e:01:4f:dc:a3:ca:d5:db:cf:c5:00:ef:b3:61:9a:a1:dc:d0:
b1:f1:a0:7e:37:f3:b2:1b:e0:df:c3:e3:2a:7b:de:99:b2:9c:
36:04:75:a8:a5:e7:43:ab:9e:7d:f3:1b:63:f8:9f:5f:66:89:
ac:39:32:2d
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZ4gBeFJdgJpLA4p19xF0DwLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmY2NkZmZkYTZhNGM0ODkxNGI1ZThjZGU3ZGE1ZDgyMGI5
Yzk3MTgwHhcNMjYwNTEzMDYyODM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGQ3MjJmNjQ5MTZjNjFkYmUyOWE4ZDhiNTExMGFiNTg1NzhjZWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo0D9V+Euij6gGVWdtPkfj9vPd7uo
6dG8H0I1rdvsY8HwPPlK3iUjQ0hEABzlTMLYa7CIvqJQGQNGirbsn6nOanrm0iwm
w+qxKhzEKWFaLoMLJRXLDZqzodviXvFNoRmqEPV0iBuTFDvFpiIeA0wUS/+yL/CC
LKBwDFs7B5Ot5DI/TRtYWWIi2U0CAVmbhK5YGiHafS0F++jHBH4cIFKIEqRx2UwB
eGOuYhrM+oXW3A5Uu67dWMO4SIK6XNkrVY1iw2xkNGlvzh8rZEpLa+O5kDkVyIrL
VKz2peWnarxF8op0VoHRci6cS4lAn9EThUWqcygWAriEO4G8gOq+5p0chwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFP3XIvZJFsYdvimo2LURCrWFeM7kMB8GA1UdIwQY
MBaAFG/M3/2mpMSJFLXozefaXYILnJcYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjh6Zl9hYWt4SWtVdGVqTjU5cGRnZ3VjbHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9jYjAxNTMtODAzYS00YmI2LWIxOWQt
YTc3NGU0MWQyNjRjLzEvX2RjaTlra1d4aDItS2FqWXRSRUt0WVY0enVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9jYjAxNTMtODAzYS00YmI2LWIxOWQtYTc3NGU0MWQyNjRj
LzEvYjh6Zl9hYWt4SWtVdGVqTjU5cGRnZ3VjbHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDASBAIAATAMAwQAXoMQAwQA
XoMwMBoEAgACMBQwEgMHACoG/MAABQMHACoG/MAABjANBgkqhkiG9w0BAQsFAAOC
AQEAEU4IS1W37S+RLchWC1f5DzAY+n8DXlRp5dGkmscmTzKiKNxFr5ZJovD6J6Og
N3EE8omuIpFWJhoi5YIrQFBeD60MIg5M1ayp9VulLXVE2IbHWSq3mWXrkv5O9jei
zwB5KAWcfqhwaFhB1nJbqNOfuJqJakU3xJL6Ya3WLHamZBDLJ2awNGXu1u7bUY9i
tt6lpZ5XxIh8Er7e8wxkDJCHoia6eUKYCJzjEk+eEQ2c/OnXxcAq1zKM4YuhzZ/w
JHm7wEY97mGlHgFP3KPK1dvPxQDvs2GaodzQsfGgfjfzshvg38PjKnvembKcNgR1
qKXnQ6ueffMbY/ifX2aJrDkyLQ==
-----END CERTIFICATE-----
Generated at Wed May 13 10:42:31 2026 by rpki-client