Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/tf9I4T6-QU8jDrPpPim8zOAQ7yc.roa
File: tf9I4T6-QU8jDrPpPim8zOAQ7yc.roa (raw, json)
Hash identifier: 2p+jWe5C+U2V0GF7/KVACIMrwKt1XgIO+eNf5IfejSA=
Subject key identifier: B5:FF:48:E1:3E:BE:41:4F:23:0E:B3:E9:3E:29:BC:CC:E0:10:EF:27
Certificate issuer: /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial: 019EA69F2E2687951C56857325E7124EEE0E
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/tf9I4T6-QU8jDrPpPim8zOAQ7yc.roa
Signing time: Mon 08 Jun 2026 09:45:10 +0000
ROA not before: Mon 08 Jun 2026 09:45:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 208864
IP address blocks: 37.18.4.0/22 maxlen: 22
46.243.188.0/22 maxlen: 22
128.0.68.0/23 maxlen: 23
188.72.68.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.mft
rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 13:27:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:a6:9f:2e:26:87:95:1c:56:85:73:25:e7:12:4e:ee:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Validity
Not Before: Jun 8 09:45:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b5ff48e13ebe414f230eb3e93e29bccce010ef27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:ed:38:ad:70:a5:2d:86:25:ee:10:81:f8:38:
f1:5f:77:15:c0:6e:0e:76:61:83:fb:ed:2f:8e:a5:
7b:28:c3:26:db:19:d7:60:db:11:f1:34:7f:4c:5e:
2f:b6:4b:16:4d:d9:be:6b:17:fd:32:c8:df:fa:17:
a5:a4:2b:0d:13:04:35:c4:36:32:fc:e1:b5:a9:0e:
d9:95:80:b3:89:73:94:29:63:5e:82:e2:d8:fe:c6:
9e:a1:a9:ff:a3:ca:1a:bc:73:91:6c:01:51:0c:63:
8c:eb:d5:1d:74:48:66:d3:63:6f:61:08:9d:f3:85:
9d:3e:37:a4:20:77:68:17:6a:f2:c0:a6:93:05:c6:
28:14:15:21:6e:ff:5a:a3:67:9c:45:40:76:a2:9b:
2e:cf:46:6d:c1:61:80:cb:3b:68:d8:14:ee:83:eb:
31:cb:02:cf:24:7e:02:22:fc:ba:56:39:40:31:ac:
01:87:19:3c:0d:07:c0:aa:d6:d8:f9:ad:c8:a6:15:
a1:e1:cb:d2:fd:d6:db:5d:7d:5b:22:73:6e:3a:db:
23:b2:a2:df:ba:31:2e:85:69:fc:3d:97:8c:89:ab:
d5:00:1a:d0:33:f7:59:c6:45:ca:b9:9b:db:67:fd:
27:56:0d:96:9e:fc:14:f0:2b:06:eb:01:5a:89:8c:
40:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:FF:48:E1:3E:BE:41:4F:23:0E:B3:E9:3E:29:BC:CC:E0:10:EF:27
X509v3 Authority Key Identifier:
keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/tf9I4T6-QU8jDrPpPim8zOAQ7yc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.18.4.0/22
46.243.188.0/22
128.0.68.0/23
188.72.68.0/23
Signature Algorithm: sha256WithRSAEncryption
8e:ba:54:26:04:f0:54:05:a9:b2:4d:3d:a7:d3:52:c9:b7:30:
21:3b:88:01:51:51:ae:9e:e3:c8:a9:70:2e:e9:1d:68:90:0f:
a0:8b:7c:bd:ac:2a:42:4c:48:41:6d:d4:e9:ce:e9:ab:ba:9e:
5d:fb:d9:36:08:a8:f8:3d:75:3a:85:ac:c5:84:4e:ec:e7:fd:
c9:1d:30:10:10:2c:43:a9:43:ea:56:e8:9a:e2:90:87:85:85:
74:39:95:c8:27:fd:f7:b4:f4:ec:f5:02:49:4a:99:ac:92:89:
d3:52:98:62:a8:f7:c2:ff:60:d6:2f:5e:d3:18:d5:20:5a:22:
e2:0d:e3:0a:2f:70:7c:5f:1b:b0:c6:2f:56:e8:8a:2c:a1:05:
49:eb:b3:e2:17:33:24:ed:00:c9:cc:fe:42:6b:32:59:8e:04:
59:17:e6:48:7a:27:1f:8f:74:ef:8e:33:d1:84:0f:1f:14:dc:
e6:81:32:15:8c:bb:e8:e2:bd:7d:ed:6e:86:cf:db:b6:94:93:
fc:58:92:bc:8e:45:24:ba:b8:d0:97:b1:fd:ea:46:86:e9:75:
1f:7d:4c:cf:35:b6:af:36:eb:3c:bd:e4:21:2a:b5:36:a4:f5:
fb:32:f3:f0:d7:95:60:e6:02:5f:51:cc:92:48:fc:3c:8c:99:
7b:8b:20:59
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ6mny4mh5UcVoVzJecSTu4OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0
NzA2N2UwHhcNMjYwNjA4MDk0NTEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWZmNDhlMTNlYmU0MTRmMjMwZWIzZTkzZTI5YmNjY2UwMTBlZjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl+04rXClLYYl7hCB+DjxX3cVwG4O
dmGD++0vjqV7KMMm2xnXYNsR8TR/TF4vtksWTdm+axf9Msjf+helpCsNEwQ1xDYy
/OG1qQ7ZlYCziXOUKWNeguLY/saeoan/o8oavHORbAFRDGOM69UddEhm02NvYQid
84WdPjekIHdoF2rywKaTBcYoFBUhbv9ao2ecRUB2opsuz0ZtwWGAyzto2BTug+sx
ywLPJH4CIvy6VjlAMawBhxk8DQfAqtbY+a3IphWh4cvS/dbbXX1bInNuOtsjsqLf
ujEuhWn8PZeMiavVABrQM/dZxkXKuZvbZ/0nVg2WnvwU8CsG6wFaiYxApwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLX/SOE+vkFPIw6z6T4pvMzgEO8nMB8GA1UdIwQY
MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt
OGM5NTgxZDk2ZDhmLzEvdGY5STRUNi1RVThqRHJQcFBpbTh6T0FRN3ljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm
LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCJRIEAwQC
LvO8AwQBgABEAwQBvEhEMA0GCSqGSIb3DQEBCwUAA4IBAQCOulQmBPBUBamyTT2n
01LJtzAhO4gBUVGunuPIqXAu6R1okA+gi3y9rCpCTEhBbdTpzumrup5d+9k2CKj4
PXU6hazFhE7s5/3JHTAQECxDqUPqVuia4pCHhYV0OZXIJ/33tPTs9QJJSpmskonT
UphiqPfC/2DWL17TGNUgWiLiDeMKL3B8Xxuwxi9W6IosoQVJ67PiFzMk7QDJzP5C
azJZjgRZF+ZIeicfj3TvjjPRhA8fFNzmgTIVjLvo4r197W6Gz9u2lJP8WJK8jkUk
urjQl7H96kaG6XUffUzPNbavNus8veQhKrU2pPX7MvPw15Vg5gJfUcySSPw8jJl7
iyBZ
-----END CERTIFICATE-----
Generated at Thu Jun 11 20:23:16 2026 by rpki-client