Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/ce96f4-d85c-4fc5-9e98-500b8834289e/1/r1nTX0LgRmtjfVAeBtgzRP18cMQ.roa
File: r1nTX0LgRmtjfVAeBtgzRP18cMQ.roa (raw, json)
Hash identifier: 5aRHQvzNe0tqD5uAt+dVRVLQdova5lpY1LHcAUTLXrw=
Subject key identifier: AF:59:D3:5F:42:E0:46:6B:63:7D:50:1E:06:D8:33:44:FD:7C:70:C4
Certificate issuer: /CN=fef329360c1b6fcafbf5253a657e3e9d7f224f7e
Certificate serial: 019E306D6732B3C5F17FB8EEC8B5AAA04140
Authority key identifier: FE:F3:29:36:0C:1B:6F:CA:FB:F5:25:3A:65:7E:3E:9D:7F:22:4F:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_vMpNgwbb8r79SU6ZX4-nX8iT34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/ce96f4-d85c-4fc5-9e98-500b8834289e/1/r1nTX0LgRmtjfVAeBtgzRP18cMQ.roa
Signing time: Sat 16 May 2026 10:55:36 +0000
ROA not before: Sat 16 May 2026 10:55:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 9137
IP address blocks: 80.224.248.0/22 maxlen: 22
185.82.56.0/22 maxlen: 22
204.14.244.0/22 maxlen: 22
213.204.0.0/19 maxlen: 19
2a02:5640::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/ce96f4-d85c-4fc5-9e98-500b8834289e/1/_vMpNgwbb8r79SU6ZX4-nX8iT34.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/ce96f4-d85c-4fc5-9e98-500b8834289e/1/_vMpNgwbb8r79SU6ZX4-nX8iT34.mft
rsync://rpki.ripe.net/repository/DEFAULT/_vMpNgwbb8r79SU6ZX4-nX8iT34.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 16:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:30:6d:67:32:b3:c5:f1:7f:b8:ee:c8:b5:aa:a0:41:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fef329360c1b6fcafbf5253a657e3e9d7f224f7e
Validity
Not Before: May 16 10:55:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=af59d35f42e0466b637d501e06d83344fd7c70c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:c1:52:6b:97:63:36:a8:c7:71:b1:af:da:2e:
ac:22:34:19:8c:f1:dc:da:f7:df:6c:96:4e:d1:8f:
87:6b:d0:f3:97:58:9d:83:78:02:6b:09:84:54:34:
47:3c:a4:a8:cd:7d:90:89:f4:b6:70:a0:9c:58:ef:
5b:bf:7d:2d:ae:7a:cd:1a:ae:e1:9a:be:4c:fa:ad:
bc:2c:08:8b:f0:18:c5:5a:34:22:77:f5:a8:cc:9a:
36:53:45:f9:61:4e:de:f0:0b:b6:80:7e:70:c6:d9:
e2:30:11:b4:99:67:5e:c1:e6:b2:73:f1:38:9b:03:
1a:d5:6f:e7:4c:59:b6:d9:53:ff:82:d6:57:3f:94:
9a:56:df:08:a1:ce:93:d6:44:6b:7a:53:96:0d:9a:
3c:1e:14:eb:9f:b1:69:16:58:3b:cb:11:90:15:6d:
59:a6:8d:ce:6c:e3:f4:f9:2c:f9:6c:15:7f:96:e9:
30:6c:59:53:bf:3a:36:22:af:64:5f:9b:b0:28:fd:
18:6e:00:f6:61:85:09:c5:23:a3:1d:ed:fb:40:68:
83:8b:4d:bd:a0:7d:53:cb:6c:26:13:16:e1:2f:97:
65:97:1b:6e:4a:9b:e6:c3:30:8f:5a:9a:4c:2c:de:
e3:de:74:2e:1c:a5:b9:4e:fd:1c:ed:a8:0f:7a:91:
27:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:59:D3:5F:42:E0:46:6B:63:7D:50:1E:06:D8:33:44:FD:7C:70:C4
X509v3 Authority Key Identifier:
keyid:FE:F3:29:36:0C:1B:6F:CA:FB:F5:25:3A:65:7E:3E:9D:7F:22:4F:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_vMpNgwbb8r79SU6ZX4-nX8iT34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/ce96f4-d85c-4fc5-9e98-500b8834289e/1/r1nTX0LgRmtjfVAeBtgzRP18cMQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/ce96f4-d85c-4fc5-9e98-500b8834289e/1/_vMpNgwbb8r79SU6ZX4-nX8iT34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.224.248.0/22
185.82.56.0/22
204.14.244.0/22
213.204.0.0/19
IPv6:
2a02:5640::/29
Signature Algorithm: sha256WithRSAEncryption
0f:82:2c:b8:c4:47:fd:f0:73:53:32:83:9b:11:58:34:e2:45:
48:03:06:03:5c:cc:57:de:52:88:d8:d2:78:92:5e:0f:61:aa:
fd:13:a7:20:af:73:65:07:48:12:77:06:83:ea:31:68:e4:be:
af:78:93:16:1f:16:39:0b:86:6c:f2:7c:13:77:4b:88:c8:d1:
01:98:9d:43:21:64:d4:53:f7:b4:f1:09:85:06:c9:80:36:2e:
f1:6e:b7:34:c5:94:8b:2b:da:1d:43:07:a8:48:37:d4:87:10:
c4:58:de:08:81:83:90:53:81:a9:1e:98:78:45:21:8e:71:92:
da:a7:7a:8e:72:2f:51:e7:01:7c:dc:a7:49:71:dc:a7:8c:55:
25:a1:70:11:01:6c:05:b2:3f:23:73:9d:d3:7b:d7:0a:b6:de:
d0:d4:5b:d9:e2:22:77:bb:1b:c5:a9:89:e0:65:cf:63:03:55:
d8:8e:b5:f4:9c:14:2f:8d:70:f4:7d:ce:d1:3c:bf:b2:e0:58:
cb:7a:81:3b:a6:c4:74:bf:da:65:94:ce:65:95:18:27:3a:e2:
5a:eb:cc:a8:76:32:d9:28:01:c1:b9:a7:7e:8d:a1:ec:08:a9:
3b:2f:1e:d9:d5:70:52:33:0d:9d:33:9a:96:24:82:6e:af:43:
2a:50:85:9f
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZ4wbWcys8Xxf7juyLWqoEFAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlZjMyOTM2MGMxYjZmY2FmYmY1MjUzYTY1N2UzZTlkN2Yy
MjRmN2UwHhcNMjYwNTE2MTA1NTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjU5ZDM1ZjQyZTA0NjZiNjM3ZDUwMWUwNmQ4MzM0NGZkN2M3MGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7cFSa5djNqjHcbGv2i6sIjQZjPHc
2vffbJZO0Y+Ha9Dzl1idg3gCawmEVDRHPKSozX2QifS2cKCcWO9bv30trnrNGq7h
mr5M+q28LAiL8BjFWjQid/WozJo2U0X5YU7e8Au2gH5wxtniMBG0mWdeweayc/E4
mwMa1W/nTFm22VP/gtZXP5SaVt8Ioc6T1kRrelOWDZo8HhTrn7FpFlg7yxGQFW1Z
po3ObOP0+Sz5bBV/lukwbFlTvzo2Iq9kX5uwKP0YbgD2YYUJxSOjHe37QGiDi029
oH1Ty2wmExbhL5dllxtuSpvmwzCPWppMLN7j3nQuHKW5Tv0c7agPepEnQQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFK9Z019C4EZrY31QHgbYM0T9fHDEMB8GA1UdIwQY
MBaAFP7zKTYMG2/K+/UlOmV+Pp1/Ik9+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3ZNcE5nd2JiOHI3OVNVNlpYNC1uWDhpVDM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9jZTk2ZjQtZDg1Yy00ZmM1LTllOTgt
NTAwYjg4MzQyODllLzEvcjFuVFgwTGdSbXRqZlZBZUJ0Z3pSUDE4Y01RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9jZTk2ZjQtZDg1Yy00ZmM1LTllOTgtNTAwYjg4MzQyODll
LzEvX3ZNcE5nd2JiOHI3OVNVNlpYNC1uWDhpVDM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCUOD4AwQC
uVI4AwQCzA70AwQF1cwAMA0EAgACMAcDBQMqAlZAMA0GCSqGSIb3DQEBCwUAA4IB
AQAPgiy4xEf98HNTMoObEVg04kVIAwYDXMxX3lKI2NJ4kl4PYar9E6cgr3NlB0gS
dwaD6jFo5L6veJMWHxY5C4Zs8nwTd0uIyNEBmJ1DIWTUU/e08QmFBsmANi7xbrc0
xZSLK9odQweoSDfUhxDEWN4IgYOQU4GpHph4RSGOcZLap3qOci9R5wF83KdJcdyn
jFUloXARAWwFsj8jc53Te9cKtt7Q1FvZ4iJ3uxvFqYngZc9jA1XYjrX0nBQvjXD0
fc7RPL+y4FjLeoE7psR0v9pllM5llRgnOuJa68yodjLZKAHBuad+jaHsCKk7Lx7Z
1XBSMw2dM5qWJIJur0MqUIWf
-----END CERTIFICATE-----
Generated at Fri Jun 12 02:23:48 2026 by rpki-client