Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/DoUbPD2ehb7ffHex7wqZlUgge68.roa
File: DoUbPD2ehb7ffHex7wqZlUgge68.roa (raw, json)
Hash identifier: D6QEW7g5Pt3py5LPzWLBcv51oNohuX/849TtVYw44MU=
Subject key identifier: 0E:85:1B:3C:3D:9E:85:BE:DF:7C:77:B1:EF:0A:99:95:48:20:7B:AF
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019EADC029C5AC01C4F63CD5D767D3B6ED39
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/DoUbPD2ehb7ffHex7wqZlUgge68.roa
Signing time: Tue 09 Jun 2026 18:58:32 +0000
ROA not before: Tue 09 Jun 2026 18:58:32 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 134835
IP address blocks: 217.60.122.0/24 maxlen: 24
217.60.123.0/24 maxlen: 24
217.60.124.0/24 maxlen: 24
217.60.125.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 18:57:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:ad:c0:29:c5:ac:01:c4:f6:3c:d5:d7:67:d3:b6:ed:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jun 9 18:58:32 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0e851b3c3d9e85bedf7c77b1ef0a999548207baf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:20:9b:f0:e5:aa:6a:6c:f3:5b:88:50:7c:37:
7a:1b:1b:16:2a:bb:e8:9a:9b:81:4d:2c:72:22:a2:
25:17:b0:2e:51:5e:47:83:75:e0:e2:3e:44:d9:9e:
61:b3:00:d8:83:11:70:79:14:04:8c:78:0d:69:f1:
64:c0:d3:4f:8d:05:a9:09:3f:ad:41:9e:12:0e:d3:
5a:6c:db:80:60:bd:67:0f:df:92:09:51:55:0f:5f:
f9:05:29:30:03:a4:64:b3:8e:65:5b:fa:93:20:ca:
65:5e:50:8a:d2:6a:aa:57:c1:74:20:30:12:13:6e:
e4:59:71:16:bd:81:6f:e9:3c:d6:45:28:c2:f9:f2:
81:d3:db:29:92:a4:43:78:31:3d:73:80:84:24:3a:
ca:48:ae:e1:bf:4d:f6:1d:9d:57:ea:aa:24:80:03:
74:32:6e:20:51:80:dc:55:62:92:4d:9f:06:3b:73:
da:be:df:ca:9a:26:e5:b8:c5:fa:02:bf:31:e4:e4:
38:92:45:85:28:da:55:98:a5:7f:93:e0:e1:ec:69:
33:57:62:09:13:74:49:ff:ca:5b:38:18:f5:1d:7b:
13:bc:83:c2:5f:5d:7e:25:82:d4:14:7e:8e:ee:f5:
34:e7:52:2c:1d:b0:7d:44:11:bd:f7:47:3d:d7:49:
d3:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:85:1B:3C:3D:9E:85:BE:DF:7C:77:B1:EF:0A:99:95:48:20:7B:AF
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/DoUbPD2ehb7ffHex7wqZlUgge68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.60.122.0-217.60.125.255
Signature Algorithm: sha256WithRSAEncryption
80:42:b3:cd:c2:1a:a9:19:06:d5:69:fe:a4:7e:ba:22:b5:95:
ba:9a:0f:be:a6:cf:0d:a3:d0:e8:6b:23:7e:e3:9f:a7:54:45:
9b:6a:71:61:9b:94:c5:20:eb:88:f8:58:90:14:48:ee:97:47:
d7:fd:7f:37:0e:1e:20:d0:5f:2a:1f:bf:8f:64:fb:b9:33:23:
2b:e1:37:8b:18:32:da:9b:db:73:2e:e6:40:08:e9:0d:27:72:
4a:7b:9f:3a:79:5a:a6:e0:d2:e6:9b:4b:37:8a:e2:9f:1a:2b:
46:88:45:dc:05:a1:4b:d7:ae:80:fe:19:3c:bc:63:6f:ba:c1:
7f:d1:e9:65:d5:76:7f:86:76:4a:b5:4a:7a:1c:0f:9a:d5:6b:
c3:4c:1d:63:b0:97:6e:6f:43:a0:22:ce:73:eb:4b:05:cb:0e:
52:df:c6:39:48:de:b0:6b:d4:d3:2d:8a:8f:b8:3f:84:98:13:
2e:14:27:4c:56:e3:a1:b9:c7:10:31:85:2f:40:cb:59:88:f7:
2b:35:3a:20:bc:2b:fa:0e:41:d0:12:23:d6:44:17:b0:4a:db:
f5:1f:57:53:6c:fd:b4:7f:97:9b:72:4b:86:55:ad:86:61:66:
cb:65:90:23:ac:a9:e5:d1:4b:e2:0d:0c:04:bb:1f:41:b2:51:
ad:0a:ee:51
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZ6twCnFrAHE9jzV12fTtu05MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwNjA5MTg1ODMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTg1MWIzYzNkOWU4NWJlZGY3Yzc3YjFlZjBhOTk5NTQ4MjA3YmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwyCb8OWqamzzW4hQfDd6GxsWKrvo
mpuBTSxyIqIlF7AuUV5Hg3Xg4j5E2Z5hswDYgxFweRQEjHgNafFkwNNPjQWpCT+t
QZ4SDtNabNuAYL1nD9+SCVFVD1/5BSkwA6Rks45lW/qTIMplXlCK0mqqV8F0IDAS
E27kWXEWvYFv6TzWRSjC+fKB09spkqRDeDE9c4CEJDrKSK7hv032HZ1X6qokgAN0
Mm4gUYDcVWKSTZ8GO3Pavt/KmibluMX6Ar8x5OQ4kkWFKNpVmKV/k+Dh7GkzV2IJ
E3RJ/8pbOBj1HXsTvIPCX11+JYLUFH6O7vU051IsHbB9RBG990c910nT1wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFA6FGzw9noW+33x3se8KmZVIIHuvMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvRG9VYlBEMmVoYjdmZkhleDd3cVpsVWdnZTY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAHZPHoD
BAHZPHwwDQYJKoZIhvcNAQELBQADggEBAIBCs83CGqkZBtVp/qR+uiK1lbqaD76m
zw2j0OhrI37jn6dURZtqcWGblMUg64j4WJAUSO6XR9f9fzcOHiDQXyofv49k+7kz
IyvhN4sYMtqb23Mu5kAI6Q0nckp7nzp5Wqbg0uabSzeK4p8aK0aIRdwFoUvXroD+
GTy8Y2+6wX/R6WXVdn+Gdkq1SnocD5rVa8NMHWOwl25vQ6AiznPrSwXLDlLfxjlI
3rBr1NMtio+4P4SYEy4UJ0xW46G5xxAxhS9Ay1mI9ys1OiC8K/oOQdASI9ZEF7BK
2/UfV1Ns/bR/l5tyS4ZVrYZhZstlkCOsqeXRS+INDAS7H0GyUa0K7lE=
-----END CERTIFICATE-----
Generated at Fri Jun 12 00:05:44 2026 by rpki-client