Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/_rLZZ3lzsfEsgCXS2qt-wlrXnh0.roa
File: _rLZZ3lzsfEsgCXS2qt-wlrXnh0.roa (raw, json)
Hash identifier: NrkzLXFzjorHtvZSNXnU1OX4L5xtlN/gVtBdCoewJyI=
Subject key identifier: FE:B2:D9:67:79:73:B1:F1:2C:80:25:D2:DA:AB:7E:C2:5A:D7:9E:1D
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019EACD1D5A2D6B5853290F2B8B5C851FC6F
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/_rLZZ3lzsfEsgCXS2qt-wlrXnh0.roa
Signing time: Tue 09 Jun 2026 14:38:13 +0000
ROA not before: Tue 09 Jun 2026 14:38:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 198154
IP address blocks: 94.183.167.0/24 maxlen: 24
94.183.212.0/24 maxlen: 24
94.183.213.0/24 maxlen: 24
94.183.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 18:57:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:ac:d1:d5:a2:d6:b5:85:32:90:f2:b8:b5:c8:51:fc:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jun 9 14:38:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=feb2d9677973b1f12c8025d2daab7ec25ad79e1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:9d:df:ff:22:58:e9:68:5a:f2:64:27:85:1f:
27:a2:be:1e:ed:86:47:69:8f:bc:94:ce:60:07:62:
85:ea:30:2b:01:58:44:b7:c6:1e:ed:b4:13:ce:2e:
3b:05:6b:2e:f9:42:1e:03:aa:6e:dd:63:26:3f:e4:
85:12:69:b6:60:02:5a:bd:4e:4c:74:de:20:5c:0d:
d0:70:f1:a5:11:2b:5f:27:66:39:f9:76:31:73:89:
f3:88:59:b4:b8:c3:ef:5c:fe:73:81:48:0f:55:73:
08:81:ca:39:94:e8:f6:1f:f7:bc:5f:55:11:58:66:
87:a4:b1:4b:0b:9a:0b:a5:66:29:ad:f0:b0:c0:94:
ae:43:2e:91:01:06:69:ef:8a:52:2a:78:99:bb:9c:
15:25:0c:48:13:1f:2e:6f:21:5f:b3:79:c2:e0:1f:
be:67:98:cc:e2:bd:e3:5d:a6:57:0a:93:cb:b2:c8:
b0:a1:6d:59:6f:04:da:b6:c9:ec:06:b4:1e:d7:11:
11:b6:37:45:f2:cb:cd:0b:1f:2a:33:1d:33:9b:0b:
39:92:94:33:80:ec:25:0e:d5:76:91:fd:60:c5:b5:
ff:96:4a:3f:2c:28:0a:93:bc:e3:09:76:5a:b2:ea:
15:f3:66:2c:44:45:70:f9:a7:68:bd:88:07:8d:f0:
9e:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:B2:D9:67:79:73:B1:F1:2C:80:25:D2:DA:AB:7E:C2:5A:D7:9E:1D
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/_rLZZ3lzsfEsgCXS2qt-wlrXnh0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.183.167.0/24
94.183.212.0/23
94.183.215.0/24
Signature Algorithm: sha256WithRSAEncryption
23:58:7f:a1:1d:69:b6:1a:c4:fb:4b:e7:a1:56:60:66:39:a1:
ae:c2:40:f0:c3:9a:5f:ae:02:b5:80:e6:de:77:d4:83:d0:ba:
b0:43:47:5e:5b:a6:82:8b:e3:e1:f8:7d:8e:ad:16:80:73:c2:
c9:9c:be:22:79:73:f9:dd:1d:78:9d:d5:52:3f:16:a9:39:71:
30:3a:1b:90:69:73:7d:a0:58:2f:f4:70:e2:a2:b2:90:6d:f3:
90:a2:24:ea:b4:f2:15:4c:a8:4d:95:b0:46:c8:7c:b2:25:49:
2a:ff:30:1f:59:e3:7a:8b:40:23:18:1c:8f:90:c9:52:f0:69:
da:05:99:b1:56:81:69:40:1b:6e:06:5a:c6:55:63:67:ad:bf:
2d:f4:c8:0f:7b:18:61:57:be:01:0a:5b:c0:92:b3:ac:59:14:
78:9e:19:e0:4c:ad:c0:79:59:43:3f:fe:71:42:77:08:01:32:
9b:f1:d7:3d:92:47:62:61:3d:bf:50:fc:2d:0f:e3:58:5a:51:
f4:69:9e:00:03:3f:3a:4a:2b:e6:12:98:1f:17:61:07:5f:2a:
25:9c:77:83:c0:72:d0:ab:92:1c:ad:91:f5:96:8c:a5:39:9e:
d3:da:25:8b:6f:d6:97:9d:e8:fc:68:cb:a9:5f:55:e5:0e:7f:
b4:ef:ce:08
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZ6s0dWi1rWFMpDyuLXIUfxvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwNjA5MTQzODEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWIyZDk2Nzc5NzNiMWYxMmM4MDI1ZDJkYWFiN2VjMjVhZDc5ZTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZ3f/yJY6Wha8mQnhR8nor4e7YZH
aY+8lM5gB2KF6jArAVhEt8Ye7bQTzi47BWsu+UIeA6pu3WMmP+SFEmm2YAJavU5M
dN4gXA3QcPGlEStfJ2Y5+XYxc4nziFm0uMPvXP5zgUgPVXMIgco5lOj2H/e8X1UR
WGaHpLFLC5oLpWYprfCwwJSuQy6RAQZp74pSKniZu5wVJQxIEx8ubyFfs3nC4B++
Z5jM4r3jXaZXCpPLssiwoW1ZbwTatsnsBrQe1xERtjdF8svNCx8qMx0zmws5kpQz
gOwlDtV2kf1gxbX/lko/LCgKk7zjCXZasuoV82YsREVw+adovYgHjfCeswIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFP6y2Wd5c7HxLIAl0tqrfsJa154dMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvX3JMWlozbHpzZkVzZ0NYUzJxdC13bHJYbmgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAXrenAwQB
XrfUAwQAXrfXMA0GCSqGSIb3DQEBCwUAA4IBAQAjWH+hHWm2GsT7S+ehVmBmOaGu
wkDww5pfrgK1gObed9SD0LqwQ0deW6aCi+Ph+H2OrRaAc8LJnL4ieXP53R14ndVS
PxapOXEwOhuQaXN9oFgv9HDiorKQbfOQoiTqtPIVTKhNlbBGyHyyJUkq/zAfWeN6
i0AjGByPkMlS8GnaBZmxVoFpQBtuBlrGVWNnrb8t9MgPexhhV74BClvAkrOsWRR4
nhngTK3AeVlDP/5xQncIATKb8dc9kkdiYT2/UPwtD+NYWlH0aZ4AAz86SivmEpgf
F2EHXyolnHeDwHLQq5IcrZH1loylOZ7T2iWLb9aXnej8aMupX1XlDn+0784I
-----END CERTIFICATE-----
Generated at Fri Jun 12 03:33:31 2026 by rpki-client