Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/bmrk_ZhtnWaEWZbrZsvMUdT5gKM.roa
File: bmrk_ZhtnWaEWZbrZsvMUdT5gKM.roa (raw, json)
Hash identifier: B+yqVscA2eYF4eNBtsvOj6gzYgGPz3+2az2JAouMUPE=
Subject key identifier: 6E:6A:E4:FD:98:6D:9D:66:84:59:96:EB:66:CB:CC:51:D4:F9:80:A3
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019DB68ED8A36A506460C917EE8276B38EAF
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/bmrk_ZhtnWaEWZbrZsvMUdT5gKM.roa
Signing time: Wed 22 Apr 2026 18:58:28 +0000
ROA not before: Wed 22 Apr 2026 18:58:28 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 42337
IP address blocks: 217.60.236.0/24 maxlen: 24
217.60.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 14:27:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:b6:8e:d8:a3:6a:50:64:60:c9:17:ee:82:76:b3:8e:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Apr 22 18:58:28 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6e6ae4fd986d9d66845996eb66cbcc51d4f980a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:8d:2d:f7:f6:46:a7:48:e4:1a:3a:3a:c8:7f:
7c:a4:c0:71:e6:69:9e:ac:8b:48:e3:93:a2:ec:3d:
49:fe:75:ca:08:f4:02:92:7c:b3:24:ce:62:c4:4d:
af:ea:8b:c5:36:fc:24:66:fc:f3:4c:02:a5:ad:45:
a5:b1:f2:03:99:17:64:33:94:f9:7d:ee:a5:e0:46:
58:60:05:41:b0:40:c8:dc:18:60:cc:3f:8a:52:a7:
4f:f6:06:73:c2:cd:30:6c:1d:a8:82:7c:93:87:4d:
ae:f7:aa:16:4e:c0:8f:10:be:99:86:d4:47:2c:29:
e2:ff:21:59:66:9c:8c:be:1c:25:eb:be:fe:dd:43:
75:28:98:b2:6c:e1:4d:c7:95:3a:68:7e:08:d2:8e:
51:f8:7f:5e:25:11:94:91:4a:6f:f8:82:4c:6e:80:
72:f8:5e:15:56:da:d8:0f:d9:24:78:e4:66:f9:93:
5d:df:0b:38:5c:11:27:c7:ab:b1:70:eb:26:92:30:
78:1b:d4:fd:12:a2:b5:a0:75:ba:7c:37:4a:1f:8d:
cf:c4:73:7f:2c:0f:bb:13:b7:38:bc:48:32:55:6f:
ed:5a:ff:c7:d2:47:ec:c9:df:7b:a2:66:27:08:2b:
9a:6d:bd:53:2d:64:be:68:58:24:da:39:2d:e3:82:
bd:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:6A:E4:FD:98:6D:9D:66:84:59:96:EB:66:CB:CC:51:D4:F9:80:A3
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/bmrk_ZhtnWaEWZbrZsvMUdT5gKM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.60.236.0/24
217.60.247.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:6b:f9:7f:c8:bd:5a:fa:18:33:d1:94:a7:53:56:6f:c1:72:
02:00:32:34:fd:bf:4b:4c:b5:b8:2a:1f:24:fd:8c:e2:d8:85:
dc:48:c4:a0:ba:8e:07:51:b0:56:97:fd:8f:af:43:b4:c3:63:
56:fb:c2:e8:44:5d:fe:20:2f:72:69:b0:ed:f4:d7:24:19:a5:
34:17:4e:4a:72:00:5f:23:83:af:14:af:fb:f7:f6:1e:1e:05:
a1:d6:ed:4f:40:29:1c:be:af:9a:a0:52:aa:72:84:e9:95:2e:
2a:cf:d8:0f:54:55:05:e9:87:da:05:cf:1c:61:99:37:b2:26:
d8:e4:dd:d0:6c:cf:d4:77:de:c5:fa:fd:bd:ac:dd:97:43:a3:
2c:eb:7a:ed:43:e0:c2:01:91:89:eb:a6:10:f6:74:4e:bf:98:
55:45:eb:a6:9b:17:32:7b:f8:bf:99:d0:0a:70:53:4b:2b:55:
0b:03:d7:dc:95:b6:53:bc:51:ce:f6:2a:0a:c2:ad:1e:84:81:
98:8f:af:20:be:05:92:01:02:f2:34:da:e0:32:64:d9:c7:53:
12:5a:b3:d7:e9:0e:a0:e9:9e:9b:2f:04:91:23:3c:21:a1:65:
bf:ff:33:ec:6a:21:94:13:39:a7:70:7b:85:4e:8f:d0:8a:f8:
91:b3:99:0c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ22jtijalBkYMkX7oJ2s46vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwNDIyMTg1ODI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTZhZTRmZDk4NmQ5ZDY2ODQ1OTk2ZWI2NmNiY2M1MWQ0Zjk4MGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAno0t9/ZGp0jkGjo6yH98pMBx5mme
rItI45Oi7D1J/nXKCPQCknyzJM5ixE2v6ovFNvwkZvzzTAKlrUWlsfIDmRdkM5T5
fe6l4EZYYAVBsEDI3BhgzD+KUqdP9gZzws0wbB2ognyTh02u96oWTsCPEL6ZhtRH
LCni/yFZZpyMvhwl677+3UN1KJiybOFNx5U6aH4I0o5R+H9eJRGUkUpv+IJMboBy
+F4VVtrYD9kkeORm+ZNd3ws4XBEnx6uxcOsmkjB4G9T9EqK1oHW6fDdKH43PxHN/
LA+7E7c4vEgyVW/tWv/H0kfsyd97omYnCCuabb1TLWS+aFgk2jkt44K9cwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG5q5P2YbZ1mhFmW62bLzFHU+YCjMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvYm1ya19aaHRuV2FFV1piclpzdk1VZFQ1Z0tNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA2TzsAwQA
2Tz3MA0GCSqGSIb3DQEBCwUAA4IBAQB9a/l/yL1a+hgz0ZSnU1ZvwXICADI0/b9L
TLW4Kh8k/Yzi2IXcSMSguo4HUbBWl/2Pr0O0w2NW+8LoRF3+IC9yabDt9NckGaU0
F05KcgBfI4OvFK/79/YeHgWh1u1PQCkcvq+aoFKqcoTplS4qz9gPVFUF6YfaBc8c
YZk3sibY5N3QbM/Ud97F+v29rN2XQ6Ms63rtQ+DCAZGJ66YQ9nROv5hVReummxcy
e/i/mdAKcFNLK1ULA9fclbZTvFHO9ioKwq0ehIGYj68gvgWSAQLyNNrgMmTZx1MS
WrPX6Q6g6Z6bLwSRIzwhoWW//zPsaiGUEzmncHuFTo/QiviRs5kM
-----END CERTIFICATE-----
Generated at Mon Apr 27 19:00:05 2026 by rpki-client