Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/02bdf0-bf29-4dae-b19b-86a5518e2d52/1/kyQ4JI7k9YbINgfhHLT6m28Lt5g.roa
File: kyQ4JI7k9YbINgfhHLT6m28Lt5g.roa (raw, json)
Hash identifier: k6gw+9YpfRZ8fBPrWOAfF6dmY/qo7leQ3UVRA8om9+s=
Subject key identifier: 93:24:38:24:8E:E4:F5:86:C8:36:07:E1:1C:B4:FA:9B:6F:0B:B7:98
Certificate issuer: /CN=5dde4b3b82f209b701ae340cf53b974078f16a9f
Certificate serial: 019EC376ED4A50A1C3A11E9DDB8C3493CA73
Authority key identifier: 5D:DE:4B:3B:82:F2:09:B7:01:AE:34:0C:F5:3B:97:40:78:F1:6A:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xd5LO4LyCbcBrjQM9TuXQHjxap8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/02bdf0-bf29-4dae-b19b-86a5518e2d52/1/kyQ4JI7k9YbINgfhHLT6m28Lt5g.roa
Signing time: Sun 14 Jun 2026 00:10:11 +0000
ROA not before: Sun 14 Jun 2026 00:10:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213535
IP address blocks: 185.206.168.0/24 maxlen: 24
185.206.170.0/24 maxlen: 24
185.206.171.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9f/02bdf0-bf29-4dae-b19b-86a5518e2d52/1/Xd5LO4LyCbcBrjQM9TuXQHjxap8.crl
rsync://rpki.ripe.net/repository/DEFAULT/9f/02bdf0-bf29-4dae-b19b-86a5518e2d52/1/Xd5LO4LyCbcBrjQM9TuXQHjxap8.mft
rsync://rpki.ripe.net/repository/DEFAULT/Xd5LO4LyCbcBrjQM9TuXQHjxap8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 17 Jun 2026 21:56:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:c3:76:ed:4a:50:a1:c3:a1:1e:9d:db:8c:34:93:ca:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dde4b3b82f209b701ae340cf53b974078f16a9f
Validity
Not Before: Jun 14 00:10:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=932438248ee4f586c83607e11cb4fa9b6f0bb798
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:b0:95:88:8c:87:0d:6f:cc:80:0d:f0:5e:19:
a0:80:aa:d1:98:2d:1d:76:96:e8:09:6b:c9:7c:6c:
0e:fe:50:59:54:80:1d:70:0d:1c:25:41:55:a8:f0:
07:75:b6:40:e3:c7:a8:08:15:01:30:d1:d9:99:4e:
dc:c4:ea:ac:23:22:a4:4e:4a:1f:0d:cc:3c:23:a1:
3e:ae:fc:9f:e5:5b:ba:e0:48:d2:9d:d1:4a:f8:00:
34:52:a8:30:48:b6:d4:dd:77:6f:53:89:0b:39:41:
3d:40:95:b3:d9:86:11:95:6b:b8:98:ac:44:3d:19:
9f:3f:7c:c5:91:ed:f5:f5:06:22:af:95:ba:f4:ba:
ec:99:b2:b6:b2:b4:ee:49:ed:91:26:d2:42:2b:7a:
da:de:47:b4:71:49:b5:84:5e:8f:67:25:5a:c0:80:
fe:7b:0d:bb:f5:35:88:82:98:6c:8b:fd:cc:d3:94:
c1:60:97:5a:3d:87:96:b3:61:8f:26:7b:55:01:6b:
38:6a:85:53:68:80:1c:88:4d:87:64:0c:1b:0d:24:
94:58:29:fa:81:20:a5:ae:d4:a6:7b:ef:30:6d:db:
0f:42:42:7c:f8:3a:e6:1f:29:84:c2:55:dd:7a:00:
cc:d0:a2:49:0f:2d:b4:25:4d:fd:1f:69:07:ba:b2:
84:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:24:38:24:8E:E4:F5:86:C8:36:07:E1:1C:B4:FA:9B:6F:0B:B7:98
X509v3 Authority Key Identifier:
keyid:5D:DE:4B:3B:82:F2:09:B7:01:AE:34:0C:F5:3B:97:40:78:F1:6A:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xd5LO4LyCbcBrjQM9TuXQHjxap8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/02bdf0-bf29-4dae-b19b-86a5518e2d52/1/kyQ4JI7k9YbINgfhHLT6m28Lt5g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/02bdf0-bf29-4dae-b19b-86a5518e2d52/1/Xd5LO4LyCbcBrjQM9TuXQHjxap8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.206.168.0/24
185.206.170.0/23
Signature Algorithm: sha256WithRSAEncryption
06:f1:bd:bd:b9:e9:28:fe:3f:e0:9f:f6:b2:bf:79:d9:0d:de:
21:4d:43:d2:49:7f:23:b1:49:94:7f:aa:45:53:3a:2b:ca:0f:
2c:92:f4:f9:d8:96:1d:23:c0:08:35:37:9a:e1:d0:4d:42:11:
b4:52:43:ec:31:04:fe:34:cc:c1:bb:b1:7b:da:88:7f:71:8e:
47:90:d3:33:b0:28:ea:30:43:18:88:ce:3c:0e:46:84:79:aa:
14:b3:4e:e8:1d:8e:a4:15:6c:bb:0b:a6:df:2b:31:23:30:66:
04:e6:6c:32:bf:c2:4d:33:aa:69:35:55:91:39:4a:6a:cb:2c:
99:fd:1f:a9:0f:9d:a0:7f:3c:b6:cf:e2:3d:75:51:9b:cc:d2:
ec:65:cf:1e:57:4b:08:55:04:32:7c:2a:99:89:8a:48:49:19:
ea:44:89:59:8b:4e:ca:59:17:04:7f:44:01:59:d2:5b:9a:d2:
c5:4d:b9:d4:b3:da:55:e3:0b:37:80:54:96:1c:10:b8:7d:1a:
b8:0b:51:58:89:dd:0e:dc:97:fa:01:34:ac:54:bd:8c:eb:8f:
ee:52:08:61:a5:ab:fe:8d:92:7b:27:a7:a7:69:ed:b8:cd:3f:
88:cb:57:12:1f:c5:d0:df:05:59:8e:9e:0b:ad:ac:a2:9a:e0:
8b:29:00:e8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ7Ddu1KUKHDoR6d24w0k8pzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZGU0YjNiODJmMjA5YjcwMWFlMzQwY2Y1M2I5NzQwNzhm
MTZhOWYwHhcNMjYwNjE0MDAxMDExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzI0MzgyNDhlZTRmNTg2YzgzNjA3ZTExY2I0ZmE5YjZmMGJiNzk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5bCViIyHDW/MgA3wXhmggKrRmC0d
dpboCWvJfGwO/lBZVIAdcA0cJUFVqPAHdbZA48eoCBUBMNHZmU7cxOqsIyKkTkof
Dcw8I6E+rvyf5Vu64EjSndFK+AA0UqgwSLbU3XdvU4kLOUE9QJWz2YYRlWu4mKxE
PRmfP3zFke319QYir5W69LrsmbK2srTuSe2RJtJCK3ra3ke0cUm1hF6PZyVawID+
ew279TWIgphsi/3M05TBYJdaPYeWs2GPJntVAWs4aoVTaIAciE2HZAwbDSSUWCn6
gSClrtSme+8wbdsPQkJ8+DrmHymEwlXdegDM0KJJDy20JU39H2kHurKEfwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJMkOCSO5PWGyDYH4Ry0+ptvC7eYMB8GA1UdIwQY
MBaAFF3eSzuC8gm3Aa40DPU7l0B48WqfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGQ1TE80THlDYmNCcmpRTTlUdVhRSGp4YXA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi8wMmJkZjAtYmYyOS00ZGFlLWIxOWIt
ODZhNTUxOGUyZDUyLzEva3lRNEpJN2s5WWJJTmdmaEhMVDZtMjhMdDVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi8wMmJkZjAtYmYyOS00ZGFlLWIxOWItODZhNTUxOGUyZDUy
LzEvWGQ1TE80THlDYmNCcmpRTTlUdVhRSGp4YXA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuc6oAwQB
uc6qMA0GCSqGSIb3DQEBCwUAA4IBAQAG8b29ueko/j/gn/ayv3nZDd4hTUPSSX8j
sUmUf6pFUzoryg8skvT52JYdI8AINTea4dBNQhG0UkPsMQT+NMzBu7F72oh/cY5H
kNMzsCjqMEMYiM48DkaEeaoUs07oHY6kFWy7C6bfKzEjMGYE5mwyv8JNM6ppNVWR
OUpqyyyZ/R+pD52gfzy2z+I9dVGbzNLsZc8eV0sIVQQyfCqZiYpISRnqRIlZi07K
WRcEf0QBWdJbmtLFTbnUs9pV4ws3gFSWHBC4fRq4C1FYid0O3Jf6ATSsVL2M64/u
Ughhpav+jZJ7J6enae24zT+Iy1cSH8XQ3wVZjp4LrayimuCLKQDo
-----END CERTIFICATE-----
Generated at Wed Jun 17 05:19:32 2026 by rpki-client