Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/G9ZWfofUSM5SEcWFf2hhQXuSayY.roa
File: G9ZWfofUSM5SEcWFf2hhQXuSayY.roa (raw, json)
Hash identifier: Ddzj72KD29S6+Un9Ya0Wyrwm3WCkRqCbIzo1ScVLP7M=
Subject key identifier: 1B:D6:56:7E:87:D4:48:CE:52:11:C5:85:7F:68:61:41:7B:92:6B:26
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 019E82CAC6E645D0D1F180E93DD5C9CCE138
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/G9ZWfofUSM5SEcWFf2hhQXuSayY.roa
Signing time: Mon 01 Jun 2026 10:46:27 +0000
ROA not before: Mon 01 Jun 2026 10:46:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 51765
IP address blocks: 45.83.23.0/24 maxlen: 24
45.83.24.0/24 maxlen: 24
45.83.25.0/24 maxlen: 24
45.83.149.0/24 maxlen: 24
45.86.60.0/22 maxlen: 24
45.86.64.0/24 maxlen: 24
45.86.65.0/24 maxlen: 24
45.86.67.0/24 maxlen: 24
45.86.68.0/24 maxlen: 24
45.86.69.0/24 maxlen: 24
45.86.75.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:82:ca:c6:e6:45:d0:d1:f1:80:e9:3d:d5:c9:cc:e1:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Jun 1 10:46:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1bd6567e87d448ce5211c5857f6861417b926b26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:83:1c:da:42:92:2b:55:c6:6a:2a:9d:4e:9e:
62:92:28:2e:f0:dd:a8:22:e9:09:c5:90:48:79:cd:
a5:b0:75:40:5c:57:7b:56:73:ed:17:9e:16:f1:e9:
53:25:b7:e8:2d:0d:e4:34:38:cb:ad:65:63:18:d6:
96:36:b7:a6:71:02:e1:57:4c:7d:86:be:53:8c:45:
69:08:50:28:e9:c6:ad:41:20:9a:3e:18:e7:6b:dd:
87:89:53:6f:6e:7a:26:19:0d:54:f8:08:33:65:86:
26:4c:35:62:06:38:c2:35:e4:62:0f:dd:ff:53:bb:
89:8b:02:1f:af:dd:c9:09:39:f6:3e:c1:d8:9f:e5:
55:a8:34:0d:f0:18:fe:e3:07:0a:a5:82:18:9d:64:
a2:bd:79:cc:15:20:3c:f4:0b:e5:ad:3b:09:b8:54:
9a:c5:7e:4a:af:99:ea:41:95:d3:d9:d0:92:eb:71:
6b:7e:65:14:3d:29:0a:88:c5:21:44:40:59:c6:f6:
b3:54:04:24:cf:19:1c:96:b3:e2:c5:dd:1a:8c:77:
ce:f4:ed:04:ce:ff:9f:19:98:3f:e9:fd:47:95:53:
79:1b:3b:bc:25:dc:be:dd:66:7b:11:2f:9e:af:8f:
b6:43:94:9f:2f:14:f1:85:7c:9d:d1:3f:f8:bf:51:
5b:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:D6:56:7E:87:D4:48:CE:52:11:C5:85:7F:68:61:41:7B:92:6B:26
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/G9ZWfofUSM5SEcWFf2hhQXuSayY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.23.0-45.83.25.255
45.83.149.0/24
45.86.60.0-45.86.65.255
45.86.67.0-45.86.69.255
45.86.75.0/24
Signature Algorithm: sha256WithRSAEncryption
09:c6:39:af:1f:fd:38:bb:e2:70:5a:ab:4c:03:e6:e0:d6:f8:
85:ea:e6:91:54:f9:6b:b0:98:a1:be:e8:7f:ca:cc:84:de:4e:
96:aa:34:8a:a7:b8:c5:e1:d9:2a:36:4c:1e:be:fc:11:db:1a:
2b:76:68:bd:b6:43:9a:4b:c3:8e:d6:a2:dd:5c:a7:4c:7d:37:
85:55:a3:5a:6b:b1:46:0e:1c:93:af:00:33:73:20:2c:b1:f1:
4f:9d:96:42:b3:88:23:3d:1c:35:1f:9f:a9:50:03:39:69:fb:
90:52:ce:1d:c8:a4:65:2c:3a:5e:b1:a6:1d:aa:37:54:a7:c9:
3e:9b:8e:c9:70:e0:dd:a4:6e:d3:76:63:d6:31:40:09:14:38:
ba:55:60:8b:78:43:60:22:c4:18:b5:8f:60:3c:46:7b:3d:4e:
40:46:51:61:cd:7d:da:d6:48:39:61:ee:45:e7:da:c0:6d:9a:
59:60:00:52:3a:98:d5:5b:40:6d:06:ce:17:60:e0:1d:34:c5:
5b:ca:46:63:85:2c:f2:a0:a2:73:37:d0:fe:cf:4e:9e:ef:25:
5a:36:ee:e1:e8:16:44:b8:7e:b6:c2:8e:1f:1e:9b:b7:2f:5f:
36:4d:75:4d:f6:94:ff:f2:1d:98:8e:09:c9:fb:93:90:bc:3b:
35:16:ef:a9
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZ6CysbmRdDR8YDpPdXJzOE4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjYwNjAxMTA0NjI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmQ2NTY3ZTg3ZDQ0OGNlNTIxMWM1ODU3ZjY4NjE0MTdiOTI2YjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2YMc2kKSK1XGaiqdTp5ikigu8N2o
IukJxZBIec2lsHVAXFd7VnPtF54W8elTJbfoLQ3kNDjLrWVjGNaWNremcQLhV0x9
hr5TjEVpCFAo6catQSCaPhjna92HiVNvbnomGQ1U+AgzZYYmTDViBjjCNeRiD93/
U7uJiwIfr93JCTn2PsHYn+VVqDQN8Bj+4wcKpYIYnWSivXnMFSA89AvlrTsJuFSa
xX5Kr5nqQZXT2dCS63FrfmUUPSkKiMUhREBZxvazVAQkzxkclrPixd0ajHfO9O0E
zv+fGZg/6f1HlVN5Gzu8Jdy+3WZ7ES+er4+2Q5SfLxTxhXyd0T/4v1FbSQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFBvWVn6H1EjOUhHFhX9oYUF7kmsmMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvRzlaV2ZvZlVTTTVTRWNXRmYyaGhRWHVTYXlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2MAwDBAAtUxcD
BAEtUxgDBAAtU5UwDAMEAi1WPAMEAS1WQDAMAwQALVZDAwQBLVZEAwQALVZLMA0G
CSqGSIb3DQEBCwUAA4IBAQAJxjmvH/04u+JwWqtMA+bg1viF6uaRVPlrsJihvuh/
ysyE3k6WqjSKp7jF4dkqNkwevvwR2xordmi9tkOaS8OO1qLdXKdMfTeFVaNaa7FG
DhyTrwAzcyAssfFPnZZCs4gjPRw1H5+pUAM5afuQUs4dyKRlLDpesaYdqjdUp8k+
m47JcODdpG7TdmPWMUAJFDi6VWCLeENgIsQYtY9gPEZ7PU5ARlFhzX3a1kg5Ye5F
59rAbZpZYABSOpjVW0BtBs4XYOAdNMVbykZjhSzyoKJzN9D+z06e7yVaNu7h6BZE
uH62wo4fHpu3L182TXVN9pT/8h2YjgnJ+5OQvDs1Fu+p
-----END CERTIFICATE-----
Generated at Thu Jun 4 07:55:36 2026 by rpki-client