Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/4ce558-63d6-469a-bb5d-f7820c5e966a/1/T6DW1OfrkGvLBfTwbu6OSDsjQQ8.roa
File: T6DW1OfrkGvLBfTwbu6OSDsjQQ8.roa (raw, json)
Hash identifier: roQ6pBX8jCZsSFjh1gsyHlvysTjOHtosLYuCzYBJFtE=
Subject key identifier: 4F:A0:D6:D4:E7:EB:90:6B:CB:05:F4:F0:6E:EE:8E:48:3B:23:41:0F
Certificate issuer: /CN=bfe9f12c96ba20683aff5c958bfad8e4c577f7fe
Certificate serial: 019DFF06677913CBF6B15FD719926EF7E793
Authority key identifier: BF:E9:F1:2C:96:BA:20:68:3A:FF:5C:95:8B:FA:D8:E4:C5:77:F7:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v-nxLJa6IGg6_1yVi_rY5MV39_4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/4ce558-63d6-469a-bb5d-f7820c5e966a/1/T6DW1OfrkGvLBfTwbu6OSDsjQQ8.roa
Signing time: Wed 06 May 2026 20:41:42 +0000
ROA not before: Wed 06 May 2026 20:41:42 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 14789
IP address blocks: 2a09:bac0:237::/48 maxlen: 48
2a09:bac0:431::/48 maxlen: 48
2a09:bac0:439::/48 maxlen: 48
2a09:bac0:450::/48 maxlen: 48
2a09:bac0:477::/48 maxlen: 48
2a09:bac0:483::/48 maxlen: 48
2a09:bac0:545::/48 maxlen: 48
2a09:bac0:566::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/4ce558-63d6-469a-bb5d-f7820c5e966a/1/v-nxLJa6IGg6_1yVi_rY5MV39_4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/4ce558-63d6-469a-bb5d-f7820c5e966a/1/v-nxLJa6IGg6_1yVi_rY5MV39_4.mft
rsync://rpki.ripe.net/repository/DEFAULT/v-nxLJa6IGg6_1yVi_rY5MV39_4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 May 2026 19:58:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:ff:06:67:79:13:cb:f6:b1:5f:d7:19:92:6e:f7:e7:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfe9f12c96ba20683aff5c958bfad8e4c577f7fe
Validity
Not Before: May 6 20:41:42 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4fa0d6d4e7eb906bcb05f4f06eee8e483b23410f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:58:60:ff:7a:70:8a:84:49:51:a6:ad:ff:4c:
23:80:23:d1:a0:a3:c8:2c:c0:6c:15:ae:05:9a:62:
ce:cf:a0:dd:16:03:9d:f1:4e:e0:89:97:74:15:6c:
6b:52:f3:11:53:f2:0e:82:ab:f8:27:d6:2f:79:d3:
a6:da:1e:26:d8:58:27:ab:90:62:d7:ba:fd:b8:e0:
f4:83:d0:72:38:d7:cb:7f:40:20:b3:30:bf:bb:1a:
04:3f:8a:95:ea:89:62:b7:ad:37:e0:0e:24:41:e1:
38:ce:6d:24:35:6f:44:e0:39:f1:e1:16:24:8d:e8:
93:10:b9:2c:cb:c2:99:42:00:dc:cd:8c:b4:75:8b:
58:b3:7c:02:14:2c:e5:e8:c3:21:9a:c1:ff:3f:37:
02:8c:b3:95:4b:9e:04:78:40:db:38:ec:ad:42:47:
28:04:1b:e2:5c:f5:e1:95:c3:18:0c:9f:0e:18:15:
b4:26:ca:aa:3f:80:86:cb:63:d2:2e:59:70:17:bf:
25:d1:dd:54:42:99:af:74:c4:71:c8:52:0c:8d:bc:
e6:96:a4:c2:ce:c3:89:62:50:7e:a7:c3:f4:a5:2a:
7a:db:65:d7:9a:f4:4a:f3:4a:f2:d9:b8:0c:2d:35:
c0:25:59:67:f7:28:7b:42:04:11:8b:23:24:76:21:
d3:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:A0:D6:D4:E7:EB:90:6B:CB:05:F4:F0:6E:EE:8E:48:3B:23:41:0F
X509v3 Authority Key Identifier:
keyid:BF:E9:F1:2C:96:BA:20:68:3A:FF:5C:95:8B:FA:D8:E4:C5:77:F7:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v-nxLJa6IGg6_1yVi_rY5MV39_4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/4ce558-63d6-469a-bb5d-f7820c5e966a/1/T6DW1OfrkGvLBfTwbu6OSDsjQQ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/4ce558-63d6-469a-bb5d-f7820c5e966a/1/v-nxLJa6IGg6_1yVi_rY5MV39_4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:bac0:237::/48
2a09:bac0:431::/48
2a09:bac0:439::/48
2a09:bac0:450::/48
2a09:bac0:477::/48
2a09:bac0:483::/48
2a09:bac0:545::/48
2a09:bac0:566::/48
Signature Algorithm: sha256WithRSAEncryption
6c:e9:e1:ac:6d:13:e9:3b:a2:6c:c6:3a:f1:12:09:0c:36:20:
22:e1:98:66:21:9a:d0:da:c7:cb:c8:a2:01:c0:2b:e7:30:41:
aa:58:6e:be:6a:df:2c:7d:f2:78:fc:66:11:f3:a4:ab:ed:a1:
71:a3:a6:f0:1e:4b:a0:a1:e8:18:4f:34:f3:b4:ac:77:ed:33:
4f:5f:94:04:32:ed:31:8f:7d:ad:fe:0a:aa:c5:ad:62:d1:08:
05:24:c5:dd:78:34:70:98:0b:98:10:59:b0:ed:1f:8d:70:9d:
9d:db:f0:46:6a:90:86:1d:a8:d0:93:a8:92:d9:ed:41:3d:c6:
b2:b9:f2:41:06:9a:17:ff:eb:de:b4:79:ab:3e:0f:c9:ff:11:
d5:c0:3e:7d:90:ef:54:19:eb:7a:30:a9:19:dc:67:17:84:1a:
80:66:11:cc:fa:23:53:47:43:1a:1f:3c:6d:d2:a2:fa:96:71:
59:55:67:ff:c6:b7:d4:92:d9:b4:f3:3b:4b:1a:9e:b4:2c:bc:
92:3c:57:e1:01:8b:a2:0f:e8:19:74:aa:ff:4c:36:4f:b7:73:
dc:44:b2:34:19:58:74:06:a4:00:11:2f:0e:36:47:98:a8:be:
63:d4:d6:ea:3c:2c:20:c4:a8:50:a8:fd:da:32:08:3c:fb:16:
2d:96:8d:d0
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZ3/Bmd5E8v2sV/XGZJu9+eTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmZTlmMTJjOTZiYTIwNjgzYWZmNWM5NThiZmFkOGU0YzU3
N2Y3ZmUwHhcNMjYwNTA2MjA0MTQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmEwZDZkNGU3ZWI5MDZiY2IwNWY0ZjA2ZWVlOGU0ODNiMjM0MTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+Fhg/3pwioRJUaat/0wjgCPRoKPI
LMBsFa4FmmLOz6DdFgOd8U7giZd0FWxrUvMRU/IOgqv4J9YvedOm2h4m2Fgnq5Bi
17r9uOD0g9ByONfLf0AgszC/uxoEP4qV6olit6034A4kQeE4zm0kNW9E4Dnx4RYk
jeiTELksy8KZQgDczYy0dYtYs3wCFCzl6MMhmsH/PzcCjLOVS54EeEDbOOytQkco
BBviXPXhlcMYDJ8OGBW0JsqqP4CGy2PSLllwF78l0d1UQpmvdMRxyFIMjbzmlqTC
zsOJYlB+p8P0pSp622XXmvRK80ry2bgMLTXAJVln9yh7QgQRiyMkdiHTcQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFE+g1tTn65BrywX08G7ujkg7I0EPMB8GA1UdIwQY
MBaAFL/p8SyWuiBoOv9clYv62OTFd/f+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdi1ueExKYTZJR2c2XzF5Vmlfclk1TVYzOV80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy80Y2U1NTgtNjNkNi00NjlhLWJiNWQt
Zjc4MjBjNWU5NjZhLzEvVDZEVzFPZnJrR3ZMQmZUd2J1Nk9TRHNqUVE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy80Y2U1NTgtNjNkNi00NjlhLWJiNWQtZjc4MjBjNWU5NjZh
LzEvdi1ueExKYTZJR2c2XzF5Vmlfclk1TVYzOV80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAAjBIAwcAKgm6wAI3
AwcAKgm6wAQxAwcAKgm6wAQ5AwcAKgm6wARQAwcAKgm6wAR3AwcAKgm6wASDAwcA
Kgm6wAVFAwcAKgm6wAVmMA0GCSqGSIb3DQEBCwUAA4IBAQBs6eGsbRPpO6Jsxjrx
EgkMNiAi4ZhmIZrQ2sfLyKIBwCvnMEGqWG6+at8sffJ4/GYR86Sr7aFxo6bwHkug
oegYTzTztKx37TNPX5QEMu0xj32t/gqqxa1i0QgFJMXdeDRwmAuYEFmw7R+NcJ2d
2/BGapCGHajQk6iS2e1BPcayufJBBpoX/+vetHmrPg/J/xHVwD59kO9UGet6MKkZ
3GcXhBqAZhHM+iNTR0MaHzxt0qL6lnFZVWf/xrfUktm08ztLGp60LLySPFfhAYui
D+gZdKr/TDZPt3PcRLI0GVh0BqQAES8ONkeYqL5j1NbqPCwgxKhQqP3aMgg8+xYt
lo3Q
-----END CERTIFICATE-----
Generated at Sat May 9 06:09:24 2026 by rpki-client