Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/3328da-aa4e-445b-9da9-d053745c2acc/1/1tI6G_uipCGYM7G28gO9zYS_vd0.roa
File: 1tI6G_uipCGYM7G28gO9zYS_vd0.roa (raw, json)
Hash identifier: jQHm0OXPGE8VAsUUw4pohYSxJ7gjNdv50GcJUwt6Vgs=
Subject key identifier: D6:D2:3A:1B:FB:A2:A4:21:98:33:B1:B6:F2:03:BD:CD:84:BF:BD:DD
Certificate issuer: /CN=4f895ff0e99a77c017e8a383292cb5c6f8261120
Certificate serial: 019DAA4F0D880369EDD3F3F2A689E1E84C01
Authority key identifier: 4F:89:5F:F0:E9:9A:77:C0:17:E8:A3:83:29:2C:B5:C6:F8:26:11:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4lf8Omad8AX6KODKSy1xvgmESA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/3328da-aa4e-445b-9da9-d053745c2acc/1/1tI6G_uipCGYM7G28gO9zYS_vd0.roa
Signing time: Mon 20 Apr 2026 09:53:20 +0000
ROA not before: Mon 20 Apr 2026 09:53:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 58010
IP address blocks: 37.208.104.0/21 maxlen: 24
37.208.108.0/24 maxlen: 24
109.109.192.0/21 maxlen: 24
185.26.156.0/22 maxlen: 24
185.114.212.0/22 maxlen: 24
185.219.100.0/22 maxlen: 24
185.219.100.0/24 maxlen: 24
193.243.164.0/23 maxlen: 24
195.74.88.0/23 maxlen: 24
2a00:d0c0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/3328da-aa4e-445b-9da9-d053745c2acc/1/T4lf8Omad8AX6KODKSy1xvgmESA.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/3328da-aa4e-445b-9da9-d053745c2acc/1/T4lf8Omad8AX6KODKSy1xvgmESA.mft
rsync://rpki.ripe.net/repository/DEFAULT/T4lf8Omad8AX6KODKSy1xvgmESA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Apr 2026 23:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:aa:4f:0d:88:03:69:ed:d3:f3:f2:a6:89:e1:e8:4c:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f895ff0e99a77c017e8a383292cb5c6f8261120
Validity
Not Before: Apr 20 09:53:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d6d23a1bfba2a4219833b1b6f203bdcd84bfbddd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:18:af:eb:2e:a0:96:4b:1a:67:dd:77:80:ad:
2c:1e:6e:d1:a2:7a:8f:d1:4b:75:57:19:c5:6c:53:
14:e8:6c:1a:62:a4:ec:3f:4a:65:ee:d8:f8:a1:53:
e6:0c:84:d1:2f:d9:91:e7:d6:14:4f:27:d6:a0:2e:
71:7a:72:34:df:bc:b7:6d:ee:d7:1f:8c:46:09:d6:
ab:70:e1:7b:2e:39:a3:6d:58:73:de:0d:c9:ce:11:
a7:21:f5:3b:bc:60:78:c6:70:27:12:c2:f4:5b:f5:
25:c8:d0:1e:96:e1:05:4c:a9:6c:fb:1e:69:52:11:
6e:19:1d:92:ad:4d:93:7e:42:4c:12:5c:a4:18:13:
0c:f0:18:85:ae:ad:e0:59:b4:49:8b:7f:a7:6c:55:
c3:3b:c0:bd:93:71:74:ae:cc:1d:4f:1f:51:b4:f5:
3f:7b:5b:8a:32:84:7e:9a:67:e1:f4:14:49:43:39:
5a:92:08:eb:5d:8f:bd:72:54:45:4a:de:9e:b7:69:
7a:d3:a9:65:8e:6c:82:b6:df:08:39:62:23:f1:9a:
37:0f:9a:cf:ea:97:0c:a6:00:8b:53:3c:e3:ce:c5:
f9:1c:82:de:c4:24:a4:07:22:15:0f:64:5c:2f:75:
e4:a7:9a:37:b8:30:08:2e:6a:19:cc:7f:a7:0b:e1:
35:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:D2:3A:1B:FB:A2:A4:21:98:33:B1:B6:F2:03:BD:CD:84:BF:BD:DD
X509v3 Authority Key Identifier:
keyid:4F:89:5F:F0:E9:9A:77:C0:17:E8:A3:83:29:2C:B5:C6:F8:26:11:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4lf8Omad8AX6KODKSy1xvgmESA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/3328da-aa4e-445b-9da9-d053745c2acc/1/1tI6G_uipCGYM7G28gO9zYS_vd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/3328da-aa4e-445b-9da9-d053745c2acc/1/T4lf8Omad8AX6KODKSy1xvgmESA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.208.104.0/21
109.109.192.0/21
185.26.156.0/22
185.114.212.0/22
185.219.100.0/22
193.243.164.0/23
195.74.88.0/23
IPv6:
2a00:d0c0::/32
Signature Algorithm: sha256WithRSAEncryption
22:66:be:0a:21:a6:d7:32:11:af:94:c7:97:81:2a:49:02:a9:
da:c9:12:28:2f:2c:11:b2:17:c6:4c:95:19:b7:8b:97:80:6a:
90:d9:04:61:79:23:4a:02:5c:13:8e:5d:13:f4:0a:f1:b7:16:
cc:3b:dd:41:89:e0:27:22:58:e2:59:8a:7b:36:e9:e0:10:ea:
fe:71:0e:0e:9d:37:2f:ca:73:a8:42:28:a0:dc:4b:32:cd:57:
4a:b6:3c:e7:16:a1:0f:9f:3d:69:73:69:b5:19:16:33:69:4d:
cf:2e:d5:c0:d8:3f:97:50:c4:2c:c0:12:00:07:25:0c:a2:c6:
2f:25:81:64:71:ee:b0:7f:7b:a5:5c:38:24:1b:ea:7d:52:f4:
ab:aa:1e:6b:36:f9:84:66:99:58:56:db:e1:28:d4:72:37:04:
9e:4c:c6:d9:ef:36:63:0c:eb:e6:2e:87:86:f0:19:f4:98:32:
bd:83:35:ae:55:cb:99:63:0f:54:db:e0:cd:75:09:2e:cb:18:
a0:f4:71:b2:e9:13:06:3a:ca:5d:af:87:46:86:10:3a:65:0f:
65:11:69:94:31:3a:b3:2a:36:e8:32:7b:bb:a4:e9:72:59:2c:
2b:d5:26:fd:f4:d5:30:a7:4e:7c:3f:05:86:3a:ea:6f:ec:f8:
c9:91:5f:a4
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZ2qTw2IA2nt0/Pyponh6EwBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmODk1ZmYwZTk5YTc3YzAxN2U4YTM4MzI5MmNiNWM2Zjgy
NjExMjAwHhcNMjYwNDIwMDk1MzIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmQyM2ExYmZiYTJhNDIxOTgzM2IxYjZmMjAzYmRjZDg0YmZiZGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxRiv6y6glksaZ913gK0sHm7RonqP
0Ut1VxnFbFMU6GwaYqTsP0pl7tj4oVPmDITRL9mR59YUTyfWoC5xenI037y3be7X
H4xGCdarcOF7LjmjbVhz3g3JzhGnIfU7vGB4xnAnEsL0W/UlyNAeluEFTKls+x5p
UhFuGR2SrU2TfkJMElykGBMM8BiFrq3gWbRJi3+nbFXDO8C9k3F0rswdTx9RtPU/
e1uKMoR+mmfh9BRJQzlakgjrXY+9clRFSt6et2l606lljmyCtt8IOWIj8Zo3D5rP
6pcMpgCLUzzjzsX5HILexCSkByIVD2RcL3Xkp5o3uDAILmoZzH+nC+E1vwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFNbSOhv7oqQhmDOxtvIDvc2Ev73dMB8GA1UdIwQY
MBaAFE+JX/DpmnfAF+ijgykstcb4JhEgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRsZjhPbWFkOEFYNktPREtTeTF4dmdtRVNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8zMzI4ZGEtYWE0ZS00NDViLTlkYTkt
ZDA1Mzc0NWMyYWNjLzEvMXRJNkdfdWlwQ0dZTTdHMjhnTzl6WVNfdmQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8zMzI4ZGEtYWE0ZS00NDViLTlkYTktZDA1Mzc0NWMyYWNj
LzEvVDRsZjhPbWFkOEFYNktPREtTeTF4dmdtRVNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQDJdBoAwQD
bW3AAwQCuRqcAwQCuXLUAwQCudtkAwQBwfOkAwQBw0pYMA0EAgACMAcDBQAqANDA
MA0GCSqGSIb3DQEBCwUAA4IBAQAiZr4KIabXMhGvlMeXgSpJAqnayRIoLywRshfG
TJUZt4uXgGqQ2QRheSNKAlwTjl0T9ArxtxbMO91BieAnIljiWYp7NungEOr+cQ4O
nTcvynOoQiig3EsyzVdKtjznFqEPnz1pc2m1GRYzaU3PLtXA2D+XUMQswBIAByUM
osYvJYFkce6wf3ulXDgkG+p9UvSrqh5rNvmEZplYVtvhKNRyNwSeTMbZ7zZjDOvm
LoeG8Bn0mDK9gzWuVcuZYw9U2+DNdQkuyxig9HGy6RMGOspdr4dGhhA6ZQ9lEWmU
MTqzKjboMnu7pOlyWSwr1Sb99NUwp058PwWGOupv7PjJkV+k
-----END CERTIFICATE-----
Generated at Wed Apr 29 07:23:07 2026 by rpki-client