Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/5442ce-48bc-4164-9350-9240d9f75ae6/1/T9rLzOEo73_usC0Hm0fh-qiRwD4.roa
File: T9rLzOEo73_usC0Hm0fh-qiRwD4.roa (raw, json)
Hash identifier: +7+OHuMsezFxFxDEcHq+Hy92dm4OFfeHyHoM8QeBozg=
Subject key identifier: 4F:DA:CB:CC:E1:28:EF:7F:EE:B0:2D:07:9B:47:E1:FA:A8:91:C0:3E
Certificate issuer: /CN=4283696716dbcc360b9a62ef7d84b4d28f958bdd
Certificate serial: 019EA14BF4354083492A24323DED4432113E
Authority key identifier: 42:83:69:67:16:DB:CC:36:0B:9A:62:EF:7D:84:B4:D2:8F:95:8B:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QoNpZxbbzDYLmmLvfYS00o-Vi90.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/5442ce-48bc-4164-9350-9240d9f75ae6/1/T9rLzOEo73_usC0Hm0fh-qiRwD4.roa
Signing time: Sun 07 Jun 2026 08:56:09 +0000
ROA not before: Sun 07 Jun 2026 08:56:09 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 201550
IP address blocks: 178.253.96.0/23 maxlen: 23
188.133.0.0/20 maxlen: 20
188.133.16.0/20 maxlen: 20
188.133.32.0/20 maxlen: 20
188.133.48.0/20 maxlen: 20
188.133.64.0/20 maxlen: 20
188.133.80.0/20 maxlen: 20
188.133.96.0/20 maxlen: 20
188.133.112.0/20 maxlen: 20
193.124.192.0/21 maxlen: 21
194.135.106.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/5442ce-48bc-4164-9350-9240d9f75ae6/1/QoNpZxbbzDYLmmLvfYS00o-Vi90.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/5442ce-48bc-4164-9350-9240d9f75ae6/1/QoNpZxbbzDYLmmLvfYS00o-Vi90.mft
rsync://rpki.ripe.net/repository/DEFAULT/QoNpZxbbzDYLmmLvfYS00o-Vi90.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 20:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:a1:4b:f4:35:40:83:49:2a:24:32:3d:ed:44:32:11:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4283696716dbcc360b9a62ef7d84b4d28f958bdd
Validity
Not Before: Jun 7 08:56:09 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4fdacbcce128ef7feeb02d079b47e1faa891c03e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:b8:67:60:15:c2:3f:bc:c5:84:02:b8:70:17:
e0:36:41:18:da:be:d0:c2:af:93:10:83:80:6d:cb:
6e:d0:26:aa:67:26:b3:f2:40:cf:22:a5:6f:85:ce:
3f:59:9b:05:a2:47:28:c4:df:6d:44:be:88:c4:83:
b7:67:27:f6:a0:ec:10:08:98:8c:7a:33:90:83:bb:
3b:df:f8:22:77:82:02:64:ea:f5:6a:eb:cd:5e:92:
bb:ea:d9:3f:f9:c8:87:24:e5:53:95:70:98:f1:a7:
9a:a3:7b:f5:34:8d:9f:16:12:57:37:5f:8b:e3:45:
de:38:fc:d3:24:de:95:20:9a:48:f0:f8:c6:c4:14:
65:9d:ae:e3:3a:c5:2f:f8:b8:c8:d2:25:b8:00:e5:
6d:48:21:ec:78:1a:6f:9e:ed:df:56:a5:16:f2:32:
4a:8d:61:34:14:fa:22:a1:5d:a6:47:6e:d2:e1:21:
bf:70:26:d4:90:e8:4c:6c:af:5c:74:92:56:ea:2f:
b6:13:6f:d4:2c:d7:5b:7b:3e:e6:b3:5c:a7:a2:4b:
a6:7b:e6:45:9f:e8:08:23:09:3d:75:b5:73:63:7f:
28:a6:45:44:c0:cc:c0:2b:dd:cc:01:9d:0f:0d:4b:
05:10:e4:7d:0d:8d:0c:bd:90:e8:37:7e:e3:84:42:
f5:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:DA:CB:CC:E1:28:EF:7F:EE:B0:2D:07:9B:47:E1:FA:A8:91:C0:3E
X509v3 Authority Key Identifier:
keyid:42:83:69:67:16:DB:CC:36:0B:9A:62:EF:7D:84:B4:D2:8F:95:8B:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QoNpZxbbzDYLmmLvfYS00o-Vi90.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/5442ce-48bc-4164-9350-9240d9f75ae6/1/T9rLzOEo73_usC0Hm0fh-qiRwD4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/5442ce-48bc-4164-9350-9240d9f75ae6/1/QoNpZxbbzDYLmmLvfYS00o-Vi90.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.253.96.0/23
188.133.0.0/17
193.124.192.0/21
194.135.106.0/23
Signature Algorithm: sha256WithRSAEncryption
35:1d:b4:43:b9:18:dd:78:af:ae:17:55:6f:b0:83:b9:fd:17:
ef:05:7e:00:6c:20:cd:a1:9c:35:b6:2f:d2:cd:79:01:2b:7a:
e6:ef:64:0f:89:bd:52:5e:b6:6f:bc:4a:fc:38:d0:2b:30:70:
9b:56:0a:b3:9c:9c:80:5d:c3:86:a8:da:64:e4:a0:7f:d2:74:
e3:42:28:62:cf:ac:cd:c5:70:a1:a4:c6:e8:7c:56:12:e7:e0:
27:5f:a9:6d:86:6b:ab:60:9d:57:23:7b:1f:2e:fc:e9:c9:09:
b4:f2:23:20:b8:0f:21:ed:d6:80:8c:46:29:3e:77:e7:75:98:
0b:cb:38:e1:05:06:61:fd:1c:c7:09:b1:cb:03:37:da:5d:34:
1d:35:78:bb:e2:d3:c4:33:10:39:7c:9c:61:31:68:1d:9e:8f:
3e:11:a0:fd:b1:78:d8:16:99:11:0e:51:76:4d:fb:7a:9a:8e:
b6:5b:32:93:22:df:0c:04:20:bf:58:2f:b0:ed:fe:61:26:d5:
95:8e:b6:32:3d:26:39:cc:bd:2c:96:12:5c:9d:cc:d3:3a:dc:
11:d7:ba:fe:be:55:d4:5c:b4:58:fc:1c:91:72:30:af:55:58:
d8:97:13:99:2d:fe:14:8c:30:41:95:32:e4:3f:9f:e4:95:46:
70:d9:f1:08
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ6hS/Q1QINJKiQyPe1EMhE+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyODM2OTY3MTZkYmNjMzYwYjlhNjJlZjdkODRiNGQyOGY5
NThiZGQwHhcNMjYwNjA3MDg1NjA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmRhY2JjY2UxMjhlZjdmZWViMDJkMDc5YjQ3ZTFmYWE4OTFjMDNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsbhnYBXCP7zFhAK4cBfgNkEY2r7Q
wq+TEIOAbctu0CaqZyaz8kDPIqVvhc4/WZsFokcoxN9tRL6IxIO3Zyf2oOwQCJiM
ejOQg7s73/gid4ICZOr1auvNXpK76tk/+ciHJOVTlXCY8aeao3v1NI2fFhJXN1+L
40XeOPzTJN6VIJpI8PjGxBRlna7jOsUv+LjI0iW4AOVtSCHseBpvnu3fVqUW8jJK
jWE0FPoioV2mR27S4SG/cCbUkOhMbK9cdJJW6i+2E2/ULNdbez7ms1ynokume+ZF
n+gIIwk9dbVzY38opkVEwMzAK93MAZ0PDUsFEOR9DY0MvZDoN37jhEL1OwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFE/ay8zhKO9/7rAtB5tH4fqokcA+MB8GA1UdIwQY
MBaAFEKDaWcW28w2C5pi732EtNKPlYvdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUW9OcFp4YmJ6RFlMbW1MdmZZUzAwby1WaTkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS81NDQyY2UtNDhiYy00MTY0LTkzNTAt
OTI0MGQ5Zjc1YWU2LzEvVDlyTHpPRW83M191c0MwSG0wZmgtcWlSd0Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS81NDQyY2UtNDhiYy00MTY0LTkzNTAtOTI0MGQ5Zjc1YWU2
LzEvUW9OcFp4YmJ6RFlMbW1MdmZZUzAwby1WaTkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBsv1gAwQH
vIUAAwQDwXzAAwQBwodqMA0GCSqGSIb3DQEBCwUAA4IBAQA1HbRDuRjdeK+uF1Vv
sIO5/RfvBX4AbCDNoZw1ti/SzXkBK3rm72QPib1SXrZvvEr8ONArMHCbVgqznJyA
XcOGqNpk5KB/0nTjQihiz6zNxXChpMbofFYS5+AnX6lthmurYJ1XI3sfLvzpyQm0
8iMguA8h7daAjEYpPnfndZgLyzjhBQZh/RzHCbHLAzfaXTQdNXi74tPEMxA5fJxh
MWgdno8+EaD9sXjYFpkRDlF2Tft6mo62WzKTIt8MBCC/WC+w7f5hJtWVjrYyPSY5
zL0slhJcnczTOtwR17r+vlXUXLRY/ByRcjCvVVjYlxOZLf4UjDBBlTLkP5/klUZw
2fEI
-----END CERTIFICATE-----
Generated at Thu Jun 11 23:49:16 2026 by rpki-client