Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/m9rP0dcPDajw_wBB9DhY5sWJHwg.roa
File: m9rP0dcPDajw_wBB9DhY5sWJHwg.roa (raw, json)
Hash identifier: e+HHBL1u2usrpKCyzDWznso6dRBdcmKW92d3TFmMF/A=
Subject key identifier: 9B:DA:CF:D1:D7:0F:0D:A8:F0:FF:00:41:F4:38:58:E6:C5:89:1F:08
Certificate issuer: /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Certificate serial: 019E8D0C7FFE7A64FD3405287B0952EAA389
Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/m9rP0dcPDajw_wBB9DhY5sWJHwg.roa
Signing time: Wed 03 Jun 2026 10:34:27 +0000
ROA not before: Wed 03 Jun 2026 10:34:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 41397
IP address blocks: 194.143.195.0/24 maxlen: 24
194.143.196.0/24 maxlen: 24
194.143.214.0/24 maxlen: 24
194.143.215.0/24 maxlen: 24
213.220.24.0/21 maxlen: 24
213.220.32.0/22 maxlen: 22
213.220.36.0/23 maxlen: 23
213.220.38.0/24 maxlen: 24
213.220.55.0/24 maxlen: 24
213.220.56.0/23 maxlen: 23
213.220.59.0/24 maxlen: 24
213.220.60.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.mft
rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:8d:0c:7f:fe:7a:64:fd:34:05:28:7b:09:52:ea:a3:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Validity
Not Before: Jun 3 10:34:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9bdacfd1d70f0da8f0ff0041f43858e6c5891f08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:e6:91:2f:de:46:d2:56:88:57:bf:3e:ef:0a:
0a:46:96:51:e8:03:7f:f8:f9:41:69:7f:35:4a:b5:
7e:94:49:53:0a:6c:67:f5:90:1b:70:36:aa:8e:b5:
d0:33:52:b2:29:61:e6:bc:b9:55:5c:be:1a:eb:a2:
70:e4:56:f8:19:6d:88:14:72:f6:3f:fa:08:99:22:
69:76:57:79:2d:b9:cf:dc:65:4e:6b:66:ad:00:c8:
bb:f8:2f:44:7a:e1:39:54:12:84:c3:8b:96:d9:dd:
b8:94:5c:c8:99:f9:28:da:e2:00:c2:33:6c:da:cd:
ac:be:26:c2:83:28:b5:e7:36:2c:09:21:08:ea:e9:
5f:96:ac:fc:dd:b1:53:f9:1b:9c:b0:32:2e:ee:eb:
eb:42:e1:c4:12:64:82:d6:20:30:c0:8d:7d:29:2f:
02:9d:77:65:f1:d9:77:7a:3a:80:d4:f8:63:f8:f1:
3c:6b:a5:ba:4b:2d:c3:a8:61:f1:16:e8:82:43:17:
26:b1:82:d8:79:a9:ed:72:5a:30:ce:44:84:80:38:
a9:bb:c4:a0:18:1c:14:46:f4:b9:b6:63:a3:06:fd:
3b:18:c6:e7:c0:fd:c9:c6:59:f4:a0:12:c0:51:c8:
01:50:75:60:9b:34:88:6e:c5:d4:ed:81:fa:67:6c:
bf:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:DA:CF:D1:D7:0F:0D:A8:F0:FF:00:41:F4:38:58:E6:C5:89:1F:08
X509v3 Authority Key Identifier:
keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/m9rP0dcPDajw_wBB9DhY5sWJHwg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.143.195.0-194.143.196.255
194.143.214.0/23
213.220.24.0-213.220.38.255
213.220.55.0-213.220.57.255
213.220.59.0-213.220.61.255
Signature Algorithm: sha256WithRSAEncryption
8f:52:fb:72:41:9d:ce:b4:e2:66:d2:f7:9e:c5:67:e9:e4:a8:
23:9d:00:bc:0b:ea:ee:b5:22:02:57:c8:06:e0:fb:d8:9f:08:
59:69:fa:1c:6a:61:e7:a7:86:cf:42:e7:16:eb:43:22:a6:35:
6c:dc:20:53:ff:f6:8d:a8:ad:07:4d:f8:58:0f:1c:e7:f3:4d:
01:3a:d5:3d:9a:65:e9:60:b5:be:b2:11:bd:65:12:7c:b1:29:
66:68:65:bd:90:64:88:63:91:7b:6d:c0:84:7f:98:51:cd:55:
16:ae:58:99:60:b9:5d:fd:bd:8a:a8:b0:9c:5d:d1:15:1e:79:
15:28:4e:cd:34:76:f1:bf:7e:9e:12:d4:b5:b9:f4:7e:bc:69:
a0:80:5f:18:42:c4:b9:23:c5:52:0e:a8:54:4c:1a:7c:20:2e:
6d:eb:ce:3c:49:f3:aa:8b:b2:51:8e:e9:f9:72:36:1b:a6:a6:
30:f6:76:1d:8a:b8:03:9e:94:d4:85:53:f2:9f:99:73:69:c7:
a0:ac:e8:70:8a:56:ae:08:c1:d4:3a:46:cf:bb:42:75:4b:5c:
47:38:3c:d9:bc:1d:ee:e1:b9:66:39:56:b0:ec:2e:0f:cc:c8:
6a:42:e5:dd:64:1e:e6:74:91:c1:92:66:da:70:cb:1f:ca:a3:
39:e1:e9:d1
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZ6NDH/+emT9NAUoewlS6qOJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy
MGFlMmUwHhcNMjYwNjAzMTAzNDI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmRhY2ZkMWQ3MGYwZGE4ZjBmZjAwNDFmNDM4NThlNmM1ODkxZjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqOaRL95G0laIV78+7woKRpZR6AN/
+PlBaX81SrV+lElTCmxn9ZAbcDaqjrXQM1KyKWHmvLlVXL4a66Jw5Fb4GW2IFHL2
P/oImSJpdld5LbnP3GVOa2atAMi7+C9EeuE5VBKEw4uW2d24lFzImfko2uIAwjNs
2s2svibCgyi15zYsCSEI6ulflqz83bFT+RucsDIu7uvrQuHEEmSC1iAwwI19KS8C
nXdl8dl3ejqA1Phj+PE8a6W6Sy3DqGHxFuiCQxcmsYLYeantclowzkSEgDipu8Sg
GBwURvS5tmOjBv07GMbnwP3Jxln0oBLAUcgBUHVgmzSIbsXU7YH6Z2y/QwIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFJvaz9HXDw2o8P8AQfQ4WObFiR8IMB8GA1UdIwQY
MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt
MWRkZWM0Y2NlMjRjLzEvbTlyUDBkY1BEYWp3X3dCQjlEaFk1c1dKSHdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGItMWRkZWM0Y2NlMjRj
LzEvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+MAwDBADCj8MD
BADCj8QDBAHCj9YwDAMEA9XcGAMEANXcJjAMAwQA1dw3AwQB1dw4MAwDBADV3DsD
BAHV3DwwDQYJKoZIhvcNAQELBQADggEBAI9S+3JBnc604mbS957FZ+nkqCOdALwL
6u61IgJXyAbg+9ifCFlp+hxqYeenhs9C5xbrQyKmNWzcIFP/9o2orQdN+FgPHOfz
TQE61T2aZelgtb6yEb1lEnyxKWZoZb2QZIhjkXttwIR/mFHNVRauWJlguV39vYqo
sJxd0RUeeRUoTs00dvG/fp4S1LW59H68aaCAXxhCxLkjxVIOqFRMGnwgLm3rzjxJ
86qLslGO6flyNhumpjD2dh2KuAOelNSFU/KfmXNpx6Cs6HCKVq4IwdQ6Rs+7QnVL
XEc4PNm8He7huWY5VrDsLg/MyGpC5d1kHuZ0kcGSZtpwyx/Koznh6dE=
-----END CERTIFICATE-----
Generated at Thu Jun 4 09:01:10 2026 by rpki-client