Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/080e92-fffe-47d9-a6e2-c238eae0663b/1/uU9s_hgnyGbwJP-PZge6doa0Dj0.roa
File: uU9s_hgnyGbwJP-PZge6doa0Dj0.roa (raw, json)
Hash identifier: IozYYJrZLQXcxcMBB1MOmIfAjaC0gRCqNhs5hWCQTC4=
Subject key identifier: B9:4F:6C:FE:18:27:C8:66:F0:24:FF:8F:66:07:BA:76:86:B4:0E:3D
Certificate issuer: /CN=4f4b2aab1d67f6d4c058392b9137bd03228f7d2a
Certificate serial: 019E108B7BC770FE8DF5BC99EFFCA7510E65
Authority key identifier: 4F:4B:2A:AB:1D:67:F6:D4:C0:58:39:2B:91:37:BD:03:22:8F:7D:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T0sqqx1n9tTAWDkrkTe9AyKPfSo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/080e92-fffe-47d9-a6e2-c238eae0663b/1/uU9s_hgnyGbwJP-PZge6doa0Dj0.roa
Signing time: Sun 10 May 2026 06:20:37 +0000
ROA not before: Sun 10 May 2026 06:20:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 8793
IP address blocks: 185.58.0.0/22 maxlen: 22
185.58.3.0/24 maxlen: 24
193.168.6.0/23 maxlen: 24
193.200.240.0/24 maxlen: 24
2a02:60a0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/080e92-fffe-47d9-a6e2-c238eae0663b/1/T0sqqx1n9tTAWDkrkTe9AyKPfSo.crl
rsync://rpki.ripe.net/repository/DEFAULT/04/080e92-fffe-47d9-a6e2-c238eae0663b/1/T0sqqx1n9tTAWDkrkTe9AyKPfSo.mft
rsync://rpki.ripe.net/repository/DEFAULT/T0sqqx1n9tTAWDkrkTe9AyKPfSo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 20:10:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:10:8b:7b:c7:70:fe:8d:f5:bc:99:ef:fc:a7:51:0e:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f4b2aab1d67f6d4c058392b9137bd03228f7d2a
Validity
Not Before: May 10 06:20:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b94f6cfe1827c866f024ff8f6607ba7686b40e3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:97:75:16:a5:13:35:c3:ae:3f:84:38:07:fb:
ce:26:15:63:ac:f5:f9:72:3d:67:5a:a1:f8:a9:ce:
3e:0b:70:25:95:a0:50:99:f2:51:1d:c5:71:05:41:
55:db:73:59:dc:02:31:c3:02:bc:79:46:4e:d7:09:
60:89:26:f7:0a:fd:72:2e:55:1b:ea:5a:0d:39:a0:
9b:ba:c0:c1:5f:ae:73:66:b9:c0:f2:3f:92:d3:7b:
28:3b:b9:fb:14:f3:3b:24:7e:75:d5:f1:fc:1e:e4:
69:87:c3:81:ad:8b:4b:c7:2f:e1:a7:8b:e6:21:a9:
b0:43:53:20:a7:d4:78:df:01:cf:7f:d8:4e:f3:19:
1b:f9:ab:56:5c:2a:dc:22:21:74:73:6c:e4:42:b0:
c5:c5:76:d0:93:65:da:95:b6:67:fa:e4:de:98:cd:
3c:e3:04:96:95:e4:45:b0:05:57:de:f8:c8:c9:be:
17:74:5e:17:41:68:0d:20:5e:12:23:f8:01:73:80:
ac:f8:7e:ba:58:43:77:b5:09:2f:60:8b:d9:ab:16:
ff:e7:ec:9a:67:98:44:06:89:ae:be:b1:0b:66:d1:
e9:d8:ee:ce:54:57:68:93:08:ad:14:01:80:60:2c:
6b:0f:eb:a0:3e:e2:bc:03:f3:0c:42:ba:e1:2f:84:
76:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:4F:6C:FE:18:27:C8:66:F0:24:FF:8F:66:07:BA:76:86:B4:0E:3D
X509v3 Authority Key Identifier:
keyid:4F:4B:2A:AB:1D:67:F6:D4:C0:58:39:2B:91:37:BD:03:22:8F:7D:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T0sqqx1n9tTAWDkrkTe9AyKPfSo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/080e92-fffe-47d9-a6e2-c238eae0663b/1/uU9s_hgnyGbwJP-PZge6doa0Dj0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/080e92-fffe-47d9-a6e2-c238eae0663b/1/T0sqqx1n9tTAWDkrkTe9AyKPfSo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.58.0.0/22
193.168.6.0/23
193.200.240.0/24
IPv6:
2a02:60a0::/32
Signature Algorithm: sha256WithRSAEncryption
79:f6:02:39:6d:c6:0a:40:21:48:f6:24:6f:55:5b:20:c0:1c:
16:1f:d1:ac:8b:fe:18:31:7e:4c:6e:c8:9c:4c:b7:c2:db:f2:
1e:9a:e0:be:21:e7:42:1a:3c:f2:e6:3c:8a:df:e7:b7:84:14:
41:30:59:78:55:04:82:3e:23:91:30:3b:b8:05:5c:f4:5f:1f:
9a:75:a7:91:90:d5:f5:5f:07:b6:30:11:f7:9c:50:e0:39:07:
b5:1d:20:5e:34:bc:6b:b0:0d:b9:b5:97:75:1e:9b:d2:ad:da:
e1:cc:f7:1f:13:2a:b3:28:55:a1:c6:98:ec:94:3f:d2:c3:38:
6a:67:fd:e0:94:5a:19:1a:05:b6:d2:d7:98:39:86:42:46:27:
df:7b:81:ef:37:fc:3e:32:c2:98:c6:dd:81:6f:22:c9:8f:a0:
55:fe:d8:f0:e7:81:57:94:1e:a3:e9:37:f0:73:f0:60:b5:87:
1b:9a:3d:91:51:b9:0d:8d:5c:f3:a6:b7:16:2d:47:5b:9d:9e:
d8:9d:14:34:fb:10:d3:4a:b6:ee:9a:d1:90:36:3d:21:9c:56:
cf:a9:5a:a0:19:9a:80:2a:85:0f:38:b8:36:19:45:12:92:dd:
94:ca:10:87:ca:2b:25:69:69:dc:ac:7e:99:c9:b2:42:43:e7:
f1:97:21:54
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZ4Qi3vHcP6N9byZ7/ynUQ5lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmNGIyYWFiMWQ2N2Y2ZDRjMDU4MzkyYjkxMzdiZDAzMjI4
ZjdkMmEwHhcNMjYwNTEwMDYyMDM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTRmNmNmZTE4MjdjODY2ZjAyNGZmOGY2NjA3YmE3Njg2YjQwZTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJd1FqUTNcOuP4Q4B/vOJhVjrPX5
cj1nWqH4qc4+C3AllaBQmfJRHcVxBUFV23NZ3AIxwwK8eUZO1wlgiSb3Cv1yLlUb
6loNOaCbusDBX65zZrnA8j+S03soO7n7FPM7JH511fH8HuRph8OBrYtLxy/hp4vm
IamwQ1Mgp9R43wHPf9hO8xkb+atWXCrcIiF0c2zkQrDFxXbQk2XalbZn+uTemM08
4wSWleRFsAVX3vjIyb4XdF4XQWgNIF4SI/gBc4Cs+H66WEN3tQkvYIvZqxb/5+ya
Z5hEBomuvrELZtHp2O7OVFdokwitFAGAYCxrD+ugPuK8A/MMQrrhL4R2/QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFLlPbP4YJ8hm8CT/j2YHunaGtA49MB8GA1UdIwQY
MBaAFE9LKqsdZ/bUwFg5K5E3vQMij30qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDBzcXF4MW45dFRBV0RrcmtUZTlBeUtQZlNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8wODBlOTItZmZmZS00N2Q5LWE2ZTIt
YzIzOGVhZTA2NjNiLzEvdVU5c19oZ255R2J3SlAtUFpnZTZkb2EwRGowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8wODBlOTItZmZmZS00N2Q5LWE2ZTItYzIzOGVhZTA2NjNi
LzEvVDBzcXF4MW45dFRBV0RrcmtUZTlBeUtQZlNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuToAAwQB
wagGAwQAwcjwMA0EAgACMAcDBQAqAmCgMA0GCSqGSIb3DQEBCwUAA4IBAQB59gI5
bcYKQCFI9iRvVVsgwBwWH9Gsi/4YMX5MbsicTLfC2/IemuC+IedCGjzy5jyK3+e3
hBRBMFl4VQSCPiORMDu4BVz0Xx+adaeRkNX1Xwe2MBH3nFDgOQe1HSBeNLxrsA25
tZd1HpvSrdrhzPcfEyqzKFWhxpjslD/SwzhqZ/3glFoZGgW20teYOYZCRiffe4Hv
N/w+MsKYxt2BbyLJj6BV/tjw54FXlB6j6Tfwc/BgtYcbmj2RUbkNjVzzprcWLUdb
nZ7YnRQ0+xDTSrbumtGQNj0hnFbPqVqgGZqAKoUPOLg2GUUSkt2UyhCHyislaWnc
rH6ZybJCQ+fxlyFU
-----END CERTIFICATE-----
Generated at Wed May 13 03:23:10 2026 by rpki-client