Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/df7944-2589-47cb-ab56-5358401fb796/1/T5tl9sNyRkL0P_NR5adTD-3N3sU.roa
File: T5tl9sNyRkL0P_NR5adTD-3N3sU.roa (raw, json)
Hash identifier: v1uOfCq/sSctVYDZAL9hq4TwyQTRwSAfePolYoMfHVQ=
Subject key identifier: 4F:9B:65:F6:C3:72:46:42:F4:3F:F3:51:E5:A7:53:0F:ED:CD:DE:C5
Certificate issuer: /CN=70bf553042f1a43827dc034500bbd1068a7297ca
Certificate serial: 019DFD69FE217BA4F2BBE53537661313BD2B
Authority key identifier: 70:BF:55:30:42:F1:A4:38:27:DC:03:45:00:BB:D1:06:8A:72:97:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cL9VMELxpDgn3ANFALvRBopyl8o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/df7944-2589-47cb-ab56-5358401fb796/1/T5tl9sNyRkL0P_NR5adTD-3N3sU.roa
Signing time: Wed 06 May 2026 13:11:15 +0000
ROA not before: Wed 06 May 2026 13:11:15 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 136787
IP address blocks: 186.247.46.0/24 maxlen: 24
2a13:240:8000::/40 maxlen: 40
2a13:240:8888::/48 maxlen: 48
2a13:240:9999::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/df7944-2589-47cb-ab56-5358401fb796/1/cL9VMELxpDgn3ANFALvRBopyl8o.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/df7944-2589-47cb-ab56-5358401fb796/1/cL9VMELxpDgn3ANFALvRBopyl8o.mft
rsync://rpki.ripe.net/repository/DEFAULT/cL9VMELxpDgn3ANFALvRBopyl8o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:fd:69:fe:21:7b:a4:f2:bb:e5:35:37:66:13:13:bd:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70bf553042f1a43827dc034500bbd1068a7297ca
Validity
Not Before: May 6 13:11:15 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4f9b65f6c3724642f43ff351e5a7530fedcddec5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:26:46:06:e6:c7:66:5e:7c:7c:c2:db:2a:57:
18:bb:a5:f9:ed:e4:58:e6:e5:d5:4e:7f:88:be:19:
e7:93:a9:bc:52:b1:ba:2e:20:6f:db:5e:13:46:56:
a8:3d:3c:af:3e:ac:06:63:80:34:98:53:05:8f:4e:
d3:fd:8d:90:01:f5:7c:04:f5:68:34:9c:6d:00:d4:
ba:79:51:0a:86:3b:8c:86:1b:bb:d7:6b:28:81:05:
28:e2:cb:69:8d:27:2e:83:2d:25:bd:e0:e0:7c:aa:
32:c4:fa:d3:7b:68:7a:ad:1f:63:d7:e2:96:33:c4:
42:0f:1e:d6:b7:47:b0:40:f6:a6:08:e5:7a:ad:d7:
9c:42:12:a5:f8:83:b1:c2:2c:5c:9a:f0:1f:df:41:
e3:46:29:d6:56:92:de:60:6f:ea:70:d8:5d:6f:25:
4e:1f:5d:6b:eb:c0:b6:08:ee:e3:e9:26:8f:60:fa:
e8:53:76:eb:50:3c:bb:12:6b:30:f3:ad:6d:b7:cc:
13:35:ce:8f:43:bc:f6:ed:e8:ea:55:1e:ae:71:05:
2a:82:c6:e0:8f:0f:fd:af:08:7d:1f:29:c6:5f:96:
99:ac:d6:5d:7a:54:51:8d:b9:aa:c2:e3:87:35:cd:
a2:db:ca:5d:a7:55:47:e2:45:cb:98:dd:01:07:47:
8c:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:9B:65:F6:C3:72:46:42:F4:3F:F3:51:E5:A7:53:0F:ED:CD:DE:C5
X509v3 Authority Key Identifier:
keyid:70:BF:55:30:42:F1:A4:38:27:DC:03:45:00:BB:D1:06:8A:72:97:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cL9VMELxpDgn3ANFALvRBopyl8o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/df7944-2589-47cb-ab56-5358401fb796/1/T5tl9sNyRkL0P_NR5adTD-3N3sU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/df7944-2589-47cb-ab56-5358401fb796/1/cL9VMELxpDgn3ANFALvRBopyl8o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
186.247.46.0/24
IPv6:
2a13:240:8000::/40
2a13:240:8888::/48
2a13:240:9999::/48
Signature Algorithm: sha256WithRSAEncryption
81:29:a3:65:4b:40:60:70:61:f5:b3:12:77:7e:4b:0b:f7:d8:
5f:67:22:ef:60:65:9c:41:e3:3f:57:9a:24:49:9f:ad:4d:8a:
0b:c3:5d:44:ed:d7:17:31:80:b8:96:b8:89:f7:e6:1c:c5:bd:
a5:50:66:0b:4f:c1:bc:36:9b:cf:e4:2d:d7:62:c8:d3:59:9e:
a6:2e:59:d5:9c:bc:2d:3e:a3:24:08:45:97:b3:32:e8:e2:03:
3e:f3:ba:e4:2c:97:24:ad:9a:1c:3c:73:f6:32:1f:ed:b7:77:
51:c7:81:83:88:1b:5c:31:9e:b9:8d:48:6b:96:a4:a1:0c:bc:
78:ec:81:da:e7:3b:99:54:f8:8e:5b:fb:74:f1:f4:3e:b9:a4:
90:d5:80:75:20:dc:92:c4:da:58:32:a4:c8:7a:59:30:f1:e3:
06:f9:eb:fe:fd:bd:18:f1:bf:e6:77:c6:f8:9b:27:e6:84:bb:
14:a8:50:d2:eb:45:8e:05:f0:49:24:2c:7f:6d:66:35:74:88:
8b:d6:7d:9c:cc:9c:81:5e:af:0c:92:31:0b:b8:83:31:35:ac:
4c:93:00:f1:13:10:f1:68:2b:44:c5:ae:a9:e7:99:b4:75:75:
f5:d6:b9:13:77:2e:5b:e2:bd:14:5b:b1:46:4f:42:ac:38:fb:
29:e1:48:61
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZ39af4he6Tyu+U1N2YTE70rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwYmY1NTMwNDJmMWE0MzgyN2RjMDM0NTAwYmJkMTA2OGE3
Mjk3Y2EwHhcNMjYwNTA2MTMxMTE1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjliNjVmNmMzNzI0NjQyZjQzZmYzNTFlNWE3NTMwZmVkY2RkZWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCZGBubHZl58fMLbKlcYu6X57eRY
5uXVTn+Ivhnnk6m8UrG6LiBv214TRlaoPTyvPqwGY4A0mFMFj07T/Y2QAfV8BPVo
NJxtANS6eVEKhjuMhhu712sogQUo4stpjScugy0lveDgfKoyxPrTe2h6rR9j1+KW
M8RCDx7Wt0ewQPamCOV6rdecQhKl+IOxwixcmvAf30HjRinWVpLeYG/qcNhdbyVO
H11r68C2CO7j6SaPYProU3brUDy7Emsw861tt8wTNc6PQ7z27ejqVR6ucQUqgsbg
jw/9rwh9HynGX5aZrNZdelRRjbmqwuOHNc2i28pdp1VH4kXLmN0BB0eM4QIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFE+bZfbDckZC9D/zUeWnUw/tzd7FMB8GA1UdIwQY
MBaAFHC/VTBC8aQ4J9wDRQC70QaKcpfKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0w5Vk1FTHhwRGduM0FORkFMdlJCb3B5bDhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9kZjc5NDQtMjU4OS00N2NiLWFiNTYt
NTM1ODQwMWZiNzk2LzEvVDV0bDlzTnlSa0wwUF9OUjVhZFRELTNOM3NVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9kZjc5NDQtMjU4OS00N2NiLWFiNTYtNTM1ODQwMWZiNzk2
LzEvY0w5Vk1FTHhwRGduM0FORkFMdlJCb3B5bDhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAMBAIAATAGAwQAuvcuMCAE
AgACMBoDBgAqEwJAgAMHACoTAkCIiAMHACoTAkCZmTANBgkqhkiG9w0BAQsFAAOC
AQEAgSmjZUtAYHBh9bMSd35LC/fYX2ci72BlnEHjP1eaJEmfrU2KC8NdRO3XFzGA
uJa4iffmHMW9pVBmC0/BvDabz+Qt12LI01mepi5Z1Zy8LT6jJAhFl7My6OIDPvO6
5CyXJK2aHDxz9jIf7bd3UceBg4gbXDGeuY1Ia5akoQy8eOyB2uc7mVT4jlv7dPH0
PrmkkNWAdSDcksTaWDKkyHpZMPHjBvnr/v29GPG/5nfG+Jsn5oS7FKhQ0utFjgXw
SSQsf21mNXSIi9Z9nMycgV6vDJIxC7iDMTWsTJMA8RMQ8WgrRMWuqeeZtHV19da5
E3cuW+K9FFuxRk9CrDj7KeFIYQ==
-----END CERTIFICATE-----
Generated at Wed May 13 05:25:39 2026 by rpki-client