Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/t_cf95nJU995Eofo0_25D34Fphk.roa
File: t_cf95nJU995Eofo0_25D34Fphk.roa (raw, json)
Hash identifier: qMBafRl68HJMb6mKJsAF2JkC7inIgf5w0AMfL+n0Awc=
Subject key identifier: B7:F7:1F:F7:99:C9:53:DF:79:12:87:E8:D3:FD:B9:0F:7E:05:A6:19
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 019E1CDBF3466DEC428CA02B6E3AD38E6029
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/t_cf95nJU995Eofo0_25D34Fphk.roa
Signing time: Tue 12 May 2026 15:43:57 +0000
ROA not before: Tue 12 May 2026 15:43:57 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 204765
IP address blocks: 46.29.26.0/24 maxlen: 24
46.29.27.0/24 maxlen: 24
185.119.81.0/24 maxlen: 24
185.119.82.0/24 maxlen: 24
185.249.200.0/24 maxlen: 24
185.249.201.0/24 maxlen: 24
185.249.202.0/24 maxlen: 24
185.249.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.mft
rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1c:db:f3:46:6d:ec:42:8c:a0:2b:6e:3a:d3:8e:60:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: May 12 15:43:57 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b7f71ff799c953df791287e8d3fdb90f7e05a619
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:26:4b:a0:7f:39:50:c3:5c:70:8a:a1:35:f4:
6e:89:5b:2b:b0:ea:33:40:30:06:d4:6b:e7:a0:1c:
6e:01:b0:11:36:26:54:8a:22:98:b2:b9:0a:fd:b9:
c0:d5:c4:4f:f8:47:78:68:90:b5:ce:fc:19:ba:2f:
20:bb:ad:b7:ce:45:77:6b:c6:11:b3:15:67:9b:e8:
0e:25:3f:10:14:6a:d3:f4:d6:09:8d:b5:d9:d4:71:
09:5d:50:e0:e8:1b:8f:b9:90:a9:13:ca:b8:f4:77:
b1:bb:67:73:30:b6:b5:96:cd:e0:84:c8:48:a3:5c:
a9:ad:25:23:b9:89:6d:05:b3:f2:6b:8f:0e:55:be:
ed:c6:1f:f9:84:07:78:2f:94:12:92:a6:77:32:82:
81:0b:77:cc:f3:36:fd:a4:6c:ec:d6:39:4e:2a:df:
98:a6:9f:b5:16:a9:56:57:8e:03:9d:05:61:d4:69:
cf:bf:af:ec:af:0a:b4:14:84:a5:2e:10:79:8a:8b:
50:74:ce:7d:67:fe:d6:a2:c4:d2:86:e7:2a:32:51:
d8:82:c1:80:ab:65:8c:ea:40:10:d4:1c:c5:bf:e9:
d9:02:f9:b2:2f:26:2b:94:07:b0:09:36:d1:26:60:
63:09:f4:23:90:bf:3f:65:7b:4c:5a:1b:a6:45:a0:
10:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:F7:1F:F7:99:C9:53:DF:79:12:87:E8:D3:FD:B9:0F:7E:05:A6:19
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/t_cf95nJU995Eofo0_25D34Fphk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.29.26.0/23
185.119.81.0-185.119.82.255
185.249.200.0/22
Signature Algorithm: sha256WithRSAEncryption
99:d6:8d:88:cf:50:91:88:88:13:40:e5:24:08:fe:78:b5:4c:
19:37:b2:b1:30:f0:c1:c9:eb:25:7f:bd:64:da:ed:7c:22:3a:
45:ef:dd:25:75:f1:67:70:83:2e:b9:08:87:32:09:00:17:52:
28:47:e3:d1:9e:5d:8d:f6:d7:ad:f4:e1:d0:bc:71:38:08:94:
6f:f2:8c:09:74:b1:28:8a:79:34:6c:c8:55:92:fd:da:b5:99:
14:fc:aa:55:c2:37:47:0b:73:65:51:49:54:4a:af:a7:22:4e:
8c:8c:4f:e3:93:8d:98:d0:50:40:20:fc:18:d1:6c:c9:f7:7d:
59:b0:33:94:de:c2:1f:62:d4:b4:55:7a:f0:62:43:c6:59:5a:
22:99:f9:5e:4a:6b:6e:67:12:13:9a:33:fe:f4:89:d9:ed:e4:
df:98:04:28:a1:75:af:ef:f4:5b:5b:08:f4:12:9d:ed:88:02:
03:b6:8d:6b:1d:ef:56:54:eb:f5:1d:0e:15:a5:b2:01:39:56:
be:7b:4d:2b:85:95:01:dc:36:84:1d:cb:72:fd:18:d4:54:22:
93:8d:94:e8:b1:91:84:49:fd:0b:4f:e0:90:6f:5f:64:6d:9c:
dc:d3:e5:0b:77:01:e4:79:9d:42:cd:6c:13:0e:21:4e:9f:d9:
17:8a:5f:11
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZ4c2/NGbexCjKArbjrTjmApMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjYwNTEyMTU0MzU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2Y3MWZmNzk5Yzk1M2RmNzkxMjg3ZThkM2ZkYjkwZjdlMDVhNjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkyZLoH85UMNccIqhNfRuiVsrsOoz
QDAG1GvnoBxuAbARNiZUiiKYsrkK/bnA1cRP+Ed4aJC1zvwZui8gu623zkV3a8YR
sxVnm+gOJT8QFGrT9NYJjbXZ1HEJXVDg6BuPuZCpE8q49Hexu2dzMLa1ls3ghMhI
o1yprSUjuYltBbPya48OVb7txh/5hAd4L5QSkqZ3MoKBC3fM8zb9pGzs1jlOKt+Y
pp+1FqlWV44DnQVh1GnPv6/srwq0FISlLhB5iotQdM59Z/7WosTShucqMlHYgsGA
q2WM6kAQ1BzFv+nZAvmyLyYrlAewCTbRJmBjCfQjkL8/ZXtMWhumRaAQ/wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFLf3H/eZyVPfeRKH6NP9uQ9+BaYZMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvdF9jZjk1bkpVOTk1RW9mbzBfMjVEMzRGcGhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBLh0aMAwD
BAC5d1EDBAC5d1IDBAK5+cgwDQYJKoZIhvcNAQELBQADggEBAJnWjYjPUJGIiBNA
5SQI/ni1TBk3srEw8MHJ6yV/vWTa7XwiOkXv3SV18Wdwgy65CIcyCQAXUihH49Ge
XY3216304dC8cTgIlG/yjAl0sSiKeTRsyFWS/dq1mRT8qlXCN0cLc2VRSVRKr6ci
ToyMT+OTjZjQUEAg/BjRbMn3fVmwM5Tewh9i1LRVevBiQ8ZZWiKZ+V5Ka25nEhOa
M/70idnt5N+YBCihda/v9FtbCPQSne2IAgO2jWsd71ZU6/UdDhWlsgE5Vr57TSuF
lQHcNoQdy3L9GNRUIpONlOixkYRJ/QtP4JBvX2RtnNzT5Qt3AeR5nULNbBMOIU6f
2ReKXxE=
-----END CERTIFICATE-----
Generated at Wed May 13 05:36:01 2026 by rpki-client