Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/ERbm9n51oDPPnUQhnjK_jwS9ePg.roa
File: ERbm9n51oDPPnUQhnjK_jwS9ePg.roa (raw, json)
Hash identifier: 6h0HkmOt1Vk3xsHs76bn4WykBGU78da/0SHm2Z9ErYY=
Subject key identifier: 11:16:E6:F6:7E:75:A0:33:CF:9D:44:21:9E:32:BF:8F:04:BD:78:F8
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 019DDD7E85756E10AD519D8BF4FAD9C43CBF
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/ERbm9n51oDPPnUQhnjK_jwS9ePg.roa
Signing time: Thu 30 Apr 2026 08:25:49 +0000
ROA not before: Thu 30 Apr 2026 08:25:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 49635
IP address blocks: 206.203.24.0/23 maxlen: 23
206.203.24.0/24 maxlen: 24
206.203.25.0/24 maxlen: 24
206.203.26.0/23 maxlen: 23
206.203.26.0/24 maxlen: 24
206.203.27.0/24 maxlen: 24
206.203.28.0/23 maxlen: 23
206.203.29.0/24 maxlen: 24
206.203.30.0/23 maxlen: 23
206.203.30.0/24 maxlen: 24
206.203.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.mft
rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:dd:7e:85:75:6e:10:ad:51:9d:8b:f4:fa:d9:c4:3c:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Apr 30 08:25:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1116e6f67e75a033cf9d44219e32bf8f04bd78f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:64:c1:8d:19:df:a1:fa:a5:f9:b5:29:df:ca:
7a:b0:77:4b:a9:9a:4e:f0:74:fb:13:66:de:ad:30:
73:d6:8d:03:24:66:87:c1:19:31:69:b3:94:e6:72:
41:37:04:2d:fa:a5:82:0a:9c:5f:bc:12:a9:37:ff:
07:65:c2:6b:6d:f3:8b:f4:b2:ba:d9:ea:e8:37:79:
1a:fc:5f:79:bf:96:97:55:ab:dd:4a:b1:9e:2c:8b:
7d:ec:46:e1:f3:90:30:e2:74:8b:69:cc:4b:04:99:
9c:4e:1d:79:b2:f3:51:e4:a2:d6:0a:79:84:07:ee:
b1:0d:c4:8b:f1:7c:5d:f7:66:e4:9c:49:10:f3:62:
2f:18:bc:36:80:48:66:1b:f5:46:10:dc:9a:4d:c8:
38:d8:4c:7e:c0:d6:e5:49:35:67:d4:35:58:f8:95:
90:64:cd:80:bc:6a:0c:d7:80:c6:6d:b5:8c:64:84:
b2:e5:9f:a1:46:b3:3f:ce:d1:ab:87:1e:6d:6f:08:
57:de:e5:00:da:b7:10:7a:d9:20:88:18:39:71:c0:
24:01:b2:de:fe:d8:a7:44:75:6c:30:81:ad:79:75:
e8:0d:a7:33:c1:3b:8d:21:69:b6:de:5e:66:a0:46:
a3:ac:7f:d5:cf:0b:05:bc:a9:3a:31:f0:08:a9:ff:
88:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:16:E6:F6:7E:75:A0:33:CF:9D:44:21:9E:32:BF:8F:04:BD:78:F8
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/ERbm9n51oDPPnUQhnjK_jwS9ePg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
206.203.24.0/21
Signature Algorithm: sha256WithRSAEncryption
01:d1:aa:8b:7c:01:d1:11:c3:28:25:f4:d3:63:6c:f6:0d:1c:
72:b2:b0:5a:35:e7:5b:a1:44:4b:50:49:fe:b8:93:2e:0d:54:
ea:81:62:73:da:3e:c7:ca:47:7f:09:2b:06:5f:2b:82:e2:00:
2e:33:28:c9:8e:13:8d:c6:e4:eb:56:a8:90:17:05:4c:32:7b:
ab:9f:b2:02:6f:28:29:59:1f:c4:6a:39:4d:00:6f:23:25:0e:
95:1a:01:ce:fb:e0:f7:51:b5:cd:ba:70:7c:a5:e3:0a:d3:81:
de:bb:ea:73:3c:b7:a6:d2:b3:b9:30:e9:1f:1a:f9:58:4c:79:
5b:53:84:7a:71:15:13:9e:b0:48:01:72:87:80:b8:99:4d:ad:
21:ce:3c:41:98:05:f6:9e:fe:66:f2:88:4c:4d:bc:2c:d5:31:
36:e3:bf:0b:7b:14:69:94:f0:f1:79:26:70:dc:0c:f0:46:57:
58:fd:1b:52:49:62:77:93:1b:46:b1:9b:9a:40:72:53:8b:b0:
82:7f:f4:2f:66:96:9f:61:5c:b8:89:de:1a:7c:d8:32:7e:5c:
10:ab:5a:bb:76:a3:69:f2:5d:fc:6d:1c:79:6d:dc:67:25:a9:
5a:a7:1c:06:97:c6:9f:a6:93:36:9b:38:09:29:66:e2:d1:74:
15:73:e9:24
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ3dfoV1bhCtUZ2L9PrZxDy/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjYwNDMwMDgyNTQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTE2ZTZmNjdlNzVhMDMzY2Y5ZDQ0MjE5ZTMyYmY4ZjA0YmQ3OGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0mTBjRnfofql+bUp38p6sHdLqZpO
8HT7E2berTBz1o0DJGaHwRkxabOU5nJBNwQt+qWCCpxfvBKpN/8HZcJrbfOL9LK6
2eroN3ka/F95v5aXVavdSrGeLIt97Ebh85Aw4nSLacxLBJmcTh15svNR5KLWCnmE
B+6xDcSL8Xxd92bknEkQ82IvGLw2gEhmG/VGENyaTcg42Ex+wNblSTVn1DVY+JWQ
ZM2AvGoM14DGbbWMZISy5Z+hRrM/ztGrhx5tbwhX3uUA2rcQetkgiBg5ccAkAbLe
/tinRHVsMIGteXXoDaczwTuNIWm23l5moEajrH/VzwsFvKk6MfAIqf+I4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBEW5vZ+daAzz51EIZ4yv48EvXj4MB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvRVJibTluNTFvRFBQblVRaG5qS19qd1M5ZVBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDzssYMA0G
CSqGSIb3DQEBCwUAA4IBAQAB0aqLfAHREcMoJfTTY2z2DRxysrBaNedboURLUEn+
uJMuDVTqgWJz2j7Hykd/CSsGXyuC4gAuMyjJjhONxuTrVqiQFwVMMnurn7ICbygp
WR/EajlNAG8jJQ6VGgHO++D3UbXNunB8peMK04Heu+pzPLem0rO5MOkfGvlYTHlb
U4R6cRUTnrBIAXKHgLiZTa0hzjxBmAX2nv5m8ohMTbws1TE2478LexRplPDxeSZw
3AzwRldY/RtSSWJ3kxtGsZuaQHJTi7CCf/QvZpafYVy4id4afNgyflwQq1q7dqNp
8l38bRx5bdxnJalapxwGl8afppM2mzgJKWbi0XQVc+kk
-----END CERTIFICATE-----
Generated at Wed May 13 08:45:30 2026 by rpki-client