Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/9a7113-869e-46c0-9a38-8a2efe2fb08b/1/1-R5bGFGuEXrAhFEJ1itmGfkDohw.roa
File: 1-R5bGFGuEXrAhFEJ1itmGfkDohw.roa (raw, json)
Hash identifier: lVFYFuzRt87ejZ4L9ObTyPTLDyvZKJrO1X0F0BrVUAQ=
Subject key identifier: F9:1E:5B:18:51:AE:11:7A:C0:84:51:09:D6:2B:66:19:F9:03:A2:1C
Certificate issuer: /CN=29560ad0fddb43269b7e6d5b484328a476f0ea68
Certificate serial: 019BEAAE4E30264312D7A902C35664322C44
Authority key identifier: 29:56:0A:D0:FD:DB:43:26:9B:7E:6D:5B:48:43:28:A4:76:F0:EA:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KVYK0P3bQyabfm1bSEMopHbw6mg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/9a7113-869e-46c0-9a38-8a2efe2fb08b/1/1-R5bGFGuEXrAhFEJ1itmGfkDohw.roa
Signing time: Fri 23 Jan 2026 11:47:30 +0000
ROA not before: Fri 23 Jan 2026 11:47:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 214358
IP address blocks: 109.121.112.0/23 maxlen: 23
109.121.114.0/24 maxlen: 24
109.121.115.0/24 maxlen: 24
185.166.93.0/24 maxlen: 24
2001:3b00:200::/40 maxlen: 40
2001:3b00:300::/40 maxlen: 40
2001:3b00:400::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/9a7113-869e-46c0-9a38-8a2efe2fb08b/1/KVYK0P3bQyabfm1bSEMopHbw6mg.crl
rsync://rpki.ripe.net/repository/DEFAULT/6b/9a7113-869e-46c0-9a38-8a2efe2fb08b/1/KVYK0P3bQyabfm1bSEMopHbw6mg.mft
rsync://rpki.ripe.net/repository/DEFAULT/KVYK0P3bQyabfm1bSEMopHbw6mg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 08:01:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:ea:ae:4e:30:26:43:12:d7:a9:02:c3:56:64:32:2c:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29560ad0fddb43269b7e6d5b484328a476f0ea68
Validity
Not Before: Jan 23 11:47:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f91e5b1851ae117ac0845109d62b6619f903a21c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:df:ae:ee:29:21:8e:90:08:99:21:2c:f1:4a:
36:50:14:43:93:1a:e4:a7:2b:25:b6:a6:d6:ab:fa:
42:17:8b:99:68:49:4e:c1:b7:5e:d8:a9:ba:96:af:
03:e5:a1:4e:f2:a6:76:1c:64:d9:08:ad:bb:04:a5:
ab:12:65:43:cb:7d:16:31:6f:64:95:f6:b0:b8:bc:
2f:bb:43:f8:a0:80:18:ef:51:52:b6:c0:0b:85:b7:
66:bc:38:a3:bd:54:40:5e:30:0a:68:77:6d:ba:6a:
f9:7f:1c:a8:c1:03:2f:de:83:a2:f4:b6:20:d2:8b:
5a:91:d4:2f:0d:79:cd:35:ba:f7:03:b9:d8:e4:a2:
52:fc:b4:9e:77:6e:55:d8:74:14:41:c5:82:9a:7a:
64:de:31:be:8d:26:3e:53:9c:5a:12:72:8b:c3:6d:
5a:b9:b2:a2:66:45:ca:dd:04:66:7d:16:74:4d:80:
87:e1:a2:2f:b3:2f:4e:b4:70:35:05:c2:96:7b:3e:
35:a2:cb:9d:19:64:d9:37:63:da:20:7d:0a:97:e8:
74:2f:9a:b2:c8:99:a6:23:32:2c:78:89:88:63:f4:
00:7b:04:3c:41:21:24:b9:27:59:51:95:a3:df:35:
1f:e4:c6:60:e6:de:8c:63:e4:d8:59:86:87:8f:a8:
db:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:1E:5B:18:51:AE:11:7A:C0:84:51:09:D6:2B:66:19:F9:03:A2:1C
X509v3 Authority Key Identifier:
keyid:29:56:0A:D0:FD:DB:43:26:9B:7E:6D:5B:48:43:28:A4:76:F0:EA:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KVYK0P3bQyabfm1bSEMopHbw6mg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/9a7113-869e-46c0-9a38-8a2efe2fb08b/1/1-R5bGFGuEXrAhFEJ1itmGfkDohw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/9a7113-869e-46c0-9a38-8a2efe2fb08b/1/KVYK0P3bQyabfm1bSEMopHbw6mg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.121.112.0/22
185.166.93.0/24
IPv6:
2001:3b00:200::-2001:3b00:4ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
ab:dd:e5:eb:8a:70:46:14:69:af:97:4f:9f:57:cf:29:56:2d:
90:3e:f4:ee:70:4e:81:af:1c:db:5e:30:28:6f:5d:e8:53:e3:
29:0b:67:ed:49:7e:41:dc:35:86:ab:27:eb:6f:c8:6e:c1:11:
b3:17:c8:d0:21:a7:fd:b2:e8:42:49:fc:4c:8d:f7:8f:09:4e:
67:9e:7c:41:cc:bb:5e:03:70:41:d2:06:40:08:b6:65:b3:1b:
be:d6:05:8e:67:e9:78:0b:76:31:af:a8:07:7a:4c:b5:19:f9:
90:9d:4b:eb:39:69:84:64:87:f3:7f:e9:b6:f9:29:cd:c4:be:
ff:e5:8f:a5:4e:35:4b:46:1d:a9:41:c4:b9:17:92:4f:b8:fe:
d0:8e:72:48:78:da:8d:c0:af:25:5a:2d:0a:9f:3e:a9:ee:65:
ef:99:bf:b0:23:35:f3:c5:ab:8a:a2:f7:40:3b:e6:a5:15:09:
70:0a:92:68:64:16:22:79:c9:8b:c2:d6:46:a4:89:c9:8e:37:
fc:61:7f:f1:de:6d:0c:c2:7c:85:8d:fe:aa:d4:68:92:06:9c:
bb:f6:4c:ea:e2:d5:9f:38:fa:ff:0c:3b:38:62:02:68:0b:b6:
8b:eb:79:28:55:7d:ac:a6:a3:19:da:2d:4b:5a:f5:b1:b8:79:
f3:00:33:ed
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZvqrk4wJkMS16kCw1ZkMixEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NTYwYWQwZmRkYjQzMjY5YjdlNmQ1YjQ4NDMyOGE0NzZm
MGVhNjgwHhcNMjYwMTIzMTE0NzMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTFlNWIxODUxYWUxMTdhYzA4NDUxMDlkNjJiNjYxOWY5MDNhMjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyN+u7ikhjpAImSEs8Uo2UBRDkxrk
pysltqbWq/pCF4uZaElOwbde2Km6lq8D5aFO8qZ2HGTZCK27BKWrEmVDy30WMW9k
lfawuLwvu0P4oIAY71FStsALhbdmvDijvVRAXjAKaHdtumr5fxyowQMv3oOi9LYg
0otakdQvDXnNNbr3A7nY5KJS/LSed25V2HQUQcWCmnpk3jG+jSY+U5xaEnKLw21a
ubKiZkXK3QRmfRZ0TYCH4aIvsy9OtHA1BcKWez41osudGWTZN2PaIH0Kl+h0L5qy
yJmmIzIseImIY/QAewQ8QSEkuSdZUZWj3zUf5MZg5t6MY+TYWYaHj6jbhwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFPkeWxhRrhF6wIRRCdYrZhn5A6IcMB8GA1UdIwQY
MBaAFClWCtD920Mmm35tW0hDKKR28OpoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1ZZSzBQM2JReWFiZm0xYlNFTW9wSGJ3Nm1nLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi85YTcxMTMtODY5ZS00NmMwLTlhMzgt
OGEyZWZlMmZiMDhiLzEvMS1SNWJHRkd1RVhyQWhGRUoxaXRtR2ZrRG9ody5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNmIvOWE3MTEzLTg2OWUtNDZjMC05YTM4LThhMmVmZTJmYjA4
Yi8xL0tWWUswUDNiUXlhYmZtMWJTRU1vcEhidzZtZy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA/BggrBgEFBQcBBwEB/wQwMC4wEgQCAAEwDAMEAm15cAME
ALmmXTAYBAIAAjASMBADBgEgATsAAgMGACABOwAEMA0GCSqGSIb3DQEBCwUAA4IB
AQCr3eXrinBGFGmvl0+fV88pVi2QPvTucE6BrxzbXjAob13oU+MpC2ftSX5B3DWG
qyfrb8huwRGzF8jQIaf9suhCSfxMjfePCU5nnnxBzLteA3BB0gZACLZlsxu+1gWO
Z+l4C3Yxr6gHeky1GfmQnUvrOWmEZIfzf+m2+SnNxL7/5Y+lTjVLRh2pQcS5F5JP
uP7QjnJIeNqNwK8lWi0Knz6p7mXvmb+wIzXzxauKovdAO+alFQlwCpJoZBYiecmL
wtZGpInJjjf8YX/x3m0MwnyFjf6q1GiSBpy79kzq4tWfOPr/DDs4YgJoC7aL63ko
VX2spqMZ2i1LWvWxuHnzADPt
-----END CERTIFICATE-----
Generated at Thu Mar 26 14:04:33 2026 by rpki-client