Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/0543e3-1bf0-4db3-b01e-a1d6054350d2/1/6Bd_dmaoEZ1Gs0FRJb3NyILTT9A.roa
File: 6Bd_dmaoEZ1Gs0FRJb3NyILTT9A.roa (raw, json)
Hash identifier: Mk+M/Fjc68fkukvC6/Uq0uxs0FLSquR7Kh7pIPdntc0=
Subject key identifier: E8:17:7F:76:66:A8:11:9D:46:B3:41:51:25:BD:CD:C8:82:D3:4F:D0
Certificate issuer: /CN=36d6044966c57439aaf520310885f81d45275b2a
Certificate serial: 019DD70CBBCF3D827437A2BC2944FD1DBA88
Authority key identifier: 36:D6:04:49:66:C5:74:39:AA:F5:20:31:08:85:F8:1D:45:27:5B:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NtYESWbFdDmq9SAxCIX4HUUnWyo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/0543e3-1bf0-4db3-b01e-a1d6054350d2/1/6Bd_dmaoEZ1Gs0FRJb3NyILTT9A.roa
Signing time: Wed 29 Apr 2026 02:23:49 +0000
ROA not before: Wed 29 Apr 2026 02:23:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 135377
IP address blocks: 134.168.240.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/0543e3-1bf0-4db3-b01e-a1d6054350d2/1/NtYESWbFdDmq9SAxCIX4HUUnWyo.crl
rsync://rpki.ripe.net/repository/DEFAULT/6d/0543e3-1bf0-4db3-b01e-a1d6054350d2/1/NtYESWbFdDmq9SAxCIX4HUUnWyo.mft
rsync://rpki.ripe.net/repository/DEFAULT/NtYESWbFdDmq9SAxCIX4HUUnWyo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d7:0c:bb:cf:3d:82:74:37:a2:bc:29:44:fd:1d:ba:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36d6044966c57439aaf520310885f81d45275b2a
Validity
Not Before: Apr 29 02:23:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e8177f7666a8119d46b3415125bdcdc882d34fd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:f7:e0:67:70:77:f0:6e:47:fd:33:92:ac:65:
4b:5d:2f:ce:3a:3c:c1:c0:36:3c:6b:ef:cc:6e:18:
f9:eb:53:af:3b:7d:cc:20:59:60:6a:f7:9f:b7:01:
a0:dd:60:fe:56:72:9f:ce:61:76:aa:ad:ec:2a:33:
94:ee:e4:ab:39:27:6b:be:f1:46:78:d6:62:9a:ca:
34:82:54:3d:cd:66:e6:5f:67:19:be:af:03:a2:c4:
f0:81:eb:a8:a6:96:1b:de:4f:99:54:19:84:5f:d2:
93:01:8d:be:b4:e4:59:17:be:12:14:8c:82:a5:83:
89:a7:26:2a:72:51:e1:05:89:94:65:93:3f:59:16:
9b:87:c2:58:a1:5b:c6:29:d5:8f:a5:60:0c:46:c1:
54:b9:1e:97:68:01:97:1e:3e:25:49:83:c0:23:31:
9d:05:66:7f:71:25:8d:2a:ff:d8:7a:cf:ba:7b:69:
57:0b:e7:bd:a9:7a:64:75:da:ad:cf:29:a4:5e:a7:
a0:c3:1d:01:13:fd:48:1c:1e:e2:12:d8:62:2e:3d:
9e:72:29:19:d7:a3:a8:24:0e:62:15:34:ed:ac:57:
4c:df:da:a8:7c:e4:4e:55:3d:e0:7f:46:65:5b:2f:
6d:d7:4b:69:6d:37:ca:04:06:ea:49:4a:e9:ae:7b:
16:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:17:7F:76:66:A8:11:9D:46:B3:41:51:25:BD:CD:C8:82:D3:4F:D0
X509v3 Authority Key Identifier:
keyid:36:D6:04:49:66:C5:74:39:AA:F5:20:31:08:85:F8:1D:45:27:5B:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NtYESWbFdDmq9SAxCIX4HUUnWyo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/0543e3-1bf0-4db3-b01e-a1d6054350d2/1/6Bd_dmaoEZ1Gs0FRJb3NyILTT9A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/0543e3-1bf0-4db3-b01e-a1d6054350d2/1/NtYESWbFdDmq9SAxCIX4HUUnWyo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
134.168.240.0/20
Signature Algorithm: sha256WithRSAEncryption
0b:20:0f:10:b8:02:c3:70:55:ca:ce:9a:32:89:ed:97:65:ce:
fa:74:69:cf:68:48:a7:4e:b5:03:c8:d2:b5:ea:83:bb:a4:1c:
4b:26:12:24:03:b5:7c:04:61:90:75:a3:28:5d:38:48:fd:dc:
bd:99:2a:cc:30:65:91:65:19:62:cc:99:27:05:20:d1:8c:43:
0a:c9:37:4c:d2:7a:ce:47:04:a7:44:31:58:07:95:44:0c:44:
52:d2:44:4b:a2:d6:1d:ba:b3:98:cd:fc:79:7e:18:86:17:df:
ee:ec:78:05:8e:00:4a:88:ad:45:4b:d6:f5:89:8d:b0:07:cd:
1c:05:ba:87:24:7b:2c:69:9f:56:50:20:40:8b:ea:8b:d4:d9:
ef:52:12:ff:f0:6b:b6:dd:2f:cd:1f:da:25:58:60:09:fd:ea:
38:1c:7f:75:f1:96:b3:d2:15:b0:8f:a5:3b:83:3d:fc:5b:3c:
e3:80:68:9e:79:a5:c2:53:01:0d:9c:d2:80:1d:b6:b4:8a:63:
4d:54:1b:b2:54:04:c2:e9:fa:de:7f:f7:d7:60:f8:d4:4b:70:
99:cb:6a:8f:70:eb:ff:fb:9d:83:37:a3:1d:7b:c7:c4:40:98:
26:97:13:75:dc:1a:9b:12:33:72:e0:54:1d:81:52:58:25:88:
02:7a:9f:6c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ3XDLvPPYJ0N6K8KUT9HbqIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2ZDYwNDQ5NjZjNTc0MzlhYWY1MjAzMTA4ODVmODFkNDUy
NzViMmEwHhcNMjYwNDI5MDIyMzQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODE3N2Y3NjY2YTgxMTlkNDZiMzQxNTEyNWJkY2RjODgyZDM0ZmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwffgZ3B38G5H/TOSrGVLXS/OOjzB
wDY8a+/Mbhj561OvO33MIFlgaveftwGg3WD+VnKfzmF2qq3sKjOU7uSrOSdrvvFG
eNZimso0glQ9zWbmX2cZvq8DosTwgeuoppYb3k+ZVBmEX9KTAY2+tORZF74SFIyC
pYOJpyYqclHhBYmUZZM/WRabh8JYoVvGKdWPpWAMRsFUuR6XaAGXHj4lSYPAIzGd
BWZ/cSWNKv/Yes+6e2lXC+e9qXpkddqtzymkXqegwx0BE/1IHB7iEthiLj2ecikZ
16OoJA5iFTTtrFdM39qofOROVT3gf0ZlWy9t10tpbTfKBAbqSUrprnsWTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOgXf3ZmqBGdRrNBUSW9zciC00/QMB8GA1UdIwQY
MBaAFDbWBElmxXQ5qvUgMQiF+B1FJ1sqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnRZRVNXYkZkRG1xOVNBeENJWDRIVVVuV3lvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC8wNTQzZTMtMWJmMC00ZGIzLWIwMWUt
YTFkNjA1NDM1MGQyLzEvNkJkX2RtYW9FWjFHczBGUkpiM055SUxUVDlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC8wNTQzZTMtMWJmMC00ZGIzLWIwMWUtYTFkNjA1NDM1MGQy
LzEvTnRZRVNXYkZkRG1xOVNBeENJWDRIVVVuV3lvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEhqjwMA0G
CSqGSIb3DQEBCwUAA4IBAQALIA8QuALDcFXKzpoyie2XZc76dGnPaEinTrUDyNK1
6oO7pBxLJhIkA7V8BGGQdaMoXThI/dy9mSrMMGWRZRlizJknBSDRjEMKyTdM0nrO
RwSnRDFYB5VEDERS0kRLotYdurOYzfx5fhiGF9/u7HgFjgBKiK1FS9b1iY2wB80c
BbqHJHssaZ9WUCBAi+qL1NnvUhL/8Gu23S/NH9olWGAJ/eo4HH918Zaz0hWwj6U7
gz38WzzjgGieeaXCUwENnNKAHba0imNNVBuyVATC6fref/fXYPjUS3CZy2qPcOv/
+52DN6Mde8fEQJgmlxN13BqbEjNy4FQdgVJYJYgCep9s
-----END CERTIFICATE-----
Generated at Wed May 13 05:26:04 2026 by rpki-client