Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/67f707-0006-469d-b311-cdd4d8f8d0d9/1/0ttkVx2NWCTHv4qe688EscfORjE.roa
File: 0ttkVx2NWCTHv4qe688EscfORjE.roa (raw, json)
Hash identifier: ghKgYeI4Lfc7/b9uWLhvosp/wzvsgali/oUedQGdwGg=
Subject key identifier: D2:DB:64:57:1D:8D:58:24:C7:BF:8A:9E:EB:CF:04:B1:C7:CE:46:31
Certificate issuer: /CN=bd4ad21a0a69dc041c4e1770eb18ba43b6db29ce
Certificate serial: 019DAF9DBC975108F361C57BB6903F68B2BD
Authority key identifier: BD:4A:D2:1A:0A:69:DC:04:1C:4E:17:70:EB:18:BA:43:B6:DB:29:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vUrSGgpp3AQcThdw6xi6Q7bbKc4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/67f707-0006-469d-b311-cdd4d8f8d0d9/1/0ttkVx2NWCTHv4qe688EscfORjE.roa
Signing time: Tue 21 Apr 2026 10:37:23 +0000
ROA not before: Tue 21 Apr 2026 10:37:23 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 209283
IP address blocks: 78.140.252.0/24 maxlen: 24
78.140.253.0/24 maxlen: 24
185.255.76.0/22 maxlen: 22
2a06:4800::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a4/67f707-0006-469d-b311-cdd4d8f8d0d9/1/vUrSGgpp3AQcThdw6xi6Q7bbKc4.crl
rsync://rpki.ripe.net/repository/DEFAULT/a4/67f707-0006-469d-b311-cdd4d8f8d0d9/1/vUrSGgpp3AQcThdw6xi6Q7bbKc4.mft
rsync://rpki.ripe.net/repository/DEFAULT/vUrSGgpp3AQcThdw6xi6Q7bbKc4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:af:9d:bc:97:51:08:f3:61:c5:7b:b6:90:3f:68:b2:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd4ad21a0a69dc041c4e1770eb18ba43b6db29ce
Validity
Not Before: Apr 21 10:37:23 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d2db64571d8d5824c7bf8a9eebcf04b1c7ce4631
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:e5:37:95:6c:4d:09:32:b3:42:2c:ac:17:3c:
91:2a:1a:28:fb:f2:6e:b0:19:1c:c9:45:b1:89:bb:
aa:e3:8f:c4:cc:d7:d4:d2:d3:d1:8b:71:ac:25:3e:
6b:79:38:1d:cf:23:93:53:d9:4d:07:bb:08:16:09:
ee:ea:3e:24:9c:5f:c9:46:e2:ea:f9:5f:9c:df:d4:
bd:ed:3c:60:87:06:c7:6c:7e:bc:8c:d3:e0:d4:ce:
f7:b6:01:c1:f7:5e:f8:f5:ae:1f:71:e4:d5:ac:8e:
7a:ce:64:ad:84:4e:90:7b:24:98:f4:6c:c5:01:b8:
fd:06:da:1c:7f:10:57:87:12:a1:54:94:38:bc:ab:
52:66:32:b9:fa:52:b4:42:7b:74:0d:ff:01:75:7f:
8a:06:37:b1:20:5b:58:b7:28:4c:de:9c:ef:c2:90:
2b:ea:d5:03:ab:b2:73:8f:b1:bf:c9:85:d3:4d:4b:
7e:1c:08:bc:b1:93:27:c0:2b:d8:25:79:00:7f:13:
db:6d:c3:83:f2:9d:aa:28:a2:3c:8c:41:cf:88:7d:
85:d4:e0:89:af:5b:bc:c2:3d:df:79:ba:2f:4e:ed:
a8:74:2d:3b:76:ff:8b:dc:f2:d6:08:9e:56:82:21:
fd:50:5c:89:c7:47:e7:8b:82:fc:01:cb:ce:de:81:
de:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:DB:64:57:1D:8D:58:24:C7:BF:8A:9E:EB:CF:04:B1:C7:CE:46:31
X509v3 Authority Key Identifier:
keyid:BD:4A:D2:1A:0A:69:DC:04:1C:4E:17:70:EB:18:BA:43:B6:DB:29:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vUrSGgpp3AQcThdw6xi6Q7bbKc4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/67f707-0006-469d-b311-cdd4d8f8d0d9/1/0ttkVx2NWCTHv4qe688EscfORjE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/67f707-0006-469d-b311-cdd4d8f8d0d9/1/vUrSGgpp3AQcThdw6xi6Q7bbKc4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.140.252.0/23
185.255.76.0/22
IPv6:
2a06:4800::/32
Signature Algorithm: sha256WithRSAEncryption
c6:0a:c8:e7:68:0c:fd:93:36:d8:4c:c6:13:ba:c7:50:78:20:
d5:d7:6f:ca:17:df:8a:52:21:76:91:57:ff:6d:32:6d:6a:fb:
1e:65:57:38:4f:36:51:95:98:d7:a1:03:50:ea:5b:88:f4:e1:
46:63:fa:e8:12:02:98:86:11:01:2b:82:01:db:88:23:f9:96:
b4:07:6d:20:c6:8b:51:5d:b2:86:88:11:3e:f3:50:8d:59:72:
c7:26:75:d0:ca:70:55:67:d2:2f:3b:cb:1b:60:88:bf:f7:43:
b7:ef:f9:8b:d3:08:c7:ac:78:95:28:6d:35:c2:b8:10:cf:e8:
56:d9:8b:fd:05:18:37:ba:85:c9:7b:bc:07:cb:a4:7a:e5:3d:
19:68:62:82:78:37:ee:1e:7d:8a:af:48:9a:24:2d:71:cb:64:
eb:0e:06:d8:8b:a4:77:0a:c2:c3:00:b6:ed:5e:ed:6c:8f:39:
85:fe:ee:06:55:4a:b3:59:4b:80:a6:98:53:4d:02:cb:07:77:
17:c0:f1:30:8a:4d:ef:e1:6c:9d:27:d9:0d:29:64:03:8d:5f:
b0:74:58:c3:c5:f5:7c:6f:e1:2c:bf:98:50:da:68:a4:39:d0:
8f:c0:5f:73:25:94:0e:cb:f2:5f:5d:e8:92:47:50:71:94:f4:
02:86:8b:50
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZ2vnbyXUQjzYcV7tpA/aLK9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkNGFkMjFhMGE2OWRjMDQxYzRlMTc3MGViMThiYTQzYjZk
YjI5Y2UwHhcNMjYwNDIxMTAzNzIzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmRiNjQ1NzFkOGQ1ODI0YzdiZjhhOWVlYmNmMDRiMWM3Y2U0NjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtuU3lWxNCTKzQiysFzyRKhoo+/Ju
sBkcyUWxibuq44/EzNfU0tPRi3GsJT5reTgdzyOTU9lNB7sIFgnu6j4knF/JRuLq
+V+c39S97TxghwbHbH68jNPg1M73tgHB91749a4fceTVrI56zmSthE6QeySY9GzF
Abj9BtocfxBXhxKhVJQ4vKtSZjK5+lK0Qnt0Df8BdX+KBjexIFtYtyhM3pzvwpAr
6tUDq7Jzj7G/yYXTTUt+HAi8sZMnwCvYJXkAfxPbbcOD8p2qKKI8jEHPiH2F1OCJ
r1u8wj3febovTu2odC07dv+L3PLWCJ5WgiH9UFyJx0fni4L8AcvO3oHe7QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNLbZFcdjVgkx7+KnuvPBLHHzkYxMB8GA1UdIwQY
MBaAFL1K0hoKadwEHE4XcOsYukO22ynOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlVyU0dncHAzQVFjVGhkdzZ4aTZRN2JiS2M0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC82N2Y3MDctMDAwNi00NjlkLWIzMTEt
Y2RkNGQ4ZjhkMGQ5LzEvMHR0a1Z4Mk5XQ1RIdjRxZTY4OEVzY2ZPUmpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC82N2Y3MDctMDAwNi00NjlkLWIzMTEtY2RkNGQ4ZjhkMGQ5
LzEvdlVyU0dncHAzQVFjVGhkdzZ4aTZRN2JiS2M0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBToz8AwQC
uf9MMA0EAgACMAcDBQAqBkgAMA0GCSqGSIb3DQEBCwUAA4IBAQDGCsjnaAz9kzbY
TMYTusdQeCDV12/KF9+KUiF2kVf/bTJtavseZVc4TzZRlZjXoQNQ6luI9OFGY/ro
EgKYhhEBK4IB24gj+Za0B20gxotRXbKGiBE+81CNWXLHJnXQynBVZ9IvO8sbYIi/
90O37/mL0wjHrHiVKG01wrgQz+hW2Yv9BRg3uoXJe7wHy6R65T0ZaGKCeDfuHn2K
r0iaJC1xy2TrDgbYi6R3CsLDALbtXu1sjzmF/u4GVUqzWUuApphTTQLLB3cXwPEw
ik3v4WydJ9kNKWQDjV+wdFjDxfV8b+Esv5hQ2mikOdCPwF9zJZQOy/JfXeiSR1Bx
lPQChotQ
-----END CERTIFICATE-----
Generated at Tue May 12 21:44:45 2026 by rpki-client