Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/L69-NUUoYP9XJcHPUVUiRuacgd0.roa
File: L69-NUUoYP9XJcHPUVUiRuacgd0.roa (raw, json)
Hash identifier: mLc/EDXl4CWaLUa8M7/eCNRdVNHp2jway1R6/jRJ7g8=
Subject key identifier: 2F:AF:7E:35:45:28:60:FF:57:25:C1:CF:51:55:22:46:E6:9C:81:DD
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 019E0C97D2D95AFEF066227C18C678C48BCA
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/L69-NUUoYP9XJcHPUVUiRuacgd0.roa
Signing time: Sat 09 May 2026 11:55:36 +0000
ROA not before: Sat 09 May 2026 11:55:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 199186
IP address blocks: 89.42.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.mft
rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 16:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:0c:97:d2:d9:5a:fe:f0:66:22:7c:18:c6:78:c4:8b:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: May 9 11:55:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2faf7e35452860ff5725c1cf51552246e69c81dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:b4:21:63:c8:3d:11:27:73:6c:2a:21:68:ca:
32:66:85:8f:59:fc:97:52:e4:1c:01:97:42:b5:be:
3e:6e:1e:64:cf:0a:8b:ba:18:1a:6b:d9:19:f9:6b:
7f:c7:a8:45:6a:61:e0:bd:17:af:78:e5:0a:9b:12:
b3:2d:e9:cf:0f:6c:a9:85:a3:6e:f0:bb:0d:48:2f:
03:b8:40:0c:ec:82:5c:ce:fe:77:ce:2d:35:4f:0d:
d6:60:48:10:f0:c5:53:07:21:de:5a:6c:08:32:be:
a1:fc:5c:57:0e:a4:ad:f6:8e:3e:86:ac:88:83:2e:
df:70:cb:a3:6a:ea:98:e0:58:35:0d:38:95:d1:f1:
80:f7:6f:87:8a:9b:14:30:6f:c7:d6:4e:0a:35:99:
a9:4e:28:3c:6a:3d:58:02:a9:9a:1d:70:7e:d6:dd:
f4:6d:76:f9:40:34:06:c4:0f:7d:e8:2b:55:30:9e:
e9:60:cf:42:e3:82:43:f9:b9:85:e3:cd:41:4a:9d:
9a:52:62:12:f0:25:d6:cf:95:99:d7:ae:1c:ce:9f:
41:6d:65:b1:0b:d5:f5:71:ad:a4:16:b7:7b:92:64:
a5:87:d6:51:5b:54:fd:64:ee:1c:cc:e5:6f:24:fa:
af:a8:22:df:ef:ce:d5:6b:2a:ee:6f:d0:6e:31:fc:
9c:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:AF:7E:35:45:28:60:FF:57:25:C1:CF:51:55:22:46:E6:9C:81:DD
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/L69-NUUoYP9XJcHPUVUiRuacgd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.95.0/24
Signature Algorithm: sha256WithRSAEncryption
56:4c:5a:4b:f8:d2:90:a4:a0:b4:5f:8a:31:4e:f6:1b:e7:ee:
7d:b2:55:9f:0f:7f:e8:60:71:85:11:2c:c0:a9:ad:9c:c3:d0:
8b:f4:97:ca:e3:c6:51:4e:1a:95:d1:4a:cc:53:13:29:cc:ad:
da:6c:61:78:f6:7d:3f:ce:4f:44:83:0a:4e:01:1f:b0:b2:7c:
ad:fd:f0:cb:18:a1:e5:6e:f1:54:c8:f7:c3:bf:cf:96:a7:3f:
fc:31:e9:90:df:9d:49:55:88:7c:f8:54:ab:bb:21:3c:c2:89:
67:11:dc:ac:56:fa:f2:ae:91:b5:f5:a1:2e:90:d8:6b:2d:7e:
1a:c9:5b:0d:71:99:65:c2:ee:92:a3:f1:b6:0a:43:e5:38:9f:
1f:b1:e6:ea:f6:f2:12:9d:2c:73:67:83:57:dc:cc:09:fa:d1:
ac:00:4f:59:44:b7:f2:bb:f2:32:75:ef:44:eb:eb:00:43:05:
4a:98:4e:7d:b5:f8:40:24:ed:34:9b:23:87:f9:62:68:07:31:
f3:d2:89:8b:11:16:62:d6:e6:f5:5b:b9:80:80:55:be:ad:20:
80:aa:09:0c:0d:0f:9c:04:93:5f:05:60:0f:37:fa:bd:e2:33:
c8:66:11:8c:14:27:13:a9:a0:0d:f6:e7:0e:ca:0b:a4:26:d7:
bf:e1:f9:4a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ4Ml9LZWv7wZiJ8GMZ4xIvKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjYwNTA5MTE1NTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmFmN2UzNTQ1Mjg2MGZmNTcyNWMxY2Y1MTU1MjI0NmU2OWM4MWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAprQhY8g9ESdzbCohaMoyZoWPWfyX
UuQcAZdCtb4+bh5kzwqLuhgaa9kZ+Wt/x6hFamHgvReveOUKmxKzLenPD2yphaNu
8LsNSC8DuEAM7IJczv53zi01Tw3WYEgQ8MVTByHeWmwIMr6h/FxXDqSt9o4+hqyI
gy7fcMujauqY4Fg1DTiV0fGA92+HipsUMG/H1k4KNZmpTig8aj1YAqmaHXB+1t30
bXb5QDQGxA996CtVMJ7pYM9C44JD+bmF481BSp2aUmIS8CXWz5WZ164czp9BbWWx
C9X1ca2kFrd7kmSlh9ZRW1T9ZO4czOVvJPqvqCLf787Vayrub9BuMfychwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC+vfjVFKGD/VyXBz1FVIkbmnIHdMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvTDY5LU5VVW9ZUDlYSmNIUFVWVWlSdWFjZ2QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSpfMA0G
CSqGSIb3DQEBCwUAA4IBAQBWTFpL+NKQpKC0X4oxTvYb5+59slWfD3/oYHGFESzA
qa2cw9CL9JfK48ZRThqV0UrMUxMpzK3abGF49n0/zk9EgwpOAR+wsnyt/fDLGKHl
bvFUyPfDv8+Wpz/8MemQ351JVYh8+FSruyE8wolnEdysVvryrpG19aEukNhrLX4a
yVsNcZllwu6So/G2CkPlOJ8fsebq9vISnSxzZ4NX3MwJ+tGsAE9ZRLfyu/Iyde9E
6+sAQwVKmE59tfhAJO00myOH+WJoBzHz0omLERZi1ub1W7mAgFW+rSCAqgkMDQ+c
BJNfBWAPN/q94jPIZhGMFCcTqaAN9ucOygukJte/4flK
-----END CERTIFICATE-----
Generated at Wed May 13 02:49:02 2026 by rpki-client