Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/5b3d6d-e6f1-47ad-b52b-9d943671a8a3/1/BRf1u2tI0MdQq-fmpym4aodlAHc.roa
File: BRf1u2tI0MdQq-fmpym4aodlAHc.roa (raw, json)
Hash identifier: EgaKCAtRV2lGFKlk2kU+aO26h/pUeqeqSUfRHYRzlNU=
Subject key identifier: 05:17:F5:BB:6B:48:D0:C7:50:AB:E7:E6:A7:29:B8:6A:87:65:00:77
Certificate issuer: /CN=a0a154441df9623eeb5a196138d21bef5824b441
Certificate serial: 019DFD686B9806BE507A3F6CBAB9B8A93C04
Authority key identifier: A0:A1:54:44:1D:F9:62:3E:EB:5A:19:61:38:D2:1B:EF:58:24:B4:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oKFURB35Yj7rWhlhONIb71gktEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/5b3d6d-e6f1-47ad-b52b-9d943671a8a3/1/BRf1u2tI0MdQq-fmpym4aodlAHc.roa
Signing time: Wed 06 May 2026 13:09:32 +0000
ROA not before: Wed 06 May 2026 13:09:32 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 35613
IP address blocks: 176.74.128.0/19 maxlen: 19
193.200.244.0/24 maxlen: 24
193.200.246.0/24 maxlen: 24
193.200.251.0/24 maxlen: 24
193.200.252.0/24 maxlen: 24
2a00:9c80::/32 maxlen: 32
2a02:e9c::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/5b3d6d-e6f1-47ad-b52b-9d943671a8a3/1/oKFURB35Yj7rWhlhONIb71gktEE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c4/5b3d6d-e6f1-47ad-b52b-9d943671a8a3/1/oKFURB35Yj7rWhlhONIb71gktEE.mft
rsync://rpki.ripe.net/repository/DEFAULT/oKFURB35Yj7rWhlhONIb71gktEE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 20:10:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:fd:68:6b:98:06:be:50:7a:3f:6c:ba:b9:b8:a9:3c:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0a154441df9623eeb5a196138d21bef5824b441
Validity
Not Before: May 6 13:09:32 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0517f5bb6b48d0c750abe7e6a729b86a87650077
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:21:93:bf:01:b2:cc:27:56:00:00:4e:bd:2b:
d8:bc:16:94:e3:98:fc:ad:dc:53:ac:0e:c8:3f:21:
f1:26:49:29:ad:87:2d:6c:aa:a0:45:1e:b8:76:40:
5c:2a:f7:db:f2:53:92:87:7e:f5:30:22:b8:b6:d4:
ec:e4:f6:c0:9b:91:0c:7f:14:5d:d2:1f:69:b9:2d:
ad:4f:1f:61:20:df:bb:71:eb:c6:a4:8c:fa:77:9c:
30:c5:22:59:76:00:d6:48:84:34:c7:92:c9:13:79:
2f:06:b1:20:43:f7:ea:f7:0a:ac:bf:8f:99:5d:3b:
cf:f3:87:5c:bb:78:70:1e:8a:fc:aa:de:04:4e:72:
d7:59:ef:d6:f9:f8:51:1b:f5:92:b2:83:ac:c9:44:
9f:99:04:24:cf:65:e5:9f:cb:18:71:42:f1:b9:ca:
a6:77:f5:64:db:77:06:30:1b:84:af:e1:6f:33:81:
1a:47:6b:cc:ab:d4:aa:3e:63:f2:b6:cb:d0:90:ee:
63:f2:ad:a4:f3:87:97:2e:33:3f:5e:4c:cb:c2:9e:
76:5d:3f:36:9f:43:ed:ad:6f:a0:6a:05:95:63:86:
73:6c:a7:8a:06:6f:91:b2:f8:8a:41:af:48:d1:73:
a8:53:e6:6a:0c:f7:c7:ed:68:36:d9:b4:37:65:1e:
55:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:17:F5:BB:6B:48:D0:C7:50:AB:E7:E6:A7:29:B8:6A:87:65:00:77
X509v3 Authority Key Identifier:
keyid:A0:A1:54:44:1D:F9:62:3E:EB:5A:19:61:38:D2:1B:EF:58:24:B4:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oKFURB35Yj7rWhlhONIb71gktEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/5b3d6d-e6f1-47ad-b52b-9d943671a8a3/1/BRf1u2tI0MdQq-fmpym4aodlAHc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/5b3d6d-e6f1-47ad-b52b-9d943671a8a3/1/oKFURB35Yj7rWhlhONIb71gktEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.74.128.0/19
193.200.244.0/24
193.200.246.0/24
193.200.251.0-193.200.252.255
IPv6:
2a00:9c80::/32
2a02:e9c::/32
Signature Algorithm: sha256WithRSAEncryption
55:4d:ca:be:3d:3c:00:fc:36:23:30:19:16:bb:56:c0:51:32:
76:2e:f0:c5:04:97:26:66:99:c5:23:34:3a:24:3b:a4:fe:a3:
15:d6:06:48:40:77:88:bd:ae:c7:1c:40:9f:fe:6d:4a:7c:44:
d1:8d:fe:9c:fa:93:28:6a:b8:46:5e:ca:01:6e:23:e4:06:0f:
ab:cc:c6:cb:15:ea:3e:d7:20:e4:c8:15:b2:f6:1d:98:04:03:
89:87:af:fb:d4:c1:48:b8:f9:89:64:14:69:8f:2d:4c:53:81:
a4:c7:2b:aa:57:ea:12:bf:5f:e8:94:c0:64:82:86:e7:44:98:
00:a3:6c:06:e0:65:5a:e8:09:4c:41:05:55:6b:e2:0c:7c:f1:
02:b7:be:99:01:0b:af:18:ad:c9:49:c4:3c:8e:7c:ce:56:99:
79:5c:3f:46:dd:77:a3:21:b1:76:54:ad:c8:7d:d8:37:06:ec:
7a:1f:03:4a:f1:9e:c1:b5:70:6b:6b:92:ff:b7:f6:3c:44:4b:
0b:4d:8e:44:c2:a9:34:23:81:d9:d3:2e:30:f6:84:11:04:bb:
5d:d7:fb:14:83:4c:fa:8a:50:c5:fb:98:2e:2e:15:50:69:ad:
35:1e:4e:5e:5d:30:47:42:cd:fe:1a:e6:17:b5:ed:9e:f3:95:
4d:7e:16:2c
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZ39aGuYBr5Qej9surm4qTwEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwYTE1NDQ0MWRmOTYyM2VlYjVhMTk2MTM4ZDIxYmVmNTgy
NGI0NDEwHhcNMjYwNTA2MTMwOTMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTE3ZjViYjZiNDhkMGM3NTBhYmU3ZTZhNzI5Yjg2YTg3NjUwMDc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtSGTvwGyzCdWAABOvSvYvBaU45j8
rdxTrA7IPyHxJkkprYctbKqgRR64dkBcKvfb8lOSh371MCK4ttTs5PbAm5EMfxRd
0h9puS2tTx9hIN+7cevGpIz6d5wwxSJZdgDWSIQ0x5LJE3kvBrEgQ/fq9wqsv4+Z
XTvP84dcu3hwHor8qt4ETnLXWe/W+fhRG/WSsoOsyUSfmQQkz2Xln8sYcULxucqm
d/Vk23cGMBuEr+FvM4EaR2vMq9SqPmPytsvQkO5j8q2k84eXLjM/XkzLwp52XT82
n0PtrW+gagWVY4ZzbKeKBm+RsviKQa9I0XOoU+ZqDPfH7Wg22bQ3ZR5VVQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFAUX9btrSNDHUKvn5qcpuGqHZQB3MB8GA1UdIwQY
MBaAFKChVEQd+WI+61oZYTjSG+9YJLRBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0tGVVJCMzVZajdyV2hsaE9OSWI3MWdrdEVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC81YjNkNmQtZTZmMS00N2FkLWI1MmIt
OWQ5NDM2NzFhOGEzLzEvQlJmMXUydEkwTWRRcS1mbXB5bTRhb2RsQUhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC81YjNkNmQtZTZmMS00N2FkLWI1MmItOWQ5NDM2NzFhOGEz
LzEvb0tGVVJCMzVZajdyV2hsaE9OSWI3MWdrdEVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAmBAIAATAgAwQFsEqAAwQA
wcj0AwQAwcj2MAwDBADByPsDBADByPwwFAQCAAIwDgMFACoAnIADBQAqAg6cMA0G
CSqGSIb3DQEBCwUAA4IBAQBVTcq+PTwA/DYjMBkWu1bAUTJ2LvDFBJcmZpnFIzQ6
JDuk/qMV1gZIQHeIva7HHECf/m1KfETRjf6c+pMoarhGXsoBbiPkBg+rzMbLFeo+
1yDkyBWy9h2YBAOJh6/71MFIuPmJZBRpjy1MU4GkxyuqV+oSv1/olMBkgobnRJgA
o2wG4GVa6AlMQQVVa+IMfPECt76ZAQuvGK3JScQ8jnzOVpl5XD9G3XejIbF2VK3I
fdg3Bux6HwNK8Z7BtXBra5L/t/Y8REsLTY5Ewqk0I4HZ0y4w9oQRBLtd1/sUg0z6
ilDF+5guLhVQaa01Hk5eXTBHQs3+GuYXte2e85VNfhYs
-----END CERTIFICATE-----
Generated at Wed May 13 03:17:09 2026 by rpki-client