Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/6234c0-a78c-439c-a6ee-5ccf6f4b7920/1/CEtSnynucMTXjmsVQI2XO0Vay7g.roa
File: CEtSnynucMTXjmsVQI2XO0Vay7g.roa (raw, json)
Hash identifier: 2YbIxKxSxNLbUsVeSSXam6c2lBbX/6A1TDycN6DbUfg=
Subject key identifier: 08:4B:52:9F:29:EE:70:C4:D7:8E:6B:15:40:8D:97:3B:45:5A:CB:B8
Certificate issuer: /CN=fdd0fd68c1b6b569b9f7c4813ac12ded6ae5e8ab
Certificate serial: 019E1CE95E7C72BE3D4AED5CA74FA8CB66DD
Authority key identifier: FD:D0:FD:68:C1:B6:B5:69:B9:F7:C4:81:3A:C1:2D:ED:6A:E5:E8:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_dD9aMG2tWm598SBOsEt7Wrl6Ks.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/6234c0-a78c-439c-a6ee-5ccf6f4b7920/1/CEtSnynucMTXjmsVQI2XO0Vay7g.roa
Signing time: Tue 12 May 2026 15:58:36 +0000
ROA not before: Tue 12 May 2026 15:58:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 51369
IP address blocks: 91.209.127.0/24 maxlen: 24
91.239.132.0/22 maxlen: 22
185.16.116.0/22 maxlen: 22
194.15.126.0/23 maxlen: 23
2001:67c:1484::/48 maxlen: 48
2a04:280::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/6234c0-a78c-439c-a6ee-5ccf6f4b7920/1/_dD9aMG2tWm598SBOsEt7Wrl6Ks.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/6234c0-a78c-439c-a6ee-5ccf6f4b7920/1/_dD9aMG2tWm598SBOsEt7Wrl6Ks.mft
rsync://rpki.ripe.net/repository/DEFAULT/_dD9aMG2tWm598SBOsEt7Wrl6Ks.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1c:e9:5e:7c:72:be:3d:4a:ed:5c:a7:4f:a8:cb:66:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fdd0fd68c1b6b569b9f7c4813ac12ded6ae5e8ab
Validity
Not Before: May 12 15:58:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=084b529f29ee70c4d78e6b15408d973b455acbb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:bd:d5:33:1e:32:e8:e5:78:23:62:ab:96:c0:
f3:8c:d3:c9:96:d2:9d:ef:44:89:f0:66:33:6e:6d:
d3:4f:4c:04:ae:d8:ce:ef:52:63:8c:90:fa:4c:97:
7b:e3:f8:3e:76:bc:29:df:d8:b9:5e:d6:36:55:85:
b1:f8:59:0d:2b:3f:91:3d:e9:7d:04:bd:5c:44:a7:
38:5b:dd:43:d8:2c:ac:f1:b7:f2:96:37:8d:bf:32:
ea:e8:e7:7f:23:ef:7c:43:34:65:54:fe:df:9e:18:
72:b3:12:95:6d:00:99:79:77:93:ea:b2:3c:0a:c8:
50:ce:11:4d:cc:1e:9e:0f:de:a1:ec:01:51:7c:6b:
82:a3:99:05:5c:88:4f:9e:4d:65:5a:ac:1b:08:eb:
88:1f:d9:ac:94:6a:92:df:c0:28:81:33:41:28:64:
7b:73:e3:59:44:01:99:ea:1d:58:86:6c:18:7b:d0:
b3:b3:aa:ff:f4:31:99:9b:de:0b:ac:9e:66:bd:e7:
b8:00:c6:41:d2:b8:70:1a:21:9d:70:db:09:84:2c:
c6:19:d2:05:d1:77:3f:68:a8:c7:db:51:73:7a:ab:
41:09:47:26:48:0f:1b:18:16:8c:85:f2:4d:02:05:
9d:e2:a0:07:cb:e7:81:ac:07:20:64:6c:33:55:99:
db:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:4B:52:9F:29:EE:70:C4:D7:8E:6B:15:40:8D:97:3B:45:5A:CB:B8
X509v3 Authority Key Identifier:
keyid:FD:D0:FD:68:C1:B6:B5:69:B9:F7:C4:81:3A:C1:2D:ED:6A:E5:E8:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_dD9aMG2tWm598SBOsEt7Wrl6Ks.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/6234c0-a78c-439c-a6ee-5ccf6f4b7920/1/CEtSnynucMTXjmsVQI2XO0Vay7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/6234c0-a78c-439c-a6ee-5ccf6f4b7920/1/_dD9aMG2tWm598SBOsEt7Wrl6Ks.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.127.0/24
91.239.132.0/22
185.16.116.0/22
194.15.126.0/23
IPv6:
2001:67c:1484::/48
2a04:280::/29
Signature Algorithm: sha256WithRSAEncryption
66:a4:e5:c5:a3:ee:50:5a:d7:d5:96:5e:6a:3a:bc:1b:bf:58:
e8:ca:b6:06:8d:25:5a:fd:48:6f:ff:2d:84:26:60:87:5d:d6:
ca:cd:db:19:4f:cb:3e:8e:7f:b0:7e:10:64:02:c7:5f:f0:48:
98:e9:69:58:94:3d:85:7e:a1:e0:3f:cf:e8:ec:74:65:c5:5d:
19:83:43:77:32:65:23:a2:19:fa:3d:00:f7:18:e5:5b:f0:51:
c5:e1:5e:28:bf:20:3b:79:12:28:78:e9:1b:b4:eb:1a:90:84:
9b:f5:fb:79:b4:f6:69:c6:cd:5e:3c:85:e5:04:62:6d:59:27:
24:78:37:4b:75:f1:fe:88:0d:3b:47:69:2c:57:d8:94:c6:fe:
d8:b1:f3:fc:00:ec:0a:a9:91:42:04:d2:ef:8a:00:73:58:e8:
4e:5e:33:3e:40:23:55:7e:11:c0:f1:cc:f7:dc:bb:3f:86:02:
7a:86:0a:2f:a6:0c:53:2f:69:25:f2:31:68:40:1f:7e:c0:2f:
b1:4a:a2:e1:56:23:9e:22:d2:55:3c:75:71:bf:96:7c:35:15:
3f:78:67:6c:7e:31:28:13:f6:8e:50:2e:39:7c:37:94:ea:71:
4b:4d:79:ee:98:d8:96:73:ab:9a:11:e1:61:82:6b:36:28:e4:
18:e8:3e:69
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZ4c6V58cr49Su1cp0+oy2bdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkZDBmZDY4YzFiNmI1NjliOWY3YzQ4MTNhYzEyZGVkNmFl
NWU4YWIwHhcNMjYwNTEyMTU1ODM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODRiNTI5ZjI5ZWU3MGM0ZDc4ZTZiMTU0MDhkOTczYjQ1NWFjYmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsL3VMx4y6OV4I2KrlsDzjNPJltKd
70SJ8GYzbm3TT0wErtjO71JjjJD6TJd74/g+drwp39i5XtY2VYWx+FkNKz+RPel9
BL1cRKc4W91D2Cys8bfyljeNvzLq6Od/I+98QzRlVP7fnhhysxKVbQCZeXeT6rI8
CshQzhFNzB6eD96h7AFRfGuCo5kFXIhPnk1lWqwbCOuIH9mslGqS38AogTNBKGR7
c+NZRAGZ6h1YhmwYe9Czs6r/9DGZm94LrJ5mvee4AMZB0rhwGiGdcNsJhCzGGdIF
0Xc/aKjH21FzeqtBCUcmSA8bGBaMhfJNAgWd4qAHy+eBrAcgZGwzVZnb9QIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFAhLUp8p7nDE145rFUCNlztFWsu4MB8GA1UdIwQY
MBaAFP3Q/WjBtrVpuffEgTrBLe1q5eirMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2REOWFNRzJ0V201OThTQk9zRXQ3V3JsNktzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC82MjM0YzAtYTc4Yy00MzljLWE2ZWUt
NWNjZjZmNGI3OTIwLzEvQ0V0U255bnVjTVRYam1zVlFJMlhPMFZheTdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC82MjM0YzAtYTc4Yy00MzljLWE2ZWUtNWNjZjZmNGI3OTIw
LzEvX2REOWFNRzJ0V201OThTQk9zRXQ3V3JsNktzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODAeBAIAATAYAwQAW9F/AwQC
W++EAwQCuRB0AwQBwg9+MBYEAgACMBADBwAgAQZ8FIQDBQMqBAKAMA0GCSqGSIb3
DQEBCwUAA4IBAQBmpOXFo+5QWtfVll5qOrwbv1joyrYGjSVa/Uhv/y2EJmCHXdbK
zdsZT8s+jn+wfhBkAsdf8EiY6WlYlD2FfqHgP8/o7HRlxV0Zg0N3MmUjohn6PQD3
GOVb8FHF4V4ovyA7eRIoeOkbtOsakISb9ft5tPZpxs1ePIXlBGJtWSckeDdLdfH+
iA07R2ksV9iUxv7YsfP8AOwKqZFCBNLvigBzWOhOXjM+QCNVfhHA8cz33Ls/hgJ6
hgovpgxTL2kl8jFoQB9+wC+xSqLhViOeItJVPHVxv5Z8NRU/eGdsfjEoE/aOUC45
fDeU6nFLTXnumNiWc6uaEeFhgms2KOQY6D5p
-----END CERTIFICATE-----
Generated at Tue May 12 21:38:43 2026 by rpki-client