Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/587792-bae9-4183-a4b1-ff5f1ad69266/1/2-9TE0hGien7uJimnUsiIL-slx4.roa
File: 2-9TE0hGien7uJimnUsiIL-slx4.roa (raw, json)
Hash identifier: ITBjj6tI+9B/OwJk2K8Dzw0Ey9IFfvrN1KI8kY4JXFU=
Subject key identifier: DB:EF:53:13:48:46:89:E9:FB:B8:98:A6:9D:4B:22:20:BF:AC:97:1E
Certificate issuer: /CN=b3c51b0c063cfc16943fc9a47e2c805990f6eaae
Certificate serial: 019E09454C2A6646B47CE2F14DED1763D8FE
Authority key identifier: B3:C5:1B:0C:06:3C:FC:16:94:3F:C9:A4:7E:2C:80:59:90:F6:EA:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s8UbDAY8_BaUP8mkfiyAWZD26q4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/587792-bae9-4183-a4b1-ff5f1ad69266/1/2-9TE0hGien7uJimnUsiIL-slx4.roa
Signing time: Fri 08 May 2026 20:26:36 +0000
ROA not before: Fri 08 May 2026 20:26:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 206735
IP address blocks: 109.68.151.0/24 maxlen: 24
185.88.21.0/24 maxlen: 24
185.88.22.0/24 maxlen: 24
185.205.98.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/587792-bae9-4183-a4b1-ff5f1ad69266/1/s8UbDAY8_BaUP8mkfiyAWZD26q4.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/587792-bae9-4183-a4b1-ff5f1ad69266/1/s8UbDAY8_BaUP8mkfiyAWZD26q4.mft
rsync://rpki.ripe.net/repository/DEFAULT/s8UbDAY8_BaUP8mkfiyAWZD26q4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:09:45:4c:2a:66:46:b4:7c:e2:f1:4d:ed:17:63:d8:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3c51b0c063cfc16943fc9a47e2c805990f6eaae
Validity
Not Before: May 8 20:26:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=dbef5313484689e9fbb898a69d4b2220bfac971e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:10:6e:05:ce:c5:d1:f3:0e:0f:23:01:8c:56:
03:94:cb:59:6a:08:2a:48:58:f3:2a:b0:da:2d:4e:
12:ee:6a:ac:c2:2b:55:dd:fb:d6:e1:fb:c3:c1:ec:
aa:10:6d:b0:e7:17:8b:38:1c:83:b8:ee:a1:1c:8f:
5e:5b:04:19:e0:a3:3f:eb:ca:82:5c:4b:87:eb:b9:
59:11:d2:72:b7:a7:f5:4b:7e:df:ef:1d:ed:d6:58:
d8:89:e1:30:33:4b:7f:b9:af:55:ad:bc:c6:c0:cb:
b4:e4:fb:0f:8c:4a:3b:5b:50:58:48:51:b2:cc:77:
51:24:fd:54:ae:dd:56:41:56:fe:b8:d3:13:96:77:
5c:fa:50:2f:0a:de:0c:70:da:77:b6:1d:1d:5a:c2:
22:c3:7e:81:db:d8:12:b0:50:ca:7a:f9:f2:df:a4:
88:91:22:6b:d2:4d:36:24:93:b8:40:b3:41:27:91:
4a:b1:40:3d:a0:be:33:59:67:2b:f4:f9:4c:62:99:
12:d0:5e:99:33:9e:e9:71:eb:9c:ca:01:7f:1d:9c:
65:6a:85:49:c5:e3:bf:b8:07:1d:50:4f:3e:f1:22:
d8:da:cd:1b:0f:ad:b0:8d:8c:fb:24:35:c8:a4:e6:
04:ff:a1:9c:5d:d7:f3:88:e3:c1:05:44:6d:61:7a:
4b:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:EF:53:13:48:46:89:E9:FB:B8:98:A6:9D:4B:22:20:BF:AC:97:1E
X509v3 Authority Key Identifier:
keyid:B3:C5:1B:0C:06:3C:FC:16:94:3F:C9:A4:7E:2C:80:59:90:F6:EA:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s8UbDAY8_BaUP8mkfiyAWZD26q4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/587792-bae9-4183-a4b1-ff5f1ad69266/1/2-9TE0hGien7uJimnUsiIL-slx4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/587792-bae9-4183-a4b1-ff5f1ad69266/1/s8UbDAY8_BaUP8mkfiyAWZD26q4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.68.151.0/24
185.88.21.0-185.88.22.255
185.205.98.0/24
Signature Algorithm: sha256WithRSAEncryption
26:ac:df:62:a3:fb:aa:2c:b3:c4:87:f9:98:9e:36:60:ec:d7:
19:b4:ee:6e:68:65:76:55:b4:ce:d4:74:38:2b:53:4f:75:a4:
0f:5f:63:b7:da:39:04:3b:a2:e3:a1:d0:b5:99:bc:a0:b8:9c:
e8:e6:82:7c:37:e4:a9:26:7c:9e:29:b5:d2:95:ab:a7:45:bb:
05:9a:d5:a3:ae:0a:20:87:8e:b3:5f:23:dd:3a:74:7d:ab:70:
6b:14:03:94:24:3a:b5:81:cd:81:f6:e3:4d:7d:c9:41:65:14:
c9:4c:a3:38:77:95:c4:cc:27:d1:00:5b:1e:0a:c2:62:af:40:
e5:35:5a:bc:1d:6d:6f:b3:e2:73:05:16:43:a8:fa:94:d2:3c:
b1:77:a4:11:45:3f:94:2c:40:ec:91:f8:91:2a:4b:67:a6:52:
d5:45:6d:68:84:db:3f:be:be:51:fa:3f:5b:78:6c:4a:5d:b8:
c5:59:c4:61:0b:62:8a:2c:72:a4:1e:5b:68:fc:94:b3:35:83:
a4:f6:e3:d2:ab:a1:27:9f:1e:1e:eb:7c:bd:a8:18:bf:8e:6a:
39:21:9d:f5:40:ec:ec:91:19:19:ac:a4:cd:3c:00:a7:05:e3:
30:33:08:dc:4e:46:22:9d:ee:1f:89:04:9d:d5:9b:8d:33:92:
c9:b4:c6:8b
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZ4JRUwqZka0fOLxTe0XY9j+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYzUxYjBjMDYzY2ZjMTY5NDNmYzlhNDdlMmM4MDU5OTBm
NmVhYWUwHhcNMjYwNTA4MjAyNjM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmVmNTMxMzQ4NDY4OWU5ZmJiODk4YTY5ZDRiMjIyMGJmYWM5NzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlBBuBc7F0fMODyMBjFYDlMtZaggq
SFjzKrDaLU4S7mqswitV3fvW4fvDweyqEG2w5xeLOByDuO6hHI9eWwQZ4KM/68qC
XEuH67lZEdJyt6f1S37f7x3t1ljYieEwM0t/ua9VrbzGwMu05PsPjEo7W1BYSFGy
zHdRJP1Urt1WQVb+uNMTlndc+lAvCt4McNp3th0dWsIiw36B29gSsFDKevny36SI
kSJr0k02JJO4QLNBJ5FKsUA9oL4zWWcr9PlMYpkS0F6ZM57pceucygF/HZxlaoVJ
xeO/uAcdUE8+8SLY2s0bD62wjYz7JDXIpOYE/6GcXdfziOPBBURtYXpLtQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFNvvUxNIRonp+7iYpp1LIiC/rJceMB8GA1UdIwQY
MBaAFLPFGwwGPPwWlD/JpH4sgFmQ9uquMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczhVYkRBWThfQmFVUDhta2ZpeUFXWkQyNnE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi81ODc3OTItYmFlOS00MTgzLWE0YjEt
ZmY1ZjFhZDY5MjY2LzEvMi05VEUwaEdpZW43dUppbW5Vc2lJTC1zbHg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi81ODc3OTItYmFlOS00MTgzLWE0YjEtZmY1ZjFhZDY5MjY2
LzEvczhVYkRBWThfQmFVUDhta2ZpeUFXWkQyNnE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAbUSXMAwD
BAC5WBUDBAC5WBYDBAC5zWIwDQYJKoZIhvcNAQELBQADggEBACas32Kj+6oss8SH
+ZieNmDs1xm07m5oZXZVtM7UdDgrU091pA9fY7faOQQ7ouOh0LWZvKC4nOjmgnw3
5KkmfJ4ptdKVq6dFuwWa1aOuCiCHjrNfI906dH2rcGsUA5QkOrWBzYH24019yUFl
FMlMozh3lcTMJ9EAWx4KwmKvQOU1WrwdbW+z4nMFFkOo+pTSPLF3pBFFP5QsQOyR
+JEqS2emUtVFbWiE2z++vlH6P1t4bEpduMVZxGELYooscqQeW2j8lLM1g6T249Kr
oSefHh7rfL2oGL+OajkhnfVA7OyRGRmspM08AKcF4zAzCNxORiKd7h+JBJ3Vm40z
ksm0xos=
-----END CERTIFICATE-----
Generated at Wed May 13 07:59:46 2026 by rpki-client