Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/433edf-aaf8-4669-877c-e3781d8fe74c/1/CkAhU5a7YSBIG-o6BpREPmYhCGg.roa
File: CkAhU5a7YSBIG-o6BpREPmYhCGg.roa (raw, json)
Hash identifier: h2hbUWL0eiPGTV6yTSDgvXarG/Jxpy57N3mDxnUKoJA=
Subject key identifier: 0A:40:21:53:96:BB:61:20:48:1B:EA:3A:06:94:44:3E:66:21:08:68
Certificate issuer: /CN=6135c1f7b7140c872e7f3ff3462b4edc631d7674
Certificate serial: 019EB5B88DAB6C6062B2CF73EAC54325C77F
Authority key identifier: 61:35:C1:F7:B7:14:0C:87:2E:7F:3F:F3:46:2B:4E:DC:63:1D:76:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YTXB97cUDIcufz_zRitO3GMddnQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/433edf-aaf8-4669-877c-e3781d8fe74c/1/CkAhU5a7YSBIG-o6BpREPmYhCGg.roa
Signing time: Thu 11 Jun 2026 08:07:11 +0000
ROA not before: Thu 11 Jun 2026 08:07:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 52000
IP address blocks: 194.147.115.0/24 maxlen: 24
194.147.148.0/24 maxlen: 24
194.147.149.0/24 maxlen: 24
2a0f:4240::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/433edf-aaf8-4669-877c-e3781d8fe74c/1/YTXB97cUDIcufz_zRitO3GMddnQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/433edf-aaf8-4669-877c-e3781d8fe74c/1/YTXB97cUDIcufz_zRitO3GMddnQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/YTXB97cUDIcufz_zRitO3GMddnQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:b5:b8:8d:ab:6c:60:62:b2:cf:73:ea:c5:43:25:c7:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6135c1f7b7140c872e7f3ff3462b4edc631d7674
Validity
Not Before: Jun 11 08:07:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0a40215396bb6120481bea3a0694443e66210868
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:69:bf:e9:68:be:25:23:56:3b:20:61:5f:be:
bf:1a:a5:d7:0f:38:86:8e:ba:a3:bb:18:46:ce:f6:
5b:60:25:a2:e9:c6:1c:dd:4d:04:56:df:12:83:eb:
92:f9:47:96:86:c8:b9:6a:f7:1b:56:82:78:87:32:
83:cd:e3:a4:00:df:c7:14:be:26:36:23:b6:da:20:
00:04:23:23:d2:aa:d2:87:5d:e4:d1:d2:5f:96:b8:
08:5b:34:fd:74:26:50:6d:6b:87:49:4e:4e:19:12:
59:e9:5e:70:01:31:39:b5:9b:c4:f4:9b:35:10:a9:
b0:af:19:22:05:20:1d:7a:59:90:39:e9:01:2f:f4:
89:76:c6:64:7a:c9:34:5e:4b:ac:87:ab:6a:77:44:
c9:3e:4c:ef:b5:9f:73:5d:07:49:f4:a2:4b:8a:6a:
59:3f:3f:c9:98:20:18:64:78:01:1d:d0:e4:42:33:
2c:2e:10:e0:4e:f3:f4:9c:12:68:29:76:9f:b9:3a:
a5:d3:49:b8:2a:c8:74:a2:73:06:81:12:b7:97:80:
b9:7c:ee:e9:da:ee:b5:b8:cf:82:21:60:4f:1b:8f:
23:e4:fe:c6:e3:d7:8d:e1:9c:e0:2d:23:6d:7b:82:
75:e5:16:ea:ec:2a:10:be:4f:0b:1a:ee:9a:c0:48:
c9:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:40:21:53:96:BB:61:20:48:1B:EA:3A:06:94:44:3E:66:21:08:68
X509v3 Authority Key Identifier:
keyid:61:35:C1:F7:B7:14:0C:87:2E:7F:3F:F3:46:2B:4E:DC:63:1D:76:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YTXB97cUDIcufz_zRitO3GMddnQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/433edf-aaf8-4669-877c-e3781d8fe74c/1/CkAhU5a7YSBIG-o6BpREPmYhCGg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/433edf-aaf8-4669-877c-e3781d8fe74c/1/YTXB97cUDIcufz_zRitO3GMddnQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.147.115.0/24
194.147.148.0/23
IPv6:
2a0f:4240::/29
Signature Algorithm: sha256WithRSAEncryption
5f:ab:0b:11:0c:8b:f4:95:6e:36:5b:77:3a:fb:b4:2d:4d:0c:
4d:71:ab:b2:78:bd:3e:9a:51:21:ba:34:d6:8c:67:93:4c:df:
b1:47:74:80:a8:53:1a:6a:a3:7d:5c:ed:f4:8f:de:7e:7d:f9:
8f:3e:e0:48:dc:23:75:5f:9c:c5:4d:a3:bf:19:49:34:79:07:
57:fb:53:5d:57:75:97:9a:4e:d8:4a:f1:53:ce:08:ed:e7:56:
09:36:e6:82:ac:b0:21:30:44:53:86:cc:b0:3f:57:99:de:53:
50:0f:d6:f7:c6:cc:52:51:a9:e8:35:d9:cb:bb:06:db:f9:dc:
71:36:10:a8:8c:93:ba:3d:9f:56:5b:33:ba:81:cf:51:84:07:
3e:6f:45:dd:5b:8a:d5:ed:eb:fe:38:c4:86:a3:45:6a:ba:4e:
30:42:6b:98:f2:32:2e:d8:1e:26:9b:38:99:15:6d:46:fd:83:
16:04:a7:0b:52:f8:af:96:3b:97:c9:14:2e:ff:3d:63:5d:f4:
24:d7:59:a0:1b:09:b3:d8:b6:75:38:aa:ab:07:23:44:d1:50:
7b:f4:c2:0c:07:10:c6:73:7c:db:ca:b5:88:76:7c:e3:e3:cb:
c5:95:55:8d:e2:da:76:93:0e:3b:df:17:b9:d7:ae:36:66:6c:
4e:f6:ed:68
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZ61uI2rbGBiss9z6sVDJcd/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxMzVjMWY3YjcxNDBjODcyZTdmM2ZmMzQ2MmI0ZWRjNjMx
ZDc2NzQwHhcNMjYwNjExMDgwNzExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTQwMjE1Mzk2YmI2MTIwNDgxYmVhM2EwNjk0NDQzZTY2MjEwODY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiGm/6Wi+JSNWOyBhX76/GqXXDziG
jrqjuxhGzvZbYCWi6cYc3U0EVt8Sg+uS+UeWhsi5avcbVoJ4hzKDzeOkAN/HFL4m
NiO22iAABCMj0qrSh13k0dJflrgIWzT9dCZQbWuHSU5OGRJZ6V5wATE5tZvE9Js1
EKmwrxkiBSAdelmQOekBL/SJdsZkesk0Xkush6tqd0TJPkzvtZ9zXQdJ9KJLimpZ
Pz/JmCAYZHgBHdDkQjMsLhDgTvP0nBJoKXafuTql00m4Ksh0onMGgRK3l4C5fO7p
2u61uM+CIWBPG48j5P7G49eN4ZzgLSNte4J15Rbq7CoQvk8LGu6awEjJiQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFApAIVOWu2EgSBvqOgaURD5mIQhoMB8GA1UdIwQY
MBaAFGE1wfe3FAyHLn8/80YrTtxjHXZ0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVRYQjk3Y1VESWN1ZnpfelJpdE8zR01kZG5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS80MzNlZGYtYWFmOC00NjY5LTg3N2Mt
ZTM3ODFkOGZlNzRjLzEvQ2tBaFU1YTdZU0JJRy1vNkJwUkVQbVloQ0dnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS80MzNlZGYtYWFmOC00NjY5LTg3N2MtZTM3ODFkOGZlNzRj
LzEvWVRYQjk3Y1VESWN1ZnpfelJpdE8zR01kZG5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAwpNzAwQB
wpOUMA0EAgACMAcDBQMqD0JAMA0GCSqGSIb3DQEBCwUAA4IBAQBfqwsRDIv0lW42
W3c6+7QtTQxNcauyeL0+mlEhujTWjGeTTN+xR3SAqFMaaqN9XO30j95+ffmPPuBI
3CN1X5zFTaO/GUk0eQdX+1NdV3WXmk7YSvFTzgjt51YJNuaCrLAhMERThsywP1eZ
3lNQD9b3xsxSUanoNdnLuwbb+dxxNhCojJO6PZ9WWzO6gc9RhAc+b0XdW4rV7ev+
OMSGo0Vquk4wQmuY8jIu2B4mmziZFW1G/YMWBKcLUvivljuXyRQu/z1jXfQk11mg
Gwmz2LZ1OKqrByNE0VB79MIMBxDGc3zbyrWIdnzj48vFlVWN4tp2kw473xe51642
ZmxO9u1o
-----END CERTIFICATE-----
Generated at Sat Jun 13 17:03:55 2026 by rpki-client