Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/tBhpf_IZ7Fibfqtl7zH3lqH017Y.roa
File: tBhpf_IZ7Fibfqtl7zH3lqH017Y.roa (raw, json)
Hash identifier: ox0YS1gIV1gOxLDd7Fmh9JprCynpE2EH1wuVaVCwIBw=
Subject key identifier: B4:18:69:7F:F2:19:EC:58:9B:7E:AB:65:EF:31:F7:96:A1:F4:D7:B6
Certificate issuer: /CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Certificate serial: 019EB7B4AC8AD7C9C0257D59CF0F38050F7A
Authority key identifier: D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/tBhpf_IZ7Fibfqtl7zH3lqH017Y.roa
Signing time: Thu 11 Jun 2026 17:22:11 +0000
ROA not before: Thu 11 Jun 2026 17:22:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 91.109.40.0/24 maxlen: 24
91.109.41.0/24 maxlen: 24
91.109.43.0/24 maxlen: 24
91.109.44.0/24 maxlen: 24
91.109.45.0/24 maxlen: 24
91.109.46.0/24 maxlen: 24
147.185.196.0/24 maxlen: 24
193.168.203.0/24 maxlen: 24
207.244.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.mft
rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 20:01:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:b7:b4:ac:8a:d7:c9:c0:25:7d:59:cf:0f:38:05:0f:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Validity
Not Before: Jun 11 17:22:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b418697ff219ec589b7eab65ef31f796a1f4d7b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:a4:6c:9f:30:9e:5f:71:22:56:4a:bd:a7:64:
2b:e4:ad:a1:50:0a:bb:23:57:71:af:6f:80:85:81:
dc:21:8f:a0:ff:0f:0a:64:4a:e8:8f:a2:08:d2:d0:
3f:cb:74:0c:f9:0b:56:1e:29:77:85:30:ca:66:45:
5d:4c:1f:08:19:48:47:bb:c6:98:91:71:47:68:97:
03:70:c9:bd:f7:6d:d1:48:d1:7f:2c:55:a6:b6:5e:
b0:43:f5:05:e6:fe:a6:fd:06:3a:13:9f:95:9d:af:
08:c4:92:c5:af:c2:69:96:28:06:14:4c:8e:b2:3f:
80:da:2d:79:22:06:3b:e3:61:62:bb:29:c4:91:cd:
73:1b:2e:ee:f0:e0:6b:66:f7:d3:0c:e9:c8:80:f3:
7f:06:b4:70:b0:ba:1d:99:01:d0:10:56:89:e0:d4:
73:d9:87:3a:21:72:5a:8f:07:8d:c3:c8:9a:33:63:
53:d3:76:9c:ae:bb:14:3d:c2:46:97:c8:94:5e:be:
44:5a:aa:24:ed:c1:ea:4b:f9:16:62:ee:f7:4c:3f:
58:81:0f:cd:ae:a8:5d:82:b4:0f:38:cc:61:52:ca:
6e:ae:49:c1:09:ca:34:02:a1:34:5c:02:5b:e7:e0:
7c:2b:1f:ea:53:8c:11:16:ab:4c:07:7c:d1:4a:a7:
27:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:18:69:7F:F2:19:EC:58:9B:7E:AB:65:EF:31:F7:96:A1:F4:D7:B6
X509v3 Authority Key Identifier:
keyid:D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/tBhpf_IZ7Fibfqtl7zH3lqH017Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.109.40.0/23
91.109.43.0-91.109.46.255
147.185.196.0/24
193.168.203.0/24
207.244.198.0/24
Signature Algorithm: sha256WithRSAEncryption
15:e2:71:55:49:37:6b:cd:b1:e9:e4:52:7e:86:37:54:b4:b4:
10:06:cf:96:ef:0f:91:cf:fa:63:6b:ad:ac:54:b7:c3:9f:ad:
9d:72:a3:81:69:bb:38:8c:42:e2:d7:26:fa:41:45:e4:72:7c:
78:ca:b0:38:94:4d:c7:f7:25:29:ae:cb:9c:79:59:d3:cc:53:
05:85:64:71:b3:a0:8e:fe:fe:b5:e8:d4:57:05:cc:f2:e7:fa:
ff:57:a0:0e:bb:81:2e:59:01:be:93:5a:a9:5f:3a:a4:78:66:
8d:30:78:78:d8:84:f5:1f:08:97:ce:a9:65:20:be:41:ad:de:
14:8d:1e:ad:b9:44:a9:4d:5b:43:d0:d8:12:45:f2:da:f9:f9:
9e:46:cb:b1:38:53:8e:22:65:92:0c:0e:59:85:77:4f:62:f8:
91:06:24:b0:67:7d:a8:6c:44:44:09:f4:37:31:f4:19:7a:6b:
dc:dc:4e:f2:37:6e:bc:e1:bd:44:05:c3:7a:1e:b7:ab:44:09:
96:b2:37:7c:a7:dd:d3:70:7d:0c:60:1e:81:db:94:ec:4f:19:
f3:df:62:dc:50:e1:f0:c3:72:3f:d9:1c:f4:24:f4:89:18:3f:
1b:c9:76:7e:b2:f2:19:85:82:ec:60:7c:18:9e:52:2a:85:17:
c6:01:9a:18
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZ63tKyK18nAJX1Zzw84BQ96MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwOGRhOWNmMDBkNGQ1OGI4NTRmZmM2MjAxMGYyMzViMDZk
ZjM1NGEwHhcNMjYwNjExMTcyMjExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDE4Njk3ZmYyMTllYzU4OWI3ZWFiNjVlZjMxZjc5NmExZjRkN2I2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzKRsnzCeX3EiVkq9p2Qr5K2hUAq7
I1dxr2+AhYHcIY+g/w8KZEroj6II0tA/y3QM+QtWHil3hTDKZkVdTB8IGUhHu8aY
kXFHaJcDcMm9923RSNF/LFWmtl6wQ/UF5v6m/QY6E5+Vna8IxJLFr8JpligGFEyO
sj+A2i15IgY742FiuynEkc1zGy7u8OBrZvfTDOnIgPN/BrRwsLodmQHQEFaJ4NRz
2Yc6IXJajweNw8iaM2NT03acrrsUPcJGl8iUXr5EWqok7cHqS/kWYu73TD9YgQ/N
rqhdgrQPOMxhUspurknBCco0AqE0XAJb5+B8Kx/qU4wRFqtMB3zRSqcnowIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFLQYaX/yGexYm36rZe8x95ah9Ne2MB8GA1UdIwQY
MBaAFNCNqc8A1NWLhU/8YgEPI1sG3zVKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYt
MjBlMTk3ODBjYjJlLzEvdEJocGZfSVo3RmliZnF0bDd6SDNscUgwMTdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYtMjBlMTk3ODBjYjJl
LzEvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQBW20oMAwD
BABbbSsDBABbbS4DBACTucQDBADBqMsDBADP9MYwDQYJKoZIhvcNAQELBQADggEB
ABXicVVJN2vNsenkUn6GN1S0tBAGz5bvD5HP+mNrraxUt8OfrZ1yo4FpuziMQuLX
JvpBReRyfHjKsDiUTcf3JSmuy5x5WdPMUwWFZHGzoI7+/rXo1FcFzPLn+v9XoA67
gS5ZAb6TWqlfOqR4Zo0weHjYhPUfCJfOqWUgvkGt3hSNHq25RKlNW0PQ2BJF8tr5
+Z5Gy7E4U44iZZIMDlmFd09i+JEGJLBnfahsREQJ9Dcx9Bl6a9zcTvI3brzhvUQF
w3oet6tECZayN3yn3dNwfQxgHoHblOxPGfPfYtxQ4fDDcj/ZHPQk9IkYPxvJdn6y
8hmFguxgfBieUiqFF8YBmhg=
-----END CERTIFICATE-----
Generated at Sat Jun 13 06:51:36 2026 by rpki-client