Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/496525-2c0d-43e4-8188-5fbc230abdc2/1/1-XAPtzpEBbR-dL3HDvpMhi_QEZc.roa
File: 1-XAPtzpEBbR-dL3HDvpMhi_QEZc.roa (raw, json)
Hash identifier: Y3Cc5NFdOsrYFpq1aDkqCQTbdqgeCbiviULrvKO6HjA=
Subject key identifier: F9:70:0F:B7:3A:44:05:B4:7E:74:BD:C7:0E:FA:4C:86:2F:D0:11:97
Certificate issuer: /CN=6ecd5cad4d3306c4f72c42afc06e5cd1fbafe3a3
Certificate serial: 019E91C5A687456AFFB517E11EE9DDE9110F
Authority key identifier: 6E:CD:5C:AD:4D:33:06:C4:F7:2C:42:AF:C0:6E:5C:D1:FB:AF:E3:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bs1crU0zBsT3LEKvwG5c0fuv46M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/496525-2c0d-43e4-8188-5fbc230abdc2/1/1-XAPtzpEBbR-dL3HDvpMhi_QEZc.roa
Signing time: Thu 04 Jun 2026 08:35:10 +0000
ROA not before: Thu 04 Jun 2026 08:35:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 201749
IP address blocks: 37.205.112.0/22 maxlen: 24
37.205.112.0/24 maxlen: 24
37.205.113.0/24 maxlen: 24
37.205.114.0/24 maxlen: 24
37.205.115.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/496525-2c0d-43e4-8188-5fbc230abdc2/1/bs1crU0zBsT3LEKvwG5c0fuv46M.crl
rsync://rpki.ripe.net/repository/DEFAULT/1b/496525-2c0d-43e4-8188-5fbc230abdc2/1/bs1crU0zBsT3LEKvwG5c0fuv46M.mft
rsync://rpki.ripe.net/repository/DEFAULT/bs1crU0zBsT3LEKvwG5c0fuv46M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:91:c5:a6:87:45:6a:ff:b5:17:e1:1e:e9:dd:e9:11:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ecd5cad4d3306c4f72c42afc06e5cd1fbafe3a3
Validity
Not Before: Jun 4 08:35:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f9700fb73a4405b47e74bdc70efa4c862fd01197
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:d4:35:67:a8:ba:90:2f:5d:12:03:e2:90:d1:
70:4a:6d:7d:bb:f5:01:3a:58:b6:93:dc:fb:53:2f:
ba:55:ca:0f:97:c4:0d:29:f7:d2:41:cd:38:4f:ee:
8d:e3:ac:bf:15:41:83:ad:61:18:3a:bf:6b:13:d6:
41:0c:63:9e:7e:f4:c0:89:2d:4a:35:a3:e5:f8:f0:
11:b1:ac:bf:85:a7:a6:b5:af:81:81:86:11:f0:c7:
ed:57:93:e0:0d:8a:f4:77:7d:6b:cb:b5:ff:1e:84:
69:42:ac:32:c8:5f:78:c1:49:af:ce:36:4d:bf:a0:
f2:94:fe:c1:ec:b3:da:aa:34:ed:c4:9b:5f:4a:7f:
c5:50:e2:ba:8d:3e:2d:29:ec:72:9a:e5:ec:09:a4:
16:c0:69:de:4b:66:a2:83:1d:c9:d2:6b:7b:b1:1b:
05:00:94:65:cd:80:25:eb:ed:ad:17:65:28:e1:5f:
51:62:24:18:35:54:0c:9c:41:19:0e:02:c9:a4:06:
9e:84:fd:0f:86:63:ee:e8:15:48:d2:a5:e7:c4:b4:
08:21:4e:e4:eb:58:79:ea:f2:eb:a9:58:3c:9b:5b:
02:cb:9d:f3:61:b4:d0:a1:43:41:74:6e:aa:eb:45:
a8:6b:36:8c:91:d9:ac:69:db:d3:74:df:87:66:e1:
16:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:70:0F:B7:3A:44:05:B4:7E:74:BD:C7:0E:FA:4C:86:2F:D0:11:97
X509v3 Authority Key Identifier:
keyid:6E:CD:5C:AD:4D:33:06:C4:F7:2C:42:AF:C0:6E:5C:D1:FB:AF:E3:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bs1crU0zBsT3LEKvwG5c0fuv46M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/496525-2c0d-43e4-8188-5fbc230abdc2/1/1-XAPtzpEBbR-dL3HDvpMhi_QEZc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/496525-2c0d-43e4-8188-5fbc230abdc2/1/bs1crU0zBsT3LEKvwG5c0fuv46M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.205.112.0/22
Signature Algorithm: sha256WithRSAEncryption
af:90:c7:79:17:f3:08:e4:89:e5:ff:95:61:05:7e:b7:f5:98:
71:ae:a3:b2:24:06:f4:9b:af:44:7a:11:7a:78:54:2f:08:66:
64:11:13:f0:3c:31:0e:60:1a:03:ba:a0:1b:e0:88:e6:ee:5a:
62:35:e0:8f:09:c0:2b:04:fb:f9:c8:00:ad:8a:06:8d:6f:f0:
56:51:09:d2:49:89:4f:83:11:32:bd:2f:94:7a:f2:da:b6:8d:
ca:89:5f:a1:4a:a9:c2:bb:6b:16:46:ef:4b:db:60:13:7e:3e:
00:87:02:49:7b:be:b4:9e:25:f2:10:cc:ca:65:e3:6f:85:30:
7a:8c:3d:3a:a8:4f:a6:35:34:3d:8a:e4:e7:5f:de:6b:91:92:
cb:56:91:0e:e8:2b:d1:20:e2:6c:82:0f:c9:ad:af:0f:6e:48:
6a:2c:ac:93:ec:c6:12:c1:96:05:51:a9:01:ca:1b:98:fd:1a:
0d:dd:76:83:3d:dd:fe:34:d8:65:c9:eb:0c:e1:3a:62:86:c4:
84:b3:e6:51:18:74:ff:24:45:1b:49:e9:21:3b:d2:42:8c:8a:
04:50:68:4e:9d:6e:55:de:e6:6a:b6:fb:3f:0e:a3:7b:19:3b:
4e:f7:30:84:da:73:d0:23:26:f5:60:0c:63:23:25:89:12:10:
51:ac:70:62
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZ6RxaaHRWr/tRfhHund6REPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlY2Q1Y2FkNGQzMzA2YzRmNzJjNDJhZmMwNmU1Y2QxZmJh
ZmUzYTMwHhcNMjYwNjA0MDgzNTEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTcwMGZiNzNhNDQwNWI0N2U3NGJkYzcwZWZhNGM4NjJmZDAxMTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0NQ1Z6i6kC9dEgPikNFwSm19u/UB
Oli2k9z7Uy+6VcoPl8QNKffSQc04T+6N46y/FUGDrWEYOr9rE9ZBDGOefvTAiS1K
NaPl+PARsay/haemta+BgYYR8MftV5PgDYr0d31ry7X/HoRpQqwyyF94wUmvzjZN
v6DylP7B7LPaqjTtxJtfSn/FUOK6jT4tKexymuXsCaQWwGneS2aigx3J0mt7sRsF
AJRlzYAl6+2tF2Uo4V9RYiQYNVQMnEEZDgLJpAaehP0PhmPu6BVI0qXnxLQIIU7k
61h56vLrqVg8m1sCy53zYbTQoUNBdG6q60WoazaMkdmsadvTdN+HZuEWWQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPlwD7c6RAW0fnS9xw76TIYv0BGXMB8GA1UdIwQY
MBaAFG7NXK1NMwbE9yxCr8BuXNH7r+OjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnMxY3JVMHpCc1QzTEVLdndHNWMwZnV2NDZNLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi80OTY1MjUtMmMwZC00M2U0LTgxODgt
NWZiYzIzMGFiZGMyLzEvMS1YQVB0enBFQmJSLWRMM0hEdnBNaGlfUUVaYy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMWIvNDk2NTI1LTJjMGQtNDNlNC04MTg4LTVmYmMyMzBhYmRj
Mi8xL2JzMWNyVTB6QnNUM0xFS3Z3RzVjMGZ1djQ2TS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAiXNcDAN
BgkqhkiG9w0BAQsFAAOCAQEAr5DHeRfzCOSJ5f+VYQV+t/WYca6jsiQG9JuvRHoR
enhULwhmZBET8DwxDmAaA7qgG+CI5u5aYjXgjwnAKwT7+cgArYoGjW/wVlEJ0kmJ
T4MRMr0vlHry2raNyolfoUqpwrtrFkbvS9tgE34+AIcCSXu+tJ4l8hDMymXjb4Uw
eow9OqhPpjU0PYrk51/ea5GSy1aRDugr0SDibIIPya2vD25Iaiysk+zGEsGWBVGp
AcobmP0aDd12gz3d/jTYZcnrDOE6YobEhLPmURh0/yRFG0npITvSQoyKBFBoTp1u
Vd7marb7Pw6jexk7TvcwhNpz0CMm9WAMYyMliRIQUaxwYg==
-----END CERTIFICATE-----
Generated at Sat Jun 13 16:36:51 2026 by rpki-client