Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/76538c-df5a-4a6a-9b86-a6ab97a0f445/1/mhgKCJ1nvE6DH7QXTMvKJR_CaeI.roa
File: mhgKCJ1nvE6DH7QXTMvKJR_CaeI.roa (raw, json)
Hash identifier: oPOgwFYCUJXYrzGTQdio35gdM00ehjCiR2syxxKZ+aw=
Subject key identifier: 9A:18:0A:08:9D:67:BC:4E:83:1F:B4:17:4C:CB:CA:25:1F:C2:69:E2
Certificate issuer: /CN=05e9f9f78c2cbbc5fa08b9b89f0a11d2b0ba473c
Certificate serial: 019E4F921E535AE2A84FE3F51E5C0FD01A80
Authority key identifier: 05:E9:F9:F7:8C:2C:BB:C5:FA:08:B9:B8:9F:0A:11:D2:B0:BA:47:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ben594wsu8X6CLm4nwoR0rC6Rzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/76538c-df5a-4a6a-9b86-a6ab97a0f445/1/mhgKCJ1nvE6DH7QXTMvKJR_CaeI.roa
Signing time: Fri 22 May 2026 12:03:56 +0000
ROA not before: Fri 22 May 2026 12:03:56 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 15461
IP address blocks: 91.219.220.0/22 maxlen: 24
193.93.12.0/22 maxlen: 24
2001:67c:f84::/48 maxlen: 48
2a0b:afc0::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/76538c-df5a-4a6a-9b86-a6ab97a0f445/1/Ben594wsu8X6CLm4nwoR0rC6Rzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/1d/76538c-df5a-4a6a-9b86-a6ab97a0f445/1/Ben594wsu8X6CLm4nwoR0rC6Rzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ben594wsu8X6CLm4nwoR0rC6Rzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 17 Jun 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:4f:92:1e:53:5a:e2:a8:4f:e3:f5:1e:5c:0f:d0:1a:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05e9f9f78c2cbbc5fa08b9b89f0a11d2b0ba473c
Validity
Not Before: May 22 12:03:56 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9a180a089d67bc4e831fb4174ccbca251fc269e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:cd:c5:0c:9c:c4:08:16:37:0f:d1:af:19:36:
2a:56:a5:00:73:4d:ea:40:a8:33:54:31:2f:be:24:
68:db:77:1d:e7:f5:01:01:6c:0c:7b:89:4d:57:26:
02:90:3d:2e:a9:6f:39:e1:9b:73:f8:c4:bc:fb:a8:
e1:83:a0:f5:50:77:af:0c:21:02:12:4c:ef:71:c0:
3d:84:92:09:c5:6f:08:1d:1f:75:50:04:1c:7f:22:
98:f3:0a:4b:a9:99:c7:96:2a:35:84:14:4b:d3:c7:
ab:2d:10:51:6a:e2:51:9f:99:d2:ba:95:c6:3a:f1:
9d:ea:30:47:f9:ec:f6:cd:95:ba:e6:bc:8e:1a:5c:
4b:1d:8f:96:b0:7c:4a:62:85:09:51:7e:50:28:75:
cf:ab:dc:12:59:48:25:c6:df:9e:10:36:b1:7a:24:
fb:47:b2:14:fb:20:6b:91:5e:86:12:8e:0b:35:83:
30:80:f4:80:f5:ce:a9:76:5b:7d:2d:fd:11:f1:79:
56:cc:78:4d:33:18:d0:14:0c:ef:b9:db:06:fe:69:
1f:78:02:0d:98:11:98:2e:50:54:c1:01:b4:04:d5:
0d:15:a5:3e:ee:9c:5b:4f:66:5d:71:ab:7f:1f:bc:
cc:e7:a5:b1:db:2e:48:0f:37:e3:8e:b6:62:b1:43:
20:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:18:0A:08:9D:67:BC:4E:83:1F:B4:17:4C:CB:CA:25:1F:C2:69:E2
X509v3 Authority Key Identifier:
keyid:05:E9:F9:F7:8C:2C:BB:C5:FA:08:B9:B8:9F:0A:11:D2:B0:BA:47:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ben594wsu8X6CLm4nwoR0rC6Rzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/76538c-df5a-4a6a-9b86-a6ab97a0f445/1/mhgKCJ1nvE6DH7QXTMvKJR_CaeI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/76538c-df5a-4a6a-9b86-a6ab97a0f445/1/Ben594wsu8X6CLm4nwoR0rC6Rzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.219.220.0/22
193.93.12.0/22
IPv6:
2001:67c:f84::/48
2a0b:afc0::/36
Signature Algorithm: sha256WithRSAEncryption
1b:d3:33:66:f2:04:2c:db:6d:72:b1:df:11:d3:16:39:23:0b:
c6:c4:12:69:51:26:67:57:f0:87:1e:2a:ff:58:b8:14:94:7b:
bd:7e:59:25:f7:2b:d6:c5:3c:97:d8:77:d6:39:ed:aa:ee:29:
c7:9f:08:97:c4:46:88:c8:01:fe:15:aa:bc:c3:d1:d0:c3:58:
d0:ff:da:d6:74:32:7f:fe:0f:a9:17:71:92:9a:15:42:30:e7:
08:29:29:46:72:d0:7a:f8:fc:bf:6b:ad:d3:ba:b7:7e:83:9f:
88:08:8a:67:4d:9a:47:81:70:98:c0:7f:d6:dd:31:8a:e4:a2:
50:02:0d:3e:f7:5a:d9:e4:56:98:ea:71:9c:31:21:70:69:79:
c2:33:60:de:4f:69:d9:b5:e4:a5:aa:36:0e:6d:ea:6f:6c:e3:
dc:74:d8:ab:92:22:93:b0:47:37:0c:17:d6:1a:8b:2c:0c:f6:
f7:4d:09:b8:77:84:08:e7:a7:37:9e:d1:15:33:b9:22:66:00:
df:3a:b7:a5:10:74:20:ac:df:8d:6f:cf:b7:9d:cd:28:b2:42:
6f:35:31:c1:f2:0f:77:dd:18:16:ac:26:bc:7b:53:28:6b:19:
cd:9c:cd:98:19:b9:dd:6e:b1:2d:43:70:18:c3:ed:34:6a:6d:
67:75:b0:a1
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAZ5Pkh5TWuKoT+P1HlwP0BqAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1ZTlmOWY3OGMyY2JiYzVmYTA4YjliODlmMGExMWQyYjBi
YTQ3M2MwHhcNMjYwNTIyMTIwMzU2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTE4MGEwODlkNjdiYzRlODMxZmI0MTc0Y2NiY2EyNTFmYzI2OWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyc3FDJzECBY3D9GvGTYqVqUAc03q
QKgzVDEvviRo23cd5/UBAWwMe4lNVyYCkD0uqW854Ztz+MS8+6jhg6D1UHevDCEC
EkzvccA9hJIJxW8IHR91UAQcfyKY8wpLqZnHlio1hBRL08erLRBRauJRn5nSupXG
OvGd6jBH+ez2zZW65ryOGlxLHY+WsHxKYoUJUX5QKHXPq9wSWUglxt+eEDaxeiT7
R7IU+yBrkV6GEo4LNYMwgPSA9c6pdlt9Lf0R8XlWzHhNMxjQFAzvudsG/mkfeAIN
mBGYLlBUwQG0BNUNFaU+7pxbT2Zdcat/H7zM56Wx2y5IDzfjjrZisUMgwwIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFJoYCgidZ7xOgx+0F0zLyiUfwmniMB8GA1UdIwQY
MBaAFAXp+feMLLvF+gi5uJ8KEdKwukc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmVuNTk0d3N1OFg2Q0xtNG53b1IwckM2Unp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC83NjUzOGMtZGY1YS00YTZhLTliODYt
YTZhYjk3YTBmNDQ1LzEvbWhnS0NKMW52RTZESDdRWFRNdktKUl9DYWVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC83NjUzOGMtZGY1YS00YTZhLTliODYtYTZhYjk3YTBmNDQ1
LzEvQmVuNTk0d3N1OFg2Q0xtNG53b1IwckM2Unp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTASBAIAATAMAwQCW9vcAwQC
wV0MMBcEAgACMBEDBwAgAQZ8D4QDBgQqC6/AADANBgkqhkiG9w0BAQsFAAOCAQEA
G9MzZvIELNttcrHfEdMWOSMLxsQSaVEmZ1fwhx4q/1i4FJR7vX5ZJfcr1sU8l9h3
1jntqu4px58Il8RGiMgB/hWqvMPR0MNY0P/a1nQyf/4PqRdxkpoVQjDnCCkpRnLQ
evj8v2ut07q3foOfiAiKZ02aR4FwmMB/1t0xiuSiUAINPvda2eRWmOpxnDEhcGl5
wjNg3k9p2bXkpao2Dm3qb2zj3HTYq5Iik7BHNwwX1hqLLAz2900JuHeECOenN57R
FTO5ImYA3zq3pRB0IKzfjW/Pt53NKLJCbzUxwfIPd90YFqwmvHtTKGsZzZzNmBm5
3W6xLUNwGMPtNGptZ3WwoQ==
-----END CERTIFICATE-----
Generated at Wed Jun 17 10:02:50 2026 by rpki-client