Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/brpYPiPqfvR0RTyrXUx7iWSRWwQ.roa
File: brpYPiPqfvR0RTyrXUx7iWSRWwQ.roa (raw, json)
Hash identifier: XBTlDvn+WhvbNS4p6UcTjRoI9nq3hVgpb+wRdqGeClE=
Subject key identifier: 6E:BA:58:3E:23:EA:7E:F4:74:45:3C:AB:5D:4C:7B:89:64:91:5B:04
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 019D94E79D9EC848CD49E750EEA4C6E0E111
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/brpYPiPqfvR0RTyrXUx7iWSRWwQ.roa
Signing time: Thu 16 Apr 2026 06:08:20 +0000
ROA not before: Thu 16 Apr 2026 06:08:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 147293
IP address blocks: 109.121.33.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.mft
rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:94:e7:9d:9e:c8:48:cd:49:e7:50:ee:a4:c6:e0:e1:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Apr 16 06:08:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6eba583e23ea7ef474453cab5d4c7b8964915b04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:5d:20:af:9a:7f:c9:1e:60:ab:34:e4:68:c8:
84:3e:dd:23:8f:f0:d1:e4:64:07:d6:3f:69:bc:97:
db:8d:b0:44:7a:30:79:c4:c1:92:1d:1f:02:a2:a8:
f7:71:17:90:8f:97:c8:04:f5:0f:87:96:50:a1:e0:
3b:16:bd:24:1c:b2:aa:fb:e7:04:4b:13:91:92:26:
c0:72:4b:98:de:28:48:6a:92:b2:4c:40:05:7c:77:
fe:f0:a1:d6:1f:09:c8:69:74:1b:23:9f:5e:a3:c0:
89:fa:7f:8c:22:92:8d:cc:f8:f6:7f:f0:c9:ac:cd:
6e:3a:04:bc:2c:d6:68:b6:93:e2:25:41:d6:81:38:
75:a6:c1:2f:75:e1:11:77:54:3b:56:76:60:c9:fa:
fd:4e:c9:63:a9:84:77:9d:f2:14:80:b4:d8:0f:7f:
60:21:1e:71:15:c3:e3:94:99:3d:ad:1d:c2:d4:62:
c4:dd:95:c0:4b:ed:a5:bf:3d:0a:7c:53:62:b7:e7:
76:ec:53:ea:b5:f3:e6:d9:fb:8c:10:a2:34:73:a2:
fc:42:41:9d:7b:66:85:27:5c:76:f1:ad:79:70:8e:
39:2c:29:30:15:24:ad:89:2f:32:f7:5b:b9:cc:a7:
57:26:33:e1:e1:b9:f1:dd:94:72:3c:04:7b:b0:32:
24:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:BA:58:3E:23:EA:7E:F4:74:45:3C:AB:5D:4C:7B:89:64:91:5B:04
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/brpYPiPqfvR0RTyrXUx7iWSRWwQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.121.33.0/24
Signature Algorithm: sha256WithRSAEncryption
75:10:f5:34:84:4a:1c:13:4e:87:3b:cf:e5:6b:18:75:b5:c0:
b7:37:a2:c7:51:35:ab:8a:22:11:69:1c:a9:c4:bd:82:ec:ba:
de:18:0b:4f:d5:7e:92:ea:5a:5f:05:fa:5a:ac:c5:24:13:a2:
91:4e:b0:a7:32:88:ed:46:48:1f:2e:ab:0c:1c:50:5b:7b:dc:
1b:35:34:41:4f:ff:48:f3:30:da:83:3b:a0:b0:90:dc:e4:2b:
61:64:99:1f:17:cb:43:af:f1:c2:34:43:06:27:09:d0:bf:d6:
51:b2:1e:bc:c6:be:45:ea:2e:2f:25:8f:97:60:4d:48:50:b2:
73:2a:e4:02:ea:9b:e8:60:85:c0:65:7a:67:5c:e4:51:4a:40:
c5:82:6f:8b:e5:03:1e:35:57:b0:ad:98:26:82:10:d2:52:35:
27:53:27:18:69:a7:22:f6:8d:ff:55:41:68:83:49:6d:de:9c:
40:28:b7:58:7f:a8:e3:be:78:e8:10:63:1a:ac:33:a0:f3:6d:
d2:5b:1b:3b:2f:2d:a8:db:df:a5:36:5f:b9:55:e9:cd:e4:f5:
72:69:09:6d:a9:aa:95:e6:a4:85:6c:70:73:ac:b2:49:c0:8d:
ac:30:7a:d0:dc:61:3d:bb:86:c8:89:6e:73:d5:9f:cf:fc:69:
28:32:3a:2c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ2U552eyEjNSedQ7qTG4OERMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjYwNDE2MDYwODIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWJhNTgzZTIzZWE3ZWY0NzQ0NTNjYWI1ZDRjN2I4OTY0OTE1YjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl10gr5p/yR5gqzTkaMiEPt0jj/DR
5GQH1j9pvJfbjbBEejB5xMGSHR8Coqj3cReQj5fIBPUPh5ZQoeA7Fr0kHLKq++cE
SxORkibAckuY3ihIapKyTEAFfHf+8KHWHwnIaXQbI59eo8CJ+n+MIpKNzPj2f/DJ
rM1uOgS8LNZotpPiJUHWgTh1psEvdeERd1Q7VnZgyfr9TsljqYR3nfIUgLTYD39g
IR5xFcPjlJk9rR3C1GLE3ZXAS+2lvz0KfFNit+d27FPqtfPm2fuMEKI0c6L8QkGd
e2aFJ1x28a15cI45LCkwFSStiS8y91u5zKdXJjPh4bnx3ZRyPAR7sDIkPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG66WD4j6n70dEU8q11Me4lkkVsEMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvYnJwWVBpUHFmdlIwUlR5clhVeDdpV1NSV3dRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXkhMA0G
CSqGSIb3DQEBCwUAA4IBAQB1EPU0hEocE06HO8/laxh1tcC3N6LHUTWriiIRaRyp
xL2C7LreGAtP1X6S6lpfBfparMUkE6KRTrCnMojtRkgfLqsMHFBbe9wbNTRBT/9I
8zDagzugsJDc5CthZJkfF8tDr/HCNEMGJwnQv9ZRsh68xr5F6i4vJY+XYE1IULJz
KuQC6pvoYIXAZXpnXORRSkDFgm+L5QMeNVewrZgmghDSUjUnUycYaaci9o3/VUFo
g0lt3pxAKLdYf6jjvnjoEGMarDOg823SWxs7Ly2o29+lNl+5VenN5PVyaQltqaqV
5qSFbHBzrLJJwI2sMHrQ3GE9u4bIiW5z1Z/P/GkoMjos
-----END CERTIFICATE-----
Generated at Fri Apr 17 17:27:58 2026 by rpki-client