Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/d743df-5f6f-4f17-a225-202e19c088b1/1/TskBRorPbivXUk_iUbLUxu34o40.roa
File: TskBRorPbivXUk_iUbLUxu34o40.roa (raw, json)
Hash identifier: SSq2isSE8Y0yEi7EArCYQ3vmU4quGSz5WkWK232VWsU=
Subject key identifier: 4E:C9:01:46:8A:CF:6E:2B:D7:52:4F:E2:51:B2:D4:C6:ED:F8:A3:8D
Certificate issuer: /CN=6596fb89a8a23cbe4f2adb165c89f26de8ab7876
Certificate serial: 019B7758BB034E2C5E27CBB4FAC1D89E96FF
Authority key identifier: 65:96:FB:89:A8:A2:3C:BE:4F:2A:DB:16:5C:89:F2:6D:E8:AB:78:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZZb7iaiiPL5PKtsWXInybeireHY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/d743df-5f6f-4f17-a225-202e19c088b1/1/TskBRorPbivXUk_iUbLUxu34o40.roa
Signing time: Thu 01 Jan 2026 02:17:42 +0000
ROA not before: Thu 01 Jan 2026 02:17:42 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 210772
IP address blocks: 139.28.140.0/22 maxlen: 22
185.112.156.0/22 maxlen: 22
2a02:6080::/32 maxlen: 32
2a09:740::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/d743df-5f6f-4f17-a225-202e19c088b1/1/ZZb7iaiiPL5PKtsWXInybeireHY.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/d743df-5f6f-4f17-a225-202e19c088b1/1/ZZb7iaiiPL5PKtsWXInybeireHY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZZb7iaiiPL5PKtsWXInybeireHY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:77:58:bb:03:4e:2c:5e:27:cb:b4:fa:c1:d8:9e:96:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6596fb89a8a23cbe4f2adb165c89f26de8ab7876
Validity
Not Before: Jan 1 02:17:42 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4ec901468acf6e2bd7524fe251b2d4c6edf8a38d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:23:fe:10:10:9f:fe:71:aa:0c:76:10:79:c9:
53:6d:b4:cb:21:88:6c:34:46:9a:16:7e:50:69:a5:
c5:fc:87:c1:47:1c:2d:27:3b:45:e0:2d:64:ec:f8:
f7:47:40:f7:a1:69:48:95:52:82:fc:ce:4a:fa:97:
75:f1:e1:51:19:50:d3:6b:03:8a:c7:96:71:39:e6:
0d:8a:78:32:34:cd:bc:db:f1:4c:26:73:5d:fa:a3:
83:00:3b:ee:29:19:b6:ad:5c:21:40:5f:b6:79:6c:
6f:ff:8b:a4:aa:df:f9:3a:93:93:eb:7a:55:8f:61:
8c:16:5b:c1:42:3a:c8:95:78:78:02:fa:08:8d:09:
ce:d0:a2:07:8d:3d:6e:9a:cb:ff:ea:f7:58:26:97:
1d:67:26:a4:8b:04:49:b8:c2:aa:67:8e:92:6b:29:
e2:f7:e2:c1:f7:ae:73:70:da:21:2f:cb:64:da:6f:
fd:43:88:7a:81:f4:44:c5:9c:9d:1d:30:0a:13:0d:
13:5a:4d:36:1e:2c:2d:4f:05:0a:03:20:dd:22:63:
1c:b9:ba:03:ae:54:1d:4a:5a:02:82:c5:9c:03:5d:
0e:df:56:b5:29:bc:dd:a3:60:be:e9:55:69:23:7e:
98:96:3e:4c:9b:50:d6:6a:c3:26:af:d6:54:a8:4a:
79:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:C9:01:46:8A:CF:6E:2B:D7:52:4F:E2:51:B2:D4:C6:ED:F8:A3:8D
X509v3 Authority Key Identifier:
keyid:65:96:FB:89:A8:A2:3C:BE:4F:2A:DB:16:5C:89:F2:6D:E8:AB:78:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZZb7iaiiPL5PKtsWXInybeireHY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/d743df-5f6f-4f17-a225-202e19c088b1/1/TskBRorPbivXUk_iUbLUxu34o40.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/d743df-5f6f-4f17-a225-202e19c088b1/1/ZZb7iaiiPL5PKtsWXInybeireHY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.140.0/22
185.112.156.0/22
IPv6:
2a02:6080::/32
2a09:740::/32
Signature Algorithm: sha256WithRSAEncryption
2f:4d:d1:e0:80:df:53:e1:65:88:7c:4b:f3:f2:42:ba:7c:b4:
2f:a0:f7:92:6e:13:f4:b0:fe:db:ca:a8:b4:73:a6:2a:95:4a:
98:17:4b:7f:53:5f:5b:e3:94:4e:37:11:ba:3f:f5:15:2e:b7:
f6:f1:df:ef:13:c0:9c:3d:3f:61:5a:2f:4e:61:8a:0a:e6:aa:
ac:9e:34:65:be:63:17:dc:a1:06:35:3b:5e:12:6b:e0:e7:42:
39:d7:c6:34:e0:81:b6:d7:50:c2:1b:33:31:ca:e0:1e:42:ab:
89:27:e5:0a:da:99:da:9b:2b:30:4b:5e:e3:e1:68:39:c6:fc:
ee:0d:74:52:88:cf:2b:3a:49:20:22:7f:22:e8:22:d9:3c:1c:
ef:6e:77:3b:f8:e2:ab:bb:cb:8a:ab:3c:e7:b0:d8:64:14:17:
2a:38:e1:fb:58:d3:47:70:05:de:19:36:f5:e2:3c:c1:00:da:
b5:5f:c6:83:63:ce:5e:bc:22:ce:12:0b:c8:bc:46:6f:8d:df:
f0:e6:c5:af:8d:b1:b8:40:ee:9b:4e:49:4b:6e:dc:04:93:43:
84:30:20:20:04:24:9e:41:9e:b0:23:15:d1:2f:64:8c:78:96:
04:9e:c8:15:49:22:3b:f1:f2:ed:27:1d:fb:5a:27:59:5e:81:
4f:10:88:ef
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZt3WLsDTixeJ8u0+sHYnpb/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1OTZmYjg5YThhMjNjYmU0ZjJhZGIxNjVjODlmMjZkZThh
Yjc4NzYwHhcNMjYwMTAxMDIxNzQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWM5MDE0NjhhY2Y2ZTJiZDc1MjRmZTI1MWIyZDRjNmVkZjhhMzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyiP+EBCf/nGqDHYQeclTbbTLIYhs
NEaaFn5QaaXF/IfBRxwtJztF4C1k7Pj3R0D3oWlIlVKC/M5K+pd18eFRGVDTawOK
x5ZxOeYNingyNM282/FMJnNd+qODADvuKRm2rVwhQF+2eWxv/4ukqt/5OpOT63pV
j2GMFlvBQjrIlXh4AvoIjQnO0KIHjT1umsv/6vdYJpcdZyakiwRJuMKqZ46Sayni
9+LB965zcNohL8tk2m/9Q4h6gfRExZydHTAKEw0TWk02HiwtTwUKAyDdImMcuboD
rlQdSloCgsWcA10O31a1Kbzdo2C+6VVpI36Ylj5Mm1DWasMmr9ZUqEp5tQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFE7JAUaKz24r11JP4lGy1Mbt+KONMB8GA1UdIwQY
MBaAFGWW+4moojy+TyrbFlyJ8m3oq3h2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlpiN2lhaWlQTDVQS3RzV1hJbnliZWlyZUhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9kNzQzZGYtNWY2Zi00ZjE3LWEyMjUt
MjAyZTE5YzA4OGIxLzEvVHNrQlJvclBiaXZYVWtfaVViTFV4dTM0bzQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9kNzQzZGYtNWY2Zi00ZjE3LWEyMjUtMjAyZTE5YzA4OGIx
LzEvWlpiN2lhaWlQTDVQS3RzV1hJbnliZWlyZUhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCixyMAwQC
uXCcMBQEAgACMA4DBQAqAmCAAwUAKgkHQDANBgkqhkiG9w0BAQsFAAOCAQEAL03R
4IDfU+FliHxL8/JCuny0L6D3km4T9LD+28qotHOmKpVKmBdLf1NfW+OUTjcRuj/1
FS639vHf7xPAnD0/YVovTmGKCuaqrJ40Zb5jF9yhBjU7XhJr4OdCOdfGNOCBttdQ
whszMcrgHkKriSflCtqZ2psrMEte4+FoOcb87g10UojPKzpJICJ/Iugi2Twc7253
O/jiq7vLiqs857DYZBQXKjjh+1jTR3AF3hk29eI8wQDatV/Gg2POXrwizhILyLxG
b43f8ObFr42xuEDum05JS27cBJNDhDAgIAQknkGesCMV0S9kjHiWBJ7IFUkiO/Hy
7Scd+1onWV6BTxCI7w==
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:30:26 2026 by rpki-client