Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/_NYoKUb2N9O5Kuha08Z6TeOlAr8.roa
File: _NYoKUb2N9O5Kuha08Z6TeOlAr8.roa (raw, json)
Hash identifier: hBPKH/sFoPLiqzPdXoKvs5WcXNHmeMzZr7pF/u9rRGI=
Subject key identifier: FC:D6:28:29:46:F6:37:D3:B9:2A:E8:5A:D3:C6:7A:4D:E3:A5:02:BF
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 019D8D6995FF4E00CE33FB7779BA828E638F
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/_NYoKUb2N9O5Kuha08Z6TeOlAr8.roa
Signing time: Tue 14 Apr 2026 19:13:20 +0000
ROA not before: Tue 14 Apr 2026 19:13:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 42337
IP address blocks: 109.122.241.0/24 maxlen: 24
109.122.242.0/24 maxlen: 24
109.122.243.0/24 maxlen: 24
109.122.248.0/24 maxlen: 24
109.122.253.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.mft
rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:8d:69:95:ff:4e:00:ce:33:fb:77:79:ba:82:8e:63:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Apr 14 19:13:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=fcd6282946f637d3b92ae85ad3c67a4de3a502bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:e9:3c:7a:d7:64:2f:cf:0d:58:87:d7:1e:20:
ed:62:87:c6:16:b1:60:e1:61:05:3c:31:30:bc:d3:
51:59:f7:09:69:89:6c:e6:e2:3e:80:4f:8c:4c:67:
9a:18:c2:4f:67:9d:66:8a:7a:cb:ea:3e:cc:9b:dd:
1a:ce:60:d2:59:a7:46:46:bf:7c:f5:0b:61:cb:20:
dc:ec:ce:56:3a:f4:68:17:c4:44:8c:91:a0:c8:08:
ce:d6:b5:53:c2:3d:24:44:53:94:11:cd:21:15:bd:
58:b2:20:44:9d:19:1c:33:46:de:3a:9a:17:7c:a7:
d2:8b:6c:f6:1a:6c:f4:4a:bf:f9:e1:4b:cb:e9:49:
a2:08:f3:b4:a9:e4:2a:7e:9f:c1:2f:dd:00:c5:98:
8f:a3:8e:80:b9:71:61:95:b3:2c:55:62:bf:a2:cd:
a2:2e:24:4e:1b:54:6d:de:ee:88:02:ff:01:c9:8e:
a6:74:e6:ed:c2:f2:1d:a2:e0:16:18:52:1f:8c:92:
76:84:13:26:55:5d:d0:f5:c0:ee:05:34:8f:e8:aa:
44:bf:39:3e:db:d2:39:a9:6f:c6:c3:4e:d2:c3:3c:
18:1b:38:ca:68:4b:95:de:d2:bd:07:07:bf:bb:37:
2c:eb:ab:8c:25:f5:64:e4:c2:c1:90:08:85:39:70:
9c:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:D6:28:29:46:F6:37:D3:B9:2A:E8:5A:D3:C6:7A:4D:E3:A5:02:BF
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/_NYoKUb2N9O5Kuha08Z6TeOlAr8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.241.0-109.122.243.255
109.122.248.0/24
109.122.253.0/24
Signature Algorithm: sha256WithRSAEncryption
82:62:ec:88:85:0e:27:07:05:ab:70:97:17:94:e9:22:0f:98:
9d:70:da:42:1a:3c:c5:cf:70:15:43:fe:13:92:d8:da:45:38:
a1:b6:ae:16:0b:9b:fc:b8:ba:56:8a:28:14:41:8b:0d:ee:3c:
d3:ce:7b:b3:e3:7c:dd:85:e8:b1:0d:bd:59:90:0f:c0:b6:a6:
2c:b6:48:98:24:c8:3f:d0:42:3c:f5:a2:90:d1:41:39:c9:e0:
6c:c5:20:6c:ea:87:ae:8f:52:62:cf:b1:ed:b0:89:94:78:be:
16:83:c8:63:3e:25:79:66:b0:c2:2c:52:92:e8:0f:6a:6d:cd:
ad:23:69:81:8c:15:96:ba:19:8f:a4:90:5a:e1:58:4e:88:cb:
1e:6e:ce:74:57:c5:8c:61:e8:52:60:f8:2f:8c:a2:a1:16:76:
84:84:3f:15:2b:52:48:49:26:93:0f:e0:70:fe:2b:38:77:19:
cb:a6:e1:24:df:4b:33:52:c6:e8:3e:7b:65:19:e2:73:2c:fd:
3a:1e:42:c0:22:c3:85:d2:b1:b0:eb:b0:6a:9f:85:d7:5d:fd:
c7:01:d6:24:87:f0:f3:d0:bd:20:9f:10:b0:eb:70:67:05:7e:
ee:2e:82:a0:e3:d1:96:05:83:38:93:99:d4:08:54:62:d1:c4:
eb:37:91:d9
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZ2NaZX/TgDOM/t3ebqCjmOPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjYwNDE0MTkxMzIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2Q2MjgyOTQ2ZjYzN2QzYjkyYWU4NWFkM2M2N2E0ZGUzYTUwMmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl+k8etdkL88NWIfXHiDtYofGFrFg
4WEFPDEwvNNRWfcJaYls5uI+gE+MTGeaGMJPZ51minrL6j7Mm90azmDSWadGRr98
9QthyyDc7M5WOvRoF8REjJGgyAjO1rVTwj0kRFOUEc0hFb1YsiBEnRkcM0beOpoX
fKfSi2z2Gmz0Sr/54UvL6UmiCPO0qeQqfp/BL90AxZiPo46AuXFhlbMsVWK/os2i
LiROG1Rt3u6IAv8ByY6mdObtwvIdouAWGFIfjJJ2hBMmVV3Q9cDuBTSP6KpEvzk+
29I5qW/Gw07SwzwYGzjKaEuV3tK9Bwe/uzcs66uMJfVk5MLBkAiFOXCcwwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFPzWKClG9jfTuSroWtPGek3jpQK/MB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvX05Zb0tVYjJOOU81S3VoYTA4WjZUZU9sQXI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABtevED
BAJtevADBABtevgDBABtev0wDQYJKoZIhvcNAQELBQADggEBAIJi7IiFDicHBatw
lxeU6SIPmJ1w2kIaPMXPcBVD/hOS2NpFOKG2rhYLm/y4ulaKKBRBiw3uPNPOe7Pj
fN2F6LENvVmQD8C2piy2SJgkyD/QQjz1opDRQTnJ4GzFIGzqh66PUmLPse2wiZR4
vhaDyGM+JXlmsMIsUpLoD2ptza0jaYGMFZa6GY+kkFrhWE6Iyx5uznRXxYxh6FJg
+C+MoqEWdoSEPxUrUkhJJpMP4HD+Kzh3Gcum4STfSzNSxug+e2UZ4nMs/ToeQsAi
w4XSsbDrsGqfhddd/ccB1iSH8PPQvSCfELDrcGcFfu4ugqDj0ZYFgziTmdQIVGLR
xOs3kdk=
-----END CERTIFICATE-----
Generated at Sun Apr 19 11:38:38 2026 by rpki-client