Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/269a04-77b4-4ee7-b164-c16787272049/1/Tm68QJ2snSiuZawcjur25m8_gQQ.roa
File: Tm68QJ2snSiuZawcjur25m8_gQQ.roa (raw, json)
Hash identifier: DaUiCgZt3YWuCz48bPSV79DF4D1Dc2incnzoilZzt30=
Subject key identifier: 4E:6E:BC:40:9D:AC:9D:28:AE:65:AC:1C:8E:EA:F6:E6:6F:3F:81:04
Certificate issuer: /CN=de12eb9c75d359d25137b5ef4e176f5eeb6c4342
Certificate serial: 019BFF4D3CD032808CC3153749885F9A2A7C
Authority key identifier: DE:12:EB:9C:75:D3:59:D2:51:37:B5:EF:4E:17:6F:5E:EB:6C:43:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3hLrnHXTWdJRN7XvThdvXutsQ0I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/269a04-77b4-4ee7-b164-c16787272049/1/Tm68QJ2snSiuZawcjur25m8_gQQ.roa
Signing time: Tue 27 Jan 2026 11:53:30 +0000
ROA not before: Tue 27 Jan 2026 11:53:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 135392
IP address blocks: 192.109.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/269a04-77b4-4ee7-b164-c16787272049/1/3hLrnHXTWdJRN7XvThdvXutsQ0I.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/269a04-77b4-4ee7-b164-c16787272049/1/3hLrnHXTWdJRN7XvThdvXutsQ0I.mft
rsync://rpki.ripe.net/repository/DEFAULT/3hLrnHXTWdJRN7XvThdvXutsQ0I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 14:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:ff:4d:3c:d0:32:80:8c:c3:15:37:49:88:5f:9a:2a:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de12eb9c75d359d25137b5ef4e176f5eeb6c4342
Validity
Not Before: Jan 27 11:53:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4e6ebc409dac9d28ae65ac1c8eeaf6e66f3f8104
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:33:53:3c:6e:a6:3f:95:66:5f:bd:fc:28:b0:
fb:47:dd:e2:23:8e:bd:34:d0:53:10:fe:50:16:16:
3f:3e:81:12:85:c7:c1:93:aa:ab:fe:0b:79:76:f8:
6f:99:6c:c3:f9:4c:33:2b:cd:2d:90:dd:59:e8:8e:
e3:4e:43:6f:64:a5:28:d3:96:f7:5e:f6:71:37:dc:
df:8c:0f:2b:17:7f:fe:5c:3a:c3:5e:05:48:10:f6:
bd:87:d7:02:8a:33:8a:9f:8a:02:1f:da:04:95:1e:
bc:50:4e:63:20:da:ba:5c:95:07:36:16:01:95:54:
7a:fd:d9:26:01:88:5d:10:6d:ea:d9:db:a9:33:70:
6f:bc:4a:f2:8e:13:18:55:47:dc:0b:8a:26:12:42:
31:e3:3c:08:f8:d4:f1:7a:bc:4c:53:51:3a:95:f7:
fe:5b:61:09:fb:05:4b:90:0d:21:86:63:d1:f8:56:
fb:e8:05:a4:6f:56:e5:b5:df:f3:d4:c1:65:51:30:
e0:44:d1:76:d4:65:60:07:1d:26:03:75:c6:6c:aa:
69:31:38:eb:dd:1d:7b:87:5c:e8:94:df:8e:f9:16:
4c:9d:ab:96:6e:c8:34:dc:e4:dc:c4:61:46:29:1b:
58:24:e0:81:63:b3:13:c5:c3:21:6a:a1:bc:23:20:
b5:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:6E:BC:40:9D:AC:9D:28:AE:65:AC:1C:8E:EA:F6:E6:6F:3F:81:04
X509v3 Authority Key Identifier:
keyid:DE:12:EB:9C:75:D3:59:D2:51:37:B5:EF:4E:17:6F:5E:EB:6C:43:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3hLrnHXTWdJRN7XvThdvXutsQ0I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/269a04-77b4-4ee7-b164-c16787272049/1/Tm68QJ2snSiuZawcjur25m8_gQQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/269a04-77b4-4ee7-b164-c16787272049/1/3hLrnHXTWdJRN7XvThdvXutsQ0I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.139.0/24
Signature Algorithm: sha256WithRSAEncryption
84:a8:72:de:1f:36:69:79:41:4e:8a:8f:fc:02:f2:8f:b9:27:
06:77:04:24:d7:05:ee:69:df:d8:42:ef:12:59:af:87:31:12:
e6:30:62:ec:f9:99:90:d3:8d:54:b7:c9:4f:c8:b1:9d:37:04:
12:a2:e1:0d:7c:93:84:dc:3a:c4:9d:8a:54:30:2f:f6:14:bc:
89:ca:fe:2a:b9:e0:31:87:8a:46:36:b0:d8:f7:60:9f:32:47:
37:5e:bf:36:bb:11:7d:ca:b7:4b:27:20:d1:19:f9:ae:b4:c3:
db:6f:35:a0:7a:b6:96:c5:7e:95:ac:9f:7e:48:2f:7b:14:d6:
ed:94:5f:fa:bc:5f:21:84:2e:c2:4e:ca:e4:a9:42:62:84:3f:
f0:62:6f:a4:6d:3b:23:30:0a:52:f1:d4:3a:19:b8:28:6f:af:
6a:9e:e3:4c:bd:1d:77:cc:20:67:39:77:4b:0b:9d:fa:9b:dc:
5f:87:da:f7:b3:76:21:4d:6a:9d:2c:33:4b:15:54:24:b2:25:
59:43:21:99:16:ea:90:71:70:7a:2a:d7:ea:78:05:2c:27:f8:
3e:05:8f:e6:4d:9b:a1:24:23:59:4b:d7:60:f5:90:28:0f:e3:
80:72:7c:82:e2:43:87:37:39:9c:9e:2a:19:14:70:70:62:ee:
15:02:b8:9f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZv/TTzQMoCMwxU3SYhfmip8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMTJlYjljNzVkMzU5ZDI1MTM3YjVlZjRlMTc2ZjVlZWI2
YzQzNDIwHhcNMjYwMTI3MTE1MzMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTZlYmM0MDlkYWM5ZDI4YWU2NWFjMWM4ZWVhZjZlNjZmM2Y4MTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTNTPG6mP5VmX738KLD7R93iI469
NNBTEP5QFhY/PoEShcfBk6qr/gt5dvhvmWzD+UwzK80tkN1Z6I7jTkNvZKUo05b3
XvZxN9zfjA8rF3/+XDrDXgVIEPa9h9cCijOKn4oCH9oElR68UE5jINq6XJUHNhYB
lVR6/dkmAYhdEG3q2dupM3BvvEryjhMYVUfcC4omEkIx4zwI+NTxerxMU1E6lff+
W2EJ+wVLkA0hhmPR+Fb76AWkb1bltd/z1MFlUTDgRNF21GVgBx0mA3XGbKppMTjr
3R17h1zolN+O+RZMnauWbsg03OTcxGFGKRtYJOCBY7MTxcMhaqG8IyC1MQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE5uvECdrJ0ormWsHI7q9uZvP4EEMB8GA1UdIwQY
MBaAFN4S65x101nSUTe1704Xb17rbENCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2hMcm5IWFRXZEpSTjdYdlRoZHZYdXRzUTBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC8yNjlhMDQtNzdiNC00ZWU3LWIxNjQt
YzE2Nzg3MjcyMDQ5LzEvVG02OFFKMnNuU2l1WmF3Y2p1cjI1bThfZ1FRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC8yNjlhMDQtNzdiNC00ZWU3LWIxNjQtYzE2Nzg3MjcyMDQ5
LzEvM2hMcm5IWFRXZEpSTjdYdlRoZHZYdXRzUTBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwG2LMA0G
CSqGSIb3DQEBCwUAA4IBAQCEqHLeHzZpeUFOio/8AvKPuScGdwQk1wXuad/YQu8S
Wa+HMRLmMGLs+ZmQ041Ut8lPyLGdNwQSouENfJOE3DrEnYpUMC/2FLyJyv4queAx
h4pGNrDY92CfMkc3Xr82uxF9yrdLJyDRGfmutMPbbzWgeraWxX6VrJ9+SC97FNbt
lF/6vF8hhC7CTsrkqUJihD/wYm+kbTsjMApS8dQ6Gbgob69qnuNMvR13zCBnOXdL
C536m9xfh9r3s3YhTWqdLDNLFVQksiVZQyGZFuqQcXB6KtfqeAUsJ/g+BY/mTZuh
JCNZS9dg9ZAoD+OAcnyC4kOHNzmcnioZFHBwYu4VArif
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:06:07 2026 by rpki-client