Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/Ttbcn6JfsHsTxwxbly5i0aVmKSQ.roa
File: Ttbcn6JfsHsTxwxbly5i0aVmKSQ.roa (raw, json)
Hash identifier: XHhI7HF9dLwVciXV7nzv0t0DUlALIeLRPGGTv10zccM=
Subject key identifier: 4E:D6:DC:9F:A2:5F:B0:7B:13:C7:0C:5B:97:2E:62:D1:A5:66:29:24
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 019D4F291ACA1ADABE07E5132E65205EE998
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/Ttbcn6JfsHsTxwxbly5i0aVmKSQ.roa
Signing time: Thu 02 Apr 2026 17:06:27 +0000
ROA not before: Thu 02 Apr 2026 17:06:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 208946
IP address blocks: 93.171.158.0/23 maxlen: 24
95.47.108.0/23 maxlen: 24
95.47.144.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 14:47:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:4f:29:1a:ca:1a:da:be:07:e5:13:2e:65:20:5e:e9:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Apr 2 17:06:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4ed6dc9fa25fb07b13c70c5b972e62d1a5662924
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:25:6c:43:9b:2f:5b:3a:3e:c9:c0:01:86:10:
12:e6:0e:11:c2:65:74:3b:c2:7d:88:9b:1e:a8:b6:
73:63:3e:c7:4c:1b:88:e6:68:a9:d3:7c:ad:7a:2a:
f2:1c:90:84:2e:3f:6e:11:dc:57:fc:b2:08:cf:f5:
48:01:43:ff:a1:9e:3f:9d:b0:e0:3e:28:79:05:48:
ec:70:66:1b:35:56:f3:12:7d:03:0a:8b:fd:4c:e6:
ab:03:51:c8:85:c7:f1:77:94:3a:74:52:cd:91:2b:
cd:c0:83:41:84:68:27:3c:0c:e9:53:65:c7:d6:07:
9c:c4:29:dc:ad:55:ed:d1:c2:dd:9c:35:ee:55:06:
31:d6:30:d3:a3:c4:65:34:8e:7a:02:09:7e:f3:46:
1c:90:a9:c2:e6:8d:70:a3:45:80:9d:6a:79:f1:38:
2b:b6:75:f7:eb:0e:d6:0c:9b:03:41:03:a0:cc:49:
3e:a9:e4:e6:53:49:96:19:96:46:a7:0a:a1:2a:93:
55:84:3d:5c:29:a2:75:8b:c8:bc:85:41:ca:bd:a6:
65:c9:c0:f9:99:2b:62:48:54:04:af:7b:e8:75:43:
09:71:5d:99:79:a8:5d:6a:a2:f6:0a:fe:0d:d3:3e:
2a:5f:10:9f:60:5c:36:0a:a4:2b:41:a2:cd:71:32:
15:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:D6:DC:9F:A2:5F:B0:7B:13:C7:0C:5B:97:2E:62:D1:A5:66:29:24
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/Ttbcn6JfsHsTxwxbly5i0aVmKSQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.171.158.0/23
95.47.108.0/23
95.47.144.0/23
Signature Algorithm: sha256WithRSAEncryption
52:60:93:d0:3f:83:5d:41:d6:1b:e7:e3:ed:0a:84:d8:ab:f0:
a9:83:f3:75:22:21:3e:c7:65:57:7d:9d:fb:ca:e7:bb:96:5c:
ad:1c:f1:e8:6e:f2:a4:33:35:06:c6:59:23:4d:91:3e:08:6c:
b8:8f:91:c4:77:19:c2:53:cb:7d:af:72:89:a5:ae:f3:8b:6d:
91:32:b3:10:23:7e:e1:91:8e:f6:e0:d6:52:f0:70:a5:3e:80:
e8:78:2d:e1:07:28:81:b0:25:cc:c0:cd:0a:94:f4:75:5b:26:
83:4c:c6:25:8c:f7:54:ef:46:a1:ed:ad:dd:ee:e1:7c:84:f0:
64:df:c4:b9:67:19:9d:2f:10:cc:54:0d:ab:50:cb:dc:c2:3a:
05:ae:41:95:9a:4c:e6:d1:88:70:4c:a5:23:bd:b6:fa:9e:fd:
03:42:3d:24:c0:48:82:4a:3e:4a:07:2d:cd:aa:34:90:77:11:
75:a2:ef:15:ed:3a:d7:e0:4e:3d:bf:30:cc:33:57:13:1f:13:
f5:30:e4:0a:c2:b1:9c:e9:ed:4d:87:7b:ff:78:0a:33:ef:02:
ff:1f:ed:a4:9e:03:05:ae:a2:d2:e7:e3:79:d2:04:4d:38:32:
32:49:af:91:49:6e:06:2c:18:fc:fd:c1:c3:38:14:73:28:16:
6a:81:55:c8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZ1PKRrKGtq+B+UTLmUgXumYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjYwNDAyMTcwNjI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWQ2ZGM5ZmEyNWZiMDdiMTNjNzBjNWI5NzJlNjJkMWE1NjYyOTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuSVsQ5svWzo+ycABhhAS5g4RwmV0
O8J9iJseqLZzYz7HTBuI5mip03yteiryHJCELj9uEdxX/LIIz/VIAUP/oZ4/nbDg
Pih5BUjscGYbNVbzEn0DCov9TOarA1HIhcfxd5Q6dFLNkSvNwINBhGgnPAzpU2XH
1gecxCncrVXt0cLdnDXuVQYx1jDTo8RlNI56Agl+80YckKnC5o1wo0WAnWp58Tgr
tnX36w7WDJsDQQOgzEk+qeTmU0mWGZZGpwqhKpNVhD1cKaJ1i8i8hUHKvaZlycD5
mStiSFQEr3vodUMJcV2ZeahdaqL2Cv4N0z4qXxCfYFw2CqQrQaLNcTIVUwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFE7W3J+iX7B7E8cMW5cuYtGlZikkMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvVHRiY242SmZzSHNUeHd4Ymx5NWkwYVZtS1NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBXaueAwQB
Xy9sAwQBXy+QMA0GCSqGSIb3DQEBCwUAA4IBAQBSYJPQP4NdQdYb5+PtCoTYq/Cp
g/N1IiE+x2VXfZ37yue7llytHPHobvKkMzUGxlkjTZE+CGy4j5HEdxnCU8t9r3KJ
pa7zi22RMrMQI37hkY724NZS8HClPoDoeC3hByiBsCXMwM0KlPR1WyaDTMYljPdU
70ah7a3d7uF8hPBk38S5ZxmdLxDMVA2rUMvcwjoFrkGVmkzm0YhwTKUjvbb6nv0D
Qj0kwEiCSj5KBy3NqjSQdxF1ou8V7TrX4E49vzDMM1cTHxP1MOQKwrGc6e1Nh3v/
eAoz7wL/H+2kngMFrqLS5+N50gRNODIySa+RSW4GLBj8/cHDOBRzKBZqgVXI
-----END CERTIFICATE-----
Generated at Fri Apr 17 17:59:07 2026 by rpki-client