Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/934ec3-b76a-40d0-8a3a-824729ab4b9a/1/F9AVi6sObrhN5KteiyDZhiQ6K7Y.roa
File: F9AVi6sObrhN5KteiyDZhiQ6K7Y.roa (raw, json)
Hash identifier: z9q0kxM24fAYeNyq/pmadX1fT5Z0bG0j1bIUme2VW1Y=
Subject key identifier: 17:D0:15:8B:AB:0E:6E:B8:4D:E4:AB:5E:8B:20:D9:86:24:3A:2B:B6
Certificate issuer: /CN=12133a6523e2ed0a0c9a36ea8a7c6f0e72a5dd64
Certificate serial: 019E6AF95AAF385DE0E6921E79BD3D334E70
Authority key identifier: 12:13:3A:65:23:E2:ED:0A:0C:9A:36:EA:8A:7C:6F:0E:72:A5:DD:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EhM6ZSPi7QoMmjbqinxvDnKl3WQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/934ec3-b76a-40d0-8a3a-824729ab4b9a/1/F9AVi6sObrhN5KteiyDZhiQ6K7Y.roa
Signing time: Wed 27 May 2026 19:46:26 +0000
ROA not before: Wed 27 May 2026 19:46:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 47254
IP address blocks: 185.9.148.0/22 maxlen: 22
185.9.148.0/24 maxlen: 24
185.9.149.0/24 maxlen: 24
185.9.150.0/24 maxlen: 24
185.9.151.0/24 maxlen: 24
2a02:d1c0::/29 maxlen: 56
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/934ec3-b76a-40d0-8a3a-824729ab4b9a/1/EhM6ZSPi7QoMmjbqinxvDnKl3WQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/934ec3-b76a-40d0-8a3a-824729ab4b9a/1/EhM6ZSPi7QoMmjbqinxvDnKl3WQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/EhM6ZSPi7QoMmjbqinxvDnKl3WQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 10:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:6a:f9:5a:af:38:5d:e0:e6:92:1e:79:bd:3d:33:4e:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12133a6523e2ed0a0c9a36ea8a7c6f0e72a5dd64
Validity
Not Before: May 27 19:46:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=17d0158bab0e6eb84de4ab5e8b20d986243a2bb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:76:90:2f:47:f3:cb:a5:90:ac:33:cc:78:87:
db:fe:c1:ba:33:56:30:61:5e:9f:30:4e:5b:4c:bf:
8f:6a:79:25:7a:32:32:fb:4a:ba:4f:fb:c5:8b:ce:
d2:00:80:13:b7:02:fe:b0:ae:5c:ff:45:d3:f3:61:
7a:f6:c7:cb:20:31:24:c4:f2:f1:e6:df:a8:e2:82:
72:fc:bb:17:a0:2b:02:fb:27:05:e2:ba:c2:42:f7:
55:4c:69:38:9a:d3:8e:7b:50:92:0f:f0:e7:ca:86:
8d:0c:a0:50:1f:c0:64:11:18:ce:f2:ad:d3:be:08:
92:26:db:2c:3d:29:b2:ad:3f:e3:1f:36:f5:e0:ef:
70:4a:73:6e:ba:5e:d7:29:0a:3f:f1:42:b5:dc:d6:
ea:c4:19:94:25:23:dc:6f:b6:40:1d:59:fe:77:f2:
f8:e7:92:08:79:33:c4:01:b1:68:da:43:e0:ef:8d:
26:ed:e6:80:c2:13:e3:67:87:cf:ea:c3:ca:69:33:
fe:7c:06:77:2f:3c:15:ed:3c:fc:38:3b:39:82:89:
67:7d:83:81:d3:9e:db:98:00:14:a5:80:86:76:cc:
c3:eb:e8:46:ae:ee:b6:1c:76:38:92:b3:29:ad:5b:
a8:ee:1c:c5:7b:f6:cd:a4:c9:34:82:3c:68:f6:7f:
0c:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:D0:15:8B:AB:0E:6E:B8:4D:E4:AB:5E:8B:20:D9:86:24:3A:2B:B6
X509v3 Authority Key Identifier:
keyid:12:13:3A:65:23:E2:ED:0A:0C:9A:36:EA:8A:7C:6F:0E:72:A5:DD:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EhM6ZSPi7QoMmjbqinxvDnKl3WQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/934ec3-b76a-40d0-8a3a-824729ab4b9a/1/F9AVi6sObrhN5KteiyDZhiQ6K7Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/934ec3-b76a-40d0-8a3a-824729ab4b9a/1/EhM6ZSPi7QoMmjbqinxvDnKl3WQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.9.148.0/22
IPv6:
2a02:d1c0::/29
Signature Algorithm: sha256WithRSAEncryption
30:01:96:30:62:13:61:45:ec:01:0d:d8:ba:34:f2:54:79:cd:
5f:a7:b8:b9:8c:0f:89:15:23:85:91:40:2f:bf:9d:b9:bd:82:
af:6d:e6:f7:28:60:81:84:44:ea:91:c8:8a:1a:3b:7c:b5:d2:
56:91:9c:8a:60:0a:ae:b1:a7:97:a2:71:6e:28:6f:59:4e:a8:
5f:d7:38:d0:1f:95:9c:5a:e5:3a:d9:1b:27:ac:f3:ea:33:f2:
a9:c1:8c:f2:53:ff:be:51:cc:9c:a2:0a:ed:27:ef:83:9b:20:
96:e9:73:3d:c9:ed:d8:8e:d4:e2:90:ce:f7:ee:99:d4:33:5e:
08:13:e5:55:51:98:6c:2d:86:ee:9f:85:60:e3:bf:6a:1f:1d:
98:d0:80:38:85:1f:ba:c7:8a:75:73:fa:da:f4:94:10:b8:6c:
74:99:fb:ba:08:3d:6d:b9:20:a3:0d:8a:07:28:08:ac:83:13:
44:11:81:0e:28:98:cf:d4:fe:27:7e:ff:0a:3c:17:2b:35:a8:
36:44:87:97:d2:11:8e:bf:63:14:0a:08:38:0b:3a:02:eb:5c:
41:74:ef:9a:9b:e8:68:7b:2d:8c:b5:82:23:71:0d:61:ac:c2:
7a:cb:40:5b:7a:a5:13:e2:18:1f:d9:d3:0f:88:3d:57:cc:e2:
e6:35:c5:79
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZ5q+VqvOF3g5pIeeb09M05wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyMTMzYTY1MjNlMmVkMGEwYzlhMzZlYThhN2M2ZjBlNzJh
NWRkNjQwHhcNMjYwNTI3MTk0NjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2QwMTU4YmFiMGU2ZWI4NGRlNGFiNWU4YjIwZDk4NjI0M2EyYmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz3aQL0fzy6WQrDPMeIfb/sG6M1Yw
YV6fME5bTL+PanklejIy+0q6T/vFi87SAIATtwL+sK5c/0XT82F69sfLIDEkxPLx
5t+o4oJy/LsXoCsC+ycF4rrCQvdVTGk4mtOOe1CSD/DnyoaNDKBQH8BkERjO8q3T
vgiSJtssPSmyrT/jHzb14O9wSnNuul7XKQo/8UK13NbqxBmUJSPcb7ZAHVn+d/L4
55IIeTPEAbFo2kPg740m7eaAwhPjZ4fP6sPKaTP+fAZ3LzwV7Tz8ODs5golnfYOB
057bmAAUpYCGdszD6+hGru62HHY4krMprVuo7hzFe/bNpMk0gjxo9n8MfwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBfQFYurDm64TeSrXosg2YYkOiu2MB8GA1UdIwQY
MBaAFBITOmUj4u0KDJo26op8bw5ypd1kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWhNNlpTUGk3UW9NbWpicWlueHZEbktsM1dRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC85MzRlYzMtYjc2YS00MGQwLThhM2Et
ODI0NzI5YWI0YjlhLzEvRjlBVmk2c09icmhONUt0ZWl5RFpoaVE2SzdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC85MzRlYzMtYjc2YS00MGQwLThhM2EtODI0NzI5YWI0Yjlh
LzEvRWhNNlpTUGk3UW9NbWpicWlueHZEbktsM1dRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuQmUMA0E
AgACMAcDBQMqAtHAMA0GCSqGSIb3DQEBCwUAA4IBAQAwAZYwYhNhRewBDdi6NPJU
ec1fp7i5jA+JFSOFkUAvv525vYKvbeb3KGCBhETqkciKGjt8tdJWkZyKYAqusaeX
onFuKG9ZTqhf1zjQH5WcWuU62RsnrPPqM/KpwYzyU/++UcycogrtJ++DmyCW6XM9
ye3YjtTikM737pnUM14IE+VVUZhsLYbun4Vg479qHx2Y0IA4hR+6x4p1c/ra9JQQ
uGx0mfu6CD1tuSCjDYoHKAisgxNEEYEOKJjP1P4nfv8KPBcrNag2RIeX0hGOv2MU
Cgg4CzoC61xBdO+am+hoey2MtYIjcQ1hrMJ6y0BbeqUT4hgf2dMPiD1XzOLmNcV5
-----END CERTIFICATE-----
Generated at Sat Jun 13 20:28:12 2026 by rpki-client