Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/kbz0tRhRVtL9bZdRKMNdU0j_NBA.roa
File: kbz0tRhRVtL9bZdRKMNdU0j_NBA.roa (raw, json)
Hash identifier: 0JG/311E7XJMg5C5/Ae+TZShy23EwThkB/m/IrtmlBc=
Subject key identifier: 91:BC:F4:B5:18:51:56:D2:FD:6D:97:51:28:C3:5D:53:48:FF:34:10
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 019EA87FD4F9C4E6E66A324B3A714D371126
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/kbz0tRhRVtL9bZdRKMNdU0j_NBA.roa
Signing time: Mon 08 Jun 2026 18:30:10 +0000
ROA not before: Mon 08 Jun 2026 18:30:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215468
IP address blocks: 72.35.247.0/24 maxlen: 24
78.17.234.0/24 maxlen: 24
89.125.148.0/24 maxlen: 24
140.225.210.0/24 maxlen: 24
206.245.154.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.mft
rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 02:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:a8:7f:d4:f9:c4:e6:e6:6a:32:4b:3a:71:4d:37:11:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jun 8 18:30:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=91bcf4b5185156d2fd6d975128c35d5348ff3410
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:51:cd:17:2e:e9:05:59:0d:62:0b:89:e9:cd:
84:da:f7:69:54:cc:2b:de:a5:99:c3:a2:8d:a4:3b:
eb:83:52:79:e2:7a:aa:c9:57:86:21:22:6b:05:ea:
8d:e2:9b:a0:64:8a:88:74:c3:cf:47:e3:67:49:96:
21:d6:9c:1d:a3:0a:e3:fb:57:68:e1:bc:d3:51:54:
dd:af:ac:58:4a:9a:af:5c:1d:e1:f5:f6:10:53:2f:
1d:5a:9c:54:0e:c6:e1:06:ff:3c:77:e7:7e:c3:98:
0e:45:e8:6a:14:cc:d3:ca:20:4b:ef:91:f8:7e:71:
6b:2e:2c:b0:0a:6d:52:32:de:bf:7c:91:c5:7b:b7:
1f:7d:88:56:4c:b7:9d:9e:46:99:3b:50:bb:85:23:
51:49:f6:9b:0a:bc:56:52:6c:a5:36:64:51:b8:03:
b0:d9:12:4c:bd:de:1e:4d:bb:bd:10:60:d0:54:1b:
79:25:e7:f9:6d:50:f9:53:ac:6c:e1:5e:38:37:b1:
25:42:d5:55:28:7e:c7:94:f4:2a:2b:97:6e:1c:f9:
5c:7c:fa:8d:8d:74:df:34:18:30:b9:01:a8:c0:51:
84:91:0e:e9:f4:19:06:58:08:f2:74:51:ee:ff:0c:
d6:4a:79:08:72:bd:21:a8:d7:0b:7d:4d:00:ab:14:
09:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:BC:F4:B5:18:51:56:D2:FD:6D:97:51:28:C3:5D:53:48:FF:34:10
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/kbz0tRhRVtL9bZdRKMNdU0j_NBA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
72.35.247.0/24
78.17.234.0/24
89.125.148.0/24
140.225.210.0/24
206.245.154.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:ca:81:8f:8e:3b:3b:15:56:9e:2b:2f:f6:1a:88:68:04:f8:
7e:f0:4e:a7:c9:d5:70:7a:19:d7:58:8e:b8:02:89:84:f8:dc:
31:77:82:ab:0b:f0:29:9c:cd:4a:dd:25:92:a4:f9:e8:56:15:
6a:a4:df:85:4e:dd:ef:bb:80:47:cd:41:e8:e8:74:f4:3e:22:
8e:b0:16:1b:5a:d6:5b:aa:54:0d:54:b3:22:3e:38:5b:c9:e4:
c2:7c:44:a0:8c:ad:97:dd:60:d7:d3:96:dc:38:c4:2c:41:da:
57:58:58:d0:ee:7c:89:55:b5:72:cf:5a:94:b2:27:bc:1d:08:
74:39:30:9b:15:17:95:cf:fc:3f:08:d7:df:1e:70:6f:79:dd:
77:1e:92:7d:90:05:0c:e1:54:97:f8:0f:52:f2:5c:23:bf:cf:
79:0f:23:d5:92:e6:88:21:64:2f:41:2d:14:89:7d:30:08:8c:
23:d2:b6:a1:f4:82:f2:8d:d5:ca:25:19:44:b4:74:31:a7:ee:
73:d6:ad:5e:73:91:20:50:3f:e5:77:d8:81:02:81:89:0c:34:
52:09:e7:a5:f0:a3:05:3d:7b:fc:99:67:37:ae:9d:c6:2e:72:
1f:ea:12:cd:d7:c2:18:b7:60:35:f0:ea:d5:2c:49:9d:c1:f2:
db:a8:b6:38
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ6of9T5xObmajJLOnFNNxEmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjYwNjA4MTgzMDEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWJjZjRiNTE4NTE1NmQyZmQ2ZDk3NTEyOGMzNWQ1MzQ4ZmYzNDEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAylHNFy7pBVkNYguJ6c2E2vdpVMwr
3qWZw6KNpDvrg1J54nqqyVeGISJrBeqN4pugZIqIdMPPR+NnSZYh1pwdowrj+1do
4bzTUVTdr6xYSpqvXB3h9fYQUy8dWpxUDsbhBv88d+d+w5gORehqFMzTyiBL75H4
fnFrLiywCm1SMt6/fJHFe7cffYhWTLednkaZO1C7hSNRSfabCrxWUmylNmRRuAOw
2RJMvd4eTbu9EGDQVBt5Jef5bVD5U6xs4V44N7ElQtVVKH7HlPQqK5duHPlcfPqN
jXTfNBgwuQGowFGEkQ7p9BkGWAjydFHu/wzWSnkIcr0hqNcLfU0AqxQJeQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJG89LUYUVbS/W2XUSjDXVNI/zQQMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEva2J6MHRSaFJWdEw5YlpkUktNTmRVMGpfTkJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQASCP3AwQA
ThHqAwQAWX2UAwQAjOHSAwQAzvWaMA0GCSqGSIb3DQEBCwUAA4IBAQAeyoGPjjs7
FVaeKy/2GohoBPh+8E6nydVwehnXWI64AomE+Nwxd4KrC/ApnM1K3SWSpPnoVhVq
pN+FTt3vu4BHzUHo6HT0PiKOsBYbWtZbqlQNVLMiPjhbyeTCfESgjK2X3WDX05bc
OMQsQdpXWFjQ7nyJVbVyz1qUsie8HQh0OTCbFReVz/w/CNffHnBved13HpJ9kAUM
4VSX+A9S8lwjv895DyPVkuaIIWQvQS0UiX0wCIwj0rah9ILyjdXKJRlEtHQxp+5z
1q1ec5EgUD/ld9iBAoGJDDRSCeel8KMFPXv8mWc3rp3GLnIf6hLN18IYt2A18OrV
LEmdwfLbqLY4
-----END CERTIFICATE-----
Generated at Sat Jun 13 11:29:51 2026 by rpki-client