Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/b59baf-113e-460b-93e7-338a98a1d9cb/1/DN6ibs0Loqd_NOxwUKm9cSPY9FY.roa
File: DN6ibs0Loqd_NOxwUKm9cSPY9FY.roa (raw, json)
Hash identifier: ly/1jnGi4XaTvL79PLWpmLP/HTUBejKbIP2HPKBANGI=
Subject key identifier: 0C:DE:A2:6E:CD:0B:A2:A7:7F:34:EC:70:50:A9:BD:71:23:D8:F4:56
Certificate issuer: /CN=fc05169be4c74952672597df103eeb1b47bb68a3
Certificate serial: 019B7758BD799A505A3B6A376B58B24EC8AB
Authority key identifier: FC:05:16:9B:E4:C7:49:52:67:25:97:DF:10:3E:EB:1B:47:BB:68:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_AUWm-THSVJnJZffED7rG0e7aKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/b59baf-113e-460b-93e7-338a98a1d9cb/1/DN6ibs0Loqd_NOxwUKm9cSPY9FY.roa
Signing time: Thu 01 Jan 2026 02:17:42 +0000
ROA not before: Thu 01 Jan 2026 02:17:42 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 57998
IP address blocks: 91.237.154.0/23 maxlen: 23
91.237.154.0/24 maxlen: 24
91.237.155.0/24 maxlen: 24
91.237.156.0/22 maxlen: 22
91.237.156.0/24 maxlen: 24
91.237.157.0/24 maxlen: 24
91.237.158.0/24 maxlen: 24
91.237.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/b59baf-113e-460b-93e7-338a98a1d9cb/1/_AUWm-THSVJnJZffED7rG0e7aKM.crl
rsync://rpki.ripe.net/repository/DEFAULT/85/b59baf-113e-460b-93e7-338a98a1d9cb/1/_AUWm-THSVJnJZffED7rG0e7aKM.mft
rsync://rpki.ripe.net/repository/DEFAULT/_AUWm-THSVJnJZffED7rG0e7aKM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:77:58:bd:79:9a:50:5a:3b:6a:37:6b:58:b2:4e:c8:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc05169be4c74952672597df103eeb1b47bb68a3
Validity
Not Before: Jan 1 02:17:42 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0cdea26ecd0ba2a77f34ec7050a9bd7123d8f456
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:fc:d6:70:50:d1:96:ef:72:d0:99:75:b3:32:
cf:c0:96:92:c1:1d:f6:b2:5b:30:a7:8c:e7:ea:bd:
fc:fd:12:35:3a:e3:2f:5b:41:07:11:f3:23:2f:76:
44:2c:1b:64:65:a0:0b:3f:bc:56:21:27:76:a2:1c:
b5:93:f2:62:a7:0e:69:83:3a:c5:fb:de:ab:a3:8c:
21:1c:6c:09:e1:1e:81:fa:9b:12:03:ab:03:34:28:
71:a3:8d:cb:74:38:ee:ae:5f:72:4c:c0:f5:df:4c:
2f:d8:94:19:4b:70:d4:de:40:39:f2:34:12:0c:68:
db:f9:31:0e:6f:82:59:f2:25:13:f1:c2:b5:b5:d1:
73:7b:fa:8b:93:63:d0:24:56:c5:7b:ca:57:50:a3:
ec:a5:bd:59:94:a0:7a:9e:cf:f9:ca:9c:bd:95:00:
5b:f2:cf:f0:50:f7:32:d8:3a:04:8b:c5:c4:27:9c:
3f:4b:5f:be:09:84:17:5e:0c:93:36:71:0e:b2:54:
92:79:d4:55:e1:9c:55:a2:f5:40:b0:68:ed:97:00:
cc:ad:6a:23:bb:c8:71:e9:f7:a0:67:8c:3b:65:5e:
4e:62:d1:6c:7f:01:92:6e:41:00:44:51:83:47:5f:
3d:23:38:0f:d1:90:48:01:ba:ad:8c:06:1d:8a:bd:
1a:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:DE:A2:6E:CD:0B:A2:A7:7F:34:EC:70:50:A9:BD:71:23:D8:F4:56
X509v3 Authority Key Identifier:
keyid:FC:05:16:9B:E4:C7:49:52:67:25:97:DF:10:3E:EB:1B:47:BB:68:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_AUWm-THSVJnJZffED7rG0e7aKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/b59baf-113e-460b-93e7-338a98a1d9cb/1/DN6ibs0Loqd_NOxwUKm9cSPY9FY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/b59baf-113e-460b-93e7-338a98a1d9cb/1/_AUWm-THSVJnJZffED7rG0e7aKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.237.154.0-91.237.159.255
Signature Algorithm: sha256WithRSAEncryption
96:41:18:4d:f0:d4:97:3c:fb:be:55:f4:e6:fc:65:ad:05:02:
7a:2d:4c:31:d1:58:5c:b7:d2:4d:ec:5d:d5:6b:64:ba:a0:c3:
e3:e3:23:cf:86:63:ef:04:d6:7d:75:68:49:1b:85:f8:6f:a6:
9f:9d:ba:d9:d5:d2:b3:9a:47:07:ac:7c:e4:56:8b:64:d8:d0:
fc:67:a7:c4:76:1d:55:4a:24:a3:70:e3:e8:5b:b4:09:49:0c:
d0:67:6e:e4:b1:99:8d:b9:06:c5:8d:4b:6b:9a:22:b6:1f:be:
52:43:2a:97:03:54:90:99:12:2b:fb:3e:67:5f:63:14:34:8a:
2c:26:d8:4c:a4:03:26:07:54:9c:1c:c9:83:0e:7c:de:ac:d4:
45:f2:bc:61:23:9b:ea:76:62:f1:37:ba:29:e0:d5:a6:2f:d8:
2c:17:1c:9a:b4:d3:82:70:1a:ca:27:7f:5a:aa:a4:08:9f:82:
ba:a7:1e:64:df:16:32:bb:00:5e:e5:fb:29:e1:3e:5e:66:b1:
9a:8d:6b:dd:4d:87:60:0c:b8:9b:6b:8f:c4:77:71:90:06:45:
c7:7a:0b:a8:87:9b:7e:d4:a1:2c:4d:89:aa:d9:c2:bb:c3:d8:
21:6e:f6:58:03:1a:1d:5a:ab:fb:88:ba:dc:09:ce:6f:b9:83:
f0:eb:64:fe
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZt3WL15mlBaO2o3a1iyTsirMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjMDUxNjliZTRjNzQ5NTI2NzI1OTdkZjEwM2VlYjFiNDdi
YjY4YTMwHhcNMjYwMTAxMDIxNzQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2RlYTI2ZWNkMGJhMmE3N2YzNGVjNzA1MGE5YmQ3MTIzZDhmNDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyfzWcFDRlu9y0Jl1szLPwJaSwR32
slswp4zn6r38/RI1OuMvW0EHEfMjL3ZELBtkZaALP7xWISd2ohy1k/Jipw5pgzrF
+96ro4whHGwJ4R6B+psSA6sDNChxo43LdDjurl9yTMD130wv2JQZS3DU3kA58jQS
DGjb+TEOb4JZ8iUT8cK1tdFze/qLk2PQJFbFe8pXUKPspb1ZlKB6ns/5ypy9lQBb
8s/wUPcy2DoEi8XEJ5w/S1++CYQXXgyTNnEOslSSedRV4ZxVovVAsGjtlwDMrWoj
u8hx6fegZ4w7ZV5OYtFsfwGSbkEARFGDR189IzgP0ZBIAbqtjAYdir0aTQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFAzeom7NC6KnfzTscFCpvXEj2PRWMB8GA1UdIwQY
MBaAFPwFFpvkx0lSZyWX3xA+6xtHu2ijMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0FVV20tVEhTVkpuSlpmZkVEN3JHMGU3YUtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS9iNTliYWYtMTEzZS00NjBiLTkzZTct
MzM4YTk4YTFkOWNiLzEvRE42aWJzMExvcWRfTk94d1VLbTljU1BZOUZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS9iNTliYWYtMTEzZS00NjBiLTkzZTctMzM4YTk4YTFkOWNi
LzEvX0FVV20tVEhTVkpuSlpmZkVEN3JHMGU3YUtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAFb7ZoD
BAVb7YAwDQYJKoZIhvcNAQELBQADggEBAJZBGE3w1Jc8+75V9Ob8Za0FAnotTDHR
WFy30k3sXdVrZLqgw+PjI8+GY+8E1n11aEkbhfhvpp+dutnV0rOaRwesfORWi2TY
0Pxnp8R2HVVKJKNw4+hbtAlJDNBnbuSxmY25BsWNS2uaIrYfvlJDKpcDVJCZEiv7
PmdfYxQ0iiwm2EykAyYHVJwcyYMOfN6s1EXyvGEjm+p2YvE3uing1aYv2CwXHJq0
04JwGsonf1qqpAifgrqnHmTfFjK7AF7l+ynhPl5msZqNa91Nh2AMuJtrj8R3cZAG
Rcd6C6iHm37UoSxNiarZwrvD2CFu9lgDGh1aq/uIutwJzm+5g/DrZP4=
-----END CERTIFICATE-----
Generated at Mon Mar 2 14:52:27 2026 by rpki-client