Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/68bff6-7b2c-4ecf-8006-ed14af6db888/1/ttuyL-r_sF14vrJmSfGRByq4NVU.roa
File: ttuyL-r_sF14vrJmSfGRByq4NVU.roa (raw, json)
Hash identifier: m+09LyVjwBpCJnAmv2ZE6YEVLeDzveLbBNnCOc68a84=
Subject key identifier: B6:DB:B2:2F:EA:FF:B0:5D:78:BE:B2:66:49:F1:91:07:2A:B8:35:55
Certificate issuer: /CN=e686965509a649c508ab8ab72f7257bef35f7930
Certificate serial: 019EA86631490D39852141C52A451442E346
Authority key identifier: E6:86:96:55:09:A6:49:C5:08:AB:8A:B7:2F:72:57:BE:F3:5F:79:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5oaWVQmmScUIq4q3L3JXvvNfeTA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/68bff6-7b2c-4ecf-8006-ed14af6db888/1/ttuyL-r_sF14vrJmSfGRByq4NVU.roa
Signing time: Mon 08 Jun 2026 18:02:10 +0000
ROA not before: Mon 08 Jun 2026 18:02:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 216058
IP address blocks: 2.56.204.0/22 maxlen: 24
91.195.254.0/23 maxlen: 24
91.198.108.0/23 maxlen: 24
188.164.152.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/68bff6-7b2c-4ecf-8006-ed14af6db888/1/5oaWVQmmScUIq4q3L3JXvvNfeTA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/68bff6-7b2c-4ecf-8006-ed14af6db888/1/5oaWVQmmScUIq4q3L3JXvvNfeTA.mft
rsync://rpki.ripe.net/repository/DEFAULT/5oaWVQmmScUIq4q3L3JXvvNfeTA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 22:01:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:a8:66:31:49:0d:39:85:21:41:c5:2a:45:14:42:e3:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e686965509a649c508ab8ab72f7257bef35f7930
Validity
Not Before: Jun 8 18:02:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b6dbb22feaffb05d78beb26649f191072ab83555
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:81:16:e0:2f:28:0d:25:b3:21:3b:47:07:6c:
b9:d6:10:a1:73:f1:c6:a7:d2:dc:88:af:9e:85:16:
de:de:98:8f:75:57:82:58:36:e5:e2:55:e0:86:30:
b2:c0:56:3e:05:8e:a0:cd:c3:7e:18:83:03:3e:d1:
2a:ed:1c:30:22:20:9d:57:31:e5:c3:c4:99:9f:ac:
40:d6:27:e4:ba:e5:a2:5d:9f:ec:a1:9b:f1:d7:a8:
44:44:e3:53:b4:bb:d9:f3:5a:85:f8:f3:00:d4:0a:
b8:00:de:91:5b:0f:ff:33:f7:c4:35:5c:29:1a:5f:
68:9a:c8:1e:42:93:12:eb:b5:d9:0a:ec:3b:67:cb:
f5:b8:54:6d:f4:26:f0:48:ce:40:40:7d:7e:d6:f8:
82:03:24:b4:af:6a:13:10:e1:4f:f4:90:6f:e2:50:
18:b6:59:36:9d:23:43:66:88:03:03:1b:5c:15:9b:
e9:03:25:e8:72:e9:c3:9e:1d:91:d3:27:1f:4e:ab:
62:6f:45:4c:2b:3e:06:ed:9f:0d:c1:76:c6:96:2a:
38:fe:77:dd:60:0c:e9:71:c9:20:0d:8e:ef:70:3e:
fb:35:07:f0:3d:99:70:cc:35:ba:56:c0:56:c5:aa:
d3:78:43:1d:53:b6:f2:c8:cf:7f:41:fa:5a:e9:2f:
10:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:DB:B2:2F:EA:FF:B0:5D:78:BE:B2:66:49:F1:91:07:2A:B8:35:55
X509v3 Authority Key Identifier:
keyid:E6:86:96:55:09:A6:49:C5:08:AB:8A:B7:2F:72:57:BE:F3:5F:79:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5oaWVQmmScUIq4q3L3JXvvNfeTA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/68bff6-7b2c-4ecf-8006-ed14af6db888/1/ttuyL-r_sF14vrJmSfGRByq4NVU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/68bff6-7b2c-4ecf-8006-ed14af6db888/1/5oaWVQmmScUIq4q3L3JXvvNfeTA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.204.0/22
91.195.254.0/23
91.198.108.0/23
188.164.152.0/21
Signature Algorithm: sha256WithRSAEncryption
a3:24:b1:47:37:b0:c0:16:fc:14:29:81:79:22:b1:88:3f:ba:
8a:63:cb:5b:10:5a:23:a4:cc:8d:b5:d5:10:fc:8f:33:f6:48:
99:a4:6e:da:e7:73:65:a7:ef:c2:30:8d:dc:47:fa:d4:0e:46:
56:c7:6d:32:20:70:21:52:2b:ff:4c:3f:4d:47:5c:2c:a5:ae:
a7:12:3a:d9:a4:20:0f:8b:5f:5f:31:eb:b5:ed:60:f2:e1:e5:
de:2a:53:1c:eb:d5:7a:96:70:ef:0e:4b:0b:37:82:02:19:46:
40:6f:f1:19:c6:58:00:ba:93:68:23:ad:8c:3d:f2:c4:56:12:
96:dd:97:5c:24:1d:16:18:6a:cc:9a:2a:93:f4:75:e5:97:5b:
3a:16:d4:a4:3d:ca:47:e9:ac:60:e6:3d:4f:fd:d6:e0:51:d6:
21:ca:58:22:18:71:80:34:e8:6d:51:f4:3f:3a:f0:00:85:30:
d6:a3:d0:e0:8d:04:39:b2:6a:38:08:17:74:81:f7:5f:69:61:
51:55:30:a3:4b:bd:9c:0a:3e:88:0c:01:cf:fa:00:e8:ae:af:
6c:be:9b:c0:80:74:63:60:29:f7:38:11:b6:9f:03:65:1d:9b:
bd:a5:db:61:bc:12:3f:a2:bd:55:fd:ad:88:ad:11:07:93:5d:
d6:18:49:6d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ6oZjFJDTmFIUHFKkUUQuNGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2ODY5NjU1MDlhNjQ5YzUwOGFiOGFiNzJmNzI1N2JlZjM1
Zjc5MzAwHhcNMjYwNjA4MTgwMjEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmRiYjIyZmVhZmZiMDVkNzhiZWIyNjY0OWYxOTEwNzJhYjgzNTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApoEW4C8oDSWzITtHB2y51hChc/HG
p9LciK+ehRbe3piPdVeCWDbl4lXghjCywFY+BY6gzcN+GIMDPtEq7RwwIiCdVzHl
w8SZn6xA1ifkuuWiXZ/soZvx16hERONTtLvZ81qF+PMA1Aq4AN6RWw//M/fENVwp
Gl9omsgeQpMS67XZCuw7Z8v1uFRt9CbwSM5AQH1+1viCAyS0r2oTEOFP9JBv4lAY
tlk2nSNDZogDAxtcFZvpAyXocunDnh2R0ycfTqtib0VMKz4G7Z8NwXbGlio4/nfd
YAzpcckgDY7vcD77NQfwPZlwzDW6VsBWxarTeEMdU7byyM9/Qfpa6S8QPQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLbbsi/q/7BdeL6yZknxkQcquDVVMB8GA1UdIwQY
MBaAFOaGllUJpknFCKuKty9yV77zX3kwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNW9hV1ZRbW1TY1VJcTRxM0wzSlh2dk5mZVRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS82OGJmZjYtN2IyYy00ZWNmLTgwMDYt
ZWQxNGFmNmRiODg4LzEvdHR1eUwtcl9zRjE0dnJKbVNmR1JCeXE0TlZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS82OGJmZjYtN2IyYy00ZWNmLTgwMDYtZWQxNGFmNmRiODg4
LzEvNW9hV1ZRbW1TY1VJcTRxM0wzSlh2dk5mZVRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCAjjMAwQB
W8P+AwQBW8ZsAwQDvKSYMA0GCSqGSIb3DQEBCwUAA4IBAQCjJLFHN7DAFvwUKYF5
IrGIP7qKY8tbEFojpMyNtdUQ/I8z9kiZpG7a53Nlp+/CMI3cR/rUDkZWx20yIHAh
Uiv/TD9NR1wspa6nEjrZpCAPi19fMeu17WDy4eXeKlMc69V6lnDvDksLN4ICGUZA
b/EZxlgAupNoI62MPfLEVhKW3ZdcJB0WGGrMmiqT9HXll1s6FtSkPcpH6axg5j1P
/dbgUdYhylgiGHGANOhtUfQ/OvAAhTDWo9DgjQQ5smo4CBd0gfdfaWFRVTCjS72c
Cj6IDAHP+gDorq9svpvAgHRjYCn3OBG2nwNlHZu9pdthvBI/or1V/a2IrREHk13W
GElt
-----END CERTIFICATE-----
Generated at Sat Jun 13 06:41:11 2026 by rpki-client