Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/027fe3-0ccc-4a17-9606-b06431becaca/1/pdd46O_7-gqSCVYzyxen2RSC1dU.roa
File: pdd46O_7-gqSCVYzyxen2RSC1dU.roa (raw, json)
Hash identifier: GncF/pont0DY3uOfDhLzl1X5Kar3INu8dZi3iu5gRVM=
Subject key identifier: A5:D7:78:E8:EF:FB:FA:0A:92:09:56:33:CB:17:A7:D9:14:82:D5:D5
Certificate issuer: /CN=bf56b16e10fa45eeca1687b1689fc21f1811e775
Certificate serial: 019EA7FF146CC58DD914B00118060A833B90
Authority key identifier: BF:56:B1:6E:10:FA:45:EE:CA:16:87:B1:68:9F:C2:1F:18:11:E7:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v1axbhD6Re7KFoexaJ_CHxgR53U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/027fe3-0ccc-4a17-9606-b06431becaca/1/pdd46O_7-gqSCVYzyxen2RSC1dU.roa
Signing time: Mon 08 Jun 2026 16:09:32 +0000
ROA not before: Mon 08 Jun 2026 16:09:32 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 205472
IP address blocks: 185.255.4.0/22 maxlen: 24
185.255.4.0/24 maxlen: 24
185.255.5.0/24 maxlen: 24
185.255.6.0/24 maxlen: 24
185.255.7.0/24 maxlen: 24
2a01:f5c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/027fe3-0ccc-4a17-9606-b06431becaca/1/v1axbhD6Re7KFoexaJ_CHxgR53U.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/027fe3-0ccc-4a17-9606-b06431becaca/1/v1axbhD6Re7KFoexaJ_CHxgR53U.mft
rsync://rpki.ripe.net/repository/DEFAULT/v1axbhD6Re7KFoexaJ_CHxgR53U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 10:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:a7:ff:14:6c:c5:8d:d9:14:b0:01:18:06:0a:83:3b:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf56b16e10fa45eeca1687b1689fc21f1811e775
Validity
Not Before: Jun 8 16:09:32 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a5d778e8effbfa0a92095633cb17a7d91482d5d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:fd:67:dd:9d:3d:e7:d4:15:b2:43:22:42:b6:
bc:fa:ab:cf:b8:9e:87:8d:fc:38:18:b2:41:46:84:
01:ac:a8:e1:13:18:65:33:8a:d8:c2:aa:af:a6:a1:
00:2c:13:5f:56:cc:12:b4:bf:c9:c9:ec:30:bb:70:
11:25:47:f5:30:56:f8:00:ec:29:69:7c:28:7f:a8:
cc:94:45:03:1e:8a:3e:49:d1:e6:36:c7:c7:f1:e2:
8a:d9:b1:57:36:99:28:85:f1:27:8a:01:b0:08:49:
2d:b1:99:15:33:0a:e9:41:da:60:ec:4b:7f:f4:0e:
4a:d5:2c:d8:0a:14:6e:f5:95:8a:aa:0a:7a:12:6c:
12:f2:dd:87:06:5f:0c:6f:98:f4:de:58:08:be:5f:
a4:c6:96:1b:b5:af:0a:12:2c:f0:3d:1d:ce:d0:f3:
24:2b:e8:dd:82:68:62:bb:f5:80:42:eb:9f:a4:81:
3c:f5:96:df:00:5b:07:87:cf:91:7b:bc:22:15:77:
24:5e:1e:32:86:fe:82:a0:7c:a7:8b:73:7d:02:c5:
4c:2a:2e:0b:a3:fc:a8:01:bd:78:3f:30:f7:2c:21:
f2:3a:d7:a7:12:bc:1a:5c:e9:41:95:86:c2:91:6f:
ce:39:76:26:14:5b:ed:06:5c:83:34:06:28:33:27:
9a:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:D7:78:E8:EF:FB:FA:0A:92:09:56:33:CB:17:A7:D9:14:82:D5:D5
X509v3 Authority Key Identifier:
keyid:BF:56:B1:6E:10:FA:45:EE:CA:16:87:B1:68:9F:C2:1F:18:11:E7:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v1axbhD6Re7KFoexaJ_CHxgR53U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/027fe3-0ccc-4a17-9606-b06431becaca/1/pdd46O_7-gqSCVYzyxen2RSC1dU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/027fe3-0ccc-4a17-9606-b06431becaca/1/v1axbhD6Re7KFoexaJ_CHxgR53U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.255.4.0/22
IPv6:
2a01:f5c0::/32
Signature Algorithm: sha256WithRSAEncryption
12:54:2f:2b:41:90:8e:81:4b:8f:19:3c:94:df:2a:84:80:fc:
e4:49:fc:7c:c8:06:f8:08:2e:46:3b:69:00:d3:c7:fe:14:05:
c5:ff:86:0e:25:31:c9:19:63:4d:5b:06:96:87:ec:3a:03:7e:
7f:c8:a8:e9:32:b1:78:5a:60:bf:45:d0:78:ec:f1:89:39:c8:
42:dd:d7:2f:98:f0:ab:42:d4:63:42:b3:5e:f2:5d:b4:e2:14:
05:7a:e5:25:01:94:ea:31:e7:80:aa:71:89:cc:e5:aa:e8:c4:
5b:24:64:47:f5:2f:05:d8:00:03:01:1b:ee:2c:9b:92:1b:6b:
c6:bb:e1:b5:38:7b:51:e0:2b:02:a5:72:ca:1c:13:cd:ac:47:
4b:b0:d5:0d:89:4e:7c:0e:5d:e0:d7:51:40:5b:d8:5d:81:82:
da:7d:89:99:b5:00:99:d0:f9:d7:ae:3b:94:f0:30:7d:f6:49:
4d:bc:2e:30:6b:33:6b:cd:12:22:df:9a:0d:1a:3b:25:95:a0:
9b:8b:d0:fa:9f:8b:ae:35:23:a7:cd:ab:e4:e3:1d:aa:5c:d0:
9a:84:ed:f3:a7:bd:6f:a0:d0:34:77:4f:e1:cb:75:45:0b:de:
bf:b1:5d:3f:21:10:20:d1:bb:c6:a7:12:f1:4a:f2:f2:e3:e9:
b9:b5:76:d8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZ6n/xRsxY3ZFLABGAYKgzuQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmNTZiMTZlMTBmYTQ1ZWVjYTE2ODdiMTY4OWZjMjFmMTgx
MWU3NzUwHhcNMjYwNjA4MTYwOTMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWQ3NzhlOGVmZmJmYTBhOTIwOTU2MzNjYjE3YTdkOTE0ODJkNWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsP1n3Z0959QVskMiQra8+qvPuJ6H
jfw4GLJBRoQBrKjhExhlM4rYwqqvpqEALBNfVswStL/Jyewwu3ARJUf1MFb4AOwp
aXwof6jMlEUDHoo+SdHmNsfH8eKK2bFXNpkohfEnigGwCEktsZkVMwrpQdpg7Et/
9A5K1SzYChRu9ZWKqgp6EmwS8t2HBl8Mb5j03lgIvl+kxpYbta8KEizwPR3O0PMk
K+jdgmhiu/WAQuufpIE89ZbfAFsHh8+Re7wiFXckXh4yhv6CoHyni3N9AsVMKi4L
o/yoAb14PzD3LCHyOtenErwaXOlBlYbCkW/OOXYmFFvtBlyDNAYoMyeaNQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKXXeOjv+/oKkglWM8sXp9kUgtXVMB8GA1UdIwQY
MBaAFL9WsW4Q+kXuyhaHsWifwh8YEed1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjFheGJoRDZSZTdLRm9leGFKX0NIeGdSNTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi8wMjdmZTMtMGNjYy00YTE3LTk2MDYt
YjA2NDMxYmVjYWNhLzEvcGRkNDZPXzctZ3FTQ1ZZenl4ZW4yUlNDMWRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi8wMjdmZTMtMGNjYy00YTE3LTk2MDYtYjA2NDMxYmVjYWNh
LzEvdjFheGJoRDZSZTdLRm9leGFKX0NIeGdSNTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuf8EMA0E
AgACMAcDBQAqAfXAMA0GCSqGSIb3DQEBCwUAA4IBAQASVC8rQZCOgUuPGTyU3yqE
gPzkSfx8yAb4CC5GO2kA08f+FAXF/4YOJTHJGWNNWwaWh+w6A35/yKjpMrF4WmC/
RdB47PGJOchC3dcvmPCrQtRjQrNe8l204hQFeuUlAZTqMeeAqnGJzOWq6MRbJGRH
9S8F2AADARvuLJuSG2vGu+G1OHtR4CsCpXLKHBPNrEdLsNUNiU58Dl3g11FAW9hd
gYLafYmZtQCZ0PnXrjuU8DB99klNvC4wazNrzRIi35oNGjsllaCbi9D6n4uuNSOn
zavk4x2qXNCahO3zp71voNA0d0/hy3VFC96/sV0/IRAg0bvGpxLxSvLy4+m5tXbY
-----END CERTIFICATE-----
Generated at Sat Jun 13 20:28:21 2026 by rpki-client