Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/1fce93-02ea-4f99-99c2-08c2123580ed/1/T6YNdFIaF-czM-g1VhpOgA_jz2g.roa
File: T6YNdFIaF-czM-g1VhpOgA_jz2g.roa (raw, json)
Hash identifier: FtUCQo9ogO2LSRjNlogGTjSuxhZ4zAwyRhfB5dWUMs0=
Subject key identifier: 4F:A6:0D:74:52:1A:17:E7:33:33:E8:35:56:1A:4E:80:0F:E3:CF:68
Certificate issuer: /CN=05899f3976487038a3fa6343952b14b4d072b33d
Certificate serial: 019EA1E12F9915CAF98B54C0819E613FEDF3
Authority key identifier: 05:89:9F:39:76:48:70:38:A3:FA:63:43:95:2B:14:B4:D0:72:B3:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BYmfOXZIcDij-mNDlSsUtNBysz0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/1fce93-02ea-4f99-99c2-08c2123580ed/1/T6YNdFIaF-czM-g1VhpOgA_jz2g.roa
Signing time: Sun 07 Jun 2026 11:39:09 +0000
ROA not before: Sun 07 Jun 2026 11:39:09 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 44090
IP address blocks: 109.70.237.0/24 maxlen: 24
185.179.168.0/22 maxlen: 22
185.179.168.0/24 maxlen: 24
2a0a:74c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ae/1fce93-02ea-4f99-99c2-08c2123580ed/1/BYmfOXZIcDij-mNDlSsUtNBysz0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ae/1fce93-02ea-4f99-99c2-08c2123580ed/1/BYmfOXZIcDij-mNDlSsUtNBysz0.mft
rsync://rpki.ripe.net/repository/DEFAULT/BYmfOXZIcDij-mNDlSsUtNBysz0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:a1:e1:2f:99:15:ca:f9:8b:54:c0:81:9e:61:3f:ed:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05899f3976487038a3fa6343952b14b4d072b33d
Validity
Not Before: Jun 7 11:39:09 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4fa60d74521a17e73333e835561a4e800fe3cf68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:43:05:90:4c:fa:03:79:f2:1f:36:81:f0:ce:
71:9b:73:39:91:4b:88:4f:51:26:a1:ff:8c:6b:97:
c0:8d:67:15:2e:b8:1f:c8:8f:5c:95:ce:c5:db:f4:
41:b4:9f:18:39:9e:63:f1:12:a1:17:11:d1:aa:6b:
61:80:d8:7a:26:be:bf:62:3b:32:8e:e5:48:b4:08:
54:88:0b:f5:19:e6:c7:f6:21:aa:67:30:63:f6:59:
b4:df:d9:21:29:0d:25:95:7c:6c:5c:8e:36:6f:08:
a1:c8:11:0e:f2:b5:34:92:97:14:ff:37:a0:be:0e:
cc:36:a3:88:bf:45:cb:8e:40:17:4a:4f:6a:59:76:
ea:aa:04:0a:a9:9d:7f:5a:70:97:c2:ff:d2:17:94:
de:09:09:05:ae:72:2e:3e:45:13:39:1a:83:37:94:
a9:31:39:1b:e6:1b:59:12:19:a7:f5:9f:62:1b:7c:
1a:7c:ff:45:53:d7:87:71:71:d2:95:48:d1:55:39:
3d:bc:bf:64:3a:72:04:c2:3e:39:83:28:05:4b:99:
b8:08:b0:96:8d:93:c7:29:43:9d:a9:4d:4e:29:ec:
a4:7b:6b:fc:93:ce:3e:38:f8:c1:33:f0:5e:12:01:
76:a9:ba:3e:23:ee:69:00:f7:2a:cb:99:3e:e8:ba:
81:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:A6:0D:74:52:1A:17:E7:33:33:E8:35:56:1A:4E:80:0F:E3:CF:68
X509v3 Authority Key Identifier:
keyid:05:89:9F:39:76:48:70:38:A3:FA:63:43:95:2B:14:B4:D0:72:B3:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BYmfOXZIcDij-mNDlSsUtNBysz0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/1fce93-02ea-4f99-99c2-08c2123580ed/1/T6YNdFIaF-czM-g1VhpOgA_jz2g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/1fce93-02ea-4f99-99c2-08c2123580ed/1/BYmfOXZIcDij-mNDlSsUtNBysz0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.70.237.0/24
185.179.168.0/22
IPv6:
2a0a:74c0::/32
Signature Algorithm: sha256WithRSAEncryption
a9:e5:8d:97:70:f4:a9:f1:a4:25:fc:90:8c:bd:ae:c5:9e:ee:
df:12:ac:c0:9e:74:07:2d:d7:bf:3f:57:f3:b5:53:43:48:d7:
30:a9:18:e3:f8:06:73:7d:f0:30:93:33:d0:dc:9c:67:15:1f:
fc:c3:24:65:94:eb:e4:9a:11:a4:38:a7:e7:d7:1f:7c:b0:de:
01:5b:80:79:d7:3b:0d:d8:28:23:e6:0f:42:3e:63:05:82:3f:
86:6b:15:03:15:b9:fa:87:6b:a9:29:88:3a:66:1b:62:91:e8:
75:6d:9a:a6:ac:8a:ab:33:78:e1:70:f3:df:b4:30:1c:6b:59:
8c:fe:b5:36:0d:da:61:3b:c6:26:bf:ca:a3:f0:d4:e1:22:3b:
83:f0:7f:ec:19:70:56:49:13:35:ba:0b:86:a9:f0:51:08:2e:
ef:d5:76:4e:c1:d7:4b:6b:43:5a:09:0e:5a:45:42:73:8b:18:
b5:c8:50:23:cf:75:8f:92:c2:28:bc:bd:88:93:f0:ad:68:e4:
db:af:68:2a:83:74:9e:76:f7:42:63:84:f6:bf:e5:8f:84:fb:
ee:89:fe:51:b5:19:7e:44:dd:3b:6c:a8:98:08:86:73:65:65:
40:33:c6:93:b8:10:39:08:43:b7:29:17:1e:d5:99:68:28:e4:
da:17:9c:45
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZ6h4S+ZFcr5i1TAgZ5hP+3zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1ODk5ZjM5NzY0ODcwMzhhM2ZhNjM0Mzk1MmIxNGI0ZDA3
MmIzM2QwHhcNMjYwNjA3MTEzOTA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmE2MGQ3NDUyMWExN2U3MzMzM2U4MzU1NjFhNGU4MDBmZTNjZjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyEMFkEz6A3nyHzaB8M5xm3M5kUuI
T1Emof+Ma5fAjWcVLrgfyI9clc7F2/RBtJ8YOZ5j8RKhFxHRqmthgNh6Jr6/Yjsy
juVItAhUiAv1GebH9iGqZzBj9lm039khKQ0llXxsXI42bwihyBEO8rU0kpcU/zeg
vg7MNqOIv0XLjkAXSk9qWXbqqgQKqZ1/WnCXwv/SF5TeCQkFrnIuPkUTORqDN5Sp
MTkb5htZEhmn9Z9iG3wafP9FU9eHcXHSlUjRVTk9vL9kOnIEwj45gygFS5m4CLCW
jZPHKUOdqU1OKeyke2v8k84+OPjBM/BeEgF2qbo+I+5pAPcqy5k+6LqBNQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFE+mDXRSGhfnMzPoNVYaToAP489oMB8GA1UdIwQY
MBaAFAWJnzl2SHA4o/pjQ5UrFLTQcrM9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlltZk9YWkljRGlqLW1ORGxTc1V0TkJ5c3owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS8xZmNlOTMtMDJlYS00Zjk5LTk5YzIt
MDhjMjEyMzU4MGVkLzEvVDZZTmRGSWFGLWN6TS1nMVZocE9nQV9qejJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS8xZmNlOTMtMDJlYS00Zjk5LTk5YzItMDhjMjEyMzU4MGVk
LzEvQlltZk9YWkljRGlqLW1ORGxTc1V0TkJ5c3owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAbUbtAwQC
ubOoMA0EAgACMAcDBQAqCnTAMA0GCSqGSIb3DQEBCwUAA4IBAQCp5Y2XcPSp8aQl
/JCMva7Fnu7fEqzAnnQHLde/P1fztVNDSNcwqRjj+AZzffAwkzPQ3JxnFR/8wyRl
lOvkmhGkOKfn1x98sN4BW4B51zsN2Cgj5g9CPmMFgj+GaxUDFbn6h2upKYg6Zhti
keh1bZqmrIqrM3jhcPPftDAca1mM/rU2DdphO8Ymv8qj8NThIjuD8H/sGXBWSRM1
uguGqfBRCC7v1XZOwddLa0NaCQ5aRUJzixi1yFAjz3WPksIovL2Ik/CtaOTbr2gq
g3SedvdCY4T2v+WPhPvuif5RtRl+RN07bKiYCIZzZWVAM8aTuBA5CEO3KRce1Zlo
KOTaF5xF
-----END CERTIFICATE-----
Generated at Sat Jun 13 13:53:25 2026 by rpki-client