Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/0f18df-26ef-4ec6-8667-7218855646e3/1/TlDmi0e1eAsdto3C4dPiL5RgxqY.roa
File: TlDmi0e1eAsdto3C4dPiL5RgxqY.roa (raw, json)
Hash identifier: QO/kRV/Z4o90qmVF9RiXYslLQcAUoP9dJryKCwCd5v8=
Subject key identifier: 4E:50:E6:8B:47:B5:78:0B:1D:B6:8D:C2:E1:D3:E2:2F:94:60:C6:A6
Certificate issuer: /CN=98e18fadaef7232d3161886acbea8ab323cf3570
Certificate serial: 019D4DB0EB5886023C28E768906FA199F876
Authority key identifier: 98:E1:8F:AD:AE:F7:23:2D:31:61:88:6A:CB:EA:8A:B3:23:CF:35:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mOGPra73Iy0xYYhqy-qKsyPPNXA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/0f18df-26ef-4ec6-8667-7218855646e3/1/TlDmi0e1eAsdto3C4dPiL5RgxqY.roa
Signing time: Thu 02 Apr 2026 10:15:33 +0000
ROA not before: Thu 02 Apr 2026 10:15:33 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 16509
IP address blocks: 185.222.249.0/24 maxlen: 24
185.222.251.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/0f18df-26ef-4ec6-8667-7218855646e3/1/mOGPra73Iy0xYYhqy-qKsyPPNXA.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/0f18df-26ef-4ec6-8667-7218855646e3/1/mOGPra73Iy0xYYhqy-qKsyPPNXA.mft
rsync://rpki.ripe.net/repository/DEFAULT/mOGPra73Iy0xYYhqy-qKsyPPNXA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:4d:b0:eb:58:86:02:3c:28:e7:68:90:6f:a1:99:f8:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98e18fadaef7232d3161886acbea8ab323cf3570
Validity
Not Before: Apr 2 10:15:33 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4e50e68b47b5780b1db68dc2e1d3e22f9460c6a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:b2:e0:74:90:2b:53:09:2f:21:90:00:11:53:
fc:ba:64:b5:45:12:57:89:49:1c:d8:83:ac:8b:8a:
7a:9d:10:69:b4:8a:f7:e7:9e:a9:47:0c:8a:21:91:
85:0b:fe:25:43:c2:fc:9c:07:7b:59:e1:0a:3e:b7:
76:4f:57:7a:ef:ed:11:6d:85:d0:31:e0:4f:7a:83:
24:2e:7e:86:8f:23:88:5e:63:e9:7d:ba:9c:3a:45:
b6:08:f9:7b:38:24:fb:24:32:c6:7d:61:98:59:0a:
81:84:36:7d:f6:9a:25:f5:00:fe:21:7c:a4:79:fc:
a9:9b:15:ec:07:7b:24:6f:38:a9:cb:f0:de:3c:6c:
d7:e3:a4:0c:11:50:22:c7:d8:f5:4e:40:63:f2:89:
3e:f1:0c:8c:89:c5:ca:22:53:62:4e:a7:f9:fc:78:
0f:18:ff:cc:21:94:93:f9:88:f0:0e:f8:00:74:7f:
e0:3b:2a:53:28:c6:c0:aa:3b:f7:61:f4:15:bf:ab:
42:a9:12:64:df:94:01:ec:43:ce:62:2d:43:9d:26:
d0:8f:67:fa:96:49:1a:e1:77:ff:11:8c:5a:ca:3e:
56:dc:4f:68:07:bf:1d:94:d0:c2:25:e5:c4:7c:20:
c9:28:0b:f3:7f:a3:60:a2:a6:55:40:61:ef:71:6e:
7b:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:50:E6:8B:47:B5:78:0B:1D:B6:8D:C2:E1:D3:E2:2F:94:60:C6:A6
X509v3 Authority Key Identifier:
keyid:98:E1:8F:AD:AE:F7:23:2D:31:61:88:6A:CB:EA:8A:B3:23:CF:35:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mOGPra73Iy0xYYhqy-qKsyPPNXA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/0f18df-26ef-4ec6-8667-7218855646e3/1/TlDmi0e1eAsdto3C4dPiL5RgxqY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/0f18df-26ef-4ec6-8667-7218855646e3/1/mOGPra73Iy0xYYhqy-qKsyPPNXA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.222.249.0/24
185.222.251.0/24
Signature Algorithm: sha256WithRSAEncryption
71:5f:1b:7c:7d:8a:8e:94:3b:58:d3:d1:bc:03:98:6e:40:7c:
be:3b:da:36:b3:6e:35:8e:4c:82:26:9e:90:c5:c4:57:c4:ca:
67:9f:77:96:62:0c:c5:cb:16:bb:6b:83:dc:fc:d0:e9:9c:aa:
bf:fc:22:3a:1d:d8:1a:35:01:de:83:ad:8e:ce:59:9d:2a:22:
2f:dc:6a:10:00:ab:4d:13:23:34:ee:ee:39:65:46:ac:22:3f:
7d:ba:bd:77:eb:45:d5:54:70:d3:09:93:f1:02:f7:62:a5:d8:
bf:16:1f:05:b5:a0:be:b0:a3:17:9b:b8:96:f7:fb:5f:1b:7f:
88:10:0e:99:98:2c:b9:d1:59:31:0b:98:3b:c8:57:ae:06:6b:
9b:bf:c4:da:67:40:9d:0f:5d:3e:3b:b2:b0:c2:9b:db:98:79:
fb:0d:47:d9:b9:7a:d5:1f:d7:7d:e7:65:a5:39:7e:b9:fd:f5:
b5:05:21:59:a9:62:5f:1e:4b:7d:7d:2e:65:14:b0:11:9e:fa:
a0:11:56:b7:80:6c:97:44:15:d8:38:a4:62:f7:cf:21:97:84:
d4:90:30:fc:aa:7d:8f:0f:a0:02:b3:5f:b6:38:5f:3f:fb:e8:
ce:9d:da:f6:d0:4f:1a:1b:ea:a5:17:b2:f1:cf:92:96:e7:3b:
04:76:86:87
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ1NsOtYhgI8KOdokG+hmfh2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4ZTE4ZmFkYWVmNzIzMmQzMTYxODg2YWNiZWE4YWIzMjNj
ZjM1NzAwHhcNMjYwNDAyMTAxNTMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTUwZTY4YjQ3YjU3ODBiMWRiNjhkYzJlMWQzZTIyZjk0NjBjNmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkbLgdJArUwkvIZAAEVP8umS1RRJX
iUkc2IOsi4p6nRBptIr3556pRwyKIZGFC/4lQ8L8nAd7WeEKPrd2T1d67+0RbYXQ
MeBPeoMkLn6GjyOIXmPpfbqcOkW2CPl7OCT7JDLGfWGYWQqBhDZ99pol9QD+IXyk
efypmxXsB3skbzipy/DePGzX46QMEVAix9j1TkBj8ok+8QyMicXKIlNiTqf5/HgP
GP/MIZST+YjwDvgAdH/gOypTKMbAqjv3YfQVv6tCqRJk35QB7EPOYi1DnSbQj2f6
lkka4Xf/EYxayj5W3E9oB78dlNDCJeXEfCDJKAvzf6NgoqZVQGHvcW57mwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE5Q5otHtXgLHbaNwuHT4i+UYMamMB8GA1UdIwQY
MBaAFJjhj62u9yMtMWGIasvqirMjzzVwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbU9HUHJhNzNJeTB4WVlocXktcUtzeVBQTlhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS8wZjE4ZGYtMjZlZi00ZWM2LTg2Njct
NzIxODg1NTY0NmUzLzEvVGxEbWkwZTFlQXNkdG8zQzRkUGlMNVJneHFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS8wZjE4ZGYtMjZlZi00ZWM2LTg2NjctNzIxODg1NTY0NmUz
LzEvbU9HUHJhNzNJeTB4WVlocXktcUtzeVBQTlhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAud75AwQA
ud77MA0GCSqGSIb3DQEBCwUAA4IBAQBxXxt8fYqOlDtY09G8A5huQHy+O9o2s241
jkyCJp6QxcRXxMpnn3eWYgzFyxa7a4Pc/NDpnKq//CI6HdgaNQHeg62OzlmdKiIv
3GoQAKtNEyM07u45ZUasIj99ur1360XVVHDTCZPxAvdipdi/Fh8FtaC+sKMXm7iW
9/tfG3+IEA6ZmCy50VkxC5g7yFeuBmubv8TaZ0CdD10+O7KwwpvbmHn7DUfZuXrV
H9d952WlOX65/fW1BSFZqWJfHkt9fS5lFLARnvqgEVa3gGyXRBXYOKRi988hl4TU
kDD8qn2PD6ACs1+2OF8/++jOndr20E8aG+qlF7Lxz5KW5zsEdoaH
-----END CERTIFICATE-----
Generated at Fri Apr 17 06:52:14 2026 by rpki-client