Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/a9fcc9-67b2-44d6-b566-100f84fe950c/1/4seyTDBe9bL2x8Z_6sMBSrOYvgM.roa
File: 4seyTDBe9bL2x8Z_6sMBSrOYvgM.roa (raw, json)
Hash identifier: Ld+vj6OA1gKqESzL9huJc2LDFrgP5kvfK/8UeR3bm/4=
Subject key identifier: E2:C7:B2:4C:30:5E:F5:B2:F6:C7:C6:7F:EA:C3:01:4A:B3:98:BE:03
Certificate issuer: /CN=f50b6b425600a25a6dc132de514797e2aa4b0247
Certificate serial: 019B7D5AB13DBDACBA9311ED6B27EA5620EF
Authority key identifier: F5:0B:6B:42:56:00:A2:5A:6D:C1:32:DE:51:47:97:E2:AA:4B:02:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9QtrQlYAolptwTLeUUeX4qpLAkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/a9fcc9-67b2-44d6-b566-100f84fe950c/1/4seyTDBe9bL2x8Z_6sMBSrOYvgM.roa
Signing time: Fri 02 Jan 2026 06:17:34 +0000
ROA not before: Fri 02 Jan 2026 06:17:34 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 199743
IP address blocks: 91.217.210.0/24 maxlen: 24
185.48.68.0/22 maxlen: 28
2a01:9660::/32 maxlen: 32
2a01:9660:19::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/a9fcc9-67b2-44d6-b566-100f84fe950c/1/9QtrQlYAolptwTLeUUeX4qpLAkc.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/a9fcc9-67b2-44d6-b566-100f84fe950c/1/9QtrQlYAolptwTLeUUeX4qpLAkc.mft
rsync://rpki.ripe.net/repository/DEFAULT/9QtrQlYAolptwTLeUUeX4qpLAkc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7d:5a:b1:3d:bd:ac:ba:93:11:ed:6b:27:ea:56:20:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f50b6b425600a25a6dc132de514797e2aa4b0247
Validity
Not Before: Jan 2 06:17:34 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e2c7b24c305ef5b2f6c7c67feac3014ab398be03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:a8:33:18:20:69:04:9c:ad:6b:1c:42:b1:8e:
4b:9a:2f:92:10:38:b4:da:98:58:75:ab:cb:85:02:
12:6d:cb:ab:b9:39:ba:9d:67:e5:67:c1:83:3f:a2:
c4:d3:9d:e1:30:03:9b:6f:3f:75:5a:4f:9f:d2:9d:
47:54:c6:68:89:84:56:57:d8:56:b7:ad:f5:0d:d7:
6d:69:55:32:70:e6:43:89:4f:fb:51:cd:50:7b:20:
69:4b:4d:b8:92:2f:99:ce:0e:09:80:00:d2:54:5e:
e7:f0:1a:22:39:86:67:4f:51:09:7f:54:95:b5:a0:
26:0c:ba:2c:d8:0a:7e:a6:d1:ab:06:54:9d:f0:ca:
87:e6:84:14:98:ab:92:3f:a2:0c:3a:32:6f:c9:9a:
c4:cd:98:97:42:01:a6:88:9a:60:90:97:c9:5d:b8:
22:ca:4c:1e:be:8d:87:17:30:6b:1b:a5:a2:42:9e:
d4:aa:07:df:07:aa:d7:24:8e:75:74:84:7e:ec:27:
91:da:97:3a:ae:bb:65:c4:79:0e:36:3f:9d:b5:a4:
46:4c:c4:a5:14:fc:ef:6f:e8:71:aa:4a:53:fd:9a:
8e:26:bc:77:ac:dc:47:fd:1f:90:ef:e2:1f:3b:32:
5b:8a:3d:d6:34:c1:ff:d6:7d:36:02:86:fb:c5:16:
f9:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:C7:B2:4C:30:5E:F5:B2:F6:C7:C6:7F:EA:C3:01:4A:B3:98:BE:03
X509v3 Authority Key Identifier:
keyid:F5:0B:6B:42:56:00:A2:5A:6D:C1:32:DE:51:47:97:E2:AA:4B:02:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9QtrQlYAolptwTLeUUeX4qpLAkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a9fcc9-67b2-44d6-b566-100f84fe950c/1/4seyTDBe9bL2x8Z_6sMBSrOYvgM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a9fcc9-67b2-44d6-b566-100f84fe950c/1/9QtrQlYAolptwTLeUUeX4qpLAkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.210.0/24
185.48.68.0/22
IPv6:
2a01:9660::/32
Signature Algorithm: sha256WithRSAEncryption
5c:d4:4e:f5:f7:c2:dd:d3:66:b1:d3:c1:58:69:01:03:08:8f:
64:d3:76:4c:8a:d2:d8:64:5a:16:f1:ab:48:85:2f:8c:50:fe:
b9:ad:39:2d:ef:fe:f8:39:8e:f4:01:f1:da:d5:9b:62:77:89:
b4:36:1a:f5:11:de:31:0d:ad:2a:eb:c4:5b:9d:9a:e1:36:26:
10:e7:2e:6d:03:23:92:67:06:6b:67:70:e1:0e:0a:7c:68:57:
97:2e:78:19:f0:9e:c9:fa:b1:06:4a:32:e9:20:2f:3f:77:e5:
8a:97:43:0c:06:01:90:28:65:cf:cb:8f:ce:6d:32:b2:4c:30:
ec:ac:6c:3b:6d:f9:f1:5b:e4:92:d7:2c:05:61:d3:9c:13:35:
27:f8:e3:11:69:d0:bb:b2:f9:3b:f6:ce:ce:6b:c8:3b:d1:cd:
c0:9f:2e:b2:84:62:25:9b:8b:03:f5:83:a3:33:7b:14:b1:f3:
9d:3f:6b:03:26:c1:40:9a:96:cf:68:d5:b4:1e:38:bb:3a:2e:
0f:17:04:bb:80:1b:90:ce:4b:39:1c:8c:13:dc:1a:c0:0a:97:
dd:b1:88:7d:ea:f5:f7:a1:d5:85:d0:76:65:7b:21:95:d1:b4:
5a:b6:e2:53:05:78:1a:38:ab:85:91:9b:e1:f2:a1:6f:17:35:
ce:57:5c:30
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZt9WrE9vay6kxHtayfqViDvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MGI2YjQyNTYwMGEyNWE2ZGMxMzJkZTUxNDc5N2UyYWE0
YjAyNDcwHhcNMjYwMTAyMDYxNzM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmM3YjI0YzMwNWVmNWIyZjZjN2M2N2ZlYWMzMDE0YWIzOThiZTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApagzGCBpBJytaxxCsY5Lmi+SEDi0
2phYdavLhQISbcuruTm6nWflZ8GDP6LE053hMAObbz91Wk+f0p1HVMZoiYRWV9hW
t631DddtaVUycOZDiU/7Uc1QeyBpS024ki+Zzg4JgADSVF7n8BoiOYZnT1EJf1SV
taAmDLos2Ap+ptGrBlSd8MqH5oQUmKuSP6IMOjJvyZrEzZiXQgGmiJpgkJfJXbgi
ykwevo2HFzBrG6WiQp7UqgffB6rXJI51dIR+7CeR2pc6rrtlxHkONj+dtaRGTMSl
FPzvb+hxqkpT/ZqOJrx3rNxH/R+Q7+IfOzJbij3WNMH/1n02Aob7xRb5YQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOLHskwwXvWy9sfGf+rDAUqzmL4DMB8GA1UdIwQY
MBaAFPULa0JWAKJabcEy3lFHl+KqSwJHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVF0clFsWUFvbHB0d1RMZVVVZVg0cXBMQWtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9hOWZjYzktNjdiMi00NGQ2LWI1NjYt
MTAwZjg0ZmU5NTBjLzEvNHNleVREQmU5YkwyeDhaXzZzTUJTck9ZdmdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9hOWZjYzktNjdiMi00NGQ2LWI1NjYtMTAwZjg0ZmU5NTBj
LzEvOVF0clFsWUFvbHB0d1RMZVVVZVg0cXBMQWtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW9nSAwQC
uTBEMA0EAgACMAcDBQAqAZZgMA0GCSqGSIb3DQEBCwUAA4IBAQBc1E7198Ld02ax
08FYaQEDCI9k03ZMitLYZFoW8atIhS+MUP65rTkt7/74OY70AfHa1Ztid4m0Nhr1
Ed4xDa0q68RbnZrhNiYQ5y5tAyOSZwZrZ3DhDgp8aFeXLngZ8J7J+rEGSjLpIC8/
d+WKl0MMBgGQKGXPy4/ObTKyTDDsrGw7bfnxW+SS1ywFYdOcEzUn+OMRadC7svk7
9s7Oa8g70c3Any6yhGIlm4sD9YOjM3sUsfOdP2sDJsFAmpbPaNW0Hji7Oi4PFwS7
gBuQzks5HIwT3BrACpfdsYh96vX3odWF0HZleyGV0bRatuJTBXgaOKuFkZvh8qFv
FzXOV1ww
-----END CERTIFICATE-----
Generated at Mon Mar 2 14:50:44 2026 by rpki-client