Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/430c81-ee4b-4e88-a36f-788f5a58044f/1/6vVSpTChTKj56P_S9G3QSGEzPpI.roa
File: 6vVSpTChTKj56P_S9G3QSGEzPpI.roa (raw, json)
Hash identifier: oBJVrXqcl3ZmvttgmWCt09AlKEv4UiFRHlZlA6agM0s=
Subject key identifier: EA:F5:52:A5:30:A1:4C:A8:F9:E8:FF:D2:F4:6D:D0:48:61:33:3E:92
Certificate issuer: /CN=39019f9c0ab29b42e0db12e9ac87b327bfc55af9
Certificate serial: 019E87DE5077B65D5B5FB28DD9A942B0FC54
Authority key identifier: 39:01:9F:9C:0A:B2:9B:42:E0:DB:12:E9:AC:87:B3:27:BF:C5:5A:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OQGfnAqym0Lg2xLprIezJ7_FWvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/430c81-ee4b-4e88-a36f-788f5a58044f/1/6vVSpTChTKj56P_S9G3QSGEzPpI.roa
Signing time: Tue 02 Jun 2026 10:25:54 +0000
ROA not before: Tue 02 Jun 2026 10:25:54 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213291
IP address blocks: 89.169.120.0/22 maxlen: 24
89.169.124.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/430c81-ee4b-4e88-a36f-788f5a58044f/1/OQGfnAqym0Lg2xLprIezJ7_FWvk.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/430c81-ee4b-4e88-a36f-788f5a58044f/1/OQGfnAqym0Lg2xLprIezJ7_FWvk.mft
rsync://rpki.ripe.net/repository/DEFAULT/OQGfnAqym0Lg2xLprIezJ7_FWvk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 07:01:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:87:de:50:77:b6:5d:5b:5f:b2:8d:d9:a9:42:b0:fc:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39019f9c0ab29b42e0db12e9ac87b327bfc55af9
Validity
Not Before: Jun 2 10:25:54 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=eaf552a530a14ca8f9e8ffd2f46dd04861333e92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:d9:12:4c:bf:4d:a4:7d:72:9c:2a:78:db:fe:
10:7b:4b:a9:86:72:b7:6c:d3:32:b6:09:51:ce:59:
d8:30:05:d9:3d:32:16:ba:a9:1c:7f:c2:d5:30:46:
e5:1d:d7:0d:02:e8:f2:ea:b3:17:f3:f1:d4:df:cf:
da:4e:b6:07:e1:d0:12:0b:9d:7b:9a:d5:d1:5a:d5:
72:da:33:41:b9:64:ca:cb:e3:2f:df:d3:25:19:d1:
32:d1:10:ce:8f:ae:1d:34:f8:27:53:e4:6f:7b:bb:
9c:d2:68:27:32:12:db:25:27:79:15:c6:f3:61:39:
10:a1:7c:6e:6f:bc:95:01:d8:6c:09:a1:2c:a9:cb:
c7:63:15:d9:9a:68:bb:3f:37:43:43:fd:17:e4:58:
3d:90:95:23:0c:4c:cc:ce:eb:ce:06:2b:60:46:4d:
39:9b:5f:59:7e:f7:9c:06:2d:c8:94:84:eb:61:ec:
60:94:47:c6:54:13:74:8f:84:a4:e4:a7:3a:f7:56:
bf:34:91:be:37:4c:46:df:9a:d6:1a:3a:ea:32:09:
13:ea:a9:4d:83:00:d7:7e:7d:9c:ab:f1:47:61:12:
81:0e:b9:62:ba:7c:6b:4a:39:b5:56:5c:8d:8d:b5:
b7:da:45:f6:69:30:6a:80:91:22:0e:55:9a:a5:97:
d0:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:F5:52:A5:30:A1:4C:A8:F9:E8:FF:D2:F4:6D:D0:48:61:33:3E:92
X509v3 Authority Key Identifier:
keyid:39:01:9F:9C:0A:B2:9B:42:E0:DB:12:E9:AC:87:B3:27:BF:C5:5A:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQGfnAqym0Lg2xLprIezJ7_FWvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/430c81-ee4b-4e88-a36f-788f5a58044f/1/6vVSpTChTKj56P_S9G3QSGEzPpI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/430c81-ee4b-4e88-a36f-788f5a58044f/1/OQGfnAqym0Lg2xLprIezJ7_FWvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.169.120.0/21
Signature Algorithm: sha256WithRSAEncryption
45:63:d3:e8:d1:02:4d:8e:ff:6f:86:1b:b4:ef:c9:80:2e:87:
8f:5c:a8:98:fb:ee:ab:d4:c3:52:ad:99:1b:7f:9b:24:48:2e:
a2:cd:83:12:2e:d5:c4:15:96:e9:e4:e2:cf:c6:13:61:68:8b:
28:a4:2a:53:c6:7c:72:8f:bd:f1:4e:3a:2a:87:51:fa:78:33:
00:f1:ef:a4:ba:3f:dc:ca:e2:2c:52:47:94:a1:d6:3a:54:90:
e6:10:23:33:75:53:26:68:32:15:60:9f:e1:5b:2c:9c:a6:fc:
aa:f4:58:02:5b:1a:0f:bc:d6:22:ea:9c:ea:89:f8:3e:71:19:
42:1c:2c:5a:6d:91:9b:e0:46:89:09:b4:51:cc:ca:c8:cb:40:
9f:ce:1e:98:7d:63:9d:b0:1d:fa:ad:fc:07:7d:ba:88:19:88:
36:ab:c8:b3:c2:ab:c0:77:22:24:20:fd:6e:d3:2b:ad:a8:70:
1b:11:70:92:e1:61:15:47:ec:18:67:63:19:9a:9d:88:d5:82:
21:b6:e9:9e:71:f0:de:91:84:f4:ff:ad:1a:e9:82:b5:7c:26:
8c:a9:4a:19:a9:49:62:b5:e3:71:83:0d:0c:87:d6:5d:76:65:
32:19:e8:04:50:b3:b1:df:d9:93:34:9f:f9:33:2b:51:f4:0c:
3a:e9:4a:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ6H3lB3tl1bX7KN2alCsPxUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MDE5ZjljMGFiMjliNDJlMGRiMTJlOWFjODdiMzI3YmZj
NTVhZjkwHhcNMjYwNjAyMTAyNTU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYWY1NTJhNTMwYTE0Y2E4ZjllOGZmZDJmNDZkZDA0ODYxMzMzZTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzNkSTL9NpH1ynCp42/4Qe0uphnK3
bNMytglRzlnYMAXZPTIWuqkcf8LVMEblHdcNAujy6rMX8/HU38/aTrYH4dASC517
mtXRWtVy2jNBuWTKy+Mv39MlGdEy0RDOj64dNPgnU+Rve7uc0mgnMhLbJSd5Fcbz
YTkQoXxub7yVAdhsCaEsqcvHYxXZmmi7PzdDQ/0X5Fg9kJUjDEzMzuvOBitgRk05
m19ZfvecBi3IlITrYexglEfGVBN0j4Sk5Kc691a/NJG+N0xG35rWGjrqMgkT6qlN
gwDXfn2cq/FHYRKBDrliunxrSjm1VlyNjbW32kX2aTBqgJEiDlWapZfQfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOr1UqUwoUyo+ej/0vRt0EhhMz6SMB8GA1UdIwQY
MBaAFDkBn5wKsptC4NsS6ayHsye/xVr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1FHZm5BcXltMExnMnhMcHJJZXpKN19GV3ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi80MzBjODEtZWU0Yi00ZTg4LWEzNmYt
Nzg4ZjVhNTgwNDRmLzEvNnZWU3BUQ2hUS2o1NlBfUzlHM1FTR0V6UHBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi80MzBjODEtZWU0Yi00ZTg4LWEzNmYtNzg4ZjVhNTgwNDRm
LzEvT1FHZm5BcXltMExnMnhMcHJJZXpKN19GV3ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDWal4MA0G
CSqGSIb3DQEBCwUAA4IBAQBFY9Po0QJNjv9vhhu078mALoePXKiY++6r1MNSrZkb
f5skSC6izYMSLtXEFZbp5OLPxhNhaIsopCpTxnxyj73xTjoqh1H6eDMA8e+kuj/c
yuIsUkeUodY6VJDmECMzdVMmaDIVYJ/hWyycpvyq9FgCWxoPvNYi6pzqifg+cRlC
HCxabZGb4EaJCbRRzMrIy0Cfzh6YfWOdsB36rfwHfbqIGYg2q8izwqvAdyIkIP1u
0yutqHAbEXCS4WEVR+wYZ2MZmp2I1YIhtumecfDekYT0/60a6YK1fCaMqUoZqUli
teNxgw0Mh9ZddmUyGegEULOx39mTNJ/5MytR9Aw66UrG
-----END CERTIFICATE-----
Generated at Sat Jun 13 15:16:03 2026 by rpki-client