Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/0u5qB51zW2Qk4PsHBCExXWIFWdQ.roa
File: 0u5qB51zW2Qk4PsHBCExXWIFWdQ.roa (raw, json)
Hash identifier: dJzi+X+rhoRh9qpnzRo+CN+ZufM+1kjn/IrB88y1mSE=
Subject key identifier: D2:EE:6A:07:9D:73:5B:64:24:E0:FB:07:04:21:31:5D:62:05:59:D4
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019D3D78C80726E6DFDEAA7CCA24A3BEAF57
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/0u5qB51zW2Qk4PsHBCExXWIFWdQ.roa
Signing time: Mon 30 Mar 2026 06:40:18 +0000
ROA not before: Mon 30 Mar 2026 06:40:18 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215925
IP address blocks: 87.121.84.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 Apr 2026 13:27:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:3d:78:c8:07:26:e6:df:de:aa:7c:ca:24:a3:be:af:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 30 06:40:18 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d2ee6a079d735b6424e0fb070421315d620559d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:b7:58:07:ae:95:ec:cb:fd:fc:ad:85:cf:27:
79:dc:5c:a4:3e:56:cd:f4:f4:14:ba:2d:f4:8c:e7:
87:70:11:8d:9c:fc:4b:dd:ba:25:b6:e8:dd:bc:c0:
fe:ec:97:d4:63:a6:17:3e:36:99:0d:b7:07:1b:d9:
ac:78:75:96:48:98:05:20:37:d9:cd:d7:51:eb:a9:
32:53:41:2c:7a:a0:d3:10:6b:96:c1:c7:e3:46:7e:
d5:e4:50:8a:3b:af:b9:69:05:c5:22:79:e7:6c:b1:
07:51:ab:79:06:24:5a:e8:7f:b0:3f:08:2a:da:13:
6b:93:de:b4:c2:d7:e0:9f:6c:d9:7a:67:87:bc:02:
13:1b:27:0d:57:ca:93:47:de:59:bf:9f:c7:e4:28:
74:15:f3:dd:01:e3:72:94:0d:9f:d8:4e:36:3f:ee:
39:f9:f5:37:70:dc:84:e1:d8:53:9f:b8:97:33:41:
2c:81:5a:ac:40:e6:74:83:4f:2c:5c:11:db:a1:5f:
dd:6a:3f:f9:6c:5a:63:e2:be:6f:e9:b3:91:29:62:
d9:e2:7c:3d:d7:d5:e1:44:3a:5e:45:ed:1a:06:0b:
db:72:48:60:b7:b9:b7:ab:df:16:8e:2c:78:2f:c8:
f3:25:c8:a2:8b:45:f3:04:33:85:50:15:be:fe:16:
cc:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:EE:6A:07:9D:73:5B:64:24:E0:FB:07:04:21:31:5D:62:05:59:D4
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/0u5qB51zW2Qk4PsHBCExXWIFWdQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.121.84.0/24
Signature Algorithm: sha256WithRSAEncryption
21:66:b0:ed:b9:2c:e5:e1:67:65:88:33:8d:9d:27:4d:ff:9c:
0f:a7:3c:c4:7e:52:da:0c:14:7e:85:6d:69:64:03:dd:ff:f4:
65:f4:3d:e1:66:17:84:9e:d0:0c:ec:ae:c8:76:cd:a6:0f:ab:
b7:c3:30:04:f7:ec:32:1b:4f:8a:7b:a3:04:6e:d5:ee:f5:e2:
df:e5:52:9e:81:f9:be:29:2e:d8:ab:da:70:f3:ab:99:4e:e8:
8c:26:92:ca:58:1e:6d:25:d4:a4:39:e9:f9:18:a9:65:4c:cf:
24:70:98:38:cd:9c:17:e6:ba:4e:20:0a:ef:d1:e3:a4:21:e0:
33:c3:d1:b6:9a:63:36:e4:90:8d:cc:e2:d6:19:03:f2:11:cd:
2b:b3:d4:2b:5f:ca:dd:c0:00:de:1b:b0:8d:55:1a:fb:20:7d:
aa:68:d0:46:ea:4f:e2:1e:dc:80:00:a9:c8:ef:e0:79:c3:f0:
47:27:2d:56:df:75:e2:cf:42:29:1b:f9:d7:63:2d:36:17:e7:
2d:12:90:de:ad:d6:0e:34:a7:d5:c9:8e:7b:96:39:fb:98:38:
55:da:79:31:b6:92:a3:10:7c:bc:8d:84:2c:2b:9e:27:79:fe:
c3:fd:2b:72:9f:6c:5b:10:b1:92:73:29:99:93:5a:de:3c:2a:
d4:31:ce:12
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ09eMgHJubf3qp8yiSjvq9XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjYwMzMwMDY0MDE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmVlNmEwNzlkNzM1YjY0MjRlMGZiMDcwNDIxMzE1ZDYyMDU1OWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAprdYB66V7Mv9/K2Fzyd53FykPlbN
9PQUui30jOeHcBGNnPxL3boltujdvMD+7JfUY6YXPjaZDbcHG9mseHWWSJgFIDfZ
zddR66kyU0EseqDTEGuWwcfjRn7V5FCKO6+5aQXFInnnbLEHUat5BiRa6H+wPwgq
2hNrk960wtfgn2zZemeHvAITGycNV8qTR95Zv5/H5Ch0FfPdAeNylA2f2E42P+45
+fU3cNyE4dhTn7iXM0EsgVqsQOZ0g08sXBHboV/daj/5bFpj4r5v6bORKWLZ4nw9
19XhRDpeRe0aBgvbckhgt7m3q98Wjix4L8jzJciii0XzBDOFUBW+/hbM9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNLuagedc1tkJOD7BwQhMV1iBVnUMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMHU1cUI1MXpXMlFrNFBzSEJDRXhYV0lGV2RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV3lUMA0G
CSqGSIb3DQEBCwUAA4IBAQAhZrDtuSzl4WdliDONnSdN/5wPpzzEflLaDBR+hW1p
ZAPd//Rl9D3hZheEntAM7K7Ids2mD6u3wzAE9+wyG0+Ke6MEbtXu9eLf5VKegfm+
KS7Yq9pw86uZTuiMJpLKWB5tJdSkOen5GKllTM8kcJg4zZwX5rpOIArv0eOkIeAz
w9G2mmM25JCNzOLWGQPyEc0rs9QrX8rdwADeG7CNVRr7IH2qaNBG6k/iHtyAAKnI
7+B5w/BHJy1W33Xiz0IpG/nXYy02F+ctEpDerdYONKfVyY57ljn7mDhV2nkxtpKj
EHy8jYQsK54nef7D/Styn2xbELGScymZk1rePCrUMc4S
-----END CERTIFICATE-----
Generated at Tue Mar 31 17:23:07 2026 by rpki-client