Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/2d-yp2qAMNXllscJidw-90j_n-g.roa
File: 2d-yp2qAMNXllscJidw-90j_n-g.roa (raw, json)
Hash identifier: N7jdclC5xh2M9YOIYHSpTJcimMdnPwM4UnEelbw4Qes=
Subject key identifier: D9:DF:B2:A7:6A:80:30:D5:E5:96:C7:09:89:DC:3E:F7:48:FF:9F:E8
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019CD0F3E9FD347008403B1A7DE869E28E9C
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/2d-yp2qAMNXllscJidw-90j_n-g.roa
Signing time: Mon 09 Mar 2026 04:56:11 +0000
ROA not before: Mon 09 Mar 2026 04:56:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 267280
IP address blocks: 87.120.130.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 11 Mar 2026 15:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:d0:f3:e9:fd:34:70:08:40:3b:1a:7d:e8:69:e2:8e:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 9 04:56:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d9dfb2a76a8030d5e596c70989dc3ef748ff9fe8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:52:2d:6a:9d:5c:27:de:3e:18:c5:8a:9a:df:
02:4a:81:bf:9e:5c:bd:c0:71:8d:bd:fe:2f:95:2c:
e0:70:f7:8c:1a:9d:4c:69:ce:86:53:a0:d1:9e:55:
3b:b6:d7:18:5a:b5:d9:92:1b:07:b2:46:56:88:08:
44:26:9d:0a:a7:0d:d9:f7:a3:86:9c:8a:cc:a5:0b:
51:44:b7:41:ad:b1:ec:af:69:d3:df:88:f4:24:19:
a2:fc:d2:dd:a2:73:c0:d7:b6:66:ed:fd:2e:ac:d3:
c2:64:ec:4c:cb:c5:bb:07:f8:67:e1:5d:64:6c:17:
68:d7:79:82:66:e2:24:e6:76:05:19:97:61:d5:0c:
3f:ff:84:07:47:96:02:c9:33:03:43:8d:c3:80:75:
5a:15:06:1a:e0:78:5b:55:a8:38:d7:ea:0b:75:e5:
0f:93:a1:0b:82:f0:ac:72:3c:a7:36:53:9b:de:01:
99:e5:65:0e:8b:f1:e5:43:42:f7:15:91:27:73:89:
b4:c4:54:e5:dd:4f:d8:9f:c9:26:77:80:bc:e3:e5:
cd:1a:2d:63:93:16:8e:98:c0:3c:8c:69:9b:01:d4:
e1:2c:7b:ba:77:7b:f9:9d:92:20:cd:57:88:e0:d6:
8d:b0:88:97:99:e0:ea:9d:dd:82:d9:83:f0:00:57:
af:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:DF:B2:A7:6A:80:30:D5:E5:96:C7:09:89:DC:3E:F7:48:FF:9F:E8
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/2d-yp2qAMNXllscJidw-90j_n-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.120.130.0/24
Signature Algorithm: sha256WithRSAEncryption
13:49:bb:e9:3a:95:dc:ea:c4:c6:02:3d:68:40:f8:19:e6:b0:
d8:e2:ec:35:30:ac:cf:1e:24:b2:59:42:0b:a7:3d:cf:be:d7:
71:10:ac:a2:3b:20:ea:c4:71:6f:2b:4d:de:4e:83:86:41:28:
35:b5:78:69:11:28:20:cc:cb:0d:00:ce:57:1b:06:5a:b5:e6:
fa:60:b5:de:1d:6c:ff:0e:52:1f:8c:47:55:9b:5c:1c:91:a1:
79:da:cd:c4:b1:ef:a1:17:c9:d7:a2:17:c1:d5:93:43:4c:cf:
bd:82:3d:71:6e:d3:b8:50:8c:05:82:2c:3a:5e:d0:c7:44:23:
ec:75:a3:15:f7:d8:e8:05:d5:5c:38:9d:64:7e:41:4d:00:87:
8e:76:ca:64:5c:21:29:2f:06:7d:2c:3a:4a:b3:a0:a1:43:10:
ac:cc:e5:54:e5:30:2b:a4:84:80:53:ce:f7:13:98:2d:ac:49:
5f:08:15:d6:29:13:d9:50:db:ae:83:06:05:ee:73:0f:37:e8:
e0:45:2b:4b:6c:80:5e:94:ff:75:da:91:66:67:48:8d:87:4f:
2a:65:3a:00:7f:a2:5c:ec:0e:8b:6c:4c:73:94:b3:11:b2:77:
f7:17:00:b9:2f:4b:82:67:6d:c8:3f:e0:c4:aa:05:f6:ee:7c:
a3:4a:d1:fd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZzQ8+n9NHAIQDsafehp4o6cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjYwMzA5MDQ1NjExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWRmYjJhNzZhODAzMGQ1ZTU5NmM3MDk4OWRjM2VmNzQ4ZmY5ZmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2lItap1cJ94+GMWKmt8CSoG/nly9
wHGNvf4vlSzgcPeMGp1Mac6GU6DRnlU7ttcYWrXZkhsHskZWiAhEJp0Kpw3Z96OG
nIrMpQtRRLdBrbHsr2nT34j0JBmi/NLdonPA17Zm7f0urNPCZOxMy8W7B/hn4V1k
bBdo13mCZuIk5nYFGZdh1Qw//4QHR5YCyTMDQ43DgHVaFQYa4HhbVag41+oLdeUP
k6ELgvCscjynNlOb3gGZ5WUOi/HlQ0L3FZEnc4m0xFTl3U/Yn8kmd4C84+XNGi1j
kxaOmMA8jGmbAdThLHu6d3v5nZIgzVeI4NaNsIiXmeDqnd2C2YPwAFevzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNnfsqdqgDDV5ZbHCYncPvdI/5/oMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMmQteXAycUFNTlhsbHNjSmlkdy05MGpfbi1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV3iCMA0G
CSqGSIb3DQEBCwUAA4IBAQATSbvpOpXc6sTGAj1oQPgZ5rDY4uw1MKzPHiSyWUIL
pz3PvtdxEKyiOyDqxHFvK03eToOGQSg1tXhpESggzMsNAM5XGwZateb6YLXeHWz/
DlIfjEdVm1wckaF52s3Ese+hF8nXohfB1ZNDTM+9gj1xbtO4UIwFgiw6XtDHRCPs
daMV99joBdVcOJ1kfkFNAIeOdspkXCEpLwZ9LDpKs6ChQxCszOVU5TArpISAU873
E5gtrElfCBXWKRPZUNuugwYF7nMPN+jgRStLbIBelP912pFmZ0iNh08qZToAf6Jc
7A6LbExzlLMRsnf3FwC5L0uCZ23IP+DEqgX27nyjStH9
-----END CERTIFICATE-----
Generated at Tue Mar 10 19:59:42 2026 by rpki-client