Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/PKV5cZzd5SzHtkiBFmr3pfF8kMM.roa
File: PKV5cZzd5SzHtkiBFmr3pfF8kMM.roa (raw, json)
Hash identifier: FyTSH1XsYzdhB+wJ6lYlhcd1UtMviUvDdf8s0/9mmdQ=
Subject key identifier: 3C:A5:79:71:9C:DD:E5:2C:C7:B6:48:81:16:6A:F7:A5:F1:7C:90:C3
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019CE230C213DD5915BC0E641E6801D2CBB0
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/PKV5cZzd5SzHtkiBFmr3pfF8kMM.roa
Signing time: Thu 12 Mar 2026 13:16:12 +0000
ROA not before: Thu 12 Mar 2026 13:16:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 49981
IP address blocks: 81.161.229.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Mar 2026 14:12:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e2:30:c2:13:dd:59:15:bc:0e:64:1e:68:01:d2:cb:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 12 13:16:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3ca579719cdde52cc7b64881166af7a5f17c90c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:b2:fe:55:7f:ef:cd:da:1b:6a:ee:3f:78:45:
09:55:b1:15:4d:2a:13:f0:5e:a1:91:db:8d:66:17:
d8:66:2b:b7:c2:05:ad:c6:23:89:e4:dc:12:7a:43:
a3:94:b8:91:9a:d0:a9:ea:0a:d9:09:56:5a:44:cd:
66:cd:84:27:0d:fd:55:dc:27:0a:2e:af:cc:1d:8e:
b8:f7:fe:ba:29:a0:d5:26:6b:82:10:e9:f6:6e:9e:
9e:b7:be:b6:87:be:5a:53:49:ba:66:28:76:bf:26:
da:2f:88:3e:44:15:84:d7:eb:cb:3a:d7:c9:04:0c:
61:cb:e2:e1:a6:85:0c:46:ac:f6:6c:59:63:ad:52:
6b:de:f0:13:73:4e:e5:16:c7:46:27:75:fd:cd:92:
d0:b3:e3:93:a6:d3:b2:a3:5f:d2:47:17:b2:9d:bb:
3d:16:64:af:97:2f:51:50:99:42:fa:f8:62:4c:6e:
7a:41:53:f4:af:57:00:32:de:cf:de:05:81:ac:af:
05:b7:10:18:49:44:e1:05:c3:8b:ec:a6:66:b7:a8:
c4:ee:0e:9b:e8:71:89:a8:22:ba:35:46:37:b0:38:
87:ca:df:a6:9b:4b:1e:a5:ff:09:57:c7:d7:6d:d7:
bc:83:f7:1f:5e:24:54:cd:7d:ca:33:17:8c:3a:45:
59:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:A5:79:71:9C:DD:E5:2C:C7:B6:48:81:16:6A:F7:A5:F1:7C:90:C3
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/PKV5cZzd5SzHtkiBFmr3pfF8kMM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.161.229.0/24
Signature Algorithm: sha256WithRSAEncryption
59:ca:0a:5d:1b:9f:2a:94:e5:86:5b:1a:71:7e:15:e5:a7:79:
2d:f2:b9:3e:be:1a:71:a3:1f:f0:9a:05:eb:f3:79:f0:66:34:
60:6f:e6:4f:21:be:87:b7:15:27:ae:bf:d7:d2:22:5f:67:f0:
4a:23:ce:06:64:28:3d:7f:9a:5b:78:89:cb:47:89:58:d9:14:
7b:ac:17:62:c8:27:1b:dc:46:ab:27:8e:d6:39:68:48:b6:1e:
cb:b6:5e:d1:2b:21:ea:ea:04:a0:40:55:bc:96:25:91:a3:b2:
02:0c:92:9f:48:22:68:9a:8a:3d:9e:19:46:d6:1c:3d:5b:f5:
b8:f7:fd:74:ea:83:c7:e1:17:d4:dd:32:12:98:20:c7:fd:8b:
f6:dd:0e:5c:25:94:f7:80:a5:2d:d9:07:f6:74:f3:e8:7b:7c:
81:e9:12:28:09:5d:2c:45:1b:e5:af:5f:21:4d:a1:ca:a4:f5:
1b:25:02:f2:0a:cc:4f:97:d4:cc:78:e1:ce:90:57:ed:3a:f3:
a7:70:c3:7a:58:4c:88:16:dd:ea:39:90:a3:43:ac:7d:86:f7:
ca:ad:d0:fd:84:73:4e:68:08:e8:2f:ce:33:9c:84:34:6b:81:
a9:01:ad:a2:22:d7:d7:49:0b:bb:08:1b:2f:42:ad:96:2d:03:
0e:8b:7d:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZziMMIT3VkVvA5kHmgB0suwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjYwMzEyMTMxNjEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2E1Nzk3MTljZGRlNTJjYzdiNjQ4ODExNjZhZjdhNWYxN2M5MGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy7L+VX/vzdobau4/eEUJVbEVTSoT
8F6hkduNZhfYZiu3wgWtxiOJ5NwSekOjlLiRmtCp6grZCVZaRM1mzYQnDf1V3CcK
Lq/MHY649/66KaDVJmuCEOn2bp6et762h75aU0m6Zih2vybaL4g+RBWE1+vLOtfJ
BAxhy+LhpoUMRqz2bFljrVJr3vATc07lFsdGJ3X9zZLQs+OTptOyo1/SRxeynbs9
FmSvly9RUJlC+vhiTG56QVP0r1cAMt7P3gWBrK8FtxAYSUThBcOL7KZmt6jE7g6b
6HGJqCK6NUY3sDiHyt+mm0sepf8JV8fXbde8g/cfXiRUzX3KMxeMOkVZXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDyleXGc3eUsx7ZIgRZq96XxfJDDMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvUEtWNWNaemQ1U3pIdGtpQkZtcjNwZkY4a01NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUaHlMA0G
CSqGSIb3DQEBCwUAA4IBAQBZygpdG58qlOWGWxpxfhXlp3kt8rk+vhpxox/wmgXr
83nwZjRgb+ZPIb6HtxUnrr/X0iJfZ/BKI84GZCg9f5pbeInLR4lY2RR7rBdiyCcb
3EarJ47WOWhIth7Ltl7RKyHq6gSgQFW8liWRo7ICDJKfSCJomoo9nhlG1hw9W/W4
9/106oPH4RfU3TISmCDH/Yv23Q5cJZT3gKUt2Qf2dPPoe3yB6RIoCV0sRRvlr18h
TaHKpPUbJQLyCsxPl9TMeOHOkFftOvOncMN6WEyIFt3qOZCjQ6x9hvfKrdD9hHNO
aAjoL84znIQ0a4GpAa2iItfXSQu7CBsvQq2WLQMOi320
-----END CERTIFICATE-----
Generated at Thu Mar 12 20:50:34 2026 by rpki-client