Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/TppFfJc1Uok4rygpR6CcL39CgIo.roa
File: TppFfJc1Uok4rygpR6CcL39CgIo.roa (raw, json)
Hash identifier: nANEyeRJ2QJduWZ+iyroSQ7zz6xH/3Ajjcpu2280DI0=
Subject key identifier: 4E:9A:45:7C:97:35:52:89:38:AF:28:29:47:A0:9C:2F:7F:42:80:8A
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019D62E3275812F8678C37D24B84FADEC550
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/TppFfJc1Uok4rygpR6CcL39CgIo.roa
Signing time: Mon 06 Apr 2026 13:02:27 +0000
ROA not before: Mon 06 Apr 2026 13:02:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 205175
IP address blocks: 87.121.220.0/24 maxlen: 24
2a00:1728:31::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 Apr 2026 11:35:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:62:e3:27:58:12:f8:67:8c:37:d2:4b:84:fa:de:c5:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 6 13:02:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4e9a457c9735528938af282947a09c2f7f42808a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:aa:45:e8:0d:9a:3b:66:fa:e6:3b:d7:1a:74:
ed:15:96:b4:b3:76:d5:00:2a:19:d7:b3:7c:7f:2f:
f2:85:21:6e:b2:15:15:cb:4f:00:c6:3e:a5:2b:c6:
dc:7b:5b:73:17:68:20:15:8c:2e:a2:76:44:38:22:
41:2b:43:b1:a8:6e:f2:b8:38:f5:62:df:90:12:7c:
13:86:43:e4:26:2e:84:18:40:17:2c:e0:b5:c0:60:
1b:f9:09:f3:76:36:8a:65:ff:d4:9f:8d:e3:83:09:
bc:a2:75:2c:1e:52:dd:69:32:61:e8:bc:b0:ce:f7:
37:c1:08:10:48:42:d2:dc:01:a7:f3:5b:47:33:89:
cf:86:dd:35:8b:f1:83:cc:b5:30:3e:9a:13:cd:83:
cc:e0:97:f6:42:6e:20:3c:b4:f2:55:19:b6:56:67:
eb:0f:8c:62:d6:72:6a:84:86:ee:c6:75:26:b5:98:
87:5b:91:5c:b9:05:7e:d5:ac:60:f5:1f:f5:74:e8:
04:d9:b1:3e:1c:96:49:ec:33:a1:a7:b7:f3:b5:87:
30:c1:ed:6b:19:ea:12:b9:96:05:8e:61:52:82:51:
c0:93:ab:c1:96:89:59:c5:85:0a:86:a0:8b:8a:c5:
18:df:56:0e:58:3b:27:7a:83:6a:c2:4a:7b:0a:61:
16:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:9A:45:7C:97:35:52:89:38:AF:28:29:47:A0:9C:2F:7F:42:80:8A
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/TppFfJc1Uok4rygpR6CcL39CgIo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.121.220.0/24
IPv6:
2a00:1728:31::/48
Signature Algorithm: sha256WithRSAEncryption
a7:f0:2d:79:5c:29:bb:bb:5e:b5:5b:f3:94:29:da:7e:8c:e7:
ab:da:be:44:f7:9a:8a:f3:ff:22:0b:68:dc:4e:0e:97:3e:a0:
7d:aa:a7:87:e9:1a:7b:db:17:37:ea:af:9c:db:c0:69:f8:39:
ea:c3:a2:ff:e0:e7:3b:c2:9e:ba:97:ee:e0:47:0d:66:1a:06:
59:61:7a:02:bc:52:48:b8:fa:05:47:2c:a8:47:17:c1:5e:08:
71:ed:59:55:dc:86:5e:9f:c9:17:26:bb:1d:a2:4f:52:6c:8a:
1e:90:d9:bd:45:fd:34:8d:64:8f:b6:af:26:b8:24:1b:a7:c1:
94:6a:48:5c:1f:48:c6:28:2b:b8:69:83:97:66:11:c1:e8:c6:
97:17:4a:89:56:5b:2e:91:3f:fb:c8:ac:50:de:ff:73:a7:2a:
26:0f:0f:41:a6:74:b8:71:37:f5:79:56:a7:8e:cd:37:6c:82:
fd:61:e3:1a:65:be:6e:1d:38:3e:df:11:e2:53:b8:9a:72:36:
23:80:8c:de:a5:dd:36:17:3c:28:48:9f:0b:e1:d3:c2:e5:f3:
d8:d7:88:4c:2e:c3:a7:93:6f:62:10:d9:af:55:59:4f:3e:26:
fe:8a:e8:5b:34:66:10:e6:19:7d:60:90:51:54:87:6a:ea:e8:
22:2d:75:35
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZ1i4ydYEvhnjDfSS4T63sVQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjYwNDA2MTMwMjI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTlhNDU3Yzk3MzU1Mjg5MzhhZjI4Mjk0N2EwOWMyZjdmNDI4MDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApapF6A2aO2b65jvXGnTtFZa0s3bV
ACoZ17N8fy/yhSFushUVy08Axj6lK8bce1tzF2ggFYwuonZEOCJBK0OxqG7yuDj1
Yt+QEnwThkPkJi6EGEAXLOC1wGAb+QnzdjaKZf/Un43jgwm8onUsHlLdaTJh6Lyw
zvc3wQgQSELS3AGn81tHM4nPht01i/GDzLUwPpoTzYPM4Jf2Qm4gPLTyVRm2Vmfr
D4xi1nJqhIbuxnUmtZiHW5FcuQV+1axg9R/1dOgE2bE+HJZJ7DOhp7fztYcwwe1r
GeoSuZYFjmFSglHAk6vBlolZxYUKhqCLisUY31YOWDsneoNqwkp7CmEW/wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE6aRXyXNVKJOK8oKUegnC9/QoCKMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvVHBwRmZKYzFVb2s0cnlncFI2Q2NMMzlDZ0lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAV3ncMA8E
AgACMAkDBwAqABcoADEwDQYJKoZIhvcNAQELBQADggEBAKfwLXlcKbu7XrVb85Qp
2n6M56vavkT3morz/yILaNxODpc+oH2qp4fpGnvbFzfqr5zbwGn4OerDov/g5zvC
nrqX7uBHDWYaBllhegK8Uki4+gVHLKhHF8FeCHHtWVXchl6fyRcmux2iT1Jsih6Q
2b1F/TSNZI+2rya4JBunwZRqSFwfSMYoK7hpg5dmEcHoxpcXSolWWy6RP/vIrFDe
/3OnKiYPD0GmdLhxN/V5VqeOzTdsgv1h4xplvm4dOD7fEeJTuJpyNiOAjN6l3TYX
PChInwvh08Ll89jXiEwuw6eTb2IQ2a9VWU8+Jv6K6Fs0ZhDmGX1gkFFUh2rq6CIt
dTU=
-----END CERTIFICATE-----
Generated at Tue Apr 7 18:27:31 2026 by rpki-client