Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/X-Pfqh-ktqLMLaVmkgkijmV6vZ4.roa
File: X-Pfqh-ktqLMLaVmkgkijmV6vZ4.roa (raw, json)
Hash identifier: u10Sppm61mlljZnlpq91CHVNqr/MT6kLvwgLPNt5Ki0=
Subject key identifier: 5F:E3:DF:AA:1F:A4:B6:A2:CC:2D:A5:66:92:09:22:8E:65:7A:BD:9E
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019E29140351B8D63F520A86C2508203C47F
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/X-Pfqh-ktqLMLaVmkgkijmV6vZ4.roa
Signing time: Fri 15 May 2026 00:40:37 +0000
ROA not before: Fri 15 May 2026 00:40:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 29066
IP address blocks: 88.218.76.0/22 maxlen: 24
92.119.124.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 16 May 2026 06:25:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:29:14:03:51:b8:d6:3f:52:0a:86:c2:50:82:03:c4:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 15 00:40:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5fe3dfaa1fa4b6a2cc2da5669209228e657abd9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:d0:84:b3:ea:18:ab:92:3f:fc:6c:3e:2f:af:
6d:ea:72:e8:5a:96:05:47:73:fb:42:59:4c:7d:62:
5d:30:5b:f7:05:09:d0:80:c7:f3:bb:df:33:d2:da:
83:1a:87:c6:92:37:8f:91:58:60:27:b0:b0:e5:10:
e3:f3:09:e3:78:89:78:13:3f:44:e3:cf:c5:62:82:
81:21:2b:b9:e1:c4:5b:dd:2d:2d:a5:f0:7d:19:49:
91:05:0e:4a:df:a5:f8:5e:75:1b:dc:d6:53:2a:4a:
18:b5:d2:2e:a1:f7:8c:7a:ed:b0:f4:47:23:c0:d5:
9b:28:c3:f8:d1:34:68:96:06:bf:b5:a4:e1:17:3f:
61:c0:f1:8a:7b:5c:ee:cd:3a:7c:1a:f4:e6:da:ea:
8e:50:1a:22:5c:dc:82:db:66:51:ed:af:ec:46:13:
b1:ad:39:e6:d1:98:e1:67:dc:43:32:ad:5c:bd:d4:
d3:e3:15:b1:ad:88:a8:e8:ec:9e:b7:df:c2:54:76:
bd:e4:69:b2:00:7a:0c:a8:1c:83:33:d6:06:72:79:
03:01:5e:22:e1:9f:ea:4f:20:14:f4:47:82:0a:1e:
88:55:7e:ac:28:e6:8f:8c:0c:77:25:02:06:9d:5f:
e8:82:79:d5:66:99:a6:5b:e4:66:f5:98:2f:da:e1:
c4:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:E3:DF:AA:1F:A4:B6:A2:CC:2D:A5:66:92:09:22:8E:65:7A:BD:9E
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/X-Pfqh-ktqLMLaVmkgkijmV6vZ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.218.76.0/22
92.119.124.0/22
Signature Algorithm: sha256WithRSAEncryption
19:38:89:f2:4e:af:bd:e0:b5:38:41:d5:45:fe:ef:4d:99:52:
d2:81:61:09:16:91:33:a3:2a:58:2d:f4:20:ee:2d:87:ff:4b:
b7:6a:4b:74:e9:ef:30:62:64:74:05:67:6d:92:8f:58:a7:f4:
af:55:e4:0d:94:22:15:bd:9e:02:cc:38:6d:a3:f3:46:00:2c:
8e:03:89:09:82:0f:1d:b6:eb:86:8f:52:26:39:f4:0b:18:79:
db:a4:a6:21:61:77:fe:e0:1e:eb:c3:b4:fb:2b:ba:b9:87:92:
d3:cf:44:50:f6:81:8a:66:b5:4c:a8:4a:5d:a3:96:35:d5:ff:
43:1a:28:cc:a8:40:8b:d7:98:04:d3:c0:bb:04:81:11:fa:cb:
e0:f1:0c:29:0b:7b:7a:05:40:41:03:c9:36:87:79:09:fd:d2:
41:6b:32:69:df:9e:38:75:62:a6:2b:ba:84:0d:77:f5:38:42:
7c:e0:4b:d4:86:89:1e:10:a5:7c:ee:ca:1f:ef:34:62:a3:03:
dd:9f:d1:c2:29:b2:a0:cd:49:76:f0:54:ec:bb:ef:f6:de:e2:
c3:2c:22:a7:64:1b:4d:f7:b6:3d:9c:bc:8a:56:a6:e2:cb:2c:
50:25:7c:6e:c0:84:3f:20:6a:0f:79:9a:16:56:0f:8a:73:c3:
86:96:d9:6d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ4pFANRuNY/UgqGwlCCA8R/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjYwNTE1MDA0MDM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmUzZGZhYTFmYTRiNmEyY2MyZGE1NjY5MjA5MjI4ZTY1N2FiZDllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0NCEs+oYq5I//Gw+L69t6nLoWpYF
R3P7QllMfWJdMFv3BQnQgMfzu98z0tqDGofGkjePkVhgJ7Cw5RDj8wnjeIl4Ez9E
48/FYoKBISu54cRb3S0tpfB9GUmRBQ5K36X4XnUb3NZTKkoYtdIuofeMeu2w9Ecj
wNWbKMP40TRolga/taThFz9hwPGKe1zuzTp8GvTm2uqOUBoiXNyC22ZR7a/sRhOx
rTnm0ZjhZ9xDMq1cvdTT4xWxrYio6Oyet9/CVHa95GmyAHoMqByDM9YGcnkDAV4i
4Z/qTyAU9EeCCh6IVX6sKOaPjAx3JQIGnV/ognnVZpmmW+Rm9Zgv2uHENwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFF/j36ofpLaizC2lZpIJIo5ler2eMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWC1QZnFoLWt0cUxNTGFWbWtna2lqbVY2dlo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCWNpMAwQC
XHd8MA0GCSqGSIb3DQEBCwUAA4IBAQAZOInyTq+94LU4QdVF/u9NmVLSgWEJFpEz
oypYLfQg7i2H/0u3akt06e8wYmR0BWdtko9Yp/SvVeQNlCIVvZ4CzDhto/NGACyO
A4kJgg8dtuuGj1ImOfQLGHnbpKYhYXf+4B7rw7T7K7q5h5LTz0RQ9oGKZrVMqEpd
o5Y11f9DGijMqECL15gE08C7BIER+svg8QwpC3t6BUBBA8k2h3kJ/dJBazJp3544
dWKmK7qEDXf1OEJ84EvUhokeEKV87sof7zRiowPdn9HCKbKgzUl28FTsu+/23uLD
LCKnZBtN97Y9nLyKVqbiyyxQJXxuwIQ/IGoPeZoWVg+Kc8OGltlt
-----END CERTIFICATE-----
Generated at Fri May 15 15:26:13 2026 by rpki-client