Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/YnpvIQr-l7nY1lq96TuoS6Rspuc.roa
File: YnpvIQr-l7nY1lq96TuoS6Rspuc.roa (raw, json)
Hash identifier: 7VVS2euFIoMkGTqbW4IP9o3HhL47xt34agO/3+v7t80=
Subject key identifier: 62:7A:6F:21:0A:FE:97:B9:D8:D6:5A:BD:E9:3B:A8:4B:A4:6C:A6:E7
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019DC085816214F4EC69EB112539BBA68BF4
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/YnpvIQr-l7nY1lq96TuoS6Rspuc.roa
Signing time: Fri 24 Apr 2026 17:24:28 +0000
ROA not before: Fri 24 Apr 2026 17:24:28 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 209628
IP address blocks: 87.121.54.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 25 Apr 2026 17:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:c0:85:81:62:14:f4:ec:69:eb:11:25:39:bb:a6:8b:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 24 17:24:28 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=627a6f210afe97b9d8d65abde93ba84ba46ca6e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:ef:b8:c6:14:38:f3:5f:c5:f6:d6:7f:4e:75:
2b:7c:4a:7b:2a:60:a1:3d:af:14:c3:85:8e:44:2c:
b0:7a:a0:f8:e7:cf:39:65:b6:f8:c6:8d:50:3e:f4:
96:53:2f:68:c1:1a:b1:4c:b0:a8:08:38:fe:ee:2d:
77:c3:35:e0:4d:38:f8:94:da:98:57:1a:e2:9d:51:
85:17:65:c4:f0:4d:93:8d:50:f6:b1:7a:d9:07:08:
3d:fd:95:a0:da:e4:f1:a4:f1:33:36:08:63:cf:79:
78:6a:bf:66:d4:ed:32:4e:cb:ab:42:c4:91:48:8c:
83:5a:0a:c8:cb:f2:37:b4:f6:f9:26:f8:4b:49:a8:
b4:3e:69:07:2d:f6:95:1f:c8:9c:42:b0:01:71:54:
98:2d:48:79:3c:24:2b:ac:1c:c1:3d:50:d7:dc:3f:
cb:ac:c7:2b:7c:b6:52:a6:fd:d8:fe:c8:c1:73:99:
5a:58:15:9b:e7:50:df:30:42:00:5d:6d:1d:74:3c:
69:f5:dd:81:2a:92:8a:ac:21:84:3f:eb:c1:48:1f:
cf:ac:ea:65:fc:c4:2a:3e:b8:d4:84:e8:24:2f:5b:
06:e6:23:e0:5c:24:70:f0:ce:7e:a5:29:86:18:c5:
18:fd:b1:32:3c:7e:5f:39:f1:fa:42:68:f3:ea:35:
6c:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:7A:6F:21:0A:FE:97:B9:D8:D6:5A:BD:E9:3B:A8:4B:A4:6C:A6:E7
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/YnpvIQr-l7nY1lq96TuoS6Rspuc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.121.54.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:16:c5:58:21:a6:f6:ce:17:0c:48:a8:23:71:b6:6e:d2:a2:
43:07:68:84:05:8c:52:63:b8:a8:59:f0:af:d5:82:ad:24:9e:
1b:85:0a:70:d6:71:09:cf:5f:e6:ca:55:38:5e:2b:d1:d1:83:
ca:70:92:d8:84:60:76:56:69:2a:14:40:87:6c:c1:78:78:32:
e3:a6:96:b6:e4:39:2e:48:96:8f:66:b0:ae:1c:01:99:2f:fa:
70:08:89:35:15:13:8b:39:80:58:42:17:be:6f:bb:2f:0e:5e:
85:26:0b:c1:48:6c:2c:c5:12:c9:38:7f:59:d2:ae:c5:e4:f9:
ba:dd:9c:99:88:43:c3:ad:13:61:2a:ee:2b:a5:ac:69:d5:31:
4d:e2:6b:16:a4:35:98:f3:b1:e3:47:ab:15:10:da:fa:86:58:
c8:b2:0c:63:d7:52:5a:6f:58:58:fa:29:98:db:db:44:e8:42:
12:53:07:2f:13:dd:52:cd:62:c3:ea:a8:cc:91:e4:35:a7:10:
9a:44:c6:97:f6:09:78:49:28:a6:55:39:38:f2:a5:e6:83:b1:
cb:70:c6:3d:be:5f:49:5d:1b:76:b1:32:62:af:5e:e7:22:0c:
22:0d:e3:b5:b5:5c:ea:e1:21:19:20:b2:2f:07:01:d8:a6:00:
34:03:c3:19
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ3AhYFiFPTsaesRJTm7pov0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjYwNDI0MTcyNDI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjdhNmYyMTBhZmU5N2I5ZDhkNjVhYmRlOTNiYTg0YmE0NmNhNmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyu+4xhQ481/F9tZ/TnUrfEp7KmCh
Pa8Uw4WORCyweqD45885Zbb4xo1QPvSWUy9owRqxTLCoCDj+7i13wzXgTTj4lNqY
VxrinVGFF2XE8E2TjVD2sXrZBwg9/ZWg2uTxpPEzNghjz3l4ar9m1O0yTsurQsSR
SIyDWgrIy/I3tPb5JvhLSai0PmkHLfaVH8icQrABcVSYLUh5PCQrrBzBPVDX3D/L
rMcrfLZSpv3Y/sjBc5laWBWb51DfMEIAXW0ddDxp9d2BKpKKrCGEP+vBSB/PrOpl
/MQqPrjUhOgkL1sG5iPgXCRw8M5+pSmGGMUY/bEyPH5fOfH6Qmjz6jVsewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGJ6byEK/pe52NZavek7qEukbKbnMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWW5wdklRci1sN25ZMWxxOTZUdW9TNlJzcHVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV3k2MA0G
CSqGSIb3DQEBCwUAA4IBAQAeFsVYIab2zhcMSKgjcbZu0qJDB2iEBYxSY7ioWfCv
1YKtJJ4bhQpw1nEJz1/mylU4XivR0YPKcJLYhGB2VmkqFECHbMF4eDLjppa25Dku
SJaPZrCuHAGZL/pwCIk1FROLOYBYQhe+b7svDl6FJgvBSGwsxRLJOH9Z0q7F5Pm6
3ZyZiEPDrRNhKu4rpaxp1TFN4msWpDWY87HjR6sVENr6hljIsgxj11Jab1hY+imY
29tE6EISUwcvE91SzWLD6qjMkeQ1pxCaRMaX9gl4SSimVTk48qXmg7HLcMY9vl9J
XRt2sTJir17nIgwiDeO1tVzq4SEZILIvBwHYpgA0A8MZ
-----END CERTIFICATE-----
Generated at Fri Apr 24 23:55:19 2026 by rpki-client