Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/_AZgmp97ILZXku0zcw55MLzLybI.roa
File: _AZgmp97ILZXku0zcw55MLzLybI.roa (raw, json)
Hash identifier: TZo7wVxcN0FhmoTNyS3TZhUHIYFMRFUH7WgNe9C7O6Q=
Subject key identifier: FC:06:60:9A:9F:7B:20:B6:57:92:ED:33:73:0E:79:30:BC:CB:C9:B2
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019D1AE6AA90B01612F572E3E0E42F0060F4
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/_AZgmp97ILZXku0zcw55MLzLybI.roa
Signing time: Mon 23 Mar 2026 13:33:37 +0000
ROA not before: Mon 23 Mar 2026 13:33:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 48014
IP address blocks: 80.76.51.0/24 maxlen: 24
87.121.162.0/24 maxlen: 24
93.123.46.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:1a:e6:aa:90:b0:16:12:f5:72:e3:e0:e4:2f:00:60:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 23 13:33:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=fc06609a9f7b20b65792ed33730e7930bccbc9b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:bc:bb:c7:20:3d:95:0b:bd:b8:98:49:82:3e:
0a:18:7b:c0:ee:6d:3c:e1:34:3f:f1:de:6d:20:8b:
10:cd:f2:ba:b9:e0:59:29:98:0a:16:1e:65:86:e8:
02:57:33:6a:59:80:6f:42:84:de:6e:52:2b:d8:4f:
7f:f9:16:5a:db:b8:a3:64:24:96:f2:82:5f:94:81:
55:d9:e2:a6:30:e1:81:96:05:22:2f:0b:77:cc:67:
ab:ce:46:47:88:ec:8d:94:70:11:6f:26:cf:41:ba:
ed:51:65:db:54:ab:53:e0:45:98:78:5c:9c:51:9f:
1c:f8:07:e7:50:73:39:62:e3:bd:0c:54:7c:84:9e:
9e:61:51:88:ed:2e:17:24:df:45:ef:12:ff:bc:c8:
94:62:70:e8:d5:24:0a:1e:a5:42:02:71:e8:df:f6:
6b:11:23:c1:ee:4d:24:39:b1:6e:13:64:43:89:0a:
b8:7c:95:fa:3f:e5:46:e2:15:7d:e2:11:85:95:d2:
c8:aa:9b:02:5d:55:95:09:a3:ac:88:f1:ed:5b:34:
e1:d4:97:17:40:2d:7b:f4:2b:df:1e:a2:bb:95:66:
da:cd:0a:90:15:02:87:c5:3b:41:3d:27:f6:74:ed:
a6:01:f8:aa:94:68:aa:ad:e1:6e:26:d9:5f:16:c2:
3c:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:06:60:9A:9F:7B:20:B6:57:92:ED:33:73:0E:79:30:BC:CB:C9:B2
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/_AZgmp97ILZXku0zcw55MLzLybI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.76.51.0/24
87.121.162.0/24
93.123.46.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:55:d7:f7:a1:50:eb:36:c0:70:7d:1c:a0:28:dc:6f:c4:4c:
ee:21:75:d5:e0:b3:e7:30:3c:50:e7:ef:ad:3a:be:1b:31:82:
1b:d4:b5:cd:e8:4c:6d:02:59:f2:54:36:5e:e0:ab:d6:e8:2f:
a2:10:bf:a8:aa:3a:58:44:ce:f3:8e:42:d1:2c:d2:b6:fe:fd:
eb:21:15:7a:e3:0d:0f:9e:61:fe:d6:6b:87:f9:df:1b:e4:32:
02:8f:04:61:98:73:ee:7b:03:08:83:3e:a9:d6:f1:bd:0d:a2:
0d:f0:67:48:38:61:ff:7d:31:9f:66:91:9a:90:09:3d:81:ce:
11:fc:4d:e1:ab:11:a3:bc:4b:d8:6c:73:51:21:ed:97:e0:df:
0d:ac:e6:14:64:fa:af:2d:d4:e5:31:7e:c8:eb:5f:10:39:bb:
c9:1a:52:40:39:6b:28:bc:2e:29:0e:36:04:44:e0:af:7f:03:
6a:d9:f1:b5:cd:5d:e9:9d:47:81:30:ba:91:9a:74:15:19:ae:
81:d6:80:5b:c7:62:8e:bf:e9:12:0d:e5:6f:57:ac:15:4b:6d:
99:a4:f4:69:89:2b:22:52:2a:b9:83:b9:8e:86:d4:ca:d5:a4:
96:2e:93:22:57:a0:32:b8:2a:cc:bb:63:62:c6:62:cb:6a:dc:
7e:5f:30:38
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZ0a5qqQsBYS9XLj4OQvAGD0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjYwMzIzMTMzMzM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzA2NjA5YTlmN2IyMGI2NTc5MmVkMzM3MzBlNzkzMGJjY2JjOWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Ly7xyA9lQu9uJhJgj4KGHvA7m08
4TQ/8d5tIIsQzfK6ueBZKZgKFh5lhugCVzNqWYBvQoTeblIr2E9/+RZa27ijZCSW
8oJflIFV2eKmMOGBlgUiLwt3zGerzkZHiOyNlHARbybPQbrtUWXbVKtT4EWYeFyc
UZ8c+AfnUHM5YuO9DFR8hJ6eYVGI7S4XJN9F7xL/vMiUYnDo1SQKHqVCAnHo3/Zr
ESPB7k0kObFuE2RDiQq4fJX6P+VG4hV94hGFldLIqpsCXVWVCaOsiPHtWzTh1JcX
QC179CvfHqK7lWbazQqQFQKHxTtBPSf2dO2mAfiqlGiqreFuJtlfFsI8VwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPwGYJqfeyC2V5LtM3MOeTC8y8myMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvX0FaZ21wOTdJTFpYa3UwemN3NTVNTHpMeWJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUEwzAwQA
V3miAwQAXXsuMA0GCSqGSIb3DQEBCwUAA4IBAQCqVdf3oVDrNsBwfRygKNxvxEzu
IXXV4LPnMDxQ5++tOr4bMYIb1LXN6ExtAlnyVDZe4KvW6C+iEL+oqjpYRM7zjkLR
LNK2/v3rIRV64w0PnmH+1muH+d8b5DICjwRhmHPuewMIgz6p1vG9DaIN8GdIOGH/
fTGfZpGakAk9gc4R/E3hqxGjvEvYbHNRIe2X4N8NrOYUZPqvLdTlMX7I618QObvJ
GlJAOWsovC4pDjYEROCvfwNq2fG1zV3pnUeBMLqRmnQVGa6B1oBbx2KOv+kSDeVv
V6wVS22ZpPRpiSsiUiq5g7mOhtTK1aSWLpMiV6AyuCrMu2NixmLLatx+XzA4
-----END CERTIFICATE-----
Generated at Thu Mar 26 01:18:21 2026 by rpki-client