Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/_yoExrbgWOVBbSdPGWlNwNA0kRk.roa
File: _yoExrbgWOVBbSdPGWlNwNA0kRk.roa (raw, json)
Hash identifier: WKg2sdNAu0qJP9FmgXZY7N5Ih+NJH/g5h7Tq/XgHMM8=
Subject key identifier: FF:2A:04:C6:B6:E0:58:E5:41:6D:27:4F:19:69:4D:C0:D0:34:91:19
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019DE1B41D12F48897198BF7C46F141E8E11
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/_yoExrbgWOVBbSdPGWlNwNA0kRk.roa
Signing time: Fri 01 May 2026 04:02:50 +0000
ROA not before: Fri 01 May 2026 04:02:50 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 210546
IP address blocks: 87.120.36.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 01 May 2026 23:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:e1:b4:1d:12:f4:88:97:19:8b:f7:c4:6f:14:1e:8e:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 1 04:02:50 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ff2a04c6b6e058e5416d274f19694dc0d0349119
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:69:91:74:d7:0e:39:a5:80:69:43:b6:3c:40:
ab:bd:52:77:0c:5e:07:b7:75:80:e9:3e:9c:98:2c:
95:d5:c6:e0:35:54:e1:5b:73:2a:d2:18:15:65:9e:
da:62:ca:96:e7:65:7f:ca:60:8c:5b:1e:1b:b2:27:
ed:12:e4:19:0a:9a:81:2b:ee:02:f6:5a:d1:1b:41:
a9:bf:b9:4a:3f:bf:da:0c:53:98:48:97:9c:e9:a8:
29:32:8c:d2:4d:b5:5a:34:31:eb:b0:f1:e1:aa:7f:
6d:f5:4e:1a:ae:1e:eb:10:76:4c:eb:2e:8b:62:71:
51:a1:cd:c1:f9:c8:05:b0:14:a4:4a:61:5d:ed:17:
6f:2f:76:c5:11:66:5b:7c:9c:4f:89:3d:dc:2c:17:
d9:8b:dc:79:51:b4:aa:05:2f:25:5c:ad:5a:67:5d:
ac:f3:4b:fc:6e:99:5d:7f:30:fd:c5:a8:76:1b:0e:
d2:30:5e:19:34:41:d3:a8:eb:fd:28:18:08:47:ca:
8d:03:56:ca:7b:f8:0d:c0:e6:f8:a7:0f:80:67:84:
05:27:6e:72:b0:21:b7:b1:6e:76:84:24:fa:9c:f7:
97:7c:c7:c3:6d:13:29:c1:19:37:6b:bf:a3:f4:0e:
4a:c4:60:80:81:48:47:f0:8f:92:2a:f1:68:4c:af:
3c:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:2A:04:C6:B6:E0:58:E5:41:6D:27:4F:19:69:4D:C0:D0:34:91:19
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/_yoExrbgWOVBbSdPGWlNwNA0kRk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.120.36.0/24
Signature Algorithm: sha256WithRSAEncryption
06:37:f6:9c:1b:74:b1:43:15:a3:5f:74:9a:ce:bb:8d:df:18:
af:11:8d:8a:16:12:72:f7:43:92:ce:11:9c:17:dd:1c:b9:6e:
9b:b2:e2:7b:31:79:00:15:81:01:e9:ef:82:6a:0e:bc:95:d7:
1c:ff:1a:6f:90:32:48:d2:e5:67:73:9c:2d:0f:a9:8d:b2:9c:
c2:2d:5d:cc:fc:cd:f2:2e:b8:be:b9:61:ef:4a:e7:3e:1c:fa:
79:94:c3:64:7e:81:bd:db:41:8a:bf:a9:41:56:95:b5:7f:82:
36:bd:c4:2c:77:4a:fb:6c:30:0f:bd:c9:d3:ad:7e:e7:6d:e9:
06:51:ae:2a:76:d1:87:55:a0:5a:13:2c:cd:7a:0a:12:43:50:
a7:c4:43:08:5a:a4:94:7b:f0:99:63:8d:12:b4:47:8d:1d:89:
4d:1b:ec:a1:6f:e7:e1:c2:2f:ee:72:31:bc:bb:c2:3e:25:d8:
25:98:10:68:f5:c4:e8:86:d6:ce:10:37:10:cc:d2:f8:a6:ab:
01:2a:87:68:6f:0c:1e:32:65:d6:cf:a7:d8:25:07:b9:52:d2:
fb:53:cd:57:48:28:27:a7:64:bd:2b:5c:7b:3b:53:2d:f4:4e:
d4:c7:6e:44:8b:05:ca:6e:a3:b1:02:4e:2d:1d:2e:0b:e7:8b:
1e:6e:4f:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ3htB0S9IiXGYv3xG8UHo4RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjYwNTAxMDQwMjUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjJhMDRjNmI2ZTA1OGU1NDE2ZDI3NGYxOTY5NGRjMGQwMzQ5MTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvmmRdNcOOaWAaUO2PECrvVJ3DF4H
t3WA6T6cmCyV1cbgNVThW3Mq0hgVZZ7aYsqW52V/ymCMWx4bsiftEuQZCpqBK+4C
9lrRG0Gpv7lKP7/aDFOYSJec6agpMozSTbVaNDHrsPHhqn9t9U4arh7rEHZM6y6L
YnFRoc3B+cgFsBSkSmFd7RdvL3bFEWZbfJxPiT3cLBfZi9x5UbSqBS8lXK1aZ12s
80v8bpldfzD9xah2Gw7SMF4ZNEHTqOv9KBgIR8qNA1bKe/gNwOb4pw+AZ4QFJ25y
sCG3sW52hCT6nPeXfMfDbRMpwRk3a7+j9A5KxGCAgUhH8I+SKvFoTK88swIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP8qBMa24FjlQW0nTxlpTcDQNJEZMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvX3lvRXhyYmdXT1ZCYlNkUEdXbE53TkEwa1JrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV3gkMA0G
CSqGSIb3DQEBCwUAA4IBAQAGN/acG3SxQxWjX3SazruN3xivEY2KFhJy90OSzhGc
F90cuW6bsuJ7MXkAFYEB6e+Cag68ldcc/xpvkDJI0uVnc5wtD6mNspzCLV3M/M3y
Lri+uWHvSuc+HPp5lMNkfoG920GKv6lBVpW1f4I2vcQsd0r7bDAPvcnTrX7nbekG
Ua4qdtGHVaBaEyzNegoSQ1CnxEMIWqSUe/CZY40StEeNHYlNG+yhb+fhwi/ucjG8
u8I+JdglmBBo9cTohtbOEDcQzNL4pqsBKodobwweMmXWz6fYJQe5UtL7U81XSCgn
p2S9K1x7O1Mt9E7Ux25EiwXKbqOxAk4tHS4L54sebk+T
-----END CERTIFICATE-----
Generated at Fri May 1 07:06:55 2026 by rpki-client