Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/aypHx4gHEyR9nPZQDK_wV2ZnJVo.roa
File: aypHx4gHEyR9nPZQDK_wV2ZnJVo.roa (raw, json)
Hash identifier: 2nXHZvBeI3ZM+c1wAwNY/hjTefnRfvzBuQ/JKBCzzT0=
Subject key identifier: 6B:2A:47:C7:88:07:13:24:7D:9C:F6:50:0C:AF:F0:57:66:67:25:5A
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019C89A3F761F5F93CFA1BAA724F5B4D4905
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/aypHx4gHEyR9nPZQDK_wV2ZnJVo.roa
Signing time: Mon 23 Feb 2026 08:35:50 +0000
ROA not before: Mon 23 Feb 2026 08:35:50 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213887
IP address blocks: 87.120.92.0/24 maxlen: 24
87.120.205.0/24 maxlen: 24
87.120.216.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Feb 2026 05:01:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:89:a3:f7:61:f5:f9:3c:fa:1b:aa:72:4f:5b:4d:49:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 23 08:35:50 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6b2a47c7880713247d9cf6500caff0576667255a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:5c:04:27:e9:34:f3:4f:9d:89:08:d0:89:8f:
be:59:ff:ed:d2:e8:5a:4c:54:3d:e0:cd:85:6e:63:
c6:83:c7:cc:d1:72:18:9f:d5:9a:cb:71:f1:cb:c9:
a4:a6:a2:4f:a6:88:94:72:d1:0d:55:ca:fc:d4:83:
dd:76:96:20:d4:16:e3:29:22:ea:d3:73:5f:d6:69:
ff:75:88:eb:7b:ff:b9:99:2d:5e:91:c3:bc:45:7d:
a4:cd:0c:f5:0e:c1:24:f5:e2:db:ea:e4:0c:64:07:
eb:8b:c2:cb:3d:68:5a:59:83:62:a7:80:53:9a:bb:
f6:a8:c7:83:80:59:cb:07:e4:8f:32:c6:01:aa:5b:
a0:30:d2:21:9e:d2:ad:85:a2:fd:01:a8:44:02:a9:
b2:ef:db:2b:82:ba:9e:62:09:b2:4f:4c:a4:b7:71:
9c:ed:97:46:1b:c7:e5:01:1b:db:4b:0b:1d:35:e7:
3e:10:b5:03:13:09:20:35:2e:4c:e3:87:92:15:8f:
60:58:0e:88:19:98:6f:4f:e4:14:25:fe:93:e4:83:
5a:1c:06:10:a8:4d:71:42:a9:70:74:9d:83:2d:e7:
d1:42:09:02:b4:bf:4c:17:74:e1:ea:2a:b2:ce:03:
23:6a:40:41:4f:e7:a9:c7:d5:b8:ed:47:52:cd:de:
87:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:2A:47:C7:88:07:13:24:7D:9C:F6:50:0C:AF:F0:57:66:67:25:5A
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/aypHx4gHEyR9nPZQDK_wV2ZnJVo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.120.92.0/24
87.120.205.0/24
87.120.216.0/24
Signature Algorithm: sha256WithRSAEncryption
84:83:be:8f:92:63:2c:ff:f6:f9:9a:8e:be:8b:87:f5:c2:e3:
bf:38:e0:36:17:25:d0:df:de:69:2e:23:bc:33:36:a8:5c:f3:
df:23:f5:21:f7:91:04:d9:80:50:65:9e:ce:d4:be:a6:1c:56:
d0:fd:9b:45:64:e5:a2:6d:32:37:c7:c2:21:62:9e:3b:45:d6:
cd:d4:7b:b4:f9:15:a5:28:07:c6:72:2e:f3:95:f2:f8:16:51:
3b:63:bf:86:23:ad:9e:ea:e6:c8:79:43:b4:c0:17:a3:57:85:
86:ed:5b:6c:9e:82:0a:6a:5c:72:5b:3e:0b:78:97:ce:e6:ed:
09:44:9b:96:c4:33:3e:e2:97:ed:39:cb:e1:2d:31:e3:a2:4c:
7d:ad:23:b5:7e:ff:ce:d7:75:6e:34:f4:ce:df:71:9c:a2:21:
0f:65:a5:da:bc:80:81:a1:48:a8:76:17:77:9f:f9:54:c9:5d:
f0:5e:63:41:29:b0:b0:58:57:a3:61:6f:0e:d1:37:c0:d4:7e:
28:ac:60:ef:87:d2:c7:80:b3:37:73:e6:67:8a:31:5f:2a:90:
3b:77:a9:d9:4d:42:f8:c6:c1:0c:4d:33:4e:2c:d7:5a:30:b6:
58:4f:9e:3b:ea:51:05:f3:58:86:0d:52:6a:45:c8:6e:0c:f0:
5e:4d:ee:c7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZyJo/dh9fk8+huqck9bTUkFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjYwMjIzMDgzNTUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjJhNDdjNzg4MDcxMzI0N2Q5Y2Y2NTAwY2FmZjA1NzY2NjcyNTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn1wEJ+k080+diQjQiY++Wf/t0uha
TFQ94M2FbmPGg8fM0XIYn9Way3Hxy8mkpqJPpoiUctENVcr81IPddpYg1BbjKSLq
03Nf1mn/dYjre/+5mS1ekcO8RX2kzQz1DsEk9eLb6uQMZAfri8LLPWhaWYNip4BT
mrv2qMeDgFnLB+SPMsYBqlugMNIhntKthaL9AahEAqmy79srgrqeYgmyT0ykt3Gc
7ZdGG8flARvbSwsdNec+ELUDEwkgNS5M44eSFY9gWA6IGZhvT+QUJf6T5INaHAYQ
qE1xQqlwdJ2DLefRQgkCtL9MF3Th6iqyzgMjakBBT+epx9W47UdSzd6HUQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGsqR8eIBxMkfZz2UAyv8FdmZyVaMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvYXlwSHg0Z0hFeVI5blBaUURLX3dWMlpuSlZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAV3hcAwQA
V3jNAwQAV3jYMA0GCSqGSIb3DQEBCwUAA4IBAQCEg76PkmMs//b5mo6+i4f1wuO/
OOA2FyXQ395pLiO8MzaoXPPfI/Uh95EE2YBQZZ7O1L6mHFbQ/ZtFZOWibTI3x8Ih
Yp47RdbN1Hu0+RWlKAfGci7zlfL4FlE7Y7+GI62e6ubIeUO0wBejV4WG7VtsnoIK
alxyWz4LeJfO5u0JRJuWxDM+4pftOcvhLTHjokx9rSO1fv/O13VuNPTO33GcoiEP
ZaXavICBoUiodhd3n/lUyV3wXmNBKbCwWFejYW8O0TfA1H4orGDvh9LHgLM3c+Zn
ijFfKpA7d6nZTUL4xsEMTTNOLNdaMLZYT5476lEF81iGDVJqRchuDPBeTe7H
-----END CERTIFICATE-----
Generated at Wed Feb 25 15:19:07 2026 by rpki-client