Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/kU7LJtaBMe9giBMog0z9tls5hNs.roa
File: kU7LJtaBMe9giBMog0z9tls5hNs.roa (raw, json)
Hash identifier: /LCNaxxnVp0f7K9AqT9G+uDWRhwC9HxvUyTNHDPlPvY=
Subject key identifier: 91:4E:CB:26:D6:81:31:EF:60:88:13:28:83:4C:FD:B6:5B:39:84:DB
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019D61E00E170ED264E077D9D4D97F7D044D
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/kU7LJtaBMe9giBMog0z9tls5hNs.roa
Signing time: Mon 06 Apr 2026 08:19:26 +0000
ROA not before: Mon 06 Apr 2026 08:19:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 151612
IP address blocks: 31.13.231.0/24 maxlen: 24
81.161.230.0/24 maxlen: 24
87.120.89.0/24 maxlen: 24
193.37.47.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 Apr 2026 10:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:61:e0:0e:17:0e:d2:64:e0:77:d9:d4:d9:7f:7d:04:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 6 08:19:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=914ecb26d68131ef60881328834cfdb65b3984db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:30:aa:31:d2:3d:64:bb:22:b1:d9:8d:00:64:
85:e1:37:36:7f:14:41:49:58:8a:df:c5:e6:21:5b:
c7:d8:f0:6b:5a:b9:0b:58:d8:22:e2:45:56:91:4b:
d1:96:b0:88:15:68:fc:b7:38:af:df:9d:9e:f4:88:
5f:27:2c:7a:08:4f:6c:6b:24:67:55:d7:59:4b:96:
8c:fa:9f:c4:1b:d0:93:8d:7d:a7:d0:44:3e:7e:96:
39:06:ec:66:12:f7:c2:eb:91:d0:5d:21:65:b6:93:
74:21:83:6a:33:d1:13:c6:4e:f2:5b:59:61:da:ab:
58:68:c6:47:90:f5:7a:26:76:56:1d:ae:6e:40:cc:
95:1b:70:8e:6a:58:ab:21:8d:be:d4:80:52:eb:e0:
51:ac:99:8b:b9:60:3d:af:eb:c9:82:61:25:4d:68:
97:93:9f:f4:d4:6b:46:5a:ea:c7:38:ac:c6:22:c3:
c9:8b:f1:6c:33:1d:4a:6c:0d:31:1a:54:9b:a7:e4:
e3:03:39:ae:7d:21:f0:4d:d3:df:fe:01:5a:f7:82:
5e:be:1d:51:03:72:fe:6c:99:36:93:d7:83:8a:0b:
83:7b:7c:4b:8b:f2:ee:39:99:5a:2e:fa:30:0a:ec:
86:18:66:7f:65:c3:6f:17:bf:9c:fd:fe:1a:1d:07:
74:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:4E:CB:26:D6:81:31:EF:60:88:13:28:83:4C:FD:B6:5B:39:84:DB
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/kU7LJtaBMe9giBMog0z9tls5hNs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.231.0/24
81.161.230.0/24
87.120.89.0/24
193.37.47.0/24
Signature Algorithm: sha256WithRSAEncryption
67:34:1f:79:86:a1:05:c2:54:0e:96:12:aa:5f:c5:7f:4b:6a:
ec:fa:06:12:6b:a5:6b:05:6a:cc:39:16:a6:e0:d9:de:7c:bf:
71:09:1b:80:c7:46:d9:4e:59:86:77:26:6e:97:43:f4:4d:61:
23:b9:a1:f9:09:0a:6e:52:c1:70:9e:44:6e:9b:65:69:29:f5:
12:63:cb:18:3d:2e:f1:61:c5:68:b1:44:47:5b:b2:a0:77:c1:
b9:30:9d:d4:1e:be:d1:3d:b1:96:7b:da:da:fa:25:98:a5:49:
d7:f5:1f:f4:77:56:c5:f1:dc:13:cf:5c:18:7f:62:1b:51:48:
5f:ed:6e:a6:5a:9c:03:1a:c9:b5:90:eb:28:89:0b:2e:84:48:
f0:3e:e8:a3:13:ca:22:f5:f3:44:18:84:20:bb:18:df:49:72:
fe:38:ee:fc:28:4a:2e:46:dc:04:6f:b2:96:8b:ea:36:60:de:
cd:58:2b:08:17:4a:85:c0:93:64:90:33:e9:d5:01:d4:4f:96:
a5:bd:09:3b:d6:23:6c:4f:42:21:4e:17:91:c4:25:26:4b:5e:
78:69:0c:64:79:a4:82:ee:28:57:5c:92:19:50:29:aa:39:ab:
7b:c8:b2:b9:0e:e3:42:03:8e:68:72:03:84:76:e3:dd:bb:47:
14:a3:aa:43
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ1h4A4XDtJk4HfZ1Nl/fQRNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjYwNDA2MDgxOTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTRlY2IyNmQ2ODEzMWVmNjA4ODEzMjg4MzRjZmRiNjViMzk4NGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyjCqMdI9ZLsisdmNAGSF4Tc2fxRB
SViK38XmIVvH2PBrWrkLWNgi4kVWkUvRlrCIFWj8tziv352e9IhfJyx6CE9sayRn
VddZS5aM+p/EG9CTjX2n0EQ+fpY5BuxmEvfC65HQXSFltpN0IYNqM9ETxk7yW1lh
2qtYaMZHkPV6JnZWHa5uQMyVG3COalirIY2+1IBS6+BRrJmLuWA9r+vJgmElTWiX
k5/01GtGWurHOKzGIsPJi/FsMx1KbA0xGlSbp+TjAzmufSHwTdPf/gFa94Jevh1R
A3L+bJk2k9eDiguDe3xLi/LuOZlaLvowCuyGGGZ/ZcNvF7+c/f4aHQd0ZQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJFOyybWgTHvYIgTKINM/bZbOYTbMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEva1U3TEp0YUJNZTlnaUJNb2cwejl0bHM1aE5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAHw3nAwQA
UaHmAwQAV3hZAwQAwSUvMA0GCSqGSIb3DQEBCwUAA4IBAQBnNB95hqEFwlQOlhKq
X8V/S2rs+gYSa6VrBWrMORam4NnefL9xCRuAx0bZTlmGdyZul0P0TWEjuaH5CQpu
UsFwnkRum2VpKfUSY8sYPS7xYcVosURHW7Kgd8G5MJ3UHr7RPbGWe9ra+iWYpUnX
9R/0d1bF8dwTz1wYf2IbUUhf7W6mWpwDGsm1kOsoiQsuhEjwPuijE8oi9fNEGIQg
uxjfSXL+OO78KEouRtwEb7KWi+o2YN7NWCsIF0qFwJNkkDPp1QHUT5alvQk71iNs
T0IhTheRxCUmS154aQxkeaSC7ihXXJIZUCmqOat7yLK5DuNCA45ocgOEduPdu0cU
o6pD
-----END CERTIFICATE-----
Generated at Mon Apr 6 17:18:17 2026 by rpki-client