Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/sjTnW35v-7xH-FSJ9IaM4i1Mlcc.roa
File: sjTnW35v-7xH-FSJ9IaM4i1Mlcc.roa (raw, json)
Hash identifier: 52gUhtOTGlaDvHQa6hGLX5TLPUPH6nbsjLBZGPrInDU=
Subject key identifier: B2:34:E7:5B:7E:6F:FB:BC:47:F8:54:89:F4:86:8C:E2:2D:4C:95:C7
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019DC0866ABE648B3701C4FE013DF72C7D7C
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/sjTnW35v-7xH-FSJ9IaM4i1Mlcc.roa
Signing time: Fri 24 Apr 2026 17:25:27 +0000
ROA not before: Fri 24 Apr 2026 17:25:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 9028
IP address blocks: 45.144.155.0/24 maxlen: 24
87.121.54.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 25 Apr 2026 17:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:c0:86:6a:be:64:8b:37:01:c4:fe:01:3d:f7:2c:7d:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 24 17:25:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b234e75b7e6ffbbc47f85489f4868ce22d4c95c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:05:71:77:94:95:5a:c6:e9:18:be:99:cc:3d:
5b:12:b5:ae:37:9a:ba:a6:62:19:b3:18:9b:69:36:
28:19:86:65:10:67:07:21:5f:e5:b7:da:ba:e9:7e:
30:7b:69:69:3e:33:23:72:7c:70:07:bc:2d:8e:e8:
e8:b0:05:fc:c7:c6:f5:7a:93:c2:13:25:40:d7:ae:
0b:0b:1a:51:94:37:57:f4:c2:a1:03:3d:fa:ea:6a:
3d:5e:55:e7:5d:1f:e8:52:c2:97:f9:1a:1c:32:8d:
d2:dc:77:16:ff:0d:0e:38:e0:6a:ce:f5:9a:e8:28:
91:ee:e1:67:89:38:86:94:00:5a:bb:44:73:1b:93:
a4:4c:b8:58:a8:a1:e2:50:27:db:f6:1e:cf:a1:37:
19:81:b2:da:c9:b8:12:04:61:63:45:99:4d:6a:c5:
c5:f4:37:1e:a2:66:d1:a7:0a:25:77:1e:7f:3d:1c:
91:b7:85:26:c7:5b:d7:31:b4:2f:b9:a7:78:8e:0b:
ee:89:9a:9e:19:67:55:ec:b6:bb:5d:53:11:8c:41:
0b:a9:ac:0d:20:ac:14:c7:31:a6:fe:d0:1a:de:df:
51:84:3c:7b:d8:f8:12:c6:21:e4:05:c9:45:6a:70:
65:8c:b4:bd:b3:0b:b1:50:f2:af:2b:09:4f:67:ab:
18:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:34:E7:5B:7E:6F:FB:BC:47:F8:54:89:F4:86:8C:E2:2D:4C:95:C7
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/sjTnW35v-7xH-FSJ9IaM4i1Mlcc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.155.0/24
87.121.54.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:c8:ae:6a:29:18:e6:d6:c3:b2:ea:9c:8d:3a:fd:f3:0c:af:
da:35:ef:31:83:8e:91:c6:b7:73:3d:2a:18:27:98:12:30:9d:
b2:2e:93:3a:6c:f4:c4:9d:8d:ea:c9:22:5e:91:3f:22:ab:15:
79:3c:28:ff:c9:09:00:e4:61:6a:f2:62:7e:ec:c2:54:2e:29:
c6:2c:ad:72:b4:5e:54:06:9c:86:1b:95:b4:1a:09:d8:51:c7:
b9:09:12:18:8d:82:83:4f:d5:9d:12:05:70:8c:a6:d4:0f:e0:
1e:5f:29:f9:63:0c:d6:ad:6e:5a:e1:eb:a9:4e:67:f9:26:58:
6f:fc:41:c9:b8:ea:71:7a:64:d1:ef:a5:36:7c:4b:6d:82:85:
40:c6:37:23:a0:ae:57:8f:f4:81:c4:8a:67:6f:fa:b3:24:b1:
a1:5d:c1:2f:b9:37:ad:88:df:89:7c:89:ac:b4:75:a5:87:cd:
6a:05:72:0d:d8:fd:c2:7f:b3:c9:d5:61:ee:d2:52:52:e1:e5:
57:36:ec:7b:61:01:17:0d:48:83:dd:ea:37:28:3d:06:b2:ea:
9f:24:8b:c6:df:91:52:df:b8:2a:78:07:f0:4a:2a:df:c6:7f:
48:5d:b7:4f:4d:bc:e5:80:bb:bd:18:3b:47:c2:98:e2:7a:a9:
7a:8f:b1:13
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ3Ahmq+ZIs3AcT+AT33LH18MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjYwNDI0MTcyNTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjM0ZTc1YjdlNmZmYmJjNDdmODU0ODlmNDg2OGNlMjJkNGM5NWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0gVxd5SVWsbpGL6ZzD1bErWuN5q6
pmIZsxibaTYoGYZlEGcHIV/lt9q66X4we2lpPjMjcnxwB7wtjujosAX8x8b1epPC
EyVA164LCxpRlDdX9MKhAz366mo9XlXnXR/oUsKX+RocMo3S3HcW/w0OOOBqzvWa
6CiR7uFniTiGlABau0RzG5OkTLhYqKHiUCfb9h7PoTcZgbLaybgSBGFjRZlNasXF
9DceombRpwoldx5/PRyRt4Umx1vXMbQvuad4jgvuiZqeGWdV7La7XVMRjEELqawN
IKwUxzGm/tAa3t9RhDx72PgSxiHkBclFanBljLS9swuxUPKvKwlPZ6sY/wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLI051t+b/u8R/hUifSGjOItTJXHMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvc2pUblczNXYtN3hILUZTSjlJYU00aTFNbGNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZCbAwQA
V3k2MA0GCSqGSIb3DQEBCwUAA4IBAQBPyK5qKRjm1sOy6pyNOv3zDK/aNe8xg46R
xrdzPSoYJ5gSMJ2yLpM6bPTEnY3qySJekT8iqxV5PCj/yQkA5GFq8mJ+7MJULinG
LK1ytF5UBpyGG5W0GgnYUce5CRIYjYKDT9WdEgVwjKbUD+AeXyn5YwzWrW5a4eup
Tmf5Jlhv/EHJuOpxemTR76U2fEttgoVAxjcjoK5Xj/SBxIpnb/qzJLGhXcEvuTet
iN+JfImstHWlh81qBXIN2P3Cf7PJ1WHu0lJS4eVXNux7YQEXDUiD3eo3KD0Gsuqf
JIvG35FS37gqeAfwSirfxn9IXbdPTbzlgLu9GDtHwpjieql6j7ET
-----END CERTIFICATE-----
Generated at Fri Apr 24 23:53:45 2026 by rpki-client