Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/j9jFZwTJ0znYArYrP_wb7FovBv8.roa
File: j9jFZwTJ0znYArYrP_wb7FovBv8.roa (raw, json)
Hash identifier: ry2e+m/h6zjqugwIc/oTaduBcZ+a/pH5c4SrYte7lzE=
Subject key identifier: 8F:D8:C5:67:04:C9:D3:39:D8:02:B6:2B:3F:FC:1B:EC:5A:2F:06:FF
Certificate issuer: /CN=1056bcd426fd87cd6f4147e133216d03112b181b
Certificate serial: 019E2FB5722D7921FEA74C28E5C8E438A9C8
Authority key identifier: 10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/j9jFZwTJ0znYArYrP_wb7FovBv8.roa
Signing time: Sat 16 May 2026 07:34:40 +0000
ROA not before: Sat 16 May 2026 07:34:40 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 57235
IP address blocks: 81.31.224.0/22 maxlen: 24
81.31.228.0/23 maxlen: 24
81.31.228.0/24 maxlen: 24
81.31.229.0/24 maxlen: 24
81.31.230.0/24 maxlen: 24
81.31.233.0/24 maxlen: 24
81.31.236.0/22 maxlen: 24
81.31.236.0/24 maxlen: 24
81.31.238.0/24 maxlen: 24
81.31.240.0/23 maxlen: 24
81.31.248.0/22 maxlen: 24
81.31.250.0/24 maxlen: 24
81.31.251.0/24 maxlen: 24
2a05:a6c0::/56 maxlen: 64
2a05:a6c7:ffff:ff00::/56 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/EFa81Cb9h81vQUfhMyFtAxErGBs.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/EFa81Cb9h81vQUfhMyFtAxErGBs.mft
rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 May 2026 13:01:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:2f:b5:72:2d:79:21:fe:a7:4c:28:e5:c8:e4:38:a9:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1056bcd426fd87cd6f4147e133216d03112b181b
Validity
Not Before: May 16 07:34:40 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8fd8c56704c9d339d802b62b3ffc1bec5a2f06ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:a7:91:3c:97:5e:9a:ac:9a:12:3e:b2:61:89:
ab:da:ed:02:5a:3b:cd:b9:38:4c:4e:dc:78:f0:df:
a0:2e:a6:c2:5f:04:40:a1:1f:86:f8:fc:5f:3a:c5:
16:77:af:65:1b:51:fb:b7:5f:7a:03:be:9e:69:ac:
bd:9f:28:cf:6d:4f:56:13:5d:13:5b:db:d8:37:4b:
c7:4e:4c:2f:13:90:e4:4e:85:4a:18:18:e0:29:b2:
f0:fc:a7:6a:a6:2f:02:1f:47:85:71:a6:43:fd:0e:
93:14:6a:72:a3:7a:d5:81:48:97:90:6e:ce:b2:83:
08:8b:c3:5c:1b:01:f6:0b:d2:0a:bd:8c:be:4a:66:
78:43:eb:ad:d5:56:7d:fb:fe:cc:ca:cc:50:a7:fb:
d2:9c:17:f8:77:1f:93:b1:db:84:fa:e5:e5:a3:94:
1f:2c:17:d9:3c:ef:03:a6:ae:ab:14:c0:41:43:83:
9c:7b:74:dc:d6:bc:bc:22:5b:12:6c:25:d5:41:c0:
5c:c6:d8:32:d9:66:b4:45:a2:5c:53:7e:48:c7:f0:
5b:81:4d:16:62:b2:90:e1:7d:25:c5:de:66:3e:2b:
52:58:8b:c5:87:eb:bc:c8:41:98:9f:4e:9c:f2:9e:
21:75:6b:c9:30:d3:2f:c3:1d:09:d0:bf:1d:61:03:
1a:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:D8:C5:67:04:C9:D3:39:D8:02:B6:2B:3F:FC:1B:EC:5A:2F:06:FF
X509v3 Authority Key Identifier:
keyid:10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/j9jFZwTJ0znYArYrP_wb7FovBv8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/EFa81Cb9h81vQUfhMyFtAxErGBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.31.224.0-81.31.230.255
81.31.233.0/24
81.31.236.0-81.31.241.255
81.31.248.0/22
IPv6:
2a05:a6c0::/56
2a05:a6c7:ffff:ff00::/56
Signature Algorithm: sha256WithRSAEncryption
a3:eb:8f:15:86:9f:86:bf:9c:b7:34:07:74:9f:61:9b:6b:bb:
0a:6a:45:72:b5:25:04:78:02:6a:e3:4d:e8:a7:9f:3e:35:b0:
79:9e:2d:4f:b5:f9:37:06:79:48:2a:13:81:e5:14:d6:f9:6d:
c0:c2:26:8d:a6:4c:03:93:c7:59:41:e3:41:f3:f8:07:9d:42:
e3:46:b2:fa:d8:d9:62:a3:e8:39:1a:99:50:e1:46:23:4b:84:
df:d8:a2:d5:be:ab:58:b3:1f:bb:3a:de:42:70:04:02:21:1d:
f0:4e:81:82:71:08:bd:03:19:0c:7f:5d:e0:a6:df:7f:9c:18:
01:ba:7e:b4:e3:fb:2a:2d:94:35:15:c2:40:7a:13:6b:b3:c8:
32:ab:43:0f:29:e9:b2:94:db:7f:c1:09:0f:52:49:30:6f:b9:
d3:40:1c:c1:6e:a7:a1:c4:e4:66:de:cd:71:76:11:30:97:10:
2b:d1:13:e3:ea:00:dd:f0:72:45:13:4c:ab:47:80:57:d7:09:
82:a4:70:48:97:53:3d:58:cc:93:70:ee:5e:11:80:f0:81:7d:
fd:14:c3:3b:a9:32:18:1b:ab:bf:07:d0:c8:c3:ed:e4:b2:bd:
1b:ef:a8:ca:a6:89:bb:44:f1:55:de:c3:a1:c8:db:3d:64:05:
a4:01:94:de
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZ4vtXIteSH+p0wo5cjkOKnIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNTZiY2Q0MjZmZDg3Y2Q2ZjQxNDdlMTMzMjE2ZDAzMTEy
YjE4MWIwHhcNMjYwNTE2MDczNDQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmQ4YzU2NzA0YzlkMzM5ZDgwMmI2MmIzZmZjMWJlYzVhMmYwNmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxqeRPJdemqyaEj6yYYmr2u0CWjvN
uThMTtx48N+gLqbCXwRAoR+G+PxfOsUWd69lG1H7t196A76eaay9nyjPbU9WE10T
W9vYN0vHTkwvE5DkToVKGBjgKbLw/Kdqpi8CH0eFcaZD/Q6TFGpyo3rVgUiXkG7O
soMIi8NcGwH2C9IKvYy+SmZ4Q+ut1VZ9+/7MysxQp/vSnBf4dx+TsduE+uXlo5Qf
LBfZPO8Dpq6rFMBBQ4Oce3Tc1ry8IlsSbCXVQcBcxtgy2Wa0RaJcU35Ix/BbgU0W
YrKQ4X0lxd5mPitSWIvFh+u8yEGYn06c8p4hdWvJMNMvwx0J0L8dYQMaeQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFI/YxWcEydM52AK2Kz/8G+xaLwb/MB8GA1UdIwQY
MBaAFBBWvNQm/YfNb0FH4TMhbQMRKxgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUZhODFDYjloODF2UVVmaE15RnRBeEVyR0JzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNmY0ZTQtNjhiYi00NDk2LTkwYzct
YWE4NTllMTkyYjE2LzEvajlqRlp3VEowem5ZQXJZclBfd2I3Rm92QnY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNmY0ZTQtNjhiYi00NDk2LTkwYzctYWE4NTllMTkyYjE2
LzEvRUZhODFDYjloODF2UVVmaE15RnRBeEVyR0JzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDAuBAIAATAoMAwDBAVRH+AD
BABRH+YDBABRH+kwDAMEAlEf7AMEAVEf8AMEAlEf+DAaBAIAAjAUAwgAKgWmwAAA
AAMIACoFpsf///8wDQYJKoZIhvcNAQELBQADggEBAKPrjxWGn4a/nLc0B3SfYZtr
uwpqRXK1JQR4AmrjTeinnz41sHmeLU+1+TcGeUgqE4HlFNb5bcDCJo2mTAOTx1lB
40Hz+AedQuNGsvrY2WKj6DkamVDhRiNLhN/YotW+q1izH7s63kJwBAIhHfBOgYJx
CL0DGQx/XeCm33+cGAG6frTj+yotlDUVwkB6E2uzyDKrQw8p6bKU23/BCQ9SSTBv
udNAHMFup6HE5GbezXF2ETCXECvRE+PqAN3wckUTTKtHgFfXCYKkcEiXUz1YzJNw
7l4RgPCBff0UwzupMhgbq78H0MjD7eSyvRvvqMqmibtE8VXew6HI2z1kBaQBlN4=
-----END CERTIFICATE-----
Generated at Thu May 21 23:21:09 2026 by rpki-client