Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/Ry89WBOYmKAqL4TkzmioPFVQiGg.roa
File: Ry89WBOYmKAqL4TkzmioPFVQiGg.roa (raw, json)
Hash identifier: WwcoqXiff5BfYHYx97igbyIf8xRxMG4DaB4D1dggfJ8=
Subject key identifier: 47:2F:3D:58:13:98:98:A0:2A:2F:84:E4:CE:68:A8:3C:55:50:88:68
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 019D9D5B06FC72855509E1B996A6C048C2E0
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/Ry89WBOYmKAqL4TkzmioPFVQiGg.roa
Signing time: Fri 17 Apr 2026 21:31:21 +0000
ROA not before: Fri 17 Apr 2026 21:31:21 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 198767
IP address blocks: 5.175.194.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 21:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9d:5b:06:fc:72:85:55:09:e1:b9:96:a6:c0:48:c2:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Apr 17 21:31:21 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=472f3d58139898a02a2f84e4ce68a83c55508868
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:8a:f7:ff:f8:2f:a0:c0:72:3e:68:e7:25:fd:
84:b9:16:71:dd:7b:28:b4:bd:75:41:c4:bd:7c:ac:
67:96:3f:25:cf:45:f6:17:b0:80:06:69:87:58:48:
40:a8:4e:7d:19:d1:62:ee:3b:f7:b6:0d:6a:d3:dd:
1e:f0:35:56:a9:86:27:0e:0d:71:4b:de:c5:54:7d:
16:2b:be:57:60:84:8f:f8:90:8b:85:66:92:39:e6:
b8:e9:f1:e1:ad:ff:39:03:1c:0e:2a:64:b4:60:24:
6c:3c:99:49:d7:39:36:15:5e:aa:06:06:7e:c8:ea:
c3:0a:82:36:43:e1:fa:9c:6e:0e:fd:d9:c1:42:ae:
98:81:b4:5c:ce:66:1b:0c:d6:25:cd:21:b1:62:1f:
79:7b:1b:59:5e:17:b6:87:de:bd:ce:8d:1a:fc:87:
57:58:cc:5e:d1:72:e8:8a:e8:69:92:84:4d:fa:87:
d8:db:6e:57:49:de:fc:72:59:6e:37:a4:f0:9f:bf:
b6:33:8e:9a:5e:91:1e:c9:e8:15:1e:78:76:e6:dd:
1f:13:41:96:f5:77:37:b9:17:bd:df:10:ac:7d:fb:
0c:10:53:11:ee:29:ed:a3:ca:f0:05:50:e6:2e:52:
93:08:2f:a7:4a:0b:9a:76:c5:3f:aa:f4:81:e1:e6:
28:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:2F:3D:58:13:98:98:A0:2A:2F:84:E4:CE:68:A8:3C:55:50:88:68
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/Ry89WBOYmKAqL4TkzmioPFVQiGg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.175.194.0/24
Signature Algorithm: sha256WithRSAEncryption
52:9f:c3:30:6c:9c:eb:df:9d:fe:77:29:4c:c1:00:0e:84:20:
1d:79:00:fd:7e:fa:68:8f:ea:19:c6:25:d4:7f:ea:8c:0e:1d:
1e:96:30:30:18:aa:5f:ee:db:cf:49:9f:0e:db:df:13:07:b4:
fa:92:ff:2c:36:83:a0:c0:c5:d3:bc:85:40:fc:ca:ce:72:5d:
6e:f1:eb:a5:16:7c:bc:69:09:7e:23:f2:3d:3b:ee:89:fb:d4:
10:84:35:de:74:d2:d1:ab:97:a3:fe:4a:70:f4:0f:cc:96:aa:
94:dc:80:ae:51:bf:6a:01:ed:37:dd:67:aa:50:22:13:5d:4e:
05:68:96:d0:33:c5:d0:85:cd:fa:a8:7a:2f:8b:eb:4d:a8:b9:
89:87:dd:c3:6e:da:8d:c5:48:dd:15:f6:f8:49:d6:47:31:85:
51:ee:4d:ef:83:19:52:69:5b:f7:83:99:19:14:6d:5e:51:88:
a8:4a:ea:9b:1a:03:d6:ff:3e:10:aa:49:f2:0c:f5:6d:10:ec:
7c:55:95:d9:16:1a:df:35:04:20:3c:93:4d:78:bf:3a:73:72:
a4:05:99:ad:8c:d4:27:cb:4b:fc:6b:25:75:42:d4:52:14:94:
25:50:5d:06:47:1a:58:4b:1f:ec:b0:6b:21:5b:4c:93:a7:5c:
03:36:e1:7b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ2dWwb8coVVCeG5lqbASMLgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjYwNDE3MjEzMTIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzJmM2Q1ODEzOTg5OGEwMmEyZjg0ZTRjZTY4YTgzYzU1NTA4ODY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvIr3//gvoMByPmjnJf2EuRZx3Xso
tL11QcS9fKxnlj8lz0X2F7CABmmHWEhAqE59GdFi7jv3tg1q090e8DVWqYYnDg1x
S97FVH0WK75XYISP+JCLhWaSOea46fHhrf85AxwOKmS0YCRsPJlJ1zk2FV6qBgZ+
yOrDCoI2Q+H6nG4O/dnBQq6YgbRczmYbDNYlzSGxYh95extZXhe2h969zo0a/IdX
WMxe0XLoiuhpkoRN+ofY225XSd78clluN6Twn7+2M46aXpEeyegVHnh25t0fE0GW
9Xc3uRe93xCsffsMEFMR7into8rwBVDmLlKTCC+nSguadsU/qvSB4eYoIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEcvPVgTmJigKi+E5M5oqDxVUIhoMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvUnk4OVdCT1ltS0FxTDRUa3ptaW9QRlZRaUdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABa/CMA0G
CSqGSIb3DQEBCwUAA4IBAQBSn8MwbJzr353+dylMwQAOhCAdeQD9fvpoj+oZxiXU
f+qMDh0eljAwGKpf7tvPSZ8O298TB7T6kv8sNoOgwMXTvIVA/MrOcl1u8eulFny8
aQl+I/I9O+6J+9QQhDXedNLRq5ej/kpw9A/MlqqU3ICuUb9qAe033WeqUCITXU4F
aJbQM8XQhc36qHovi+tNqLmJh93DbtqNxUjdFfb4SdZHMYVR7k3vgxlSaVv3g5kZ
FG1eUYioSuqbGgPW/z4QqknyDPVtEOx8VZXZFhrfNQQgPJNNeL86c3KkBZmtjNQn
y0v8ayV1QtRSFJQlUF0GRxpYSx/ssGshW0yTp1wDNuF7
-----END CERTIFICATE-----
Generated at Mon Apr 20 04:47:04 2026 by rpki-client