Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/x3zacxYSWcbrkDkDpUXD7EGRYls.roa
File: x3zacxYSWcbrkDkDpUXD7EGRYls.roa (raw, json)
Hash identifier: Bl096IATEPmn4yHvQUWJ66DUUtTnR/N94wNiKQPLa6o=
Subject key identifier: C7:7C:DA:73:16:12:59:C6:EB:90:39:03:A5:45:C3:EC:41:91:62:5B
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 019DCA0D5F052D2EC0BD70158B38621E3446
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/x3zacxYSWcbrkDkDpUXD7EGRYls.roa
Signing time: Sun 26 Apr 2026 13:49:27 +0000
ROA not before: Sun 26 Apr 2026 13:49:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 16509
IP address blocks: 91.200.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.mft
rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 04 May 2026 05:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:ca:0d:5f:05:2d:2e:c0:bd:70:15:8b:38:62:1e:34:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Apr 26 13:49:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c77cda73161259c6eb903903a545c3ec4191625b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:b0:8c:0a:0e:0e:73:06:7e:bc:0f:06:68:b7:
af:16:56:78:51:c0:38:80:24:37:16:43:23:a6:03:
ce:0f:05:a3:a2:37:59:dc:5e:58:8c:e3:1d:42:d7:
ba:fc:10:40:e2:8b:e3:a6:2c:b2:70:d1:3e:f9:e2:
ec:f3:a1:01:ac:f5:67:48:64:c0:ac:4c:28:e8:af:
9f:48:32:06:fb:25:06:90:87:1f:a3:4a:fb:62:aa:
a0:b8:26:3f:b9:77:df:20:ae:5e:8b:b7:c6:28:bc:
f2:3c:77:6c:71:12:fb:53:5c:74:ec:5a:d5:fc:31:
eb:e4:44:c0:67:9c:c5:fc:30:30:75:ba:9b:78:6e:
be:a7:ea:11:26:11:70:39:62:73:14:21:9c:bd:79:
78:41:5e:84:6d:04:4c:e3:20:73:4e:40:e6:ef:43:
d8:a2:45:ca:90:0e:f7:cd:6f:e8:32:86:33:ed:6a:
7c:a3:70:9e:b0:10:4a:05:e9:d6:79:e1:55:e8:99:
e7:62:4d:7b:0d:c2:c3:48:90:60:e4:d3:ec:99:37:
a8:35:a3:4d:ed:99:0c:be:7b:4b:8a:1d:39:ab:08:
f9:78:cc:ed:86:b3:8f:4d:30:c8:b3:4d:85:83:4b:
98:84:f4:a1:df:96:63:20:19:9d:26:9b:0f:e7:83:
a3:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:7C:DA:73:16:12:59:C6:EB:90:39:03:A5:45:C3:EC:41:91:62:5B
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/x3zacxYSWcbrkDkDpUXD7EGRYls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.223.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:b6:73:f8:db:0a:15:be:51:d6:6c:32:0f:00:02:a5:10:98:
39:c1:98:e6:3e:6d:07:5e:b0:21:2c:32:02:82:57:34:cd:f5:
46:4c:ce:c5:05:b5:62:95:c7:ee:75:04:6b:c5:a9:a4:45:3f:
46:8d:1c:7f:56:6b:27:10:c8:31:e0:a1:e8:b7:f4:cc:b2:2d:
45:f4:43:b2:7e:fd:e7:63:92:eb:81:94:eb:45:f9:2e:21:14:
47:bc:45:21:cc:92:24:c1:7b:2b:55:2d:c8:5a:ac:f9:4d:04:
1c:81:88:da:a0:1e:46:7b:b9:4f:b9:96:00:aa:49:8a:47:5d:
24:1f:35:bd:7e:68:a7:c8:a9:db:62:59:e6:c7:50:36:78:c2:
5a:58:2e:bf:b0:ca:32:53:61:6f:30:2a:26:25:63:40:a2:d5:
bf:5e:4f:f6:a7:e0:a6:ce:f2:04:ec:9f:35:07:56:11:4d:ee:
dc:22:94:bf:00:75:84:c5:a7:f4:ab:08:60:cf:68:3c:68:e0:
6f:79:95:9f:34:c0:1d:cf:30:97:ad:66:34:10:e8:0f:3c:67:
6f:ed:19:58:f4:c6:48:16:c4:b9:10:d2:1a:d8:39:9d:96:17:
21:5a:4e:5c:b2:56:24:57:e7:18:76:0a:8f:1a:ac:20:09:fc:
1f:09:92:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ3KDV8FLS7AvXAVizhiHjRGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjYwNDI2MTM0OTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzdjZGE3MzE2MTI1OWM2ZWI5MDM5MDNhNTQ1YzNlYzQxOTE2MjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbCMCg4OcwZ+vA8GaLevFlZ4UcA4
gCQ3FkMjpgPODwWjojdZ3F5YjOMdQte6/BBA4ovjpiyycNE++eLs86EBrPVnSGTA
rEwo6K+fSDIG+yUGkIcfo0r7YqqguCY/uXffIK5ei7fGKLzyPHdscRL7U1x07FrV
/DHr5ETAZ5zF/DAwdbqbeG6+p+oRJhFwOWJzFCGcvXl4QV6EbQRM4yBzTkDm70PY
okXKkA73zW/oMoYz7Wp8o3CesBBKBenWeeFV6JnnYk17DcLDSJBg5NPsmTeoNaNN
7ZkMvntLih05qwj5eMzthrOPTTDIs02Fg0uYhPSh35ZjIBmdJpsP54OjEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMd82nMWElnG65A5A6VFw+xBkWJbMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEveDN6YWN4WVNXY2Jya0RrRHBVWEQ3RUdSWWxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8jfMA0G
CSqGSIb3DQEBCwUAA4IBAQCKtnP42woVvlHWbDIPAAKlEJg5wZjmPm0HXrAhLDIC
glc0zfVGTM7FBbVilcfudQRrxamkRT9GjRx/VmsnEMgx4KHot/TMsi1F9EOyfv3n
Y5LrgZTrRfkuIRRHvEUhzJIkwXsrVS3IWqz5TQQcgYjaoB5Ge7lPuZYAqkmKR10k
HzW9fminyKnbYlnmx1A2eMJaWC6/sMoyU2FvMComJWNAotW/Xk/2p+CmzvIE7J81
B1YRTe7cIpS/AHWExaf0qwhgz2g8aOBveZWfNMAdzzCXrWY0EOgPPGdv7RlY9MZI
FsS5ENIa2DmdlhchWk5cslYkV+cYdgqPGqwgCfwfCZL4
-----END CERTIFICATE-----
Generated at Sun May 3 14:47:51 2026 by rpki-client