Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/RyZKmPoGphNk65inkTZLITpsl5Y.roa
File: RyZKmPoGphNk65inkTZLITpsl5Y.roa (raw, json)
Hash identifier: X4gtNoK1UhxR9RCujSomB34slqOG2cNcQuqFsvQi2cQ=
Subject key identifier: 47:26:4A:98:FA:06:A6:13:64:EB:98:A7:91:36:4B:21:3A:6C:97:96
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 019EDFB651F45019DB15582B9E0F059451FA
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/RyZKmPoGphNk65inkTZLITpsl5Y.roa
Signing time: Fri 19 Jun 2026 11:48:48 +0000
ROA not before: Fri 19 Jun 2026 11:48:48 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 3561
IP address blocks: 77.36.124.0/22 maxlen: 22
81.161.4.0/22 maxlen: 24
91.237.44.0/22 maxlen: 24
93.120.96.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.mft
rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 29 Jun 2026 17:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:df:b6:51:f4:50:19:db:15:58:2b:9e:0f:05:94:51:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jun 19 11:48:48 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=47264a98fa06a61364eb98a791364b213a6c9796
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:d2:57:25:b0:fa:6b:5d:0e:1e:be:5c:a0:27:
da:b5:0e:51:28:d6:26:25:5c:53:c5:a5:69:c5:4b:
0e:42:3e:c1:b9:ef:e5:d2:44:83:aa:92:c6:b9:7e:
20:01:1f:b0:44:d6:05:cd:eb:eb:03:78:c7:c0:31:
3e:21:0a:1e:2e:10:79:48:68:c6:20:2b:dd:a9:64:
ed:c4:43:5f:42:a1:2c:c6:7f:1d:c6:ab:4e:85:97:
df:74:6f:b6:05:37:d0:ed:2c:e6:df:f9:50:bc:06:
b6:6c:8f:71:0c:4f:e0:e5:08:9c:21:b4:6d:90:e0:
e3:8d:bd:ab:89:be:2f:6b:1f:80:ca:2b:3a:0d:03:
17:62:08:e6:37:18:fc:61:66:98:ff:62:c5:01:3e:
c8:26:9e:42:ad:eb:e2:3e:46:9b:5f:82:eb:1a:1c:
4c:0b:06:2e:e5:f9:44:3a:d8:90:a5:34:9d:da:95:
0e:fe:ee:0d:75:af:0f:70:82:8b:89:e6:f1:ef:4e:
64:cf:1e:5d:15:c0:50:17:e1:07:d7:00:4e:bb:40:
f8:0f:09:f7:3f:3b:59:8e:79:91:84:54:fe:83:1c:
7d:23:a2:67:23:33:4c:8e:d2:78:2b:50:65:a4:7f:
26:2b:43:d8:8a:f2:f3:6a:a4:a0:0e:77:6d:a1:4e:
9a:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:26:4A:98:FA:06:A6:13:64:EB:98:A7:91:36:4B:21:3A:6C:97:96
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/RyZKmPoGphNk65inkTZLITpsl5Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.36.124.0/22
81.161.4.0/22
91.237.44.0/22
93.120.96.0/22
Signature Algorithm: sha256WithRSAEncryption
a4:81:8c:df:11:e4:ba:d4:7f:d3:c0:d0:b0:1e:c4:be:b2:ed:
c4:c1:b0:fe:4c:16:5f:1b:70:d8:3d:97:8e:2a:8b:c4:e0:b6:
47:03:63:8f:03:19:66:12:de:99:fb:c3:cf:e2:b5:4e:13:0d:
c4:74:55:8e:f8:68:32:62:35:d1:c8:91:5a:18:2c:ba:f9:86:
f5:26:d7:b8:28:97:9f:a3:c0:ed:95:b6:57:64:41:ab:1f:46:
08:f4:fc:6b:77:f0:56:30:44:8b:11:35:ed:e7:02:69:e2:5d:
58:e0:ed:3b:83:fc:75:2e:52:1a:58:62:6b:19:84:7c:ca:3c:
52:0b:d2:05:13:1e:2f:c8:29:36:65:4e:0c:87:ee:90:18:22:
2d:88:4e:6f:84:04:eb:b1:40:d9:5f:65:41:e1:65:68:a4:7f:
d5:de:18:83:f8:ce:16:64:67:9a:64:92:eb:e7:2b:46:7e:92:
f3:4f:2e:c8:2e:42:cf:3f:c6:b7:70:3a:8e:ab:46:83:b8:8e:
53:d1:66:d2:78:ac:ff:9f:4f:3a:00:11:62:cc:09:6d:8e:a5:
0e:0f:a4:ff:70:6b:f5:1a:cd:78:36:45:06:a8:b1:ca:4d:d7:
3a:3d:15:40:cb:f9:b3:ef:fb:b4:6a:db:0c:c7:c1:42:a2:a0:
00:74:4f:02
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ7ftlH0UBnbFVgrng8FlFH6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjYwNjE5MTE0ODQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzI2NGE5OGZhMDZhNjEzNjRlYjk4YTc5MTM2NGIyMTNhNmM5Nzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA49JXJbD6a10OHr5coCfatQ5RKNYm
JVxTxaVpxUsOQj7Bue/l0kSDqpLGuX4gAR+wRNYFzevrA3jHwDE+IQoeLhB5SGjG
ICvdqWTtxENfQqEsxn8dxqtOhZffdG+2BTfQ7Szm3/lQvAa2bI9xDE/g5QicIbRt
kODjjb2rib4vax+Ayis6DQMXYgjmNxj8YWaY/2LFAT7IJp5CreviPkabX4LrGhxM
CwYu5flEOtiQpTSd2pUO/u4Nda8PcIKLiebx705kzx5dFcBQF+EH1wBOu0D4Dwn3
PztZjnmRhFT+gxx9I6JnIzNMjtJ4K1BlpH8mK0PYivLzaqSgDndtoU6aLQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEcmSpj6BqYTZOuYp5E2SyE6bJeWMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvUnlaS21Qb0dwaE5rNjVpbmtUWkxJVHBzbDVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCTSR8AwQC
UaEEAwQCW+0sAwQCXXhgMA0GCSqGSIb3DQEBCwUAA4IBAQCkgYzfEeS61H/TwNCw
HsS+su3EwbD+TBZfG3DYPZeOKovE4LZHA2OPAxlmEt6Z+8PP4rVOEw3EdFWO+Ggy
YjXRyJFaGCy6+Yb1Jte4KJefo8DtlbZXZEGrH0YI9Pxrd/BWMESLETXt5wJp4l1Y
4O07g/x1LlIaWGJrGYR8yjxSC9IFEx4vyCk2ZU4Mh+6QGCItiE5vhATrsUDZX2VB
4WVopH/V3hiD+M4WZGeaZJLr5ytGfpLzTy7ILkLPP8a3cDqOq0aDuI5T0WbSeKz/
n086ABFizAltjqUOD6T/cGv1Gs14NkUGqLHKTdc6PRVAy/mz7/u0atsMx8FCoqAA
dE8C
-----END CERTIFICATE-----
Generated at Sun Jun 28 23:46:56 2026 by rpki-client