Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/cPXlGmjymZW4OfDzSzCyOWp4s5c.roa
File: cPXlGmjymZW4OfDzSzCyOWp4s5c.roa (raw, json)
Hash identifier: /kTxY9wpF/lAmrPg9ZMjRAsR5ibR4w6kJpLd5PPjbKY=
Subject key identifier: 70:F5:E5:1A:68:F2:99:95:B8:39:F0:F3:4B:30:B2:39:6A:78:B3:97
Certificate issuer: /CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Certificate serial: 019EB6709698895B35E3F2795CB427D15EEB
Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/cPXlGmjymZW4OfDzSzCyOWp4s5c.roa
Signing time: Thu 11 Jun 2026 11:28:12 +0000
ROA not before: Thu 11 Jun 2026 11:28:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 134488
IP address blocks: 212.189.97.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.mft
rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 08:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:b6:70:96:98:89:5b:35:e3:f2:79:5c:b4:27:d1:5e:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Validity
Not Before: Jun 11 11:28:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=70f5e51a68f29995b839f0f34b30b2396a78b397
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:f4:46:17:fe:e8:95:60:ac:7d:1f:e3:73:02:
a5:f0:bc:03:fb:6c:de:fb:73:1d:b7:b5:ed:91:13:
8c:96:e9:7d:74:d3:1a:69:4b:0d:a9:be:43:62:e8:
ce:09:f4:b0:07:ea:59:51:ca:a5:30:91:b3:30:d1:
f4:cd:6c:1f:34:a6:69:c3:f7:10:64:4d:17:24:a3:
37:f0:4b:c0:fb:b7:8e:cb:b3:ef:29:50:9d:dd:96:
1c:fa:f0:f8:f2:a5:c4:be:55:fa:aa:80:81:fe:12:
4d:bc:e3:e7:09:5b:94:a8:e5:9c:ac:5a:85:c3:aa:
bd:9e:22:fc:44:3b:1d:66:43:12:11:d6:f9:0a:f7:
51:5b:aa:e2:bf:9a:00:18:f0:60:87:09:15:eb:ee:
23:56:a5:20:08:4f:2c:2a:46:fa:14:24:b8:c4:ee:
72:c8:19:45:50:69:af:d0:43:1f:f7:43:9b:51:27:
b3:18:26:52:dc:ea:45:7a:99:4f:8d:32:76:06:66:
af:1d:4c:78:e4:55:f4:9b:11:14:0b:a5:80:92:7b:
bd:22:4b:e0:2b:32:04:59:87:6b:e9:46:b1:6c:d5:
98:24:9c:fd:29:a5:04:81:03:18:54:ce:c9:ae:5d:
d1:0f:b7:1c:9c:b4:e1:92:ff:80:15:c9:d3:31:4a:
7f:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:F5:E5:1A:68:F2:99:95:B8:39:F0:F3:4B:30:B2:39:6A:78:B3:97
X509v3 Authority Key Identifier:
keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/cPXlGmjymZW4OfDzSzCyOWp4s5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.189.97.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:3c:38:84:22:54:78:14:85:7e:65:ec:c8:87:60:68:9d:10:
b8:b5:a0:29:c5:78:f1:d6:19:88:05:5e:08:84:13:a6:b8:32:
26:0f:c3:e5:c5:e6:89:40:02:41:4c:8d:a5:8d:15:09:b0:b3:
df:5a:f7:eb:18:93:1c:6c:1b:7c:2f:c1:ea:47:26:72:ec:b8:
04:32:91:3b:d6:59:60:41:b4:57:e7:a3:bd:a5:87:f4:10:6d:
5b:58:b4:6e:5f:3f:85:eb:b0:03:0d:41:33:42:7b:ba:4d:d8:
22:42:ce:c3:91:de:fd:05:cd:aa:b4:0f:00:13:09:67:55:a0:
9f:05:85:67:cd:49:f2:38:70:4f:ef:60:6d:a2:05:23:2e:01:
f3:dc:11:d5:cb:0a:c6:53:aa:1b:73:3b:15:41:b7:ff:98:8a:
38:b8:17:d5:ae:c4:94:3f:b9:fa:cb:e0:0f:03:b8:2d:cc:9f:
37:a2:23:9f:dd:89:65:97:08:f2:99:21:1a:6b:1e:ee:dc:04:
e8:7a:11:a4:c3:88:e9:b4:c4:73:78:63:95:40:87:4b:9d:81:
fe:bb:87:79:64:52:0a:d6:29:b7:4e:04:13:07:f4:35:73:93:
b8:63:33:30:8b:30:86:f1:a5:b1:10:8b:e5:8b:3b:55:ae:52:
ca:56:ee:fd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ62cJaYiVs14/J5XLQn0V7rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0
NmQxNzEwHhcNMjYwNjExMTEyODEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGY1ZTUxYTY4ZjI5OTk1YjgzOWYwZjM0YjMwYjIzOTZhNzhiMzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkvRGF/7olWCsfR/jcwKl8LwD+2ze
+3Mdt7XtkROMlul9dNMaaUsNqb5DYujOCfSwB+pZUcqlMJGzMNH0zWwfNKZpw/cQ
ZE0XJKM38EvA+7eOy7PvKVCd3ZYc+vD48qXEvlX6qoCB/hJNvOPnCVuUqOWcrFqF
w6q9niL8RDsdZkMSEdb5CvdRW6riv5oAGPBghwkV6+4jVqUgCE8sKkb6FCS4xO5y
yBlFUGmv0EMf90ObUSezGCZS3OpFeplPjTJ2BmavHUx45FX0mxEUC6WAknu9Ikvg
KzIEWYdr6UaxbNWYJJz9KaUEgQMYVM7Jrl3RD7ccnLThkv+AFcnTMUp/DwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHD15Rpo8pmVuDnw80swsjlqeLOXMB8GA1UdIwQY
MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt
MGNmMTA5M2Q0NTQ4LzEvY1BYbEdtanltWlc0T2ZEelN6Q3lPV3A0czVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4
LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1L1hMA0G
CSqGSIb3DQEBCwUAA4IBAQAtPDiEIlR4FIV+ZezIh2BonRC4taApxXjx1hmIBV4I
hBOmuDImD8PlxeaJQAJBTI2ljRUJsLPfWvfrGJMcbBt8L8HqRyZy7LgEMpE71llg
QbRX56O9pYf0EG1bWLRuXz+F67ADDUEzQnu6TdgiQs7Dkd79Bc2qtA8AEwlnVaCf
BYVnzUnyOHBP72BtogUjLgHz3BHVywrGU6obczsVQbf/mIo4uBfVrsSUP7n6y+AP
A7gtzJ83oiOf3YlllwjymSEaax7u3AToehGkw4jptMRzeGOVQIdLnYH+u4d5ZFIK
1im3TgQTB/Q1c5O4YzMwizCG8aWxEIvliztVrlLKVu79
-----END CERTIFICATE-----
Generated at Thu Jun 11 14:34:32 2026 by rpki-client