Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/KNiIChcjWlSQcHsT_nPixNKv-GA.roa
File: KNiIChcjWlSQcHsT_nPixNKv-GA.roa (raw, json)
Hash identifier: d+PuiXLFtPV2Q2bypWyB6peTJ3hvDjFXv5mGsppbgQs=
Subject key identifier: 28:D8:88:0A:17:23:5A:54:90:70:7B:13:FE:73:E2:C4:D2:AF:F8:60
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 019E04037A61EDD2485F3CBDF9497DF30A7C
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/KNiIChcjWlSQcHsT_nPixNKv-GA.roa
Signing time: Thu 07 May 2026 19:56:37 +0000
ROA not before: Thu 07 May 2026 19:56:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 29802
IP address blocks: 37.77.147.0/24 maxlen: 24
37.140.221.0/24 maxlen: 24
45.90.197.0/24 maxlen: 24
62.233.44.0/24 maxlen: 24
89.106.202.0/24 maxlen: 24
185.11.63.0/24 maxlen: 24
193.109.213.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.mft
rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 10 May 2026 11:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:04:03:7a:61:ed:d2:48:5f:3c:bd:f9:49:7d:f3:0a:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: May 7 19:56:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=28d8880a17235a5490707b13fe73e2c4d2aff860
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:3f:eb:b9:e2:88:e4:ce:26:87:a0:89:3e:4c:
9f:d5:11:b2:29:97:d5:b0:c9:ae:f0:6c:0b:9e:9f:
e8:b4:2f:9c:a2:ee:f9:42:00:07:fd:ec:71:48:0e:
16:b6:ab:fc:e6:e8:df:a4:03:bc:64:9b:5c:70:60:
c1:0f:ca:f1:8c:ae:51:a1:03:eb:8c:fb:f5:7e:72:
99:7a:ea:7b:c2:10:ae:7a:ab:88:37:82:29:28:99:
dd:1e:ef:d7:ad:d9:15:51:77:1c:ad:c2:2b:2b:bd:
65:3c:1d:f7:23:1d:25:fd:5e:c6:1a:13:ca:cb:e4:
cb:dc:0e:20:53:ef:78:b2:36:71:19:e0:a5:d7:00:
83:7e:f4:e7:dc:f9:91:5a:10:cf:02:25:8c:13:4e:
a3:12:d7:42:59:d1:5a:85:1a:45:ba:3c:78:de:4b:
5e:18:66:aa:43:81:96:88:f0:17:95:b2:46:01:ce:
7b:4d:73:a9:8f:d2:a1:fa:7e:af:51:72:11:6f:5e:
5e:c1:1d:06:4c:53:ea:e1:f1:f7:8d:40:68:c2:a3:
02:33:2b:0e:d8:58:88:60:1e:31:df:2b:d4:47:db:
9e:11:5b:ff:e3:d1:64:16:04:22:ea:fa:b7:eb:70:
67:66:b3:0f:c0:8a:fa:5c:75:a7:72:52:d2:b1:f9:
c7:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:D8:88:0A:17:23:5A:54:90:70:7B:13:FE:73:E2:C4:D2:AF:F8:60
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/KNiIChcjWlSQcHsT_nPixNKv-GA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.77.147.0/24
37.140.221.0/24
45.90.197.0/24
62.233.44.0/24
89.106.202.0/24
185.11.63.0/24
193.109.213.0/24
Signature Algorithm: sha256WithRSAEncryption
44:b7:bf:86:58:5e:80:11:bd:ce:80:b9:53:59:c1:35:40:e9:
ef:80:f8:08:35:e0:3f:81:ec:6f:13:43:92:61:c3:ff:5a:7e:
77:85:08:d4:7b:10:f1:34:cf:39:d1:90:d5:7f:fa:a4:75:2e:
df:f9:8d:bb:2c:38:24:be:11:3b:8d:f6:0f:d0:69:94:dc:a3:
c6:b5:d8:f2:94:2c:fc:51:ea:40:b1:72:f0:35:a0:fa:b5:1e:
a4:ca:fe:cf:f2:51:f5:28:4c:c6:2e:6e:c0:1b:7b:18:fd:df:
48:07:6e:7c:3f:9a:8d:ff:8f:f2:37:1b:86:85:ef:07:07:26:
9f:b0:f7:bf:b7:62:3f:1f:30:53:42:f5:44:46:ff:5a:9b:28:
2d:66:01:10:f8:d5:06:77:70:b5:b5:64:cc:b4:7a:93:3f:ff:
08:78:0a:c9:29:29:cd:37:d2:b6:5b:df:19:5b:f9:17:58:34:
0f:cd:72:b0:59:a8:39:77:9a:95:95:73:ec:81:72:39:96:cd:
f4:52:4f:29:e2:0f:25:9f:93:e4:9c:c6:ed:fa:d9:1f:79:22:
0e:84:66:b1:e8:60:9a:18:6a:f9:cd:53:de:23:0b:dd:e9:cf:
8e:c5:99:e4:d8:b3:4e:2a:3d:70:48:93:01:b9:cc:ab:7e:65:
ca:e1:88:44
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZ4EA3ph7dJIXzy9+Ul98wp8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjYwNTA3MTk1NjM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGQ4ODgwYTE3MjM1YTU0OTA3MDdiMTNmZTczZTJjNGQyYWZmODYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApz/rueKI5M4mh6CJPkyf1RGyKZfV
sMmu8GwLnp/otC+cou75QgAH/exxSA4Wtqv85ujfpAO8ZJtccGDBD8rxjK5RoQPr
jPv1fnKZeup7whCuequIN4IpKJndHu/XrdkVUXccrcIrK71lPB33Ix0l/V7GGhPK
y+TL3A4gU+94sjZxGeCl1wCDfvTn3PmRWhDPAiWME06jEtdCWdFahRpFujx43kte
GGaqQ4GWiPAXlbJGAc57TXOpj9Kh+n6vUXIRb15ewR0GTFPq4fH3jUBowqMCMysO
2FiIYB4x3yvUR9ueEVv/49FkFgQi6vq363BnZrMPwIr6XHWnclLSsfnHVQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFCjYiAoXI1pUkHB7E/5z4sTSr/hgMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvS05pSUNoY2pXbFNRY0hzVF9uUGl4Tkt2LUdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAJU2TAwQA
JYzdAwQALVrFAwQAPuksAwQAWWrKAwQAuQs/AwQAwW3VMA0GCSqGSIb3DQEBCwUA
A4IBAQBEt7+GWF6AEb3OgLlTWcE1QOnvgPgINeA/gexvE0OSYcP/Wn53hQjUexDx
NM850ZDVf/qkdS7f+Y27LDgkvhE7jfYP0GmU3KPGtdjylCz8UepAsXLwNaD6tR6k
yv7P8lH1KEzGLm7AG3sY/d9IB258P5qN/4/yNxuGhe8HByafsPe/t2I/HzBTQvVE
Rv9amygtZgEQ+NUGd3C1tWTMtHqTP/8IeArJKSnNN9K2W98ZW/kXWDQPzXKwWag5
d5qVlXPsgXI5ls30Uk8p4g8ln5PknMbt+tkfeSIOhGax6GCaGGr5zVPeIwvd6c+O
xZnk2LNOKj1wSJMBucyrfmXK4YhE
-----END CERTIFICATE-----
Generated at Sat May 9 17:48:17 2026 by rpki-client