Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/ijx72sOLkdFwyQPnNALm-uXb8bM.roa
File: ijx72sOLkdFwyQPnNALm-uXb8bM.roa (raw, json)
Hash identifier: kfeWR9mNoEB+1dBFEGtvr8qeUJFz99AzeH22Swmzpw8=
Subject key identifier: 8A:3C:7B:DA:C3:8B:91:D1:70:C9:03:E7:34:02:E6:FA:E5:DB:F1:B3
Certificate issuer: /CN=505127723ea0cfd0724713b291734caa353e20ea
Certificate serial: 019E3CE9830716409FBDEA522E02920D4C2A
Authority key identifier: 50:51:27:72:3E:A0:CF:D0:72:47:13:B2:91:73:4C:AA:35:3E:20:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UFEncj6gz9ByRxOykXNMqjU-IOo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/ijx72sOLkdFwyQPnNALm-uXb8bM.roa
Signing time: Mon 18 May 2026 21:06:36 +0000
ROA not before: Mon 18 May 2026 21:06:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212477
IP address blocks: 185.190.56.0/23 maxlen: 24
185.206.22.0/23 maxlen: 24
185.213.18.0/23 maxlen: 24
185.227.252.0/23 maxlen: 24
193.9.50.0/24 maxlen: 24
193.163.204.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/UFEncj6gz9ByRxOykXNMqjU-IOo.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/UFEncj6gz9ByRxOykXNMqjU-IOo.mft
rsync://rpki.ripe.net/repository/DEFAULT/UFEncj6gz9ByRxOykXNMqjU-IOo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:3c:e9:83:07:16:40:9f:bd:ea:52:2e:02:92:0d:4c:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=505127723ea0cfd0724713b291734caa353e20ea
Validity
Not Before: May 18 21:06:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8a3c7bdac38b91d170c903e73402e6fae5dbf1b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:7f:08:5d:76:bf:4e:3c:67:dc:f1:72:75:c6:
92:47:d5:74:99:2f:df:82:49:8c:71:61:c0:3c:a9:
a1:c8:90:8c:48:de:e4:b3:4f:d8:38:c2:ab:fc:4a:
d6:e7:9e:07:9c:30:38:5b:00:fc:64:d8:dd:06:62:
2b:f0:4c:0a:17:e7:bf:89:e6:4b:d5:a9:f9:9d:bd:
bb:f1:de:a1:a6:bf:8e:0b:cc:ec:4e:80:47:f8:c4:
ad:db:9d:8f:af:f3:80:1c:f3:26:ae:d5:8a:ab:e0:
85:3c:5e:ea:2f:88:af:b4:a8:dd:38:aa:c3:b4:a9:
4c:78:1b:b7:1f:05:c0:c8:50:73:84:f1:59:fa:53:
99:93:19:c5:7f:10:b0:7d:76:cd:90:6b:80:8c:ff:
4f:bf:98:89:fe:45:3e:1d:2c:d1:1a:f4:d9:17:e9:
09:2c:6c:58:23:6f:90:8d:24:dc:c7:6c:f2:4a:02:
9e:0e:2c:ad:34:e7:58:b3:98:48:28:d9:2a:5c:1b:
a9:76:01:b9:b1:d4:fe:bc:48:2c:f9:17:ea:db:7b:
a6:e4:15:e8:36:c6:5b:d3:dd:81:a0:11:0e:79:c6:
53:df:1d:ab:cb:5d:f0:78:76:28:c6:94:50:de:ca:
29:80:70:bf:d7:28:38:6a:41:76:0a:e1:fd:4e:ea:
bf:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:3C:7B:DA:C3:8B:91:D1:70:C9:03:E7:34:02:E6:FA:E5:DB:F1:B3
X509v3 Authority Key Identifier:
keyid:50:51:27:72:3E:A0:CF:D0:72:47:13:B2:91:73:4C:AA:35:3E:20:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UFEncj6gz9ByRxOykXNMqjU-IOo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/ijx72sOLkdFwyQPnNALm-uXb8bM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/UFEncj6gz9ByRxOykXNMqjU-IOo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.190.56.0/23
185.206.22.0/23
185.213.18.0/23
185.227.252.0/23
193.9.50.0/24
193.163.204.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:12:99:f0:40:2c:54:7c:76:79:3e:92:99:e8:a8:73:ea:92:
71:0f:09:81:0f:4b:7e:32:e8:ce:37:20:5e:33:9a:c8:2d:ab:
e6:24:ea:92:4f:89:aa:ba:22:9e:29:f3:b1:2b:6f:9c:f4:6a:
06:b9:29:97:cc:eb:be:e4:22:a7:bd:00:59:5b:b1:53:96:2c:
9d:aa:c0:05:70:ba:d7:0e:d0:2e:c9:f5:10:27:e6:3d:fb:22:
42:31:94:9d:d2:06:12:f3:8e:e4:61:a0:6f:a6:36:0e:14:23:
84:0b:51:dd:db:7e:b8:7b:ee:06:24:f0:f9:4b:f5:77:0c:97:
63:d9:a0:34:b9:01:67:1e:b9:a5:6c:44:3a:4e:4c:37:10:99:
52:2e:72:3f:db:c8:3f:94:66:53:06:9d:19:6d:2f:d1:14:42:
86:09:bf:f7:b0:c3:a6:27:01:e9:87:27:c8:1b:c3:7b:28:73:
b7:dc:e0:11:5d:8c:55:9d:92:43:33:90:18:c8:c7:b1:ec:80:
a1:a1:ad:3a:b0:4e:87:03:1b:d0:60:44:10:0c:90:4b:40:d2:
9f:1e:2a:8b:3c:bc:41:63:4e:fd:38:f2:64:47:70:10:67:56:
34:95:0d:5c:27:93:0f:ec:3b:05:b8:46:e2:c9:84:67:4a:df:
04:12:e3:1e
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZ486YMHFkCfvepSLgKSDUwqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNTEyNzcyM2VhMGNmZDA3MjQ3MTNiMjkxNzM0Y2FhMzUz
ZTIwZWEwHhcNMjYwNTE4MjEwNjM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTNjN2JkYWMzOGI5MWQxNzBjOTAzZTczNDAyZTZmYWU1ZGJmMWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7n8IXXa/Tjxn3PFydcaSR9V0mS/f
gkmMcWHAPKmhyJCMSN7ks0/YOMKr/ErW554HnDA4WwD8ZNjdBmIr8EwKF+e/ieZL
1an5nb278d6hpr+OC8zsToBH+MSt252Pr/OAHPMmrtWKq+CFPF7qL4ivtKjdOKrD
tKlMeBu3HwXAyFBzhPFZ+lOZkxnFfxCwfXbNkGuAjP9Pv5iJ/kU+HSzRGvTZF+kJ
LGxYI2+QjSTcx2zySgKeDiytNOdYs5hIKNkqXBupdgG5sdT+vEgs+Rfq23um5BXo
NsZb092BoBEOecZT3x2ry13weHYoxpRQ3sopgHC/1yg4akF2CuH9Tuq/5wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFIo8e9rDi5HRcMkD5zQC5vrl2/GzMB8GA1UdIwQY
MBaAFFBRJ3I+oM/QckcTspFzTKo1PiDqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUZFbmNqNmd6OUJ5UnhPeWtYTk1xalUtSU9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC9hOTA0MjMtMGI0Yi00OTlmLWJlNjYt
NTU2MDhiNjk0NDU2LzEvaWp4NzJzT0xrZEZ3eVFQbk5BTG0tdVhiOGJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC9hOTA0MjMtMGI0Yi00OTlmLWJlNjYtNTU2MDhiNjk0NDU2
LzEvVUZFbmNqNmd6OUJ5UnhPeWtYTk1xalUtSU9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBub44AwQB
uc4WAwQBudUSAwQBueP8AwQAwQkyAwQAwaPMMA0GCSqGSIb3DQEBCwUAA4IBAQCN
EpnwQCxUfHZ5PpKZ6Khz6pJxDwmBD0t+MujONyBeM5rILavmJOqST4mquiKeKfOx
K2+c9GoGuSmXzOu+5CKnvQBZW7FTliydqsAFcLrXDtAuyfUQJ+Y9+yJCMZSd0gYS
847kYaBvpjYOFCOEC1Hd2364e+4GJPD5S/V3DJdj2aA0uQFnHrmlbEQ6Tkw3EJlS
LnI/28g/lGZTBp0ZbS/RFEKGCb/3sMOmJwHphyfIG8N7KHO33OARXYxVnZJDM5AY
yMex7IChoa06sE6HAxvQYEQQDJBLQNKfHiqLPLxBY079OPJkR3AQZ1Y0lQ1cJ5MP
7DsFuEbiyYRnSt8EEuMe
-----END CERTIFICATE-----
Generated at Thu Jun 4 07:14:10 2026 by rpki-client