Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/1SJzKPxq2XZamd2PVyyf5ECKvn4.roa
File: 1SJzKPxq2XZamd2PVyyf5ECKvn4.roa (raw, json)
Hash identifier: yGdup30EfkXrap+ZKcBPKLeHpGLend8QV66AYgn6GJU=
Subject key identifier: D5:22:73:28:FC:6A:D9:76:5A:99:DD:8F:57:2C:9F:E4:40:8A:BE:7E
Certificate issuer: /CN=626a28b7c63ef6ab214a52cfa7c3e78db9a40823
Certificate serial: 019E6DABA9B3C7322081B37AC92E106D0F83
Authority key identifier: 62:6A:28:B7:C6:3E:F6:AB:21:4A:52:CF:A7:C3:E7:8D:B9:A4:08:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ymoot8Y-9qshSlLPp8PnjbmkCCM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/1SJzKPxq2XZamd2PVyyf5ECKvn4.roa
Signing time: Thu 28 May 2026 08:20:27 +0000
ROA not before: Thu 28 May 2026 08:20:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212477
IP address blocks: 158.173.80.0/21 maxlen: 24
158.173.90.0/23 maxlen: 24
158.173.92.0/22 maxlen: 24
158.173.112.0/23 maxlen: 24
158.173.115.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/Ymoot8Y-9qshSlLPp8PnjbmkCCM.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/Ymoot8Y-9qshSlLPp8PnjbmkCCM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ymoot8Y-9qshSlLPp8PnjbmkCCM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:6d:ab:a9:b3:c7:32:20:81:b3:7a:c9:2e:10:6d:0f:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=626a28b7c63ef6ab214a52cfa7c3e78db9a40823
Validity
Not Before: May 28 08:20:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d5227328fc6ad9765a99dd8f572c9fe4408abe7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:9b:f9:20:1c:f1:72:00:57:12:d2:cb:e4:93:
ea:a5:c7:46:c7:69:55:df:5a:b8:71:92:63:10:b8:
6c:0d:f9:78:ee:57:b7:12:86:3c:2d:c2:37:1f:9a:
85:c5:a2:de:1a:4e:08:a6:99:07:af:ab:51:2b:8a:
85:97:ca:48:e6:e9:c5:f3:72:34:84:cd:eb:ce:11:
c6:08:4f:a7:51:7f:f4:97:06:6b:f4:d6:f9:b2:8c:
7e:3a:2d:74:d2:b1:b0:2a:8e:36:f1:e4:45:f7:4d:
b5:49:80:76:1f:44:87:3c:2f:f8:84:95:80:1d:83:
20:5e:92:d4:c1:6f:a2:c2:cf:1b:5a:c8:39:d1:69:
ed:42:56:7e:9d:53:0e:99:88:f1:81:2d:d1:cb:82:
30:1a:c7:ed:7f:5b:49:4f:18:40:85:65:92:0e:75:
1b:a3:fc:b7:6e:bc:ca:01:a2:35:09:7c:58:d0:15:
fc:8f:7f:d3:78:bb:73:4c:f7:ad:ae:91:3a:25:ce:
d3:9e:f2:70:4b:77:49:5c:cb:0b:bc:85:c3:c0:34:
0c:ec:35:08:1d:1f:14:50:52:cf:81:12:83:00:d3:
89:b4:b9:25:3c:d2:fd:2e:cd:e1:93:50:4a:18:83:
2b:7e:09:c7:6a:6e:91:d2:e5:4f:81:7f:38:13:86:
11:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:22:73:28:FC:6A:D9:76:5A:99:DD:8F:57:2C:9F:E4:40:8A:BE:7E
X509v3 Authority Key Identifier:
keyid:62:6A:28:B7:C6:3E:F6:AB:21:4A:52:CF:A7:C3:E7:8D:B9:A4:08:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ymoot8Y-9qshSlLPp8PnjbmkCCM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/1SJzKPxq2XZamd2PVyyf5ECKvn4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/Ymoot8Y-9qshSlLPp8PnjbmkCCM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.173.80.0/21
158.173.90.0-158.173.95.255
158.173.112.0/23
158.173.115.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:cd:7f:c5:e4:19:8e:de:90:e9:98:ca:0b:3f:e6:5d:de:02:
f1:53:fb:63:7e:7d:be:b3:9a:34:21:7f:a0:bd:d3:c6:43:ad:
45:b8:4b:90:b6:11:90:5f:7f:b7:6b:7c:d2:ab:21:e0:db:62:
39:81:a4:7a:43:c6:91:cc:a6:2a:08:67:ee:a0:bf:47:d1:bc:
d2:d1:30:4c:15:28:03:20:94:e3:dc:af:9b:ce:f4:05:8c:bc:
3a:f9:2c:23:e5:4a:6a:85:f5:41:74:e7:92:90:fc:40:e7:f1:
82:56:ed:43:37:27:b3:af:79:31:88:8a:2d:b0:4a:59:5c:87:
7a:d5:7c:fb:cc:58:22:81:9b:f5:a2:c5:c3:58:91:e2:99:1e:
ba:3b:ee:4b:95:b9:64:2a:82:4f:e6:06:b4:59:37:d8:59:79:
f5:d4:28:34:f7:02:b3:a6:74:da:7b:12:9f:b7:93:d9:e9:6b:
a5:5c:9f:c2:bd:09:24:e5:4a:2c:66:bf:85:2f:12:12:c8:7b:
7e:16:40:68:1f:62:4d:80:fd:ba:ca:ae:b4:92:45:d4:89:9b:
b3:1d:20:db:8a:99:65:eb:01:f9:3a:56:01:10:6a:66:62:fb:
e7:38:34:ef:02:a0:1d:bf:08:a8:af:ef:86:c3:c4:2f:eb:78:
fa:8a:73:0d
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZ5tq6mzxzIggbN6yS4QbQ+DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNmEyOGI3YzYzZWY2YWIyMTRhNTJjZmE3YzNlNzhkYjlh
NDA4MjMwHhcNMjYwNTI4MDgyMDI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTIyNzMyOGZjNmFkOTc2NWE5OWRkOGY1NzJjOWZlNDQwOGFiZTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZv5IBzxcgBXEtLL5JPqpcdGx2lV
31q4cZJjELhsDfl47le3EoY8LcI3H5qFxaLeGk4IppkHr6tRK4qFl8pI5unF83I0
hM3rzhHGCE+nUX/0lwZr9Nb5sox+Oi100rGwKo428eRF9021SYB2H0SHPC/4hJWA
HYMgXpLUwW+iws8bWsg50WntQlZ+nVMOmYjxgS3Ry4IwGsftf1tJTxhAhWWSDnUb
o/y3brzKAaI1CXxY0BX8j3/TeLtzTPetrpE6Jc7TnvJwS3dJXMsLvIXDwDQM7DUI
HR8UUFLPgRKDANOJtLklPNL9Ls3hk1BKGIMrfgnHam6R0uVPgX84E4YRYQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFNUicyj8atl2Wpndj1csn+RAir5+MB8GA1UdIwQY
MBaAFGJqKLfGPvarIUpSz6fD5425pAgjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWW1vb3Q4WS05cXNoU2xMUHA4UG5qYm1rQ0NNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS8zYzA3ODUtYjI3My00MDcyLWE2MzUt
ZDJjZDI2YjY5ZGYxLzEvMVNKektQeHEyWFphbWQyUFZ5eWY1RUNLdm40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS8zYzA3ODUtYjI3My00MDcyLWE2MzUtZDJjZDI2YjY5ZGYx
LzEvWW1vb3Q4WS05cXNoU2xMUHA4UG5qYm1rQ0NNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQDnq1QMAwD
BAGerVoDBAWerUADBAGerXADBACerXMwDQYJKoZIhvcNAQELBQADggEBADvNf8Xk
GY7ekOmYygs/5l3eAvFT+2N+fb6zmjQhf6C908ZDrUW4S5C2EZBff7drfNKrIeDb
YjmBpHpDxpHMpioIZ+6gv0fRvNLRMEwVKAMglOPcr5vO9AWMvDr5LCPlSmqF9UF0
55KQ/EDn8YJW7UM3J7OveTGIii2wSllch3rVfPvMWCKBm/WixcNYkeKZHro77kuV
uWQqgk/mBrRZN9hZefXUKDT3ArOmdNp7Ep+3k9npa6Vcn8K9CSTlSixmv4UvEhLI
e34WQGgfYk2A/brKrrSSRdSJm7MdINuKmWXrAfk6VgEQamZi++c4NO8CoB2/CKiv
74bDxC/rePqKcw0=
-----END CERTIFICATE-----
Generated at Thu Jun 4 07:14:05 2026 by rpki-client