Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/5b92a7-2837-469e-8214-e811e23c1804/1/kMZ7gkP3temmZcEFWLZSJ8E13jc.roa
File: kMZ7gkP3temmZcEFWLZSJ8E13jc.roa (raw, json)
Hash identifier: GVH7/Q4x+f4dJ8ELFWDV7BWy+0yHoZSSNaGibTOTUs8=
Subject key identifier: 90:C6:7B:82:43:F7:B5:E9:A6:65:C1:05:58:B6:52:27:C1:35:DE:37
Certificate issuer: /CN=918901662a8ec5ff4d3f48d29099230a0575ec8a
Certificate serial: 019DB0245E708AC86B61FC87F81DFA4A4F58
Authority key identifier: 91:89:01:66:2A:8E:C5:FF:4D:3F:48:D2:90:99:23:0A:05:75:EC:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kYkBZiqOxf9NP0jSkJkjCgV17Io.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/5b92a7-2837-469e-8214-e811e23c1804/1/kMZ7gkP3temmZcEFWLZSJ8E13jc.roa
Signing time: Tue 21 Apr 2026 13:04:26 +0000
ROA not before: Tue 21 Apr 2026 13:04:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 39402
IP address blocks: 45.142.137.0/24 maxlen: 24
185.187.130.0/24 maxlen: 24
185.187.131.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/5b92a7-2837-469e-8214-e811e23c1804/1/kYkBZiqOxf9NP0jSkJkjCgV17Io.crl
rsync://rpki.ripe.net/repository/DEFAULT/50/5b92a7-2837-469e-8214-e811e23c1804/1/kYkBZiqOxf9NP0jSkJkjCgV17Io.mft
rsync://rpki.ripe.net/repository/DEFAULT/kYkBZiqOxf9NP0jSkJkjCgV17Io.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 17:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:b0:24:5e:70:8a:c8:6b:61:fc:87:f8:1d:fa:4a:4f:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=918901662a8ec5ff4d3f48d29099230a0575ec8a
Validity
Not Before: Apr 21 13:04:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=90c67b8243f7b5e9a665c10558b65227c135de37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:80:ba:7c:9e:c5:7c:62:2d:ae:ff:64:3b:60:
af:2a:60:06:d6:b6:9b:d6:12:14:8c:4f:36:34:5e:
71:da:92:12:93:f4:b4:d8:76:5a:3e:46:7b:51:30:
0e:38:64:06:79:60:15:58:5c:4c:f4:71:13:f7:e2:
38:9a:ee:d3:6f:74:0f:82:91:c8:8a:e9:af:80:9d:
c5:26:a6:2a:00:60:66:79:8b:2b:09:a1:fc:b7:fb:
af:17:e9:49:e6:e4:36:85:93:54:5e:0b:d3:23:09:
f2:01:f6:bc:e6:45:6b:20:09:10:b4:78:e3:fa:3e:
77:a7:4f:43:2a:c8:3d:ca:46:d3:00:52:33:04:56:
7c:e9:f0:fa:69:aa:74:77:92:0e:f0:4d:2d:fa:b2:
fc:f7:09:a9:21:30:bf:fe:86:b2:ba:c6:cf:eb:8d:
b5:ac:4f:90:2a:6d:fa:39:71:07:d1:2a:34:7e:e6:
2b:e3:23:c3:b0:ef:d5:e3:1d:58:fa:18:7f:82:3c:
70:ae:0f:ad:0b:8e:e0:1b:3e:6a:cf:03:00:75:70:
01:eb:dd:29:6d:f7:72:8c:88:b1:f2:8e:42:25:ed:
7a:24:7a:5a:1f:79:8e:7d:37:10:00:7d:c0:a2:41:
06:7a:1a:ae:b9:02:fe:fa:bd:49:79:5b:cc:87:24:
24:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:C6:7B:82:43:F7:B5:E9:A6:65:C1:05:58:B6:52:27:C1:35:DE:37
X509v3 Authority Key Identifier:
keyid:91:89:01:66:2A:8E:C5:FF:4D:3F:48:D2:90:99:23:0A:05:75:EC:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kYkBZiqOxf9NP0jSkJkjCgV17Io.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/5b92a7-2837-469e-8214-e811e23c1804/1/kMZ7gkP3temmZcEFWLZSJ8E13jc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/5b92a7-2837-469e-8214-e811e23c1804/1/kYkBZiqOxf9NP0jSkJkjCgV17Io.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.137.0/24
185.187.130.0/23
Signature Algorithm: sha256WithRSAEncryption
07:3d:00:cb:a8:d7:44:32:a5:d9:65:ce:b6:42:6d:59:fe:ba:
40:ec:39:a0:53:ea:a2:29:52:72:58:f4:65:c6:a3:9b:b3:ac:
9a:cb:e1:4f:c4:59:b2:84:0f:b4:c5:bf:ed:f3:bc:86:ff:46:
08:0a:d8:a2:36:93:68:fa:b4:42:f7:5f:c9:bd:a7:3f:49:a4:
4b:34:5d:26:a7:30:50:4d:ef:36:47:b9:4a:df:65:bf:b2:6a:
20:73:60:bc:ae:7a:61:26:9c:dd:12:7e:51:ca:fb:4e:37:b9:
22:87:04:de:b2:3a:8e:07:8c:45:1b:f5:af:db:ef:fd:3a:cf:
4c:02:68:94:03:65:a4:38:f6:05:06:db:f2:e8:f6:cb:6e:5c:
ea:4e:de:4f:18:fb:d2:67:4b:3c:ea:fc:5a:fe:58:53:a8:f4:
e9:5e:12:aa:7d:6b:ed:d1:b2:31:35:4f:ce:d8:b7:c8:f1:94:
9b:17:5c:a4:68:2d:46:5b:c0:2b:64:2c:8c:7e:29:f8:79:de:
ba:60:cf:53:76:42:75:30:f7:0c:bd:3d:06:25:a9:9e:82:eb:
dc:68:cd:a3:d7:66:2c:9b:1f:51:09:e1:63:1c:ca:8d:58:f9:
e0:41:f9:9a:d6:92:cc:7c:6e:ea:23:a3:e5:37:11:52:31:98:
47:60:f1:40
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ2wJF5wishrYfyH+B36Sk9YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxODkwMTY2MmE4ZWM1ZmY0ZDNmNDhkMjkwOTkyMzBhMDU3
NWVjOGEwHhcNMjYwNDIxMTMwNDI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGM2N2I4MjQzZjdiNWU5YTY2NWMxMDU1OGI2NTIyN2MxMzVkZTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy4C6fJ7FfGItrv9kO2CvKmAG1rab
1hIUjE82NF5x2pISk/S02HZaPkZ7UTAOOGQGeWAVWFxM9HET9+I4mu7Tb3QPgpHI
iumvgJ3FJqYqAGBmeYsrCaH8t/uvF+lJ5uQ2hZNUXgvTIwnyAfa85kVrIAkQtHjj
+j53p09DKsg9ykbTAFIzBFZ86fD6aap0d5IO8E0t+rL89wmpITC//oayusbP6421
rE+QKm36OXEH0So0fuYr4yPDsO/V4x1Y+hh/gjxwrg+tC47gGz5qzwMAdXAB690p
bfdyjIix8o5CJe16JHpaH3mOfTcQAH3AokEGehquuQL++r1JeVvMhyQktQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJDGe4JD97XppmXBBVi2UifBNd43MB8GA1UdIwQY
MBaAFJGJAWYqjsX/TT9I0pCZIwoFdeyKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1lrQlppcU94ZjlOUDBqU2tKa2pDZ1YxN0lvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC81YjkyYTctMjgzNy00NjllLTgyMTQt
ZTgxMWUyM2MxODA0LzEva01aN2drUDN0ZW1tWmNFRldMWlNKOEUxM2pjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC81YjkyYTctMjgzNy00NjllLTgyMTQtZTgxMWUyM2MxODA0
LzEva1lrQlppcU94ZjlOUDBqU2tKa2pDZ1YxN0lvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALY6JAwQB
ubuCMA0GCSqGSIb3DQEBCwUAA4IBAQAHPQDLqNdEMqXZZc62Qm1Z/rpA7DmgU+qi
KVJyWPRlxqObs6yay+FPxFmyhA+0xb/t87yG/0YICtiiNpNo+rRC91/Jvac/SaRL
NF0mpzBQTe82R7lK32W/smogc2C8rnphJpzdEn5RyvtON7kihwTesjqOB4xFG/Wv
2+/9Os9MAmiUA2WkOPYFBtvy6PbLblzqTt5PGPvSZ0s86vxa/lhTqPTpXhKqfWvt
0bIxNU/O2LfI8ZSbF1ykaC1GW8ArZCyMfin4ed66YM9TdkJ1MPcMvT0GJameguvc
aM2j12Ysmx9RCeFjHMqNWPngQfma1pLMfG7qI6PlNxFSMZhHYPFA
-----END CERTIFICATE-----
Generated at Tue Apr 28 01:46:01 2026 by rpki-client