Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/CfibJIBf9arLaQWZ_tPbix727Hg.roa
File: CfibJIBf9arLaQWZ_tPbix727Hg.roa (raw, json)
Hash identifier: 5/gqLZej34blfTOBBJlnKYw83f5aY0UJqQppiL8EHhI=
Subject key identifier: 09:F8:9B:24:80:5F:F5:AA:CB:69:05:99:FE:D3:DB:8B:1E:F6:EC:78
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 019D9ACE3F0044835DD81444549C81CDD8A9
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/CfibJIBf9arLaQWZ_tPbix727Hg.roa
Signing time: Fri 17 Apr 2026 09:38:20 +0000
ROA not before: Fri 17 Apr 2026 09:38:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 395470
IP address blocks: 87.229.11.0/24 maxlen: 24
87.229.108.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.mft
rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9a:ce:3f:00:44:83:5d:d8:14:44:54:9c:81:cd:d8:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Apr 17 09:38:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=09f89b24805ff5aacb690599fed3db8b1ef6ec78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:97:d1:ef:47:11:a9:3b:a0:d9:3d:16:68:93:
ea:5b:84:a3:ca:ef:71:8a:62:d8:9c:3a:79:be:d3:
1d:91:1b:48:1f:cc:cf:07:3a:fd:fd:02:b1:1c:53:
7c:cc:9a:49:95:f3:7b:77:b4:54:f6:28:d6:81:01:
d7:ac:b5:e0:bc:35:f1:7b:5d:7c:a3:30:8c:7e:59:
3c:6c:4f:ba:28:45:f4:b4:68:33:49:5f:59:d3:41:
d7:87:43:e5:33:f0:22:7f:42:de:0d:30:0c:13:8d:
cf:00:25:6b:4b:78:bc:0b:d2:ef:79:e2:ff:d4:06:
ea:c3:91:9d:ac:d2:61:83:f7:10:70:2f:bf:2d:34:
58:ca:38:1a:ba:f8:92:81:69:37:40:e4:a8:b8:7a:
9d:9c:19:aa:9c:25:ba:0f:61:11:2a:b7:46:93:e0:
d2:18:f9:81:83:61:7a:c0:33:be:c9:69:22:1c:64:
69:dc:84:d5:2e:ac:74:6c:9c:a9:34:d2:96:fd:fb:
1d:8b:c6:80:ae:42:f7:43:dd:84:f9:a3:18:a2:e8:
95:83:14:da:ff:52:de:e6:d8:3c:a3:a8:a9:4d:9f:
d4:e4:ad:7a:c8:c8:2a:0c:40:88:cc:34:53:f6:ce:
4e:1e:d3:b6:f3:fc:dc:b1:e2:ba:9f:41:db:e0:d0:
3c:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:F8:9B:24:80:5F:F5:AA:CB:69:05:99:FE:D3:DB:8B:1E:F6:EC:78
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/CfibJIBf9arLaQWZ_tPbix727Hg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.229.11.0/24
87.229.108.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:5a:87:5c:9f:02:9a:14:06:19:8e:7a:9e:67:4b:6a:33:83:
10:2a:70:b3:b0:b1:4e:b0:d9:68:85:66:47:52:6d:15:f8:70:
22:6b:26:aa:7a:79:89:e9:fa:55:44:4d:ed:84:b7:8e:26:ed:
0d:39:bb:93:37:bc:0e:a1:5c:ef:e2:5f:15:85:e1:2c:a3:78:
35:85:94:db:30:c0:93:23:52:05:82:5c:91:ca:7a:f8:0f:f1:
ae:fb:7b:f9:61:b9:90:32:a8:be:bc:2c:24:47:7b:25:06:70:
66:8f:1c:2c:a8:e8:52:61:04:1f:11:36:b3:54:25:02:a5:29:
15:0a:80:5f:0b:85:a0:6a:36:21:ef:cc:7a:10:eb:60:0f:03:
c0:61:27:a5:9a:ba:28:22:f0:b6:55:fb:e8:3f:45:4c:6b:31:
c5:c5:72:b7:47:1a:7a:7a:50:25:26:1c:4c:fb:32:c6:b4:b6:
b8:06:f1:67:86:43:d1:fa:21:5a:57:fd:4d:88:e0:8c:ce:4b:
10:0d:89:a2:0e:be:f0:09:e7:1b:e0:35:16:eb:80:81:17:c3:
6d:2a:e0:c4:42:63:05:da:1c:98:36:82:37:9a:2f:5c:a4:6e:
3e:6b:f7:66:50:0d:d8:0d:d2:4d:b3:c1:72:35:d9:98:14:c3:
c7:0e:aa:55
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ2azj8ARINd2BREVJyBzdipMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjYwNDE3MDkzODIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWY4OWIyNDgwNWZmNWFhY2I2OTA1OTlmZWQzZGI4YjFlZjZlYzc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJfR70cRqTug2T0WaJPqW4Sjyu9x
imLYnDp5vtMdkRtIH8zPBzr9/QKxHFN8zJpJlfN7d7RU9ijWgQHXrLXgvDXxe118
ozCMflk8bE+6KEX0tGgzSV9Z00HXh0PlM/Aif0LeDTAME43PACVrS3i8C9LveeL/
1Abqw5GdrNJhg/cQcC+/LTRYyjgauviSgWk3QOSouHqdnBmqnCW6D2ERKrdGk+DS
GPmBg2F6wDO+yWkiHGRp3ITVLqx0bJypNNKW/fsdi8aArkL3Q92E+aMYouiVgxTa
/1Le5tg8o6ipTZ/U5K16yMgqDECIzDRT9s5OHtO28/zcseK6n0Hb4NA82wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAn4mySAX/Wqy2kFmf7T24se9ux4MB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvQ2ZpYkpJQmY5YXJMYVFXWl90UGJpeDcyN0hnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAV+ULAwQA
V+VsMA0GCSqGSIb3DQEBCwUAA4IBAQANWodcnwKaFAYZjnqeZ0tqM4MQKnCzsLFO
sNlohWZHUm0V+HAiayaqenmJ6fpVRE3thLeOJu0NObuTN7wOoVzv4l8VheEso3g1
hZTbMMCTI1IFglyRynr4D/Gu+3v5YbmQMqi+vCwkR3slBnBmjxwsqOhSYQQfETaz
VCUCpSkVCoBfC4WgajYh78x6EOtgDwPAYSelmrooIvC2VfvoP0VMazHFxXK3Rxp6
elAlJhxM+zLGtLa4BvFnhkPR+iFaV/1NiOCMzksQDYmiDr7wCecb4DUW64CBF8Nt
KuDEQmMF2hyYNoI3mi9cpG4+a/dmUA3YDdJNs8FyNdmYFMPHDqpV
-----END CERTIFICATE-----
Generated at Fri Apr 17 14:12:28 2026 by rpki-client