Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/41LiI-pmAn_ssUd_TsJ50yiVpqc.roa
File: 41LiI-pmAn_ssUd_TsJ50yiVpqc.roa (raw, json)
Hash identifier: WkDYY2+ZCVbWnWokE+XkrJ/E2LdjYl3Mr40C4vVJSso=
Subject key identifier: E3:52:E2:23:EA:66:02:7F:EC:B1:47:7F:4E:C2:79:D3:28:95:A6:A7
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 019D3BA3198B3F138CBA0FD900F572EE24EC
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/41LiI-pmAn_ssUd_TsJ50yiVpqc.roa
Signing time: Sun 29 Mar 2026 22:07:17 +0000
ROA not before: Sun 29 Mar 2026 22:07:17 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 47690
IP address blocks: 104.222.189.0/24 maxlen: 24
104.233.59.0/24 maxlen: 24
104.238.12.0/24 maxlen: 24
104.238.13.0/24 maxlen: 24
104.239.56.0/24 maxlen: 24
104.249.9.0/24 maxlen: 24
104.249.17.0/24 maxlen: 24
104.249.46.0/24 maxlen: 24
104.249.47.0/24 maxlen: 24
104.249.48.0/24 maxlen: 24
104.249.49.0/24 maxlen: 24
104.249.50.0/24 maxlen: 24
104.249.51.0/24 maxlen: 24
104.249.52.0/24 maxlen: 24
104.249.53.0/24 maxlen: 24
104.249.54.0/24 maxlen: 24
216.173.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.mft
rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 11 Apr 2026 17:02:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:3b:a3:19:8b:3f:13:8c:ba:0f:d9:00:f5:72:ee:24:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Mar 29 22:07:17 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e352e223ea66027fecb1477f4ec279d32895a6a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ec:6a:45:3e:7b:0d:a5:4b:2c:8e:d0:d3:5a:
f4:75:b6:7d:45:49:22:b6:33:16:c3:db:ec:cd:e9:
eb:95:05:cf:8d:ca:54:fa:58:39:00:ce:e8:a4:01:
00:0b:e2:48:b2:ef:fe:75:72:ca:c2:6d:01:2f:cf:
f1:fb:fd:c3:19:b1:e6:93:a3:d7:ea:e6:2c:34:b8:
95:e8:af:77:f0:8b:99:97:03:e2:41:e1:0e:dc:9a:
d0:d2:f9:bc:5e:08:e6:9f:16:c8:dc:79:38:a1:6f:
47:30:36:7a:4c:d4:c8:33:86:d4:dd:be:f2:ca:b3:
59:3a:aa:4b:31:ed:c3:e6:cc:27:28:f8:03:65:c4:
e3:5c:28:84:7d:05:47:61:60:d4:82:88:77:0d:eb:
bb:09:98:b7:2e:f7:2b:4f:dc:f3:03:4f:ec:4e:27:
a3:eb:fa:ef:44:f1:94:7c:d0:2c:e7:b3:a1:e8:a5:
91:13:20:26:8d:33:2e:1b:a6:cb:5c:27:89:3e:fb:
18:a6:03:4b:0b:3d:cb:16:88:49:9b:0f:8f:00:55:
11:ae:45:8b:64:0a:aa:76:18:5a:34:00:7d:24:da:
51:9b:fd:c4:13:88:62:5b:0b:2d:88:1c:91:c9:a9:
af:ca:8c:c0:0c:b5:c0:5e:e0:d4:fa:20:1d:c7:9f:
f6:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:52:E2:23:EA:66:02:7F:EC:B1:47:7F:4E:C2:79:D3:28:95:A6:A7
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/41LiI-pmAn_ssUd_TsJ50yiVpqc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.222.189.0/24
104.233.59.0/24
104.238.12.0/23
104.239.56.0/24
104.249.9.0/24
104.249.17.0/24
104.249.46.0-104.249.54.255
216.173.91.0/24
Signature Algorithm: sha256WithRSAEncryption
96:31:04:ff:df:94:e4:26:31:cd:d3:9b:52:fb:41:ed:c2:a3:
a1:3d:98:56:50:6e:7d:9b:e5:79:56:c8:f7:df:00:df:48:84:
29:a4:ae:ef:d3:bb:5a:4e:be:24:a9:49:c4:e8:19:fc:e9:e7:
0b:c8:81:aa:59:d5:1d:3d:18:a3:21:35:dd:0c:be:36:45:45:
e8:5f:12:3c:79:b4:98:80:03:8e:98:97:39:45:53:a3:d7:58:
f5:74:18:2d:c8:13:21:cd:1d:87:42:75:e0:e8:0e:f0:da:fa:
7d:2a:9f:79:d0:e4:96:5a:bb:6c:16:9d:5c:5f:f3:8f:48:06:
f4:cd:62:a7:d7:89:d3:13:6c:db:f4:73:24:7d:7a:ef:69:c6:
74:ef:31:de:9f:f4:4b:df:0d:bf:97:2a:97:96:41:bf:a3:5d:
c7:2a:6b:80:63:ad:41:0f:6b:74:1d:38:ca:51:3f:9f:4e:27:
6d:b3:d3:d1:79:57:2c:59:41:bd:82:36:0b:56:3a:5a:a0:16:
60:40:73:17:38:05:02:b0:dc:d1:e8:7c:3f:08:cf:56:eb:70:
db:09:d3:ee:91:d1:26:15:2d:3e:1b:77:cf:e1:55:ea:83:d3:
5f:9e:25:f6:e4:a8:45:92:bc:45:1e:dc:0e:73:71:70:f1:d9:
89:55:14:68
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZ07oxmLPxOMug/ZAPVy7iTsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjYwMzI5MjIwNzE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzUyZTIyM2VhNjYwMjdmZWNiMTQ3N2Y0ZWMyNzlkMzI4OTVhNmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOxqRT57DaVLLI7Q01r0dbZ9RUki
tjMWw9vszenrlQXPjcpU+lg5AM7opAEAC+JIsu/+dXLKwm0BL8/x+/3DGbHmk6PX
6uYsNLiV6K938IuZlwPiQeEO3JrQ0vm8XgjmnxbI3Hk4oW9HMDZ6TNTIM4bU3b7y
yrNZOqpLMe3D5swnKPgDZcTjXCiEfQVHYWDUgoh3Deu7CZi3LvcrT9zzA0/sTiej
6/rvRPGUfNAs57Oh6KWREyAmjTMuG6bLXCeJPvsYpgNLCz3LFohJmw+PAFURrkWL
ZAqqdhhaNAB9JNpRm/3EE4hiWwstiByRyamvyozADLXAXuDU+iAdx5/2PwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFONS4iPqZgJ/7LFHf07CedMolaanMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvNDFMaUktcG1Bbl9zc1VkX1RzSjUweWlWcHFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAaN69AwQA
aOk7AwQBaO4MAwQAaO84AwQAaPkJAwQAaPkRMAwDBAFo+S4DBABo+TYDBADYrVsw
DQYJKoZIhvcNAQELBQADggEBAJYxBP/flOQmMc3Tm1L7Qe3Co6E9mFZQbn2b5XlW
yPffAN9IhCmkru/Tu1pOviSpScToGfzp5wvIgapZ1R09GKMhNd0MvjZFRehfEjx5
tJiAA46YlzlFU6PXWPV0GC3IEyHNHYdCdeDoDvDa+n0qn3nQ5JZau2wWnVxf849I
BvTNYqfXidMTbNv0cyR9eu9pxnTvMd6f9EvfDb+XKpeWQb+jXccqa4BjrUEPa3Qd
OMpRP59OJ22z09F5VyxZQb2CNgtWOlqgFmBAcxc4BQKw3NHofD8Iz1brcNsJ0+6R
0SYVLT4bd8/hVeqD01+eJfbkqEWSvEUe3A5zcXDx2YlVFGg=
-----END CERTIFICATE-----
Generated at Sat Apr 11 01:28:49 2026 by rpki-client