Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/9947b6-34bc-477e-8816-2e28b96498a9/1/ITp4Lu_JhDqXqNns4N0BFezyH2s.roa
File: ITp4Lu_JhDqXqNns4N0BFezyH2s.roa (raw, json)
Hash identifier: u+ylQQKU2zMSBYliF/K/naeeubiOd3Oqig4YiCJdHxg=
Subject key identifier: 21:3A:78:2E:EF:C9:84:3A:97:A8:D9:EC:E0:DD:01:15:EC:F2:1F:6B
Certificate issuer: /CN=ca6441d9d807e0d78ce75213a103400ee14a7cdc
Certificate serial: 019DFD88F3E1C5A5B91D25EE4BED6197AC37
Authority key identifier: CA:64:41:D9:D8:07:E0:D7:8C:E7:52:13:A1:03:40:0E:E1:4A:7C:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ymRB2dgH4NeM51IToQNADuFKfNw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/9947b6-34bc-477e-8816-2e28b96498a9/1/ITp4Lu_JhDqXqNns4N0BFezyH2s.roa
Signing time: Wed 06 May 2026 13:45:04 +0000
ROA not before: Wed 06 May 2026 13:45:04 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 13335
IP address blocks: 138.226.234.0/24 maxlen: 24
138.226.238.0/24 maxlen: 24
207.89.22.0/24 maxlen: 24
207.89.23.0/24 maxlen: 24
216.163.179.0/24 maxlen: 24
2a14:a087::/48 maxlen: 48
2a14:a087:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/9947b6-34bc-477e-8816-2e28b96498a9/1/ymRB2dgH4NeM51IToQNADuFKfNw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/9947b6-34bc-477e-8816-2e28b96498a9/1/ymRB2dgH4NeM51IToQNADuFKfNw.mft
rsync://rpki.ripe.net/repository/DEFAULT/ymRB2dgH4NeM51IToQNADuFKfNw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 07 May 2026 21:44:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:fd:88:f3:e1:c5:a5:b9:1d:25:ee:4b:ed:61:97:ac:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca6441d9d807e0d78ce75213a103400ee14a7cdc
Validity
Not Before: May 6 13:45:04 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=213a782eefc9843a97a8d9ece0dd0115ecf21f6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:47:77:f3:89:07:32:72:cf:37:c6:4e:2c:8a:
f1:6d:4b:29:8f:bb:b3:b5:0f:2f:24:fe:64:cb:5b:
6b:be:65:59:c0:f1:3b:ea:99:19:84:07:32:bc:bb:
64:5d:8f:51:c9:ce:00:e7:43:c1:c4:04:e6:21:4d:
25:4a:05:85:45:45:d8:4e:7c:65:e9:5b:c4:c8:03:
fb:33:49:37:81:6e:0b:65:04:f5:63:d4:18:2f:27:
d2:e5:4b:3a:58:0d:8d:d9:55:ae:6d:08:80:41:9f:
de:96:e2:c4:e3:75:29:7b:df:c3:26:ca:a5:54:fc:
04:08:db:a3:27:35:31:ba:9a:1a:62:00:7b:97:8d:
fc:0b:7d:6c:39:a4:9c:11:fc:78:2b:7c:f4:65:07:
62:0c:19:23:c0:7c:15:73:1e:6e:70:a8:a3:15:7b:
0a:cf:fe:d9:15:af:fd:07:93:68:de:89:b6:c2:32:
46:7d:bf:ae:85:0c:5a:c8:c4:e8:85:3f:17:42:20:
1b:d1:59:c0:9c:78:25:4f:36:e5:cb:9a:bb:d5:99:
2e:e2:39:68:bc:f8:c0:7a:24:a0:2b:d8:57:c9:b2:
09:c0:f3:3a:5a:a8:96:30:32:c0:50:a1:14:c1:e5:
2c:14:f6:9f:ba:dc:80:9f:c5:a1:10:72:8d:75:77:
85:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:3A:78:2E:EF:C9:84:3A:97:A8:D9:EC:E0:DD:01:15:EC:F2:1F:6B
X509v3 Authority Key Identifier:
keyid:CA:64:41:D9:D8:07:E0:D7:8C:E7:52:13:A1:03:40:0E:E1:4A:7C:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ymRB2dgH4NeM51IToQNADuFKfNw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/9947b6-34bc-477e-8816-2e28b96498a9/1/ITp4Lu_JhDqXqNns4N0BFezyH2s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/9947b6-34bc-477e-8816-2e28b96498a9/1/ymRB2dgH4NeM51IToQNADuFKfNw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.226.234.0/24
138.226.238.0/24
207.89.22.0/23
216.163.179.0/24
IPv6:
2a14:a087::/47
Signature Algorithm: sha256WithRSAEncryption
5b:8d:04:3c:82:53:23:f8:f4:7b:93:09:88:25:15:81:22:a8:
f1:df:21:a6:a8:41:8b:6e:32:b9:0b:56:2f:ae:8d:00:69:8d:
38:52:c4:70:2f:69:50:1b:b0:58:7f:c8:58:b1:25:da:3f:44:
d5:0c:58:d0:dd:75:07:d7:30:e6:22:4a:0c:7e:46:a8:de:6e:
14:11:96:ce:7f:31:46:c3:74:4f:93:44:06:9f:8f:ba:d6:7b:
2a:09:72:b7:a8:bc:0d:14:f5:04:56:a9:82:ab:f0:df:ab:c0:
43:50:05:84:85:73:e0:df:b4:b7:da:b7:33:60:2a:e4:05:fe:
1c:7f:d7:20:9e:40:75:f1:0f:02:f4:2e:40:88:61:d5:5f:ff:
5e:f9:59:0d:9c:37:c9:52:e7:86:d1:59:fa:05:51:a9:7a:41:
87:73:5d:db:a2:6c:00:c5:a0:69:3f:a4:24:2c:d7:48:28:54:
cd:76:7b:69:22:c7:de:07:a5:31:ef:09:1b:fb:ca:08:d9:c3:
5c:f7:49:52:eb:23:3c:0b:a0:28:28:3a:52:67:68:dd:9d:a1:
6d:9b:6e:8a:16:48:a7:d2:25:88:aa:bd:65:99:c7:75:15:c6:
30:66:95:2b:03:a3:80:a0:40:58:af:bc:d0:2c:76:7c:47:05:
9a:39:8e:b5
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZ39iPPhxaW5HSXuS+1hl6w3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhNjQ0MWQ5ZDgwN2UwZDc4Y2U3NTIxM2ExMDM0MDBlZTE0
YTdjZGMwHhcNMjYwNTA2MTM0NTA0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTNhNzgyZWVmYzk4NDNhOTdhOGQ5ZWNlMGRkMDExNWVjZjIxZjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoEd384kHMnLPN8ZOLIrxbUspj7uz
tQ8vJP5ky1trvmVZwPE76pkZhAcyvLtkXY9Ryc4A50PBxATmIU0lSgWFRUXYTnxl
6VvEyAP7M0k3gW4LZQT1Y9QYLyfS5Us6WA2N2VWubQiAQZ/eluLE43Upe9/DJsql
VPwECNujJzUxupoaYgB7l438C31sOaScEfx4K3z0ZQdiDBkjwHwVcx5ucKijFXsK
z/7ZFa/9B5No3om2wjJGfb+uhQxayMTohT8XQiAb0VnAnHglTzbly5q71Zku4jlo
vPjAeiSgK9hXybIJwPM6WqiWMDLAUKEUweUsFPafutyAn8WhEHKNdXeF4QIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFCE6eC7vyYQ6l6jZ7ODdARXs8h9rMB8GA1UdIwQY
MBaAFMpkQdnYB+DXjOdSE6EDQA7hSnzcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveW1SQjJkZ0g0TmVNNTFJVG9RTkFEdUZLZk53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC85OTQ3YjYtMzRiYy00NzdlLTg4MTYt
MmUyOGI5NjQ5OGE5LzEvSVRwNEx1X0poRHFYcU5uczROMEJGZXp5SDJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC85OTQ3YjYtMzRiYy00NzdlLTg4MTYtMmUyOGI5NjQ5OGE5
LzEveW1SQjJkZ0g0TmVNNTFJVG9RTkFEdUZLZk53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQAiuLqAwQA
iuLuAwQBz1kWAwQA2KOzMA8EAgACMAkDBwEqFKCHAAAwDQYJKoZIhvcNAQELBQAD
ggEBAFuNBDyCUyP49HuTCYglFYEiqPHfIaaoQYtuMrkLVi+ujQBpjThSxHAvaVAb
sFh/yFixJdo/RNUMWNDddQfXMOYiSgx+RqjebhQRls5/MUbDdE+TRAafj7rWeyoJ
creovA0U9QRWqYKr8N+rwENQBYSFc+DftLfatzNgKuQF/hx/1yCeQHXxDwL0LkCI
YdVf/175WQ2cN8lS54bRWfoFUal6QYdzXduibADFoGk/pCQs10goVM12e2kix94H
pTHvCRv7ygjZw1z3SVLrIzwLoCgoOlJnaN2doW2bbooWSKfSJYiqvWWZx3UVxjBm
lSsDo4CgQFivvNAsdnxHBZo5jrU=
-----END CERTIFICATE-----
Generated at Thu May 7 04:33:48 2026 by rpki-client