Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/9947b6-34bc-477e-8816-2e28b96498a9/1/PoQtev16fJQLT3dnRAKVV5qiNec.roa
File: PoQtev16fJQLT3dnRAKVV5qiNec.roa (raw, json)
Hash identifier: 9CBcAgTyt/fW+093wUg2FiWuZ3yNFJB3tFLfYn9rVOA=
Subject key identifier: 3E:84:2D:7A:FD:7A:7C:94:0B:4F:77:67:44:02:95:57:9A:A2:35:E7
Certificate issuer: /CN=ca6441d9d807e0d78ce75213a103400ee14a7cdc
Certificate serial: 019DFC7EF5F9A383024ADBB8C6BE83C8E2A9
Authority key identifier: CA:64:41:D9:D8:07:E0:D7:8C:E7:52:13:A1:03:40:0E:E1:4A:7C:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ymRB2dgH4NeM51IToQNADuFKfNw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/9947b6-34bc-477e-8816-2e28b96498a9/1/PoQtev16fJQLT3dnRAKVV5qiNec.roa
Signing time: Wed 06 May 2026 08:54:32 +0000
ROA not before: Wed 06 May 2026 08:54:32 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 205719
IP address blocks: 88.210.62.0/24 maxlen: 24
207.89.20.0/24 maxlen: 24
207.89.21.0/24 maxlen: 24
216.162.45.0/24 maxlen: 24
2a14:a087:2::/48 maxlen: 48
2a14:a087:5::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/9947b6-34bc-477e-8816-2e28b96498a9/1/ymRB2dgH4NeM51IToQNADuFKfNw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/9947b6-34bc-477e-8816-2e28b96498a9/1/ymRB2dgH4NeM51IToQNADuFKfNw.mft
rsync://rpki.ripe.net/repository/DEFAULT/ymRB2dgH4NeM51IToQNADuFKfNw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 07 May 2026 21:44:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:fc:7e:f5:f9:a3:83:02:4a:db:b8:c6:be:83:c8:e2:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca6441d9d807e0d78ce75213a103400ee14a7cdc
Validity
Not Before: May 6 08:54:32 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3e842d7afd7a7c940b4f7767440295579aa235e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:7b:2d:ac:bd:88:66:1b:51:27:22:17:be:82:
10:90:69:38:e9:89:2f:56:be:c3:46:6f:86:12:4c:
50:c9:be:5f:d0:31:97:3c:bd:67:ac:0e:dc:50:72:
d2:20:0d:11:ce:f8:ce:05:31:e7:2f:54:e1:e2:dd:
28:f0:8b:6e:d7:d8:62:a4:68:7d:33:cf:02:13:8b:
2b:d8:d3:bb:69:ec:14:a1:8f:ed:be:83:26:e0:5b:
1e:62:53:57:36:65:1d:c9:b7:96:0e:c7:fd:83:c8:
20:79:cd:32:8e:ca:d4:3d:92:6b:aa:5a:f2:5a:ee:
16:51:28:97:33:25:51:e5:73:20:55:c0:cd:6e:d3:
87:d2:0b:d8:a1:1a:a4:ae:53:90:7a:58:e4:5d:e2:
56:49:a4:66:5d:60:16:41:f9:ae:39:8d:63:61:25:
ff:4e:4c:0c:3c:ff:94:c9:85:cf:b4:79:da:04:88:
57:ea:3a:76:31:68:6d:35:fd:39:9a:94:0f:1f:4e:
a6:4a:60:a1:cd:1b:4b:84:8e:ed:59:21:79:a0:ec:
e2:d4:d3:58:5c:71:ed:4f:53:64:f5:81:16:68:92:
c4:e5:9f:25:6e:4d:d0:e2:14:a1:55:f4:fa:85:80:
65:74:93:c5:52:df:10:65:e4:1b:47:20:1a:02:86:
24:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:84:2D:7A:FD:7A:7C:94:0B:4F:77:67:44:02:95:57:9A:A2:35:E7
X509v3 Authority Key Identifier:
keyid:CA:64:41:D9:D8:07:E0:D7:8C:E7:52:13:A1:03:40:0E:E1:4A:7C:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ymRB2dgH4NeM51IToQNADuFKfNw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/9947b6-34bc-477e-8816-2e28b96498a9/1/PoQtev16fJQLT3dnRAKVV5qiNec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/9947b6-34bc-477e-8816-2e28b96498a9/1/ymRB2dgH4NeM51IToQNADuFKfNw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.210.62.0/24
207.89.20.0/23
216.162.45.0/24
IPv6:
2a14:a087:2::/48
2a14:a087:5::/48
Signature Algorithm: sha256WithRSAEncryption
6f:f5:19:eb:86:f5:bb:aa:5e:dd:1c:91:ba:36:1d:75:3d:86:
a3:d4:55:2e:35:5b:aa:20:28:a3:07:04:6b:d0:5c:f4:dd:dc:
b0:00:6c:63:c0:5a:f4:47:ec:b5:f4:8f:48:43:a0:ff:f6:16:
36:a2:e8:81:bd:f5:aa:b2:ef:50:d7:8c:70:36:69:93:9f:8d:
43:28:c0:9b:65:9f:5a:8a:2f:bd:d9:b0:76:5f:ce:16:97:c7:
f2:87:99:e4:bc:c2:77:8d:6a:36:8d:66:25:71:6e:bd:8b:53:
20:df:16:87:f7:9a:35:f7:c6:e1:ac:e0:01:d5:85:83:9f:16:
a5:cf:7a:6d:ca:1e:3d:f1:4d:9e:e0:58:f7:0a:cd:f2:3a:0f:
99:45:bb:da:e1:4b:f0:de:98:b9:da:99:44:0c:03:4a:f8:b0:
d3:ab:d4:fc:c1:9f:f7:95:91:90:ed:c1:59:d4:93:d3:1d:bf:
53:f1:1f:10:99:6a:33:0d:42:d2:86:5d:25:19:c6:f9:91:bc:
eb:4b:6e:de:d4:ab:8a:9c:e7:98:c4:c6:60:91:51:e4:6d:35:
66:94:99:66:f8:a6:c1:d1:73:bc:f2:a0:e8:41:c3:66:95:80:
2a:01:8e:77:fd:b5:af:cb:8b:26:df:63:56:eb:e6:aa:fe:7f:
a7:49:3e:4d
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZ38fvX5o4MCStu4xr6DyOKpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhNjQ0MWQ5ZDgwN2UwZDc4Y2U3NTIxM2ExMDM0MDBlZTE0
YTdjZGMwHhcNMjYwNTA2MDg1NDMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTg0MmQ3YWZkN2E3Yzk0MGI0Zjc3Njc0NDAyOTU1NzlhYTIzNWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkXstrL2IZhtRJyIXvoIQkGk46Ykv
Vr7DRm+GEkxQyb5f0DGXPL1nrA7cUHLSIA0RzvjOBTHnL1Th4t0o8Itu19hipGh9
M88CE4sr2NO7aewUoY/tvoMm4FseYlNXNmUdybeWDsf9g8ggec0yjsrUPZJrqlry
Wu4WUSiXMyVR5XMgVcDNbtOH0gvYoRqkrlOQeljkXeJWSaRmXWAWQfmuOY1jYSX/
TkwMPP+UyYXPtHnaBIhX6jp2MWhtNf05mpQPH06mSmChzRtLhI7tWSF5oOzi1NNY
XHHtT1Nk9YEWaJLE5Z8lbk3Q4hShVfT6hYBldJPFUt8QZeQbRyAaAoYkrwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFD6ELXr9enyUC093Z0QClVeaojXnMB8GA1UdIwQY
MBaAFMpkQdnYB+DXjOdSE6EDQA7hSnzcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveW1SQjJkZ0g0TmVNNTFJVG9RTkFEdUZLZk53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC85OTQ3YjYtMzRiYy00NzdlLTg4MTYt
MmUyOGI5NjQ5OGE5LzEvUG9RdGV2MTZmSlFMVDNkblJBS1ZWNXFpTmVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC85OTQ3YjYtMzRiYy00NzdlLTg4MTYtMmUyOGI5NjQ5OGE5
LzEveW1SQjJkZ0g0TmVNNTFJVG9RTkFEdUZLZk53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAYBAIAATASAwQAWNI+AwQB
z1kUAwQA2KItMBgEAgACMBIDBwAqFKCHAAIDBwAqFKCHAAUwDQYJKoZIhvcNAQEL
BQADggEBAG/1GeuG9buqXt0ckbo2HXU9hqPUVS41W6ogKKMHBGvQXPTd3LAAbGPA
WvRH7LX0j0hDoP/2Fjai6IG99aqy71DXjHA2aZOfjUMowJtln1qKL73ZsHZfzhaX
x/KHmeS8wneNajaNZiVxbr2LUyDfFof3mjX3xuGs4AHVhYOfFqXPem3KHj3xTZ7g
WPcKzfI6D5lFu9rhS/DemLnamUQMA0r4sNOr1PzBn/eVkZDtwVnUk9Mdv1PxHxCZ
ajMNQtKGXSUZxvmRvOtLbt7Uq4qc55jExmCRUeRtNWaUmWb4psHRc7zyoOhBw2aV
gCoBjnf9ta/LiybfY1br5qr+f6dJPk0=
-----END CERTIFICATE-----
Generated at Thu May 7 04:33:38 2026 by rpki-client