Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/162560-b4c5-4f0d-9c06-18bdf8847418/1/PYpH8aQrBxgmiCTPPp0V-EcnxfE.roa
File: PYpH8aQrBxgmiCTPPp0V-EcnxfE.roa (raw, json)
Hash identifier: TZmRjK93W2lQuniNqsjJViZK/7sITb6I/CE3q5KADNM=
Subject key identifier: 3D:8A:47:F1:A4:2B:07:18:26:88:24:CF:3E:9D:15:F8:47:27:C5:F1
Certificate issuer: /CN=f674f0c8d16cbb510bba1fe3ac4685eee356f8e7
Certificate serial: 019E222C1C4C74AA662BE60617BCD4192746
Authority key identifier: F6:74:F0:C8:D1:6C:BB:51:0B:BA:1F:E3:AC:46:85:EE:E3:56:F8:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9nTwyNFsu1ELuh_jrEaF7uNW-Oc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/162560-b4c5-4f0d-9c06-18bdf8847418/1/PYpH8aQrBxgmiCTPPp0V-EcnxfE.roa
Signing time: Wed 13 May 2026 16:29:36 +0000
ROA not before: Wed 13 May 2026 16:29:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215667
IP address blocks: 185.50.253.0/24 maxlen: 24
2a05:fd00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/162560-b4c5-4f0d-9c06-18bdf8847418/1/9nTwyNFsu1ELuh_jrEaF7uNW-Oc.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/162560-b4c5-4f0d-9c06-18bdf8847418/1/9nTwyNFsu1ELuh_jrEaF7uNW-Oc.mft
rsync://rpki.ripe.net/repository/DEFAULT/9nTwyNFsu1ELuh_jrEaF7uNW-Oc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 20 May 2026 07:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:22:2c:1c:4c:74:aa:66:2b:e6:06:17:bc:d4:19:27:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f674f0c8d16cbb510bba1fe3ac4685eee356f8e7
Validity
Not Before: May 13 16:29:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3d8a47f1a42b0718268824cf3e9d15f84727c5f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:4b:2f:05:4c:1e:97:de:25:f0:c3:f4:bb:3a:
79:e5:53:87:73:69:79:72:36:27:f4:3f:b1:5d:30:
6c:15:96:15:b9:e9:f1:d3:06:1b:69:28:09:7f:72:
5e:a8:a2:b6:06:35:b2:e2:fd:31:a4:db:b3:f0:93:
56:64:f4:5c:03:d2:30:eb:dd:4a:b2:0c:1a:36:b7:
27:f4:0d:f9:af:e8:36:18:39:1a:45:5a:27:e4:9f:
e6:83:39:18:3f:38:92:4c:e5:0d:65:87:f3:d4:38:
3f:40:8a:ce:f8:24:88:97:02:73:16:ee:2a:5d:64:
f2:52:32:21:8e:28:b3:bd:c4:47:31:a4:0f:f5:05:
45:24:49:ed:45:3a:67:38:d3:be:93:a9:3d:6d:bc:
bc:ed:39:6e:32:f5:34:9c:b9:ad:a6:90:e1:2c:3d:
26:09:0e:5e:3d:47:15:5d:73:42:c4:1f:f2:f7:37:
5a:4c:3b:f2:79:62:c3:64:27:fc:aa:38:7d:91:82:
a7:d6:81:d7:ed:d8:3c:6c:5a:b3:2e:d0:ef:d8:25:
c2:e6:4e:c7:bc:c7:de:c6:e8:ec:aa:7d:6b:ff:f4:
39:ce:aa:c8:42:3f:d4:eb:2d:2b:41:d3:60:8c:39:
44:d4:0b:6d:e9:5e:25:90:d5:85:81:46:1e:77:4a:
85:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:8A:47:F1:A4:2B:07:18:26:88:24:CF:3E:9D:15:F8:47:27:C5:F1
X509v3 Authority Key Identifier:
keyid:F6:74:F0:C8:D1:6C:BB:51:0B:BA:1F:E3:AC:46:85:EE:E3:56:F8:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9nTwyNFsu1ELuh_jrEaF7uNW-Oc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/162560-b4c5-4f0d-9c06-18bdf8847418/1/PYpH8aQrBxgmiCTPPp0V-EcnxfE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/162560-b4c5-4f0d-9c06-18bdf8847418/1/9nTwyNFsu1ELuh_jrEaF7uNW-Oc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.50.253.0/24
IPv6:
2a05:fd00::/29
Signature Algorithm: sha256WithRSAEncryption
9f:cb:93:44:d3:54:4b:8c:69:96:83:59:cb:ea:dc:aa:aa:f0:
46:0b:08:c3:22:c7:a2:3a:82:43:58:2e:93:88:45:36:9a:ca:
57:fa:fa:99:95:cc:44:ff:5d:6b:fc:99:65:20:42:92:f2:e8:
f9:c6:54:b0:30:1b:48:17:ea:2e:bd:00:1b:60:24:21:5c:cd:
93:96:59:bc:a0:6a:2b:16:9f:25:2f:80:fa:d3:e9:03:4d:e2:
31:ff:60:1c:53:0c:8f:5f:97:59:55:1f:21:75:e4:1a:9f:53:
bd:92:2c:67:d4:b7:ad:d9:53:eb:3d:6a:0f:2c:c9:6d:21:3b:
61:d3:48:51:45:24:3d:bd:59:b8:d9:e9:f5:3c:91:35:2a:12:
64:eb:25:58:b2:d8:b6:8d:f2:5f:6f:2a:6d:3c:54:4d:77:ed:
fe:eb:ec:f9:bf:98:31:16:56:70:30:7b:fb:e9:62:b9:a3:9f:
31:96:e3:19:05:97:23:2f:3a:14:10:cb:db:32:b6:58:b2:b3:
a4:aa:4d:8a:fa:18:3b:74:e0:4f:71:be:64:51:b8:2e:19:11:
b2:32:6e:52:e1:fd:77:f0:d5:61:c5:f5:ba:fb:09:17:3e:c0:
12:ba:4b:59:74:2a:2e:3e:6e:d6:66:c6:26:0b:5d:a2:10:ed:
30:1f:63:ef
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZ4iLBxMdKpmK+YGF7zUGSdGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2NzRmMGM4ZDE2Y2JiNTEwYmJhMWZlM2FjNDY4NWVlZTM1
NmY4ZTcwHhcNMjYwNTEzMTYyOTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDhhNDdmMWE0MmIwNzE4MjY4ODI0Y2YzZTlkMTVmODQ3MjdjNWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv0svBUwel94l8MP0uzp55VOHc2l5
cjYn9D+xXTBsFZYVuenx0wYbaSgJf3JeqKK2BjWy4v0xpNuz8JNWZPRcA9Iw691K
sgwaNrcn9A35r+g2GDkaRVon5J/mgzkYPziSTOUNZYfz1Dg/QIrO+CSIlwJzFu4q
XWTyUjIhjiizvcRHMaQP9QVFJEntRTpnONO+k6k9bby87TluMvU0nLmtppDhLD0m
CQ5ePUcVXXNCxB/y9zdaTDvyeWLDZCf8qjh9kYKn1oHX7dg8bFqzLtDv2CXC5k7H
vMfexujsqn1r//Q5zqrIQj/U6y0rQdNgjDlE1Att6V4lkNWFgUYed0qF4wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFD2KR/GkKwcYJogkzz6dFfhHJ8XxMB8GA1UdIwQY
MBaAFPZ08MjRbLtRC7of46xGhe7jVvjnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOW5Ud3lORnN1MUVMdWhfanJFYUY3dU5XLU9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS8xNjI1NjAtYjRjNS00ZjBkLTljMDYt
MThiZGY4ODQ3NDE4LzEvUFlwSDhhUXJCeGdtaUNUUFBwMFYtRWNueGZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS8xNjI1NjAtYjRjNS00ZjBkLTljMDYtMThiZGY4ODQ3NDE4
LzEvOW5Ud3lORnN1MUVMdWhfanJFYUY3dU5XLU9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuTL9MA0E
AgACMAcDBQMqBf0AMA0GCSqGSIb3DQEBCwUAA4IBAQCfy5NE01RLjGmWg1nL6tyq
qvBGCwjDIseiOoJDWC6TiEU2mspX+vqZlcxE/11r/JllIEKS8uj5xlSwMBtIF+ou
vQAbYCQhXM2Tllm8oGorFp8lL4D60+kDTeIx/2AcUwyPX5dZVR8hdeQan1O9kixn
1Let2VPrPWoPLMltITth00hRRSQ9vVm42en1PJE1KhJk6yVYsti2jfJfbyptPFRN
d+3+6+z5v5gxFlZwMHv76WK5o58xluMZBZcjLzoUEMvbMrZYsrOkqk2K+hg7dOBP
cb5kUbguGRGyMm5S4f138NVhxfW6+wkXPsASuktZdCouPm7WZsYmC12iEO0wH2Pv
-----END CERTIFICATE-----
Generated at Tue May 19 15:20:02 2026 by rpki-client