Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/acrLlh2bffixlJwIk38uqcoaM3U.roa
File: acrLlh2bffixlJwIk38uqcoaM3U.roa (raw, json)
Hash identifier: 8VJekl0fJNzL7/mrVZ7IvSwSX3xru+t1pg5R0/MlHXs=
Subject key identifier: 69:CA:CB:96:1D:9B:7D:F8:B1:94:9C:08:93:7F:2E:A9:CA:1A:33:75
Certificate issuer: /CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Certificate serial: 019DB28C8503D490EA8B848D2EDE2A24BCEA
Authority key identifier: 74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/acrLlh2bffixlJwIk38uqcoaM3U.roa
Signing time: Wed 22 Apr 2026 00:17:26 +0000
ROA not before: Wed 22 Apr 2026 00:17:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 33667
IP address blocks: 9.142.32.0/19 maxlen: 19
9.142.48.0/20 maxlen: 20
9.142.64.0/18 maxlen: 18
9.142.96.0/19 maxlen: 19
9.142.192.0/19 maxlen: 19
135.132.64.0/19 maxlen: 19
138.226.48.0/21 maxlen: 21
138.226.64.0/20 maxlen: 20
138.226.112.0/21 maxlen: 21
138.226.192.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.mft
rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 May 2026 18:48:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:b2:8c:85:03:d4:90:ea:8b:84:8d:2e:de:2a:24:bc:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Validity
Not Before: Apr 22 00:17:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=69cacb961d9b7df8b1949c08937f2ea9ca1a3375
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:eb:47:f2:3f:5a:81:53:16:7d:d6:3e:41:a8:
85:54:fa:fa:72:a7:e4:4d:41:01:08:f0:f2:43:41:
43:d0:e8:e2:a2:39:f7:6b:5b:d4:3d:7c:6b:93:5d:
7e:6f:0b:00:7e:23:31:45:6b:65:f5:2e:7d:06:72:
d6:c4:59:cc:95:df:1a:fa:c8:fc:27:9e:10:88:04:
6b:cc:0a:58:56:81:dd:97:9f:d3:aa:f6:88:ab:84:
b2:04:24:69:9d:19:1f:0b:3e:00:70:4f:09:89:11:
1f:a7:1a:7a:51:bf:76:7f:81:2f:93:52:e7:e4:4f:
e8:b3:8b:db:e5:fe:be:bb:44:5a:ba:d4:32:cb:68:
45:95:b5:75:b1:83:d1:4c:2d:32:cd:75:76:61:54:
07:3a:01:59:57:a5:2f:25:72:e3:5e:ba:5e:1d:8d:
a7:7a:dd:9c:ac:c2:d5:d1:e3:bd:59:e6:58:15:f7:
30:8a:5a:34:45:9f:83:63:aa:ce:30:80:b5:81:bd:
0b:dc:09:7a:23:03:74:d5:f3:6f:dd:14:c9:6a:08:
fb:1d:53:32:73:5c:dd:33:29:63:1c:b8:3f:cb:90:
22:0b:fc:9b:ab:6d:0f:39:ac:0c:e2:bd:5b:14:8d:
50:50:0a:7f:2d:de:6f:e7:88:d7:d4:ab:84:f3:6a:
32:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:CA:CB:96:1D:9B:7D:F8:B1:94:9C:08:93:7F:2E:A9:CA:1A:33:75
X509v3 Authority Key Identifier:
keyid:74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/acrLlh2bffixlJwIk38uqcoaM3U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
9.142.32.0-9.142.127.255
9.142.192.0/19
135.132.64.0/19
138.226.48.0/21
138.226.64.0/20
138.226.112.0/21
138.226.192.0/22
Signature Algorithm: sha256WithRSAEncryption
23:16:84:79:89:6d:8a:7b:1e:ab:0b:58:29:59:59:f7:cc:17:
3c:ea:f2:29:e3:60:ae:6b:de:b6:85:c7:a6:bb:a0:34:33:40:
cb:5c:9d:78:f2:b8:19:8a:5d:92:2f:51:f3:a9:fa:91:d8:d2:
63:22:f8:63:eb:b7:dc:ba:aa:4b:2f:42:59:a2:58:9f:42:ee:
38:64:cf:88:0c:74:b1:9d:1f:47:eb:61:20:f2:15:9f:89:8a:
a8:31:c3:09:f8:96:9b:9a:88:ea:56:e6:74:74:d7:58:d0:14:
05:11:3d:11:35:85:8c:6d:d5:14:fc:e4:cd:fb:64:a0:25:c7:
74:6a:7e:e7:cf:2c:29:24:1d:f5:45:fe:06:1a:37:16:39:57:
59:6a:b3:ef:82:13:9b:8d:8a:7c:d6:97:4a:95:57:38:96:1c:
7d:e5:77:c5:75:f6:a3:cc:c2:2e:9d:5d:0a:5a:ac:9d:17:92:
1b:78:72:6d:00:11:20:2a:49:17:40:f5:24:26:f7:61:7c:0f:
39:b6:d3:c5:b8:fa:9c:a0:49:ad:df:2f:c7:fe:ce:72:13:23:
2b:f4:15:30:02:e6:e8:7f:f7:5b:a3:50:61:0e:de:07:fc:64:
2b:72:89:45:d6:1c:d3:50:7b:da:e7:43:50:91:09:53:e1:e4:
af:e3:de:8c
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZ2yjIUD1JDqi4SNLt4qJLzqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0M2U0NDdlZGI4YTVlMGUxYjFkN2Y1Y2RjMjg3YzM2NGE1
ZmIwYjUwHhcNMjYwNDIyMDAxNzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWNhY2I5NjFkOWI3ZGY4YjE5NDljMDg5MzdmMmVhOWNhMWEzMzc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy+tH8j9agVMWfdY+QaiFVPr6cqfk
TUEBCPDyQ0FD0Ojiojn3a1vUPXxrk11+bwsAfiMxRWtl9S59BnLWxFnMld8a+sj8
J54QiARrzApYVoHdl5/TqvaIq4SyBCRpnRkfCz4AcE8JiREfpxp6Ub92f4Evk1Ln
5E/os4vb5f6+u0RautQyy2hFlbV1sYPRTC0yzXV2YVQHOgFZV6UvJXLjXrpeHY2n
et2crMLV0eO9WeZYFfcwilo0RZ+DY6rOMIC1gb0L3Al6IwN01fNv3RTJagj7HVMy
c1zdMyljHLg/y5AiC/ybq20POawM4r1bFI1QUAp/Ld5v54jX1KuE82oyNQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFGnKy5Ydm334sZScCJN/LqnKGjN1MB8GA1UdIwQY
MBaAFHQ+RH7bil4OGx1/XNwofDZKX7C1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDct
NWUwZjRhYjgwOWJiLzEvYWNyTGxoMmJmZml4bEp3SWszOHVxY29hTTNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDctNWUwZjRhYjgwOWJi
LzEvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyMAwDBAUJjiAD
BAcJjgADBAUJjsADBAWHhEADBAOK4jADBASK4kADBAOK4nADBAKK4sAwDQYJKoZI
hvcNAQELBQADggEBACMWhHmJbYp7HqsLWClZWffMFzzq8injYK5r3raFx6a7oDQz
QMtcnXjyuBmKXZIvUfOp+pHY0mMi+GPrt9y6qksvQlmiWJ9C7jhkz4gMdLGdH0fr
YSDyFZ+Jiqgxwwn4lpuaiOpW5nR011jQFAURPRE1hYxt1RT85M37ZKAlx3RqfufP
LCkkHfVF/gYaNxY5V1lqs++CE5uNinzWl0qVVziWHH3ld8V19qPMwi6dXQparJ0X
kht4cm0AESAqSRdA9SQm92F8Dzm208W4+pygSa3fL8f+znITIyv0FTAC5uh/91uj
UGEO3gf8ZCtyiUXWHNNQe9rnQ1CRCVPh5K/j3ow=
-----END CERTIFICATE-----
Generated at Wed May 6 02:40:32 2026 by rpki-client