Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/b66c83-0d61-421f-b083-2b9fc41e0a80/1/kRyxiAkPj1N4o5Q97vndpCqxuTo.roa
File: kRyxiAkPj1N4o5Q97vndpCqxuTo.roa (raw, json)
Hash identifier: xfkYlTGJlH9MSL13viAFnNVbnhUFjXhBp9WdZzYRj34=
Subject key identifier: 91:1C:B1:88:09:0F:8F:53:78:A3:94:3D:EE:F9:DD:A4:2A:B1:B9:3A
Certificate issuer: /CN=560190bdfb0a3f23b4411e7d748eddbbd09f8546
Certificate serial: 019DBA07CE2AAD3DB76B0C8D333495F27FFB
Authority key identifier: 56:01:90:BD:FB:0A:3F:23:B4:41:1E:7D:74:8E:DD:BB:D0:9F:85:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VgGQvfsKPyO0QR59dI7du9CfhUY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/b66c83-0d61-421f-b083-2b9fc41e0a80/1/kRyxiAkPj1N4o5Q97vndpCqxuTo.roa
Signing time: Thu 23 Apr 2026 11:09:26 +0000
ROA not before: Thu 23 Apr 2026 11:09:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 209564
IP address blocks: 212.108.184.0/21 maxlen: 24
212.108.189.0/24 maxlen: 24
212.108.190.0/24 maxlen: 24
212.108.191.0/24 maxlen: 24
2a02:358:1000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/77/b66c83-0d61-421f-b083-2b9fc41e0a80/1/VgGQvfsKPyO0QR59dI7du9CfhUY.crl
rsync://rpki.ripe.net/repository/DEFAULT/77/b66c83-0d61-421f-b083-2b9fc41e0a80/1/VgGQvfsKPyO0QR59dI7du9CfhUY.mft
rsync://rpki.ripe.net/repository/DEFAULT/VgGQvfsKPyO0QR59dI7du9CfhUY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:ba:07:ce:2a:ad:3d:b7:6b:0c:8d:33:34:95:f2:7f:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=560190bdfb0a3f23b4411e7d748eddbbd09f8546
Validity
Not Before: Apr 23 11:09:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=911cb188090f8f5378a3943deef9dda42ab1b93a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:22:46:64:0e:55:b7:c6:ca:40:30:dc:e8:0b:
89:11:3d:35:6a:23:58:82:97:f4:b6:5d:ed:59:af:
03:40:1a:d4:37:bf:24:de:81:ca:06:67:8c:83:97:
76:01:20:9d:39:e5:3d:15:70:35:3f:27:2b:5e:4c:
e3:f0:c3:40:84:2a:e9:52:8a:fb:3b:c7:d0:2a:1e:
91:dd:80:15:4a:ed:4a:a1:b9:40:18:37:20:d4:1f:
43:e2:b2:aa:ff:17:a9:25:8b:83:88:24:83:67:ff:
66:29:ae:bf:29:cb:f5:96:9e:43:5a:bf:b3:67:ab:
08:bb:b3:1b:d5:f6:0d:4c:9f:f8:e0:5c:9e:2f:7a:
23:57:85:02:ae:c2:a5:16:57:7f:11:33:ae:2e:0c:
4e:ed:4a:fd:93:c2:e8:7c:0b:43:be:fd:0f:91:e7:
2e:05:5b:b5:e6:a4:2d:3f:65:3e:2e:05:05:f2:b1:
0c:fd:c5:18:80:4a:10:1e:51:1d:7a:ee:14:43:bd:
f7:34:11:10:0f:74:6d:7b:00:11:82:d3:c5:ba:f0:
cf:b6:be:dd:f6:31:53:91:70:d3:0c:e0:76:9c:58:
b3:fb:52:e3:96:72:b4:98:eb:9b:91:cf:e0:94:56:
ab:dd:8d:57:8d:00:fe:c0:84:ca:03:a5:de:46:f0:
f9:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:1C:B1:88:09:0F:8F:53:78:A3:94:3D:EE:F9:DD:A4:2A:B1:B9:3A
X509v3 Authority Key Identifier:
keyid:56:01:90:BD:FB:0A:3F:23:B4:41:1E:7D:74:8E:DD:BB:D0:9F:85:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VgGQvfsKPyO0QR59dI7du9CfhUY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/b66c83-0d61-421f-b083-2b9fc41e0a80/1/kRyxiAkPj1N4o5Q97vndpCqxuTo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/b66c83-0d61-421f-b083-2b9fc41e0a80/1/VgGQvfsKPyO0QR59dI7du9CfhUY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.108.184.0/21
IPv6:
2a02:358:1000::/36
Signature Algorithm: sha256WithRSAEncryption
23:bd:a0:40:d3:c9:be:4f:db:ec:ac:c6:d9:42:32:ab:87:50:
7c:9d:59:5f:ef:01:36:20:0a:8b:b1:d5:14:59:f7:7b:79:39:
a6:93:2b:38:1d:cd:e1:32:43:86:a1:b2:34:0f:f1:2c:74:ca:
10:bf:2f:b8:f5:0f:f5:4e:60:a3:81:ac:43:5a:23:ef:fb:c0:
b1:33:87:3d:c1:94:7e:a2:7b:13:19:b5:b4:88:83:72:0b:14:
12:5f:d3:da:14:64:63:79:06:4c:cf:2e:c2:78:ee:b9:da:a7:
f6:ff:79:51:91:f5:48:f6:fe:c7:22:08:d7:4d:30:af:6a:6a:
56:e5:c4:20:90:28:1c:f3:ff:c3:8e:27:a9:c9:0f:f7:20:a1:
4d:99:07:74:ed:02:34:ca:52:8f:9d:15:d5:22:6c:9f:cb:ba:
cf:05:09:01:e1:dc:17:c7:78:39:85:b6:fe:82:97:69:26:ed:
25:b1:8a:b2:e2:0c:ae:e9:10:7a:48:32:e5:c4:e0:c6:e1:8e:
e0:6b:ac:74:5a:fb:62:33:09:f4:2d:04:87:35:6d:6a:99:27:
dc:dc:bf:a2:a6:39:da:9e:04:85:bf:c3:3c:4a:f4:08:6b:5c:
86:0f:9a:68:25:b6:aa:c8:c2:b8:46:28:f3:dc:f9:4e:a0:ab:
3c:b4:33:d2
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZ26B84qrT23awyNMzSV8n/7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2MDE5MGJkZmIwYTNmMjNiNDQxMWU3ZDc0OGVkZGJiZDA5
Zjg1NDYwHhcNMjYwNDIzMTEwOTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTFjYjE4ODA5MGY4ZjUzNzhhMzk0M2RlZWY5ZGRhNDJhYjFiOTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCJGZA5Vt8bKQDDc6AuJET01aiNY
gpf0tl3tWa8DQBrUN78k3oHKBmeMg5d2ASCdOeU9FXA1PycrXkzj8MNAhCrpUor7
O8fQKh6R3YAVSu1KoblAGDcg1B9D4rKq/xepJYuDiCSDZ/9mKa6/Kcv1lp5DWr+z
Z6sIu7Mb1fYNTJ/44FyeL3ojV4UCrsKlFld/ETOuLgxO7Ur9k8LofAtDvv0Pkecu
BVu15qQtP2U+LgUF8rEM/cUYgEoQHlEdeu4UQ733NBEQD3RtewARgtPFuvDPtr7d
9jFTkXDTDOB2nFiz+1LjlnK0mOubkc/glFar3Y1XjQD+wITKA6XeRvD52wIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFJEcsYgJD49TeKOUPe753aQqsbk6MB8GA1UdIwQY
MBaAFFYBkL37Cj8jtEEefXSO3bvQn4VGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVmdHUXZmc0tQeU8wUVI1OWRJN2R1OUNmaFVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9iNjZjODMtMGQ2MS00MjFmLWIwODMt
MmI5ZmM0MWUwYTgwLzEva1J5eGlBa1BqMU40bzVROTd2bmRwQ3F4dVRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny9iNjZjODMtMGQ2MS00MjFmLWIwODMtMmI5ZmM0MWUwYTgw
LzEvVmdHUXZmc0tQeU8wUVI1OWRJN2R1OUNmaFVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQD1Gy4MA4E
AgACMAgDBgQqAgNYEDANBgkqhkiG9w0BAQsFAAOCAQEAI72gQNPJvk/b7KzG2UIy
q4dQfJ1ZX+8BNiAKi7HVFFn3e3k5ppMrOB3N4TJDhqGyNA/xLHTKEL8vuPUP9U5g
o4GsQ1oj7/vAsTOHPcGUfqJ7Exm1tIiDcgsUEl/T2hRkY3kGTM8uwnjuudqn9v95
UZH1SPb+xyII100wr2pqVuXEIJAoHPP/w44nqckP9yChTZkHdO0CNMpSj50V1SJs
n8u6zwUJAeHcF8d4OYW2/oKXaSbtJbGKsuIMrukQekgy5cTgxuGO4GusdFr7YjMJ
9C0EhzVtapkn3Ny/oqY52p4Ehb/DPEr0CGtchg+aaCW2qsjCuEYo89z5TqCrPLQz
0g==
-----END CERTIFICATE-----
Generated at Mon Apr 27 19:00:04 2026 by rpki-client