Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/7c9fcc-8fce-44b7-b6bf-11776031415f/1/bKHqyjHv3YQYPprd4WXBzgsiiJI.roa
File: bKHqyjHv3YQYPprd4WXBzgsiiJI.roa (raw, json)
Hash identifier: OY+CRxVXfvV5PCdKMmqTbtKuHbe5jicMvmvczsjQpnc=
Subject key identifier: 6C:A1:EA:CA:31:EF:DD:84:18:3E:9A:DD:E1:65:C1:CE:0B:22:88:92
Certificate issuer: /CN=5754d19527fd85d0d444acadd44a01655fdc7400
Certificate serial: 019DAFE7F1E37A6D429F33BF3E82F41432F2
Authority key identifier: 57:54:D1:95:27:FD:85:D0:D4:44:AC:AD:D4:4A:01:65:5F:DC:74:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V1TRlSf9hdDURKyt1EoBZV_cdAA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/7c9fcc-8fce-44b7-b6bf-11776031415f/1/bKHqyjHv3YQYPprd4WXBzgsiiJI.roa
Signing time: Tue 21 Apr 2026 11:58:26 +0000
ROA not before: Tue 21 Apr 2026 11:58:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 16509
IP address blocks: 193.219.115.0/24 maxlen: 24
2a00:a640:10a0::/44 maxlen: 48
2a00:a640:20a0::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/7c9fcc-8fce-44b7-b6bf-11776031415f/1/V1TRlSf9hdDURKyt1EoBZV_cdAA.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/7c9fcc-8fce-44b7-b6bf-11776031415f/1/V1TRlSf9hdDURKyt1EoBZV_cdAA.mft
rsync://rpki.ripe.net/repository/DEFAULT/V1TRlSf9hdDURKyt1EoBZV_cdAA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 04 May 2026 05:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:af:e7:f1:e3:7a:6d:42:9f:33:bf:3e:82:f4:14:32:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5754d19527fd85d0d444acadd44a01655fdc7400
Validity
Not Before: Apr 21 11:58:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6ca1eaca31efdd84183e9adde165c1ce0b228892
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:1c:0c:aa:1e:58:db:32:d6:7c:6a:dc:78:0f:
33:01:c7:83:d7:3c:16:f4:9b:6a:f8:52:1b:bb:04:
ba:a4:b7:1f:c9:62:44:0f:51:13:8b:44:00:bc:00:
dd:e6:77:f5:ce:6a:db:4f:6b:98:76:7f:68:df:ce:
5d:03:0d:a2:11:57:55:8b:0a:fa:20:d1:ff:c9:ac:
2c:cb:4d:b4:be:c0:5f:91:6f:f2:b9:be:58:ef:50:
3d:62:5d:80:dc:d8:ba:1b:df:02:1a:bb:d4:dd:ca:
60:9f:57:a7:69:36:19:19:21:ac:0b:84:02:2b:14:
8d:43:db:e9:08:c7:42:b6:1c:ea:a8:ef:bb:45:0c:
ac:86:07:f0:ef:de:50:6b:67:c7:c8:22:db:88:c2:
7c:06:52:ad:6f:9f:b9:00:d5:9b:a2:9f:7f:94:85:
ea:49:62:07:6c:09:69:a7:62:9a:a0:4e:a1:88:13:
bb:14:ee:89:ed:0f:bc:53:20:ed:37:d4:d6:c5:ca:
e4:11:18:64:47:e9:e9:5c:fd:ee:8f:d6:65:cf:38:
40:c5:34:c2:08:b9:ea:6c:d1:d2:0b:b6:6b:6f:ba:
95:b1:48:94:08:03:8b:25:84:4f:c6:6a:a8:42:06:
f7:a2:5e:4a:47:24:ce:df:1f:ae:83:b2:28:fe:a2:
12:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:A1:EA:CA:31:EF:DD:84:18:3E:9A:DD:E1:65:C1:CE:0B:22:88:92
X509v3 Authority Key Identifier:
keyid:57:54:D1:95:27:FD:85:D0:D4:44:AC:AD:D4:4A:01:65:5F:DC:74:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V1TRlSf9hdDURKyt1EoBZV_cdAA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/7c9fcc-8fce-44b7-b6bf-11776031415f/1/bKHqyjHv3YQYPprd4WXBzgsiiJI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/7c9fcc-8fce-44b7-b6bf-11776031415f/1/V1TRlSf9hdDURKyt1EoBZV_cdAA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.219.115.0/24
IPv6:
2a00:a640:10a0::/44
2a00:a640:20a0::/44
Signature Algorithm: sha256WithRSAEncryption
0f:53:0c:10:05:b9:92:59:56:c4:21:6b:5d:3b:37:49:3e:85:
10:a5:87:c5:d4:36:1d:ed:6a:fd:02:4d:89:c1:3b:4f:5a:61:
a2:09:f4:64:1e:63:d6:78:0a:96:ab:af:77:c2:71:38:9c:90:
ef:48:58:0a:59:e1:74:27:08:ca:cc:23:af:d1:68:95:8d:cd:
bd:b6:27:22:f5:87:0e:fb:95:2f:24:ae:2e:72:2b:52:78:1b:
17:cb:46:57:16:d8:30:44:4f:51:eb:b5:27:55:c3:01:12:69:
4c:0d:bb:c4:a7:db:7e:1a:46:07:fc:c3:14:c7:d6:fa:7f:f3:
72:25:87:f7:18:7b:a4:2f:e6:50:86:23:53:ed:07:2e:e3:8d:
47:e9:2d:f8:a1:57:a7:e2:35:2c:eb:16:65:2f:99:27:a8:db:
24:58:46:c7:58:cb:92:58:b2:6c:67:1c:2e:77:34:c0:d5:a6:
ab:62:bc:e5:ab:03:f3:eb:1e:27:11:19:38:b7:1f:21:7b:45:
49:da:80:2d:79:2f:3d:92:c9:53:a4:64:af:c8:63:4c:65:08:
0a:76:e8:e0:4e:d3:4f:eb:b9:3c:5f:d7:65:2d:ed:d1:9b:e6:
7a:c4:dc:a9:fd:04:e0:f0:5f:4a:04:b7:7f:43:3d:6d:1b:ab:
f9:ca:79:a2
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZ2v5/Hjem1CnzO/PoL0FDLyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NTRkMTk1MjdmZDg1ZDBkNDQ0YWNhZGQ0NGEwMTY1NWZk
Yzc0MDAwHhcNMjYwNDIxMTE1ODI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2ExZWFjYTMxZWZkZDg0MTgzZTlhZGRlMTY1YzFjZTBiMjI4ODkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyBwMqh5Y2zLWfGrceA8zAceD1zwW
9Jtq+FIbuwS6pLcfyWJED1ETi0QAvADd5nf1zmrbT2uYdn9o385dAw2iEVdViwr6
INH/yawsy020vsBfkW/yub5Y71A9Yl2A3Ni6G98CGrvU3cpgn1enaTYZGSGsC4QC
KxSNQ9vpCMdCthzqqO+7RQyshgfw795Qa2fHyCLbiMJ8BlKtb5+5ANWbop9/lIXq
SWIHbAlpp2KaoE6hiBO7FO6J7Q+8UyDtN9TWxcrkERhkR+npXP3uj9ZlzzhAxTTC
CLnqbNHSC7Zrb7qVsUiUCAOLJYRPxmqoQgb3ol5KRyTO3x+ug7Io/qIStQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFGyh6sox792EGD6a3eFlwc4LIoiSMB8GA1UdIwQY
MBaAFFdU0ZUn/YXQ1ESsrdRKAWVf3HQAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjFUUmxTZjloZERVUkt5dDFFb0JaVl9jZEFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS83YzlmY2MtOGZjZS00NGI3LWI2YmYt
MTE3NzYwMzE0MTVmLzEvYktIcXlqSHYzWVFZUHByZDRXWEJ6Z3NpaUpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS83YzlmY2MtOGZjZS00NGI3LWI2YmYtMTE3NzYwMzE0MTVm
LzEvVjFUUmxTZjloZERVUkt5dDFFb0JaVl9jZEFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAwdtzMBgE
AgACMBIDBwQqAKZAEKADBwQqAKZAIKAwDQYJKoZIhvcNAQELBQADggEBAA9TDBAF
uZJZVsQha107N0k+hRClh8XUNh3tav0CTYnBO09aYaIJ9GQeY9Z4Cparr3fCcTic
kO9IWApZ4XQnCMrMI6/RaJWNzb22JyL1hw77lS8kri5yK1J4GxfLRlcW2DBET1Hr
tSdVwwESaUwNu8Sn234aRgf8wxTH1vp/83Ilh/cYe6Qv5lCGI1PtBy7jjUfpLfih
V6fiNSzrFmUvmSeo2yRYRsdYy5JYsmxnHC53NMDVpqtivOWrA/PrHicRGTi3HyF7
RUnagC15Lz2SyVOkZK/IY0xlCAp26OBO00/ruTxf12Ut7dGb5nrE3Kn9BODwX0oE
t39DPW0bq/nKeaI=
-----END CERTIFICATE-----
Generated at Sun May 3 14:47:50 2026 by rpki-client