Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/617e9a-0d3a-47f8-9856-1da055e8b4f3/1/isUJZOaXIRAqYRY6Xld132B6Ex8.roa
File: isUJZOaXIRAqYRY6Xld132B6Ex8.roa (raw, json)
Hash identifier: NI6Uy2XnIgyFjNGQe4ZCVVIsMvDHrME9JquZr4Xe+qs=
Subject key identifier: 8A:C5:09:64:E6:97:21:10:2A:61:16:3A:5E:57:75:DF:60:7A:13:1F
Certificate issuer: /CN=1394ee52c365ad1d3abc0e30e40d110599261790
Certificate serial: 019DD3E8E78EA9AE33ADEEB278B2B3CAD04F
Authority key identifier: 13:94:EE:52:C3:65:AD:1D:3A:BC:0E:30:E4:0D:11:05:99:26:17:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E5TuUsNlrR06vA4w5A0RBZkmF5A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/617e9a-0d3a-47f8-9856-1da055e8b4f3/1/isUJZOaXIRAqYRY6Xld132B6Ex8.roa
Signing time: Tue 28 Apr 2026 11:45:49 +0000
ROA not before: Tue 28 Apr 2026 11:45:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 56373
IP address blocks: 62.122.120.0/21 maxlen: 21
62.122.120.0/22 maxlen: 22
62.122.120.0/24 maxlen: 24
62.122.121.0/24 maxlen: 24
62.122.122.0/24 maxlen: 24
62.122.123.0/24 maxlen: 24
62.122.124.0/22 maxlen: 22
62.122.124.0/24 maxlen: 24
62.122.125.0/24 maxlen: 24
62.122.127.0/24 maxlen: 24
91.224.116.0/23 maxlen: 23
91.224.116.0/24 maxlen: 24
185.53.144.0/22 maxlen: 22
185.53.144.0/24 maxlen: 24
185.53.145.0/24 maxlen: 24
185.53.146.0/24 maxlen: 24
194.49.104.0/22 maxlen: 22
194.49.104.0/24 maxlen: 24
194.49.105.0/24 maxlen: 24
194.49.106.0/24 maxlen: 24
194.49.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/617e9a-0d3a-47f8-9856-1da055e8b4f3/1/E5TuUsNlrR06vA4w5A0RBZkmF5A.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/617e9a-0d3a-47f8-9856-1da055e8b4f3/1/E5TuUsNlrR06vA4w5A0RBZkmF5A.mft
rsync://rpki.ripe.net/repository/DEFAULT/E5TuUsNlrR06vA4w5A0RBZkmF5A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Apr 2026 11:45:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d3:e8:e7:8e:a9:ae:33:ad:ee:b2:78:b2:b3:ca:d0:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1394ee52c365ad1d3abc0e30e40d110599261790
Validity
Not Before: Apr 28 11:45:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8ac50964e69721102a61163a5e5775df607a131f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:9c:d7:60:0f:c3:b3:af:65:97:be:0a:23:17:
a3:63:90:03:9b:b3:92:32:46:d0:08:e2:23:b5:ce:
8c:3e:dc:e8:0d:74:a3:19:b3:dd:d7:d1:7a:0e:e9:
cc:98:2f:72:95:cc:db:ca:b9:f6:86:bc:81:e8:2b:
f1:73:d0:48:74:f0:4e:0c:c1:2e:04:3a:aa:43:7a:
e0:b3:d0:b7:75:83:7b:57:66:a1:52:70:21:6e:e6:
53:e0:08:39:d7:d3:ea:9a:0b:32:de:fb:ef:2c:72:
b8:92:ee:48:cd:b3:46:0d:a3:2f:f6:45:09:77:2a:
1e:26:56:37:84:b1:33:fc:26:67:eb:63:a0:42:99:
e2:6c:08:2f:14:ec:3c:6e:b4:60:46:54:ef:9e:16:
d5:8d:e5:06:ca:f5:30:82:15:c1:5f:65:8d:29:fd:
d3:c7:8a:91:8d:40:7d:49:fc:86:e0:76:13:9e:f8:
ef:66:2d:9d:ca:26:31:e6:d0:cd:fa:c2:03:d7:44:
5c:ef:bd:d9:b4:68:51:b7:07:b3:e1:c2:3d:90:d5:
8e:ea:4f:7d:67:0d:ae:01:92:6b:53:e7:b0:f4:b0:
00:14:65:4f:f6:f8:40:5c:f5:4c:5e:66:f2:91:0a:
bb:92:24:fa:ba:b6:0e:f2:78:27:41:1d:ec:22:0e:
e9:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:C5:09:64:E6:97:21:10:2A:61:16:3A:5E:57:75:DF:60:7A:13:1F
X509v3 Authority Key Identifier:
keyid:13:94:EE:52:C3:65:AD:1D:3A:BC:0E:30:E4:0D:11:05:99:26:17:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E5TuUsNlrR06vA4w5A0RBZkmF5A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/617e9a-0d3a-47f8-9856-1da055e8b4f3/1/isUJZOaXIRAqYRY6Xld132B6Ex8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/617e9a-0d3a-47f8-9856-1da055e8b4f3/1/E5TuUsNlrR06vA4w5A0RBZkmF5A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.122.120.0/21
91.224.116.0/23
185.53.144.0/22
194.49.104.0/22
Signature Algorithm: sha256WithRSAEncryption
35:81:bf:87:19:00:4c:4b:39:46:4f:7e:aa:53:03:b8:56:08:
7b:61:4c:eb:57:b4:22:49:04:e8:01:34:0d:68:56:eb:e6:92:
7e:ec:b4:5b:6b:8b:1a:45:fd:54:33:38:56:67:46:51:d2:99:
05:51:b1:06:bf:e4:e6:eb:54:bd:ae:9b:85:54:c6:06:b4:b8:
e4:f6:86:23:59:6f:32:b7:14:20:bd:40:b7:7b:51:26:65:4b:
18:e6:9a:b8:fe:57:85:c5:67:fd:06:08:68:01:6b:9c:25:88:
e1:62:93:d2:37:83:c2:cf:09:a5:aa:c4:3c:0c:cc:db:d7:53:
c3:6d:22:dc:c5:bd:90:f2:98:88:38:07:ff:24:4d:98:27:84:
6c:79:b5:38:53:d0:cc:d0:4c:fc:85:9a:b0:fd:04:c8:d0:bc:
35:01:a9:bc:dc:26:cc:a6:a3:9b:c8:2e:53:06:a0:5b:39:a3:
3a:8f:c6:01:8c:08:1e:6e:76:4a:84:66:57:af:a0:62:18:36:
42:24:f2:a4:95:74:56:0a:b1:d5:5e:a7:a7:6d:4e:c0:f1:50:
ef:59:47:e6:fc:d2:12:82:d9:16:dc:5f:6b:0b:60:b7:fc:9e:
07:67:b9:89:91:be:e6:23:e8:55:2c:d4:19:4d:dd:51:14:7c:
2c:e8:42:99
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ3T6OeOqa4zre6yeLKzytBPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzOTRlZTUyYzM2NWFkMWQzYWJjMGUzMGU0MGQxMTA1OTky
NjE3OTAwHhcNMjYwNDI4MTE0NTQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWM1MDk2NGU2OTcyMTEwMmE2MTE2M2E1ZTU3NzVkZjYwN2ExMzFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtpzXYA/Ds69ll74KIxejY5ADm7OS
MkbQCOIjtc6MPtzoDXSjGbPd19F6DunMmC9ylczbyrn2hryB6Cvxc9BIdPBODMEu
BDqqQ3rgs9C3dYN7V2ahUnAhbuZT4Ag519Pqmgsy3vvvLHK4ku5IzbNGDaMv9kUJ
dyoeJlY3hLEz/CZn62OgQpnibAgvFOw8brRgRlTvnhbVjeUGyvUwghXBX2WNKf3T
x4qRjUB9SfyG4HYTnvjvZi2dyiYx5tDN+sID10Rc773ZtGhRtwez4cI9kNWO6k99
Zw2uAZJrU+ew9LAAFGVP9vhAXPVMXmbykQq7kiT6urYO8ngnQR3sIg7peQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIrFCWTmlyEQKmEWOl5Xdd9gehMfMB8GA1UdIwQY
MBaAFBOU7lLDZa0dOrwOMOQNEQWZJheQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTVUdVVzTmxyUjA2dkE0dzVBMFJCWmttRjVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny82MTdlOWEtMGQzYS00N2Y4LTk4NTYt
MWRhMDU1ZThiNGYzLzEvaXNVSlpPYVhJUkFxWVJZNlhsZDEzMkI2RXg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny82MTdlOWEtMGQzYS00N2Y4LTk4NTYtMWRhMDU1ZThiNGYz
LzEvRTVUdVVzTmxyUjA2dkE0dzVBMFJCWmttRjVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDPnp4AwQB
W+B0AwQCuTWQAwQCwjFoMA0GCSqGSIb3DQEBCwUAA4IBAQA1gb+HGQBMSzlGT36q
UwO4Vgh7YUzrV7QiSQToATQNaFbr5pJ+7LRba4saRf1UMzhWZ0ZR0pkFUbEGv+Tm
61S9rpuFVMYGtLjk9oYjWW8ytxQgvUC3e1EmZUsY5pq4/leFxWf9BghoAWucJYjh
YpPSN4PCzwmlqsQ8DMzb11PDbSLcxb2Q8piIOAf/JE2YJ4RsebU4U9DM0Ez8hZqw
/QTI0Lw1Aam83CbMpqObyC5TBqBbOaM6j8YBjAgebnZKhGZXr6BiGDZCJPKklXRW
CrHVXqenbU7A8VDvWUfm/NISgtkW3F9rC2C3/J4HZ7mJkb7mI+hVLNQZTd1RFHws
6EKZ
-----END CERTIFICATE-----
Generated at Tue Apr 28 19:53:28 2026 by rpki-client