Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/f251ed-5967-4ddd-932b-7d40b7c8fb01/1/4y8Ch0VP7oOT5yu33LhGHOlG4Xk.roa
File: 4y8Ch0VP7oOT5yu33LhGHOlG4Xk.roa (raw, json)
Hash identifier: 9/e/rEvOGpg0mwW5WgBt/gu28mPeM/IxWbsPTRivGT4=
Subject key identifier: E3:2F:02:87:45:4F:EE:83:93:E7:2B:B7:DC:B8:46:1C:E9:46:E1:79
Certificate issuer: /CN=32a77427c03709b339a95b0ad9a4ac9d2c92c903
Certificate serial: 019E7073F23B99F8D26D40AC6033F770A906
Authority key identifier: 32:A7:74:27:C0:37:09:B3:39:A9:5B:0A:D9:A4:AC:9D:2C:92:C9:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mqd0J8A3CbM5qVsK2aSsnSySyQM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/f251ed-5967-4ddd-932b-7d40b7c8fb01/1/4y8Ch0VP7oOT5yu33LhGHOlG4Xk.roa
Signing time: Thu 28 May 2026 21:18:27 +0000
ROA not before: Thu 28 May 2026 21:18:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 47682
IP address blocks: 91.197.180.0/24 maxlen: 24
91.197.182.0/24 maxlen: 24
91.205.8.0/22 maxlen: 22
2001:67c:18c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/f251ed-5967-4ddd-932b-7d40b7c8fb01/1/Mqd0J8A3CbM5qVsK2aSsnSySyQM.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/f251ed-5967-4ddd-932b-7d40b7c8fb01/1/Mqd0J8A3CbM5qVsK2aSsnSySyQM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Mqd0J8A3CbM5qVsK2aSsnSySyQM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 20:26:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:70:73:f2:3b:99:f8:d2:6d:40:ac:60:33:f7:70:a9:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32a77427c03709b339a95b0ad9a4ac9d2c92c903
Validity
Not Before: May 28 21:18:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e32f0287454fee8393e72bb7dcb8461ce946e179
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:a4:a6:a1:f4:38:65:b5:e4:76:88:60:43:ea:
fd:d2:e6:d8:61:da:88:3e:5c:db:43:d7:50:3c:2b:
97:28:6b:63:d9:a2:5d:af:d9:dd:36:ac:3e:21:12:
1e:c2:90:76:c2:5e:c0:e7:eb:d3:a4:13:c1:ee:4f:
95:eb:0f:53:ce:9c:7f:72:52:98:f5:bb:f9:36:0a:
0a:b3:7e:5f:84:8f:f6:10:bc:41:66:97:7a:0d:b4:
c2:c6:54:8f:74:d8:7b:54:1a:fa:3d:42:b7:1f:06:
7d:05:a8:45:50:e1:a6:a4:e9:cf:59:be:04:8c:8e:
09:9c:62:60:f5:67:4a:e5:c1:cc:73:5f:40:9f:40:
d5:58:54:93:e6:9a:7d:7b:5a:9d:78:e2:2f:d7:15:
05:17:9b:f7:5d:b6:03:e0:df:96:71:e4:75:91:a8:
29:a2:70:06:30:b0:80:bf:05:c5:40:35:e9:31:65:
1c:9a:7c:27:1c:02:b5:4d:67:2c:1b:c8:e4:95:8a:
3a:3b:3d:bd:f2:81:b5:9d:05:7d:27:43:8a:91:12:
a6:91:ce:04:4c:e6:18:95:8f:4d:69:a5:fa:5d:b7:
d3:fe:66:87:1b:96:06:ce:98:e3:91:6c:00:91:75:
cd:cb:b8:99:84:28:f9:e1:cf:89:ff:21:58:12:83:
c7:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:2F:02:87:45:4F:EE:83:93:E7:2B:B7:DC:B8:46:1C:E9:46:E1:79
X509v3 Authority Key Identifier:
keyid:32:A7:74:27:C0:37:09:B3:39:A9:5B:0A:D9:A4:AC:9D:2C:92:C9:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mqd0J8A3CbM5qVsK2aSsnSySyQM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/f251ed-5967-4ddd-932b-7d40b7c8fb01/1/4y8Ch0VP7oOT5yu33LhGHOlG4Xk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/f251ed-5967-4ddd-932b-7d40b7c8fb01/1/Mqd0J8A3CbM5qVsK2aSsnSySyQM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.197.180.0/24
91.197.182.0/24
91.205.8.0/22
IPv6:
2001:67c:18c::/48
Signature Algorithm: sha256WithRSAEncryption
2e:4f:d1:9b:12:54:22:de:ef:cc:d2:2a:48:8e:0c:b6:ee:a3:
14:dc:d2:49:b6:2f:12:14:5f:03:aa:fa:40:41:b4:7b:3e:3e:
0d:ef:61:2c:42:a8:7a:38:f9:a4:1f:9e:13:11:47:36:bd:a5:
ef:b3:77:fe:95:ff:8c:5d:2a:5c:c3:b9:59:55:c3:17:85:88:
e6:b9:cb:19:b8:99:e1:f3:a9:a0:50:cc:c0:18:7a:31:22:88:
e8:2b:04:2d:d2:11:50:a8:1e:53:50:8a:8a:37:f2:b5:60:2c:
68:5e:12:56:a1:73:f0:b1:5c:8d:41:ab:5f:e6:02:c6:71:95:
c7:2d:3e:70:20:b5:23:18:71:34:e4:e4:2c:e5:04:92:c0:86:
c2:11:9b:c5:1d:4d:72:fa:bb:f6:7b:e1:e3:2c:a2:28:fc:1e:
e8:50:a9:95:cb:6a:40:f5:08:99:6d:d0:91:43:9d:15:8d:12:
e6:54:17:f7:c6:f3:bd:b2:d5:7c:0d:af:8f:dd:cb:f2:68:e5:
49:75:ed:73:b9:02:a0:84:da:5e:e1:9b:f5:26:bb:80:d1:b5:
5e:85:c7:71:18:df:45:e0:df:8a:e8:0d:58:be:84:01:b4:5f:
4d:58:f0:5b:97:71:91:69:cd:d0:0b:97:28:6d:31:6e:37:f7:
74:22:54:0e
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZ5wc/I7mfjSbUCsYDP3cKkGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyYTc3NDI3YzAzNzA5YjMzOWE5NWIwYWQ5YTRhYzlkMmM5
MmM5MDMwHhcNMjYwNTI4MjExODI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzJmMDI4NzQ1NGZlZTgzOTNlNzJiYjdkY2I4NDYxY2U5NDZlMTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoaSmofQ4ZbXkdohgQ+r90ubYYdqI
PlzbQ9dQPCuXKGtj2aJdr9ndNqw+IRIewpB2wl7A5+vTpBPB7k+V6w9Tzpx/clKY
9bv5NgoKs35fhI/2ELxBZpd6DbTCxlSPdNh7VBr6PUK3HwZ9BahFUOGmpOnPWb4E
jI4JnGJg9WdK5cHMc19An0DVWFST5pp9e1qdeOIv1xUFF5v3XbYD4N+WceR1kagp
onAGMLCAvwXFQDXpMWUcmnwnHAK1TWcsG8jklYo6Oz298oG1nQV9J0OKkRKmkc4E
TOYYlY9NaaX6XbfT/maHG5YGzpjjkWwAkXXNy7iZhCj54c+J/yFYEoPH7QIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFOMvAodFT+6Dk+crt9y4RhzpRuF5MB8GA1UdIwQY
MBaAFDKndCfANwmzOalbCtmkrJ0skskDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXFkMEo4QTNDYk01cVZzSzJhU3NuU3lTeVFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9mMjUxZWQtNTk2Ny00ZGRkLTkzMmIt
N2Q0MGI3YzhmYjAxLzEvNHk4Q2gwVlA3b09UNXl1MzNMaEdIT2xHNFhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy9mMjUxZWQtNTk2Ny00ZGRkLTkzMmItN2Q0MGI3YzhmYjAx
LzEvTXFkMEo4QTNDYk01cVZzSzJhU3NuU3lTeVFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAW8W0AwQA
W8W2AwQCW80IMA8EAgACMAkDBwAgAQZ8AYwwDQYJKoZIhvcNAQELBQADggEBAC5P
0ZsSVCLe78zSKkiODLbuoxTc0km2LxIUXwOq+kBBtHs+Pg3vYSxCqHo4+aQfnhMR
Rza9pe+zd/6V/4xdKlzDuVlVwxeFiOa5yxm4meHzqaBQzMAYejEiiOgrBC3SEVCo
HlNQioo38rVgLGheElahc/CxXI1Bq1/mAsZxlcctPnAgtSMYcTTk5CzlBJLAhsIR
m8UdTXL6u/Z74eMsoij8HuhQqZXLakD1CJlt0JFDnRWNEuZUF/fG872y1XwNr4/d
y/Jo5Ul17XO5AqCE2l7hm/Umu4DRtV6Fx3EY30Xg34roDVi+hAG0X01Y8FuXcZFp
zdALlyhtMW4393QiVA4=
-----END CERTIFICATE-----
Generated at Fri Jun 12 05:13:52 2026 by rpki-client