Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/9ba3f5-8f3b-410e-acfc-0bc805e4d3ee/1/xITKiIhMJqr64QWowOp5Oos94Ts.roa
File: xITKiIhMJqr64QWowOp5Oos94Ts.roa (raw, json)
Hash identifier: 0jGjhsogZ02DOgH0lYdyo4DGk9IGywTmUiv2U/qvPr4=
Subject key identifier: C4:84:CA:88:88:4C:26:AA:FA:E1:05:A8:C0:EA:79:3A:8B:3D:E1:3B
Certificate issuer: /CN=94bd5921933292a2f93e049f8b81fb7650301c67
Certificate serial: 019E5F807D0680CCA6F7239E639EF60AEF00
Authority key identifier: 94:BD:59:21:93:32:92:A2:F9:3E:04:9F:8B:81:FB:76:50:30:1C:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lL1ZIZMykqL5PgSfi4H7dlAwHGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/9ba3f5-8f3b-410e-acfc-0bc805e4d3ee/1/xITKiIhMJqr64QWowOp5Oos94Ts.roa
Signing time: Mon 25 May 2026 14:18:36 +0000
ROA not before: Mon 25 May 2026 14:18:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 19905
IP address blocks: 91.226.235.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9d/9ba3f5-8f3b-410e-acfc-0bc805e4d3ee/1/lL1ZIZMykqL5PgSfi4H7dlAwHGc.crl
rsync://rpki.ripe.net/repository/DEFAULT/9d/9ba3f5-8f3b-410e-acfc-0bc805e4d3ee/1/lL1ZIZMykqL5PgSfi4H7dlAwHGc.mft
rsync://rpki.ripe.net/repository/DEFAULT/lL1ZIZMykqL5PgSfi4H7dlAwHGc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Jun 2026 07:00:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:5f:80:7d:06:80:cc:a6:f7:23:9e:63:9e:f6:0a:ef:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94bd5921933292a2f93e049f8b81fb7650301c67
Validity
Not Before: May 25 14:18:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c484ca88884c26aafae105a8c0ea793a8b3de13b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:7e:1e:1c:34:fc:0b:ac:81:19:af:c4:2f:b5:
2c:7f:bb:a2:5c:c5:12:6f:5a:ef:20:2a:99:ed:6a:
dd:80:e0:e4:2e:61:49:4d:99:6d:c0:5a:00:65:dc:
24:47:b0:15:96:5d:6b:55:96:3b:5c:f2:1b:6d:63:
4b:cc:38:a8:8f:72:ce:28:db:8e:78:19:6c:8a:43:
a7:db:65:71:d5:5a:69:ab:76:7d:be:fd:6b:23:df:
7b:ef:44:40:83:64:9c:d4:0e:34:84:5c:69:cf:1d:
ff:4a:db:41:bd:01:73:ff:7a:af:54:15:cd:26:1f:
ca:63:04:2f:cb:3e:ca:fc:18:be:ca:ce:44:13:de:
74:db:ea:cc:92:a4:a6:ef:08:42:c4:70:54:f0:d3:
b7:df:e6:38:58:32:a1:17:f7:e1:e8:0f:1a:5e:91:
91:94:bb:09:1b:ff:10:64:20:5d:c6:61:29:13:b0:
b6:6f:46:8f:93:a5:b3:a6:e7:c7:85:be:94:61:c7:
7a:50:25:c4:5f:c9:72:57:3d:96:cb:63:11:47:df:
37:49:8f:ee:0d:41:54:8f:0b:c9:a3:a8:08:73:07:
f5:e1:bb:4f:d2:82:a2:41:06:39:c6:3b:81:f3:02:
50:48:4f:aa:13:d7:49:17:bf:58:8c:3f:16:62:cd:
aa:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:84:CA:88:88:4C:26:AA:FA:E1:05:A8:C0:EA:79:3A:8B:3D:E1:3B
X509v3 Authority Key Identifier:
keyid:94:BD:59:21:93:32:92:A2:F9:3E:04:9F:8B:81:FB:76:50:30:1C:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lL1ZIZMykqL5PgSfi4H7dlAwHGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/9ba3f5-8f3b-410e-acfc-0bc805e4d3ee/1/xITKiIhMJqr64QWowOp5Oos94Ts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/9ba3f5-8f3b-410e-acfc-0bc805e4d3ee/1/lL1ZIZMykqL5PgSfi4H7dlAwHGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.226.235.0/24
Signature Algorithm: sha256WithRSAEncryption
69:6b:7b:cd:5d:d1:db:56:ba:f8:0e:6b:05:2a:c2:09:f0:7b:
6d:95:75:c2:f8:bd:2f:ec:42:40:ea:61:8e:fc:e6:7f:8e:95:
f5:02:74:19:cf:b9:d1:01:80:a6:84:cb:1a:86:67:a6:d4:9e:
a7:6e:be:ed:e6:a4:28:6c:cf:ad:2f:24:0f:7e:aa:27:1f:e8:
8b:70:4a:d9:49:9e:d9:1b:30:7b:75:79:d6:9c:65:75:ea:eb:
11:d4:bd:57:9c:4e:58:5f:cb:5f:1a:e6:a3:9e:72:30:fb:1f:
ae:ce:dc:cd:22:da:1c:ca:35:c7:1a:fb:41:c7:fb:79:72:c4:
e6:be:5d:68:de:81:df:1d:35:f7:58:31:3f:b5:ed:63:0f:01:
fe:99:55:58:3e:ed:52:9d:f1:92:7d:d8:a4:c2:ca:26:40:41:
7e:20:1c:f7:c8:b0:f8:1c:62:5d:e5:2b:d3:b2:6d:65:14:76:
a4:9b:d0:e1:19:19:36:48:c2:d7:69:63:50:1b:c5:64:6f:2e:
0b:52:79:ea:e5:fe:ba:40:26:86:cf:3f:60:4c:7c:84:cb:95:
b1:60:f1:40:8d:a9:4e:5d:ae:35:3f:79:a7:10:3f:b3:94:2c:
9a:16:ae:32:18:f6:a4:72:3c:da:06:ce:ac:33:ac:ae:32:f0:
e0:04:e8:07
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ5fgH0GgMym9yOeY572Cu8AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0YmQ1OTIxOTMzMjkyYTJmOTNlMDQ5ZjhiODFmYjc2NTAz
MDFjNjcwHhcNMjYwNTI1MTQxODM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDg0Y2E4ODg4NGMyNmFhZmFlMTA1YThjMGVhNzkzYThiM2RlMTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsn4eHDT8C6yBGa/EL7Usf7uiXMUS
b1rvICqZ7WrdgODkLmFJTZltwFoAZdwkR7AVll1rVZY7XPIbbWNLzDioj3LOKNuO
eBlsikOn22Vx1Vppq3Z9vv1rI99770RAg2Sc1A40hFxpzx3/SttBvQFz/3qvVBXN
Jh/KYwQvyz7K/Bi+ys5EE9502+rMkqSm7whCxHBU8NO33+Y4WDKhF/fh6A8aXpGR
lLsJG/8QZCBdxmEpE7C2b0aPk6WzpufHhb6UYcd6UCXEX8lyVz2Wy2MRR983SY/u
DUFUjwvJo6gIcwf14btP0oKiQQY5xjuB8wJQSE+qE9dJF79YjD8WYs2qiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMSEyoiITCaq+uEFqMDqeTqLPeE7MB8GA1UdIwQY
MBaAFJS9WSGTMpKi+T4En4uB+3ZQMBxnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEwxWklaTXlrcUw1UGdTZmk0SDdkbEF3SEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC85YmEzZjUtOGYzYi00MTBlLWFjZmMt
MGJjODA1ZTRkM2VlLzEveElUS2lJaE1KcXI2NFFXb3dPcDVPb3M5NFRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC85YmEzZjUtOGYzYi00MTBlLWFjZmMtMGJjODA1ZTRkM2Vl
LzEvbEwxWklaTXlrcUw1UGdTZmk0SDdkbEF3SEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+LrMA0G
CSqGSIb3DQEBCwUAA4IBAQBpa3vNXdHbVrr4DmsFKsIJ8HttlXXC+L0v7EJA6mGO
/OZ/jpX1AnQZz7nRAYCmhMsahmem1J6nbr7t5qQobM+tLyQPfqonH+iLcErZSZ7Z
GzB7dXnWnGV16usR1L1XnE5YX8tfGuajnnIw+x+uztzNItocyjXHGvtBx/t5csTm
vl1o3oHfHTX3WDE/te1jDwH+mVVYPu1SnfGSfdikwsomQEF+IBz3yLD4HGJd5SvT
sm1lFHakm9DhGRk2SMLXaWNQG8Vkby4LUnnq5f66QCaGzz9gTHyEy5WxYPFAjalO
Xa41P3mnED+zlCyaFq4yGPakcjzaBs6sM6yuMvDgBOgH
-----END CERTIFICATE-----
Generated at Thu Jun 4 11:18:31 2026 by rpki-client