Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/VIAQAuRhDMVFMOS_8Vtg3E1yErA.roa
File: VIAQAuRhDMVFMOS_8Vtg3E1yErA.roa (raw, json)
Hash identifier: z4XtjWR8C+AEueHD2J5uJ4mPgu2KWREYANpsAZXVpIA=
Subject key identifier: 54:80:10:02:E4:61:0C:C5:45:30:E4:BF:F1:5B:60:DC:4D:72:12:B0
Certificate issuer: /CN=1c7ad7754795ddd605f28838bb7cc359df7a266a
Certificate serial: 019E456B8CB97EB4A35418762E405C444115
Authority key identifier: 1C:7A:D7:75:47:95:DD:D6:05:F2:88:38:BB:7C:C3:59:DF:7A:26:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HHrXdUeV3dYF8og4u3zDWd96Jmo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/VIAQAuRhDMVFMOS_8Vtg3E1yErA.roa
Signing time: Wed 20 May 2026 12:45:36 +0000
ROA not before: Wed 20 May 2026 12:45:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 91.234.22.0/24 maxlen: 24
194.59.6.0/24 maxlen: 24
194.59.7.0/24 maxlen: 24
194.116.235.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/HHrXdUeV3dYF8og4u3zDWd96Jmo.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/HHrXdUeV3dYF8og4u3zDWd96Jmo.mft
rsync://rpki.ripe.net/repository/DEFAULT/HHrXdUeV3dYF8og4u3zDWd96Jmo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Jun 2026 19:19:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:45:6b:8c:b9:7e:b4:a3:54:18:76:2e:40:5c:44:41:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c7ad7754795ddd605f28838bb7cc359df7a266a
Validity
Not Before: May 20 12:45:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=54801002e4610cc54530e4bff15b60dc4d7212b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:99:7c:95:f6:56:b8:d2:64:66:20:73:cf:e0:
f8:29:34:ea:66:60:a7:a6:b7:ac:34:1d:d7:fd:0c:
1f:a6:76:52:ea:ea:69:b2:56:1a:04:f0:85:cf:32:
3d:36:89:5f:8b:4e:79:7a:5d:df:05:b2:be:28:b6:
e4:05:5a:04:0e:02:25:bb:3b:ba:3d:79:ee:12:45:
b3:00:64:36:1e:ac:99:de:6f:2c:a0:ea:5f:7e:34:
5a:3c:f7:08:00:62:c5:96:45:c9:bb:de:75:91:74:
53:1d:43:da:9f:4a:87:c3:c7:fa:98:be:cc:41:26:
0c:2f:36:4d:3e:bd:aa:0b:57:5b:10:57:22:2d:95:
8f:34:19:4e:5a:39:c8:7b:3f:95:a1:8b:93:6c:d4:
56:55:6c:d9:b8:c9:24:ca:c9:a1:25:9b:ca:a5:c0:
7b:fa:08:ca:3e:8a:f7:90:75:ac:3e:39:66:bc:17:
4e:85:b5:a6:49:30:7d:0e:3c:39:5b:56:c3:32:ff:
f0:1c:50:e3:a6:38:a2:6f:8d:86:0e:df:a4:c4:27:
c0:1e:39:bf:a2:e9:6c:79:98:89:84:2b:7d:67:37:
b6:d7:8d:bb:e4:61:69:51:cb:51:8b:2c:a5:40:c1:
ce:2d:f2:b9:5f:24:80:cd:c8:88:19:9f:a7:79:27:
82:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:80:10:02:E4:61:0C:C5:45:30:E4:BF:F1:5B:60:DC:4D:72:12:B0
X509v3 Authority Key Identifier:
keyid:1C:7A:D7:75:47:95:DD:D6:05:F2:88:38:BB:7C:C3:59:DF:7A:26:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HHrXdUeV3dYF8og4u3zDWd96Jmo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/VIAQAuRhDMVFMOS_8Vtg3E1yErA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/HHrXdUeV3dYF8og4u3zDWd96Jmo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.234.22.0/24
194.59.6.0/23
194.116.235.0/24
Signature Algorithm: sha256WithRSAEncryption
32:6d:2e:f4:3d:fb:37:0e:ca:a4:4a:4b:d7:99:90:3b:e6:59:
72:8a:ee:e3:ba:00:63:d9:4a:51:71:34:72:14:bf:e1:2c:05:
75:26:4d:a3:ad:0b:11:af:21:81:0f:58:2e:83:bb:4b:3f:62:
ba:2e:a7:39:2d:1e:e0:89:d3:ec:03:2c:ed:8d:17:3f:e0:db:
23:9d:a0:b1:d2:e9:66:7e:89:5f:aa:2b:89:dc:74:c0:28:7c:
22:4b:f5:2b:30:77:f6:84:31:ed:2c:e1:83:49:44:94:57:5f:
14:0e:ac:af:0d:a4:d4:3c:8c:4b:e9:d7:81:4f:ab:1c:f4:01:
8c:8a:3d:4f:ff:8a:16:e2:e9:96:0c:4c:18:df:16:48:b2:27:
78:c3:70:30:77:72:d1:07:99:2f:00:88:55:4c:ce:9e:bf:3c:
ab:1f:64:f6:20:17:50:90:81:a8:87:5e:da:31:83:53:47:dd:
51:b9:97:3a:91:f5:19:1b:38:45:61:5a:a7:07:c4:ec:9b:38:
cf:55:49:5c:43:09:a0:fc:a8:27:61:66:2c:b2:fd:c6:1d:90:
20:fe:63:fa:8c:9b:93:1e:f3:36:c2:6c:7a:ce:3b:6e:5b:1f:
59:93:67:d8:00:1f:fc:b1:bb:eb:d7:9a:fa:a3:1a:53:93:40:
b6:e8:30:8d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZ5Fa4y5frSjVBh2LkBcREEVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjN2FkNzc1NDc5NWRkZDYwNWYyODgzOGJiN2NjMzU5ZGY3
YTI2NmEwHhcNMjYwNTIwMTI0NTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDgwMTAwMmU0NjEwY2M1NDUzMGU0YmZmMTViNjBkYzRkNzIxMmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAspl8lfZWuNJkZiBzz+D4KTTqZmCn
presNB3X/QwfpnZS6uppslYaBPCFzzI9Nolfi055el3fBbK+KLbkBVoEDgIluzu6
PXnuEkWzAGQ2HqyZ3m8soOpffjRaPPcIAGLFlkXJu951kXRTHUPan0qHw8f6mL7M
QSYMLzZNPr2qC1dbEFciLZWPNBlOWjnIez+VoYuTbNRWVWzZuMkkysmhJZvKpcB7
+gjKPor3kHWsPjlmvBdOhbWmSTB9Djw5W1bDMv/wHFDjpjiib42GDt+kxCfAHjm/
oulseZiJhCt9Zze214275GFpUctRiyylQMHOLfK5XySAzciIGZ+neSeCswIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFSAEALkYQzFRTDkv/FbYNxNchKwMB8GA1UdIwQY
MBaAFBx613VHld3WBfKIOLt8w1nfeiZqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEhyWGRVZVYzZFlGOG9nNHUzekRXZDk2Sm1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9jNWE5ZTMtNjcyMi00YjZhLWJlNTgt
YWRhNWMyMGUzZjdiLzEvVklBUUF1UmhETVZGTU9TXzhWdGczRTF5RXJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9jNWE5ZTMtNjcyMi00YjZhLWJlNTgtYWRhNWMyMGUzZjdi
LzEvSEhyWGRVZVYzZFlGOG9nNHUzekRXZDk2Sm1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW+oWAwQB
wjsGAwQAwnTrMA0GCSqGSIb3DQEBCwUAA4IBAQAybS70Pfs3DsqkSkvXmZA75lly
iu7jugBj2UpRcTRyFL/hLAV1Jk2jrQsRryGBD1gug7tLP2K6Lqc5LR7gidPsAyzt
jRc/4NsjnaCx0ulmfolfqiuJ3HTAKHwiS/UrMHf2hDHtLOGDSUSUV18UDqyvDaTU
PIxL6deBT6sc9AGMij1P/4oW4umWDEwY3xZIsid4w3Awd3LRB5kvAIhVTM6evzyr
H2T2IBdQkIGoh17aMYNTR91RuZc6kfUZGzhFYVqnB8TsmzjPVUlcQwmg/KgnYWYs
sv3GHZAg/mP6jJuTHvM2wmx6zjtuWx9Zk2fYAB/8sbvr15r6oxpTk0C26DCN
-----END CERTIFICATE-----
Generated at Tue Jun 9 05:43:11 2026 by rpki-client