Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/kYRR38ICq9ItDhQJiQSFEmuaZCk.roa
File: kYRR38ICq9ItDhQJiQSFEmuaZCk.roa (raw, json)
Hash identifier: 2GZZrZK8I9JcWijw4HIji3r5v/uDz5lVmOVbPE0wJAU=
Subject key identifier: 91:84:51:DF:C2:02:AB:D2:2D:0E:14:09:89:04:85:12:6B:9A:64:29
Certificate issuer: /CN=c6f53c03d2f4e7f07a81ea903ecef01d68c68137
Certificate serial: 019DF88C3844FF955C5145FE7CE7E8D33C1A
Authority key identifier: C6:F5:3C:03:D2:F4:E7:F0:7A:81:EA:90:3E:CE:F0:1D:68:C6:81:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xvU8A9L05_B6geqQPs7wHWjGgTc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/kYRR38ICq9ItDhQJiQSFEmuaZCk.roa
Signing time: Tue 05 May 2026 14:30:32 +0000
ROA not before: Tue 05 May 2026 14:30:32 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 398549
IP address blocks: 69.38.204.0/22 maxlen: 24
69.38.204.0/24 maxlen: 24
69.38.205.0/24 maxlen: 24
69.38.206.0/24 maxlen: 24
69.38.207.0/24 maxlen: 24
176.10.89.0/24 maxlen: 24
2a13:d8c1::/32 maxlen: 32
2a13:d8c2::/32 maxlen: 48
2a13:d8c3::/32 maxlen: 32
2a13:d8c3:2::/48 maxlen: 48
2a13:d8c3:5::/48 maxlen: 48
2a13:d8c3:7::/48 maxlen: 48
2a13:d8c5::/32 maxlen: 32
2a13:d8c6::/32 maxlen: 32
2a13:d8c7::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/xvU8A9L05_B6geqQPs7wHWjGgTc.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/xvU8A9L05_B6geqQPs7wHWjGgTc.mft
rsync://rpki.ripe.net/repository/DEFAULT/xvU8A9L05_B6geqQPs7wHWjGgTc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 May 2026 14:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:f8:8c:38:44:ff:95:5c:51:45:fe:7c:e7:e8:d3:3c:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6f53c03d2f4e7f07a81ea903ecef01d68c68137
Validity
Not Before: May 5 14:30:32 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=918451dfc202abd22d0e1409890485126b9a6429
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:88:54:25:45:d0:32:82:9a:84:08:dc:63:81:
d1:06:24:f3:f8:d3:82:e7:81:6a:f7:4e:1b:74:d3:
61:06:cb:83:7c:a9:3d:e4:f2:2f:28:18:27:3d:e0:
b0:aa:af:aa:80:64:c5:67:f1:c9:8e:c3:69:93:da:
97:28:4b:ac:09:c4:da:5d:6f:88:f0:39:75:6b:73:
36:55:f8:e3:d3:2c:ca:25:4f:6a:83:32:89:b7:77:
e8:8d:96:c4:46:63:9c:32:92:99:3a:31:2f:df:56:
4e:43:74:2d:a4:ea:4c:b9:54:b9:26:97:7c:13:fa:
3d:57:4c:3a:fc:c2:87:01:d8:49:86:e4:ca:43:4f:
34:b7:fd:9c:f8:e5:76:4f:38:5b:c4:16:25:ae:b7:
7c:7b:7f:55:35:d2:a9:0d:29:c0:02:b5:2f:e1:8f:
e9:51:b2:86:f8:41:5e:31:08:ac:56:f9:7e:5b:07:
1a:43:e7:a4:87:06:4b:a1:fa:35:d3:a2:3f:1a:f3:
c2:d2:f9:b5:a5:b8:e9:1e:ea:9f:86:b1:3d:40:6f:
f3:49:39:60:a6:d2:4e:9d:a9:c5:88:d4:70:b3:af:
83:2e:ed:8a:98:cc:7b:07:e3:f3:b0:d7:c2:8a:9a:
fd:ff:6e:41:dd:c2:8e:b0:1d:22:95:3d:b5:a4:dd:
d5:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:84:51:DF:C2:02:AB:D2:2D:0E:14:09:89:04:85:12:6B:9A:64:29
X509v3 Authority Key Identifier:
keyid:C6:F5:3C:03:D2:F4:E7:F0:7A:81:EA:90:3E:CE:F0:1D:68:C6:81:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xvU8A9L05_B6geqQPs7wHWjGgTc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/kYRR38ICq9ItDhQJiQSFEmuaZCk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/xvU8A9L05_B6geqQPs7wHWjGgTc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
69.38.204.0/22
176.10.89.0/24
IPv6:
2a13:d8c1::-2a13:d8c3:ffff:ffff:ffff:ffff:ffff:ffff
2a13:d8c5::-2a13:d8c7:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
03:52:d0:75:e9:db:08:a3:25:56:7e:d8:33:d2:f5:cb:81:35:
32:19:fe:63:87:6c:c1:8d:00:83:22:33:66:f6:36:57:fa:da:
6f:a2:8f:48:72:3d:04:a5:6e:2d:47:8e:7f:2f:bb:46:a6:1f:
de:ba:d1:d2:24:0c:d6:3b:5a:51:9d:a2:39:96:07:bb:fc:af:
3b:c6:2a:62:ea:b8:4d:a4:2b:ad:59:d6:b7:a7:ea:63:d6:80:
d0:d8:01:ea:3e:c5:63:2f:ed:96:0d:1c:6d:07:19:fb:0f:3a:
bf:bd:01:3f:af:8a:ca:3a:a7:10:39:61:67:48:1e:ad:be:6f:
63:8a:c6:0d:09:6b:da:6f:20:64:9d:74:c7:7c:03:35:93:52:
cb:6b:8a:fe:d4:a5:43:dd:62:42:dc:34:5e:23:5f:2d:fa:01:
42:6f:ef:36:d6:ef:c9:69:5a:3a:89:38:b9:75:2f:0c:52:1f:
fc:bc:46:95:4f:38:f1:ae:3d:75:b3:38:62:09:c4:12:27:66:
6b:69:9d:02:2b:74:fb:63:95:25:15:7a:4b:9c:5d:82:64:61:
f7:a8:ff:ef:2a:2e:b0:ec:03:db:a3:79:f2:99:7e:7b:c7:82:
94:83:3e:9f:f0:a3:df:4b:da:b1:f2:f1:8b:96:01:1e:b5:a7:
f0:e0:5b:78
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZ34jDhE/5VcUUX+fOfo0zwaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2ZjUzYzAzZDJmNGU3ZjA3YTgxZWE5MDNlY2VmMDFkNjhj
NjgxMzcwHhcNMjYwNTA1MTQzMDMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTg0NTFkZmMyMDJhYmQyMmQwZTE0MDk4OTA0ODUxMjZiOWE2NDI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYhUJUXQMoKahAjcY4HRBiTz+NOC
54Fq904bdNNhBsuDfKk95PIvKBgnPeCwqq+qgGTFZ/HJjsNpk9qXKEusCcTaXW+I
8Dl1a3M2Vfjj0yzKJU9qgzKJt3fojZbERmOcMpKZOjEv31ZOQ3QtpOpMuVS5Jpd8
E/o9V0w6/MKHAdhJhuTKQ080t/2c+OV2TzhbxBYlrrd8e39VNdKpDSnAArUv4Y/p
UbKG+EFeMQisVvl+WwcaQ+ekhwZLofo106I/GvPC0vm1pbjpHuqfhrE9QG/zSTlg
ptJOnanFiNRws6+DLu2KmMx7B+PzsNfCipr9/25B3cKOsB0ilT21pN3VtQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFJGEUd/CAqvSLQ4UCYkEhRJrmmQpMB8GA1UdIwQY
MBaAFMb1PAPS9OfweoHqkD7O8B1oxoE3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHZVOEE5TDA1X0I2Z2VxUVBzN3dIV2pHZ1RjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8zYzIyN2MtNDcwNi00Nzg3LTlhMDct
OTBlYTM3MjljNTc0LzEva1lSUjM4SUNxOUl0RGhRSmlRU0ZFbXVhWkNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8zYzIyN2MtNDcwNi00Nzg3LTlhMDctOTBlYTM3MjljNTc0
LzEveHZVOEE5TDA1X0I2Z2VxUVBzN3dIV2pHZ1RjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDASBAIAATAMAwQCRSbMAwQA
sApZMCYEAgACMCAwDgMFACoT2MEDBQIqE9jAMA4DBQAqE9jFAwUDKhPYwDANBgkq
hkiG9w0BAQsFAAOCAQEAA1LQdenbCKMlVn7YM9L1y4E1Mhn+Y4dswY0AgyIzZvY2
V/rab6KPSHI9BKVuLUeOfy+7RqYf3rrR0iQM1jtaUZ2iOZYHu/yvO8YqYuq4TaQr
rVnWt6fqY9aA0NgB6j7FYy/tlg0cbQcZ+w86v70BP6+KyjqnEDlhZ0gerb5vY4rG
DQlr2m8gZJ10x3wDNZNSy2uK/tSlQ91iQtw0XiNfLfoBQm/vNtbvyWlaOok4uXUv
DFIf/LxGlU848a49dbM4YgnEEidma2mdAit0+2OVJRV6S5xdgmRh96j/7yousOwD
26N58pl+e8eClIM+n/Cj30vasfLxi5YBHrWn8OBbeA==
-----END CERTIFICATE-----
Generated at Fri May 8 22:45:14 2026 by rpki-client