Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/68cfc5-2ec6-4b59-b12e-6e36b2f1706b/1/Ptns1aj1-mp6wXpfkNSnzIUQg2M.roa
File: Ptns1aj1-mp6wXpfkNSnzIUQg2M.roa (raw, json)
Hash identifier: YJhTXg15y7lXDt6el4G9uRQ6GoxJANZucXloZAXI/Mc=
Subject key identifier: 3E:D9:EC:D5:A8:F5:FA:6A:7A:C1:7A:5F:90:D4:A7:CC:85:10:83:63
Certificate issuer: /CN=cbe3da3582a22830ec4e67547e75fa3b9da20b23
Certificate serial: 019E22EF1E042B866BBE3563A1AA0F36FBCC
Authority key identifier: CB:E3:DA:35:82:A2:28:30:EC:4E:67:54:7E:75:FA:3B:9D:A2:0B:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y-PaNYKiKDDsTmdUfnX6O52iCyM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/68cfc5-2ec6-4b59-b12e-6e36b2f1706b/1/Ptns1aj1-mp6wXpfkNSnzIUQg2M.roa
Signing time: Wed 13 May 2026 20:02:36 +0000
ROA not before: Wed 13 May 2026 20:02:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 211071
IP address blocks: 91.213.202.0/24 maxlen: 24
2a11:b44:c000::/48 maxlen: 48
2a11:b44:c001::/48 maxlen: 48
2a11:b44:c002::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/68cfc5-2ec6-4b59-b12e-6e36b2f1706b/1/y-PaNYKiKDDsTmdUfnX6O52iCyM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/68cfc5-2ec6-4b59-b12e-6e36b2f1706b/1/y-PaNYKiKDDsTmdUfnX6O52iCyM.mft
rsync://rpki.ripe.net/repository/DEFAULT/y-PaNYKiKDDsTmdUfnX6O52iCyM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Jun 2026 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:22:ef:1e:04:2b:86:6b:be:35:63:a1:aa:0f:36:fb:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbe3da3582a22830ec4e67547e75fa3b9da20b23
Validity
Not Before: May 13 20:02:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3ed9ecd5a8f5fa6a7ac17a5f90d4a7cc85108363
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:f0:5c:b0:27:30:37:93:bf:1a:df:bc:cb:e1:
f1:9e:92:29:64:a3:02:a3:42:51:00:4e:1e:4d:d4:
80:26:fe:b7:be:c7:0f:de:28:cc:fe:92:56:54:85:
42:45:f2:23:b7:45:3d:91:fa:f3:85:33:0c:f1:44:
3a:07:6e:c1:bc:38:2b:bf:9c:6c:19:d2:ee:1e:fe:
c6:02:c7:c0:93:4d:e4:01:68:1d:8b:ba:d1:28:69:
6f:2a:5d:c2:d9:39:ff:f6:73:9b:51:2f:03:6f:a1:
25:fb:ee:25:64:8e:6a:90:d1:37:f9:d5:8a:f3:1b:
0b:fb:87:9e:81:50:ee:49:bd:dd:76:a2:46:85:63:
2f:d9:5d:27:4b:8c:4d:c0:bb:0e:eb:97:58:5d:f5:
6a:bf:73:8d:a4:59:6e:7e:3b:5e:f9:e2:ec:aa:4e:
fd:0b:a0:cc:c5:c6:95:be:df:39:2a:2d:1d:47:6f:
f0:1e:c3:cc:9d:8f:0c:51:90:a3:1a:4c:cf:41:c5:
46:93:ba:4b:e4:30:4c:31:38:eb:64:6a:41:38:cf:
77:dc:d6:f1:74:f7:c8:2c:95:f6:4f:7d:88:a0:a8:
0e:ca:8a:7b:29:a4:42:2b:49:17:96:d9:11:1f:da:
3a:17:11:0c:9f:91:57:21:b1:a2:f4:ac:84:ac:a3:
b8:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:D9:EC:D5:A8:F5:FA:6A:7A:C1:7A:5F:90:D4:A7:CC:85:10:83:63
X509v3 Authority Key Identifier:
keyid:CB:E3:DA:35:82:A2:28:30:EC:4E:67:54:7E:75:FA:3B:9D:A2:0B:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y-PaNYKiKDDsTmdUfnX6O52iCyM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/68cfc5-2ec6-4b59-b12e-6e36b2f1706b/1/Ptns1aj1-mp6wXpfkNSnzIUQg2M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/68cfc5-2ec6-4b59-b12e-6e36b2f1706b/1/y-PaNYKiKDDsTmdUfnX6O52iCyM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.202.0/24
IPv6:
2a11:b44:c000::-2a11:b44:c002:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
bc:fb:99:91:4f:6a:a1:1a:83:18:85:6a:b4:45:51:09:9c:97:
24:f0:fe:f2:4b:d5:46:17:7a:9a:13:33:ac:d6:3d:2b:45:31:
dd:d3:ea:d7:87:bb:34:46:2a:7d:75:b8:6e:f1:b3:0c:99:04:
6f:6e:7e:d8:8e:ff:de:d8:74:4d:40:65:9b:59:f1:7f:9b:e2:
7d:f8:d2:21:80:be:32:bd:4c:22:94:d9:57:d8:7b:44:57:fc:
4d:61:93:d0:a9:a6:ed:93:0e:25:a9:10:35:c6:49:c4:57:77:
8f:8c:c2:5c:14:b6:3b:5f:94:16:23:07:5f:f4:b2:87:5f:11:
3d:0f:41:14:e5:e7:f7:ff:77:c9:32:7a:7c:46:56:b0:77:3f:
df:37:f6:6d:bd:57:df:4f:94:11:a7:6b:a3:9b:c7:4b:43:78:
fd:56:8b:ef:05:0a:51:6f:03:81:e2:bb:8a:af:2f:9b:d8:df:
01:c2:28:4b:13:52:b8:43:2c:a4:82:cc:00:82:a0:c1:4f:58:
53:23:1e:a3:d8:62:88:61:93:da:69:ec:7d:cd:4d:b8:fd:37:
a4:18:83:0d:be:e2:4e:bb:12:d1:b8:03:5c:c6:86:89:2f:80:
16:d3:24:83:b0:a5:2c:82:9a:55:d0:8d:7e:5f:33:5e:78:31:
98:7d:3e:47
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZ4i7x4EK4ZrvjVjoaoPNvvMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiZTNkYTM1ODJhMjI4MzBlYzRlNjc1NDdlNzVmYTNiOWRh
MjBiMjMwHhcNMjYwNTEzMjAwMjM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWQ5ZWNkNWE4ZjVmYTZhN2FjMTdhNWY5MGQ0YTdjYzg1MTA4MzYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4/BcsCcwN5O/Gt+8y+HxnpIpZKMC
o0JRAE4eTdSAJv63vscP3ijM/pJWVIVCRfIjt0U9kfrzhTMM8UQ6B27BvDgrv5xs
GdLuHv7GAsfAk03kAWgdi7rRKGlvKl3C2Tn/9nObUS8Db6El++4lZI5qkNE3+dWK
8xsL+4eegVDuSb3ddqJGhWMv2V0nS4xNwLsO65dYXfVqv3ONpFlufjte+eLsqk79
C6DMxcaVvt85Ki0dR2/wHsPMnY8MUZCjGkzPQcVGk7pL5DBMMTjrZGpBOM933Nbx
dPfILJX2T32IoKgOyop7KaRCK0kXltkRH9o6FxEMn5FXIbGi9KyErKO4LwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFD7Z7NWo9fpqesF6X5DUp8yFEINjMB8GA1UdIwQY
MBaAFMvj2jWCoigw7E5nVH51+judogsjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveS1QYU5ZS2lLRERzVG1kVWZuWDZPNTJpQ3lNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC82OGNmYzUtMmVjNi00YjU5LWIxMmUt
NmUzNmIyZjE3MDZiLzEvUHRuczFhajEtbXA2d1hwZmtOU256SVVRZzJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC82OGNmYzUtMmVjNi00YjU5LWIxMmUtNmUzNmIyZjE3MDZi
LzEveS1QYU5ZS2lLRERzVG1kVWZuWDZPNTJpQ3lNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAMBAIAATAGAwQAW9XKMBkE
AgACMBMwEQMGBioRC0TAAwcAKhELRMACMA0GCSqGSIb3DQEBCwUAA4IBAQC8+5mR
T2qhGoMYhWq0RVEJnJck8P7yS9VGF3qaEzOs1j0rRTHd0+rXh7s0Rip9dbhu8bMM
mQRvbn7Yjv/e2HRNQGWbWfF/m+J9+NIhgL4yvUwilNlX2HtEV/xNYZPQqabtkw4l
qRA1xknEV3ePjMJcFLY7X5QWIwdf9LKHXxE9D0EU5ef3/3fJMnp8Rlawdz/fN/Zt
vVffT5QRp2ujm8dLQ3j9VovvBQpRbwOB4ruKry+b2N8BwihLE1K4QyykgswAgqDB
T1hTIx6j2GKIYZPaaex9zU24/TekGIMNvuJOuxLRuANcxoaJL4AW0ySDsKUsgppV
0I1+XzNeeDGYfT5H
-----END CERTIFICATE-----
Generated at Sat Jun 6 04:55:10 2026 by rpki-client