Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/RnPVD9gf9jZqdZp1P8aZvT1Sy1E.roa
File: RnPVD9gf9jZqdZp1P8aZvT1Sy1E.roa (raw, json)
Hash identifier: 3pjV0gpZSof9VU2uFqwQB+SFUSkzl8zy0feUmyfywNM=
Subject key identifier: 46:73:D5:0F:D8:1F:F6:36:6A:75:9A:75:3F:C6:99:BD:3D:52:CB:51
Certificate issuer: /CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Certificate serial: 019DD52B147D7B656FEA8AAE7585C07C29B2
Authority key identifier: 7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/RnPVD9gf9jZqdZp1P8aZvT1Sy1E.roa
Signing time: Tue 28 Apr 2026 17:37:43 +0000
ROA not before: Tue 28 Apr 2026 17:37:43 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215496
IP address blocks: 91.217.166.0/24 maxlen: 24
185.136.135.0/24 maxlen: 24
2a05:9080:12::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.mft
rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 02 May 2026 17:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d5:2b:14:7d:7b:65:6f:ea:8a:ae:75:85:c0:7c:29:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Validity
Not Before: Apr 28 17:37:43 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4673d50fd81ff6366a759a753fc699bd3d52cb51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:88:d2:bf:9d:82:98:0a:55:24:91:fe:16:80:
50:d5:5a:89:c9:8b:3e:84:08:97:be:73:a1:31:0c:
57:4e:aa:52:d6:2c:dc:08:ee:1f:df:c8:ae:30:1f:
ab:ba:bc:c0:07:ab:f1:28:62:3b:1b:07:f4:81:9b:
7f:67:42:d8:7c:81:bf:4a:d9:7f:23:07:a3:75:68:
e0:a4:07:54:80:93:a9:1e:c7:de:06:28:ce:4b:9e:
07:8f:3f:dc:45:29:1b:3a:6e:4e:54:91:c3:4f:bb:
49:a6:cd:73:fb:90:7b:39:a4:e7:ab:e5:96:70:b6:
bf:ae:9c:20:88:67:48:92:d6:6e:30:83:23:d9:cd:
82:09:a5:05:47:21:8a:5f:50:6d:6c:e8:87:4a:c1:
cb:91:fd:64:e3:81:9b:24:c4:01:9f:29:70:f3:3e:
99:7d:fe:0e:1c:27:80:71:5f:aa:38:9f:c2:07:0c:
a3:66:18:ce:cd:22:1b:7c:e0:3f:d6:32:b1:8f:20:
27:5c:9f:8b:37:3a:23:52:52:43:52:da:52:62:20:
24:0d:93:e3:21:2f:9c:dc:12:b8:67:02:17:82:44:
52:a4:35:86:6e:eb:59:c8:0a:af:99:b7:4a:17:6d:
b1:c3:2d:9b:89:bb:06:78:f0:2c:e5:e3:95:fa:8c:
ec:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:73:D5:0F:D8:1F:F6:36:6A:75:9A:75:3F:C6:99:BD:3D:52:CB:51
X509v3 Authority Key Identifier:
keyid:7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/RnPVD9gf9jZqdZp1P8aZvT1Sy1E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.166.0/24
185.136.135.0/24
IPv6:
2a05:9080:12::/48
Signature Algorithm: sha256WithRSAEncryption
d2:42:c8:2f:10:ad:73:d8:1e:fd:5b:3f:3c:84:41:bc:9d:b7:
ed:33:9a:c5:c1:88:72:27:f3:4f:3b:bd:7b:1d:1a:0d:67:0e:
a9:73:a8:ed:1c:e8:74:e9:76:ab:a4:7b:a6:4f:a0:1f:b6:9c:
c8:6c:09:84:ed:6c:5e:df:55:3e:4c:4c:35:3c:57:87:fb:72:
f0:e5:61:e8:6a:8d:37:39:f9:cd:ca:96:a1:08:5c:6b:68:48:
9f:b2:9e:94:8f:11:7f:0f:43:51:53:e5:13:d7:eb:1e:23:cb:
45:a2:56:ed:7f:9c:d8:5b:4d:75:b8:13:53:b4:a4:79:3b:b8:
61:97:0a:d6:a3:80:88:bb:bd:7e:58:f8:e5:d5:d0:2b:a3:05:
f5:4e:71:7f:80:ce:86:4a:b6:9d:a2:16:df:43:10:38:55:4a:
33:11:ae:a2:c4:20:e6:37:06:26:d1:af:b2:3f:10:19:1f:4e:
c2:8c:62:29:0b:0c:34:04:23:5e:e8:ee:a7:99:75:54:ac:e4:
15:94:f9:29:f3:30:b4:98:69:49:1b:65:32:55:bd:9e:5c:d7:
a3:63:2c:cb:54:1f:03:cd:11:9c:4e:9e:62:bb:21:0a:38:51:
cf:38:b7:88:1d:c4:cc:67:f7:ba:5e:ec:f2:22:51:1a:d9:89:
7e:c5:a1:47
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZ3VKxR9e2Vv6oqudYXAfCmyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2QwMjJhMjQwY2U3MWUwYTZlMWU5YWFlMDExMmRhODQw
Y2MzNGIwHhcNMjYwNDI4MTczNzQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjczZDUwZmQ4MWZmNjM2NmE3NTlhNzUzZmM2OTliZDNkNTJjYjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4jSv52CmApVJJH+FoBQ1VqJyYs+
hAiXvnOhMQxXTqpS1izcCO4f38iuMB+rurzAB6vxKGI7Gwf0gZt/Z0LYfIG/Stl/
IwejdWjgpAdUgJOpHsfeBijOS54Hjz/cRSkbOm5OVJHDT7tJps1z+5B7OaTnq+WW
cLa/rpwgiGdIktZuMIMj2c2CCaUFRyGKX1BtbOiHSsHLkf1k44GbJMQBnylw8z6Z
ff4OHCeAcV+qOJ/CBwyjZhjOzSIbfOA/1jKxjyAnXJ+LNzojUlJDUtpSYiAkDZPj
IS+c3BK4ZwIXgkRSpDWGbutZyAqvmbdKF22xwy2bibsGePAs5eOV+ozsPwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFEZz1Q/YH/Y2anWadT/Gmb09UstRMB8GA1UdIwQY
MBaAFHw9AiokDOceCm4emq4BEtqEDMNLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYt
MDk0ODk4OWU2ZDU1LzEvUm5QVkQ5Z2Y5alpxZFpwMVA4YVp2VDFTeTFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYtMDk0ODk4OWU2ZDU1
LzEvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAW9mmAwQA
uYiHMA8EAgACMAkDBwAqBZCAABIwDQYJKoZIhvcNAQELBQADggEBANJCyC8QrXPY
Hv1bPzyEQbydt+0zmsXBiHIn8087vXsdGg1nDqlzqO0c6HTpdquke6ZPoB+2nMhs
CYTtbF7fVT5MTDU8V4f7cvDlYehqjTc5+c3KlqEIXGtoSJ+ynpSPEX8PQ1FT5RPX
6x4jy0WiVu1/nNhbTXW4E1O0pHk7uGGXCtajgIi7vX5Y+OXV0CujBfVOcX+AzoZK
tp2iFt9DEDhVSjMRrqLEIOY3BibRr7I/EBkfTsKMYikLDDQEI17o7qeZdVSs5BWU
+SnzMLSYaUkbZTJVvZ5c16NjLMtUHwPNEZxOnmK7IQo4Uc84t4gdxMxn97pe7PIi
URrZiX7FoUc=
-----END CERTIFICATE-----
Generated at Sat May 2 01:25:28 2026 by rpki-client