Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/yzHgZlCQT4Y7B8Y00NhRaB47xTk.roa
File: yzHgZlCQT4Y7B8Y00NhRaB47xTk.roa (raw, json)
Hash identifier: FPbEBqFmlrQorlve4YibsVGnSYZoskFcy6Qs1bK0kdg=
Subject key identifier: CB:31:E0:66:50:90:4F:86:3B:07:C6:34:D0:D8:51:68:1E:3B:C5:39
Certificate issuer: /CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Certificate serial: 019E67C9C5F98CBACC34A4DC37F042FA4DE2
Authority key identifier: 7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/yzHgZlCQT4Y7B8Y00NhRaB47xTk.roa
Signing time: Wed 27 May 2026 04:55:37 +0000
ROA not before: Wed 27 May 2026 04:55:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213644
IP address blocks: 45.11.186.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.mft
rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 28 May 2026 13:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:67:c9:c5:f9:8c:ba:cc:34:a4:dc:37:f0:42:fa:4d:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Validity
Not Before: May 27 04:55:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=cb31e06650904f863b07c634d0d851681e3bc539
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:b6:1e:94:e4:23:a8:09:bf:73:8a:be:90:f0:
89:9a:b1:5b:32:2e:a5:1f:3c:47:5f:a4:de:2c:73:
94:c7:e1:44:ef:c8:7e:d8:2a:29:e3:4b:7d:b2:a3:
70:4a:69:e9:e7:9a:6b:f4:b9:76:bb:e9:be:2c:d7:
94:3e:8b:e7:48:37:e2:5d:10:f1:30:3d:31:7a:8a:
f3:62:d0:7a:b6:e4:f1:39:2a:5e:12:ee:f1:07:09:
26:47:59:a9:75:81:89:54:ec:d7:e0:f8:36:2e:f4:
7d:72:ba:78:14:a5:5b:f5:5a:e0:18:6d:8a:24:b4:
c7:a8:18:07:b3:b1:2b:63:ef:4c:9e:24:18:ca:47:
75:82:2e:3f:f4:33:2d:83:00:42:6e:fc:c2:56:3b:
6e:d3:b0:75:1b:d7:d1:86:7e:5c:5c:ca:82:b2:5f:
0e:01:d0:b4:6c:c0:82:92:e3:c0:c6:d8:45:de:e4:
c7:1e:9b:80:51:64:6f:dd:d8:6e:40:c1:a3:af:f9:
5b:a6:e9:13:18:73:ee:28:69:ad:4c:ef:0b:d8:ed:
2a:00:4e:ba:74:d9:ab:0b:7f:0a:91:6a:be:88:5d:
fd:ee:3d:10:ef:75:84:bd:d5:eb:73:78:46:e9:61:
50:ab:d0:6e:e4:84:39:ec:10:68:7a:84:0f:0c:21:
8a:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:31:E0:66:50:90:4F:86:3B:07:C6:34:D0:D8:51:68:1E:3B:C5:39
X509v3 Authority Key Identifier:
keyid:7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/yzHgZlCQT4Y7B8Y00NhRaB47xTk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.186.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:29:c7:59:07:1c:7c:52:35:3f:af:e5:1f:81:6d:0c:5c:06:
b7:a1:bc:91:38:5d:4e:0d:d0:2a:34:86:b9:6f:f6:5d:58:a5:
4d:54:26:aa:62:99:ad:8b:f4:e3:27:b9:1f:c0:2d:54:75:4d:
3e:84:5e:d2:eb:31:09:28:4f:0e:d3:16:10:e3:26:35:38:e7:
7e:d5:1f:6c:13:af:30:d1:02:25:19:82:1d:31:6b:a5:13:e8:
12:43:d1:7b:08:4f:cd:24:81:48:7d:44:5c:94:e2:e8:37:f3:
84:2d:2a:c2:07:b0:0d:95:cd:dc:2c:3e:78:07:61:5b:58:3a:
8c:d5:e7:e1:3a:4e:41:05:6d:ae:f4:ab:1c:9b:5a:22:d2:62:
35:fc:80:ef:de:22:a7:6d:b9:9a:a3:fe:7d:03:68:eb:b7:d0:
e8:dd:6d:7b:a9:dd:a2:24:d9:12:ad:bd:23:30:90:a1:4d:34:
9e:de:a3:5c:17:28:0f:e1:a4:26:5d:48:93:34:06:2e:06:fb:
7c:13:c3:26:0d:e6:87:ab:43:5f:d3:00:45:42:89:d3:fa:ae:
a3:ff:7f:a5:38:1c:8a:ee:98:b9:5c:fc:62:07:9f:b9:2e:b5:
4f:e6:74:75:7c:88:11:1f:5f:ed:52:42:89:c1:27:96:08:54:
bc:73:73:d1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ5nycX5jLrMNKTcN/BC+k3iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2QwMjJhMjQwY2U3MWUwYTZlMWU5YWFlMDExMmRhODQw
Y2MzNGIwHhcNMjYwNTI3MDQ1NTM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjMxZTA2NjUwOTA0Zjg2M2IwN2M2MzRkMGQ4NTE2ODFlM2JjNTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8LYelOQjqAm/c4q+kPCJmrFbMi6l
HzxHX6TeLHOUx+FE78h+2Cop40t9sqNwSmnp55pr9Ll2u+m+LNeUPovnSDfiXRDx
MD0xeorzYtB6tuTxOSpeEu7xBwkmR1mpdYGJVOzX4Pg2LvR9crp4FKVb9VrgGG2K
JLTHqBgHs7ErY+9MniQYykd1gi4/9DMtgwBCbvzCVjtu07B1G9fRhn5cXMqCsl8O
AdC0bMCCkuPAxthF3uTHHpuAUWRv3dhuQMGjr/lbpukTGHPuKGmtTO8L2O0qAE66
dNmrC38KkWq+iF397j0Q73WEvdXrc3hG6WFQq9Bu5IQ57BBoeoQPDCGK5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMsx4GZQkE+GOwfGNNDYUWgeO8U5MB8GA1UdIwQY
MBaAFHw9AiokDOceCm4emq4BEtqEDMNLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYt
MDk0ODk4OWU2ZDU1LzEveXpIZ1psQ1FUNFk3QjhZMDBOaFJhQjQ3eFRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYtMDk0ODk4OWU2ZDU1
LzEvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQu6MA0G
CSqGSIb3DQEBCwUAA4IBAQB7KcdZBxx8UjU/r+UfgW0MXAa3obyROF1ODdAqNIa5
b/ZdWKVNVCaqYpmti/TjJ7kfwC1UdU0+hF7S6zEJKE8O0xYQ4yY1OOd+1R9sE68w
0QIlGYIdMWulE+gSQ9F7CE/NJIFIfURclOLoN/OELSrCB7ANlc3cLD54B2FbWDqM
1efhOk5BBW2u9Kscm1oi0mI1/IDv3iKnbbmao/59A2jrt9Do3W17qd2iJNkSrb0j
MJChTTSe3qNcFygP4aQmXUiTNAYuBvt8E8MmDeaHq0Nf0wBFQonT+q6j/3+lOByK
7pi5XPxiB5+5LrVP5nR1fIgRH1/tUkKJwSeWCFS8c3PR
-----END CERTIFICATE-----
Generated at Wed May 27 17:31:30 2026 by rpki-client