Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/TipRizVlqLoysv3iQOTigie4DWM.roa
File: TipRizVlqLoysv3iQOTigie4DWM.roa (raw, json)
Hash identifier: IfZnuGIdISaFbjYbgks4UWDtOoeAGDXA9tUQc/nT8e4=
Subject key identifier: 4E:2A:51:8B:35:65:A8:BA:32:B2:FD:E2:40:E4:E2:82:27:B8:0D:63
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 019E4A0319D7EC437651E4C3BA5964E46437
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/TipRizVlqLoysv3iQOTigie4DWM.roa
Signing time: Thu 21 May 2026 10:09:37 +0000
ROA not before: Thu 21 May 2026 10:09:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 55201
IP address blocks: 185.226.105.0/24 maxlen: 24
194.5.64.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 May 2026 18:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:4a:03:19:d7:ec:43:76:51:e4:c3:ba:59:64:e4:64:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: May 21 10:09:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4e2a518b3565a8ba32b2fde240e4e28227b80d63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:6d:b8:57:03:d5:a3:cd:2c:39:9c:f1:15:3c:
63:93:cd:33:e7:99:13:8d:5f:32:b7:34:b0:60:8f:
90:7b:d9:13:1d:73:70:41:3a:17:5f:38:71:af:0f:
8e:a9:3f:87:b0:a8:83:9c:14:6f:16:31:b2:4f:c0:
db:fb:c2:c4:5e:cd:2d:ad:60:96:4f:b1:a1:ea:98:
6c:db:8e:d7:dc:a1:2e:f7:98:48:e7:0e:65:02:4b:
7b:90:50:69:53:9e:b0:e5:a8:0e:b0:6a:3f:ed:09:
9d:6b:52:48:31:16:ff:7a:f0:a9:1c:12:3a:ef:2b:
8d:5b:3b:eb:5d:29:7f:a2:5f:83:4e:a8:09:44:28:
30:5d:42:e9:fc:cd:2e:99:a6:f0:1c:1b:53:81:4b:
f3:1c:a0:7a:64:d3:55:8d:c4:95:69:28:af:9d:0b:
9a:3a:1c:fa:4b:f0:4d:a8:e1:c5:09:83:1d:10:7b:
50:93:ac:f7:61:b7:8a:20:d9:11:d0:95:a5:fb:3f:
36:85:e3:db:71:54:20:08:8e:fc:1f:80:b1:f2:25:
b8:19:f6:b6:a4:c8:c7:e5:11:d6:75:b1:34:df:b0:
c9:22:c2:40:29:57:3c:9d:87:f0:78:7d:15:54:4d:
88:2b:43:79:1d:5f:0b:d2:10:90:7e:ef:8b:05:82:
50:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:2A:51:8B:35:65:A8:BA:32:B2:FD:E2:40:E4:E2:82:27:B8:0D:63
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/TipRizVlqLoysv3iQOTigie4DWM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.226.105.0/24
194.5.64.0/24
Signature Algorithm: sha256WithRSAEncryption
22:ef:1b:9b:89:1a:fb:47:2d:8c:7f:f4:1d:99:92:a2:ab:04:
3e:98:1f:81:9d:88:fb:d0:8b:fd:ae:48:c0:2c:c2:61:69:50:
a5:f5:5c:42:3f:c8:a6:0a:02:90:c2:5f:ee:c6:5b:3d:9b:c3:
85:6f:7f:e5:40:7f:d4:b1:04:be:1d:d7:9f:85:60:c4:b4:e8:
72:fb:01:a6:9d:a6:a5:54:24:7f:e7:5c:01:5e:64:1f:5c:da:
1a:8e:7c:1f:e6:a6:9d:4d:bd:89:fe:a1:02:27:63:88:cf:2e:
4b:96:b5:04:6d:07:ef:2d:1a:5c:4e:50:b9:8b:ac:99:91:98:
cb:91:fa:2b:1b:f0:87:c0:42:39:05:3f:cc:2c:c0:2d:1d:11:
94:41:34:77:23:2c:1a:5d:9c:f5:50:37:06:1e:eb:2b:f8:a8:
0d:1e:41:a8:04:f1:e3:2b:69:f1:05:58:92:77:f9:69:33:eb:
87:fc:11:96:45:11:8e:fe:22:6b:3a:f7:1b:f1:1f:fc:74:75:
45:96:db:d6:33:49:b1:00:5e:9f:8a:e5:5e:16:b5:36:9e:ec:
47:3b:82:0a:0f:08:3c:0e:dd:1e:f7:58:ab:af:40:ad:f7:c9:
dc:26:cb:3d:20:44:ad:5b:8a:e1:83:99:db:66:4b:12:28:9b:
08:9f:a9:29
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ5KAxnX7EN2UeTDullk5GQ3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjYwNTIxMTAwOTM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTJhNTE4YjM1NjVhOGJhMzJiMmZkZTI0MGU0ZTI4MjI3YjgwZDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwW24VwPVo80sOZzxFTxjk80z55kT
jV8ytzSwYI+Qe9kTHXNwQToXXzhxrw+OqT+HsKiDnBRvFjGyT8Db+8LEXs0trWCW
T7Gh6phs247X3KEu95hI5w5lAkt7kFBpU56w5agOsGo/7Qmda1JIMRb/evCpHBI6
7yuNWzvrXSl/ol+DTqgJRCgwXULp/M0umabwHBtTgUvzHKB6ZNNVjcSVaSivnQua
Ohz6S/BNqOHFCYMdEHtQk6z3YbeKINkR0JWl+z82hePbcVQgCI78H4Cx8iW4Gfa2
pMjH5RHWdbE037DJIsJAKVc8nYfweH0VVE2IK0N5HV8L0hCQfu+LBYJQUQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE4qUYs1Zai6MrL94kDk4oInuA1jMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvVGlwUml6VmxxTG95c3YzaVFPVGlnaWU0RFdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAueJpAwQA
wgVAMA0GCSqGSIb3DQEBCwUAA4IBAQAi7xubiRr7Ry2Mf/QdmZKiqwQ+mB+BnYj7
0Iv9rkjALMJhaVCl9VxCP8imCgKQwl/uxls9m8OFb3/lQH/UsQS+HdefhWDEtOhy
+wGmnaalVCR/51wBXmQfXNoajnwf5qadTb2J/qECJ2OIzy5LlrUEbQfvLRpcTlC5
i6yZkZjLkforG/CHwEI5BT/MLMAtHRGUQTR3IywaXZz1UDcGHusr+KgNHkGoBPHj
K2nxBViSd/lpM+uH/BGWRRGO/iJrOvcb8R/8dHVFltvWM0mxAF6fiuVeFrU2nuxH
O4IKDwg8Dt0e91irr0Ct98ncJss9IEStW4rhg5nbZksSKJsIn6kp
-----END CERTIFICATE-----
Generated at Mon May 25 01:51:46 2026 by rpki-client