Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/1acb0c-31a3-4718-993d-11dffe108147/1/IRp2Cv-8KzRBK5kjOx5O71bWsko.roa
File: IRp2Cv-8KzRBK5kjOx5O71bWsko.roa (raw, json)
Hash identifier: Ld1XWN7Sn3t+gSZshK2rptc8lciUjiiDr1oOC9C30/s=
Subject key identifier: 21:1A:76:0A:FF:BC:2B:34:41:2B:99:23:3B:1E:4E:EF:56:D6:B2:4A
Certificate issuer: /CN=6b0ecdbf51360cecae617abe1a3ac6a6ff0a5b6c
Certificate serial: 019E731884534C419B91ADC0B2448C4C8B66
Authority key identifier: 6B:0E:CD:BF:51:36:0C:EC:AE:61:7A:BE:1A:3A:C6:A6:FF:0A:5B:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aw7Nv1E2DOyuYXq-GjrGpv8KW2w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/1acb0c-31a3-4718-993d-11dffe108147/1/IRp2Cv-8KzRBK5kjOx5O71bWsko.roa
Signing time: Fri 29 May 2026 09:37:26 +0000
ROA not before: Fri 29 May 2026 09:37:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 50464
IP address blocks: 195.191.76.0/23 maxlen: 24
195.191.76.11/32 maxlen: 32
195.191.76.196/32 maxlen: 32
195.191.76.210/32 maxlen: 32
195.191.77.11/32 maxlen: 32
195.191.77.99/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/1acb0c-31a3-4718-993d-11dffe108147/1/aw7Nv1E2DOyuYXq-GjrGpv8KW2w.crl
rsync://rpki.ripe.net/repository/DEFAULT/d7/1acb0c-31a3-4718-993d-11dffe108147/1/aw7Nv1E2DOyuYXq-GjrGpv8KW2w.mft
rsync://rpki.ripe.net/repository/DEFAULT/aw7Nv1E2DOyuYXq-GjrGpv8KW2w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Jun 2026 07:00:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:73:18:84:53:4c:41:9b:91:ad:c0:b2:44:8c:4c:8b:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b0ecdbf51360cecae617abe1a3ac6a6ff0a5b6c
Validity
Not Before: May 29 09:37:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=211a760affbc2b34412b99233b1e4eef56d6b24a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:3d:9e:42:a0:68:d9:7d:c2:68:d9:2f:e9:c4:
fb:6f:a9:05:5a:a4:c2:86:81:2f:d0:1c:60:e6:ab:
8e:af:ed:af:e4:7e:cc:b2:46:91:32:38:38:ca:ff:
b5:b3:e9:12:01:6d:dd:97:b3:48:33:7c:b6:8f:eb:
ec:a8:7e:16:47:de:ea:05:93:b8:6c:5a:65:b2:0f:
2e:0f:03:cb:ee:5f:20:a7:1e:f7:5d:61:e5:4c:f4:
1e:e3:2b:0f:ca:36:31:da:57:df:e9:f6:63:01:2c:
0e:89:cb:fb:4e:96:09:71:e8:09:19:de:a7:e0:51:
62:87:36:26:e4:af:1f:da:ec:ea:4a:88:28:29:50:
cf:d8:9e:72:1c:f1:6d:14:06:19:50:da:63:44:91:
2a:4f:8d:e1:28:99:93:83:17:eb:b2:da:b6:16:68:
ea:9b:04:0a:06:33:b9:88:56:e4:ba:f6:eb:64:4c:
18:b7:50:dd:f4:83:29:b1:6f:20:6c:15:47:f8:57:
b4:1b:4a:20:9b:01:f9:5e:c4:7d:e5:d8:db:c9:bc:
a7:80:73:ef:c7:05:64:5f:21:78:a6:5d:dc:8a:c9:
b5:f9:41:77:b1:b3:c0:ae:bf:f3:b1:48:14:b5:41:
f6:8c:46:68:19:ed:b2:74:4d:e5:b3:0b:a1:2f:cd:
58:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:1A:76:0A:FF:BC:2B:34:41:2B:99:23:3B:1E:4E:EF:56:D6:B2:4A
X509v3 Authority Key Identifier:
keyid:6B:0E:CD:BF:51:36:0C:EC:AE:61:7A:BE:1A:3A:C6:A6:FF:0A:5B:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aw7Nv1E2DOyuYXq-GjrGpv8KW2w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/1acb0c-31a3-4718-993d-11dffe108147/1/IRp2Cv-8KzRBK5kjOx5O71bWsko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/1acb0c-31a3-4718-993d-11dffe108147/1/aw7Nv1E2DOyuYXq-GjrGpv8KW2w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.191.76.0/23
Signature Algorithm: sha256WithRSAEncryption
bc:fe:ad:eb:b4:f0:9e:0f:12:68:41:9b:98:5a:eb:1c:b9:2d:
ab:47:23:67:3d:fb:58:8a:fe:36:76:fb:7d:2a:c6:73:3c:76:
93:c5:91:87:07:0a:f0:88:ae:e5:09:80:a6:56:46:8a:f1:4a:
e5:e0:80:7c:70:a1:c2:33:1b:a2:66:93:cd:f0:64:6a:22:61:
e6:40:fb:57:2c:51:c2:88:bb:5f:8c:7d:e8:e3:42:fe:a0:08:
c4:99:f0:08:cc:45:00:9b:cf:3b:41:04:95:d8:e1:32:22:80:
d9:59:39:80:9a:3f:58:de:d7:d8:51:03:de:80:6e:2e:1c:27:
67:2a:ec:79:ad:48:03:b2:58:53:43:16:da:7b:7d:05:90:92:
d1:b3:8f:2f:d4:81:dc:50:0d:26:ed:34:76:b2:85:b8:ff:9d:
66:fc:0d:83:59:b2:e8:3a:d5:1e:50:de:ba:6a:d1:95:d9:6f:
c1:95:35:fb:20:4f:00:5f:4a:d6:f9:e6:3a:ad:cd:1d:b8:0d:
f7:ec:c7:c1:15:81:7d:b5:f7:d6:4d:04:bf:59:28:3a:d5:7e:
82:99:5e:35:b7:b3:96:78:5a:fb:9b:c6:2e:20:3d:33:c4:cf:
54:5b:3f:f9:13:ee:cc:83:72:0d:08:f1:f5:18:dc:b5:ea:48:
6c:92:03:8a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ5zGIRTTEGbka3AskSMTItmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMGVjZGJmNTEzNjBjZWNhZTYxN2FiZTFhM2FjNmE2ZmYw
YTViNmMwHhcNMjYwNTI5MDkzNzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTFhNzYwYWZmYmMyYjM0NDEyYjk5MjMzYjFlNGVlZjU2ZDZiMjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqj2eQqBo2X3CaNkv6cT7b6kFWqTC
hoEv0Bxg5quOr+2v5H7MskaRMjg4yv+1s+kSAW3dl7NIM3y2j+vsqH4WR97qBZO4
bFplsg8uDwPL7l8gpx73XWHlTPQe4ysPyjYx2lff6fZjASwOicv7TpYJcegJGd6n
4FFihzYm5K8f2uzqSogoKVDP2J5yHPFtFAYZUNpjRJEqT43hKJmTgxfrstq2Fmjq
mwQKBjO5iFbkuvbrZEwYt1Dd9IMpsW8gbBVH+Fe0G0ogmwH5XsR95djbybyngHPv
xwVkXyF4pl3cism1+UF3sbPArr/zsUgUtUH2jEZoGe2ydE3lswuhL81YoQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCEadgr/vCs0QSuZIzseTu9W1rJKMB8GA1UdIwQY
MBaAFGsOzb9RNgzsrmF6vho6xqb/CltsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXc3TnYxRTJET3l1WVhxLUdqckdwdjhLVzJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy8xYWNiMGMtMzFhMy00NzE4LTk5M2Qt
MTFkZmZlMTA4MTQ3LzEvSVJwMkN2LThLelJCSzVrak94NU83MWJXc2tvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy8xYWNiMGMtMzFhMy00NzE4LTk5M2QtMTFkZmZlMTA4MTQ3
LzEvYXc3TnYxRTJET3l1WVhxLUdqckdwdjhLVzJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw79MMA0G
CSqGSIb3DQEBCwUAA4IBAQC8/q3rtPCeDxJoQZuYWuscuS2rRyNnPftYiv42dvt9
KsZzPHaTxZGHBwrwiK7lCYCmVkaK8Url4IB8cKHCMxuiZpPN8GRqImHmQPtXLFHC
iLtfjH3o40L+oAjEmfAIzEUAm887QQSV2OEyIoDZWTmAmj9Y3tfYUQPegG4uHCdn
Kux5rUgDslhTQxbae30FkJLRs48v1IHcUA0m7TR2soW4/51m/A2DWbLoOtUeUN66
atGV2W/BlTX7IE8AX0rW+eY6rc0duA337MfBFYF9tffWTQS/WSg61X6CmV41t7OW
eFr7m8YuID0zxM9UWz/5E+7Mg3INCPH1GNy16khskgOK
-----END CERTIFICATE-----
Generated at Thu Jun 4 12:21:43 2026 by rpki-client