Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/aV15c49lSGl3dteQSHc3IvNZ2Yw.roa
File: aV15c49lSGl3dteQSHc3IvNZ2Yw.roa (raw, json)
Hash identifier: idSDFzUORIOI2C3DdmyZjUWIVKrr2rvoia+URiMKZUk=
Subject key identifier: 69:5D:79:73:8F:65:48:69:77:76:D7:90:48:77:37:22:F3:59:D9:8C
Certificate issuer: /CN=464952bc165441ec6e2e2010c933dc830f361731
Certificate serial: 019E684CB1207B0C0B86918CF04E8681BBC5
Authority key identifier: 46:49:52:BC:16:54:41:EC:6E:2E:20:10:C9:33:DC:83:0F:36:17:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RklSvBZUQexuLiAQyTPcgw82FzE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/aV15c49lSGl3dteQSHc3IvNZ2Yw.roa
Signing time: Wed 27 May 2026 07:18:37 +0000
ROA not before: Wed 27 May 2026 07:18:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 48955
IP address blocks: 89.45.66.0/24 maxlen: 24
93.113.205.0/24 maxlen: 24
188.212.5.0/24 maxlen: 24
188.213.1.0/24 maxlen: 24
188.214.227.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/RklSvBZUQexuLiAQyTPcgw82FzE.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/RklSvBZUQexuLiAQyTPcgw82FzE.mft
rsync://rpki.ripe.net/repository/DEFAULT/RklSvBZUQexuLiAQyTPcgw82FzE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 16:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:68:4c:b1:20:7b:0c:0b:86:91:8c:f0:4e:86:81:bb:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=464952bc165441ec6e2e2010c933dc830f361731
Validity
Not Before: May 27 07:18:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=695d79738f6548697776d79048773722f359d98c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:14:4e:50:c2:8d:d9:c2:98:9a:89:6e:5a:db:
0a:41:d0:54:1c:d4:a3:0b:24:83:33:6e:6a:60:13:
ae:ac:69:49:51:06:67:c4:51:bb:11:8c:2c:f6:4e:
98:9e:f9:e9:2c:9a:f5:b6:ef:81:f6:f8:b9:b6:f8:
24:4b:d9:1e:a4:d8:12:78:f0:6a:ad:e3:51:4f:61:
69:32:4c:0a:f0:73:ce:94:a4:1e:a9:aa:8b:4e:ce:
f6:05:1f:1f:6e:58:42:e8:2b:bf:65:89:00:23:3c:
84:7a:2f:09:63:a5:af:4a:79:da:0f:01:95:aa:c4:
dc:55:d2:a7:2a:68:6e:a8:94:f2:8b:15:be:d5:1d:
d5:4d:a2:8f:a3:9c:21:17:35:81:f1:07:61:e4:58:
40:5a:42:79:ff:96:8d:24:b9:16:fc:cb:de:cd:09:
73:c5:ba:3e:76:33:c1:f5:71:8a:99:d5:ae:d4:1d:
bf:04:96:79:7e:ab:65:5c:e7:26:30:7d:af:c7:49:
54:ed:fe:b5:1e:ce:9d:33:2b:34:8d:97:23:d4:66:
43:33:fe:d8:88:f2:8f:5a:4c:97:3b:c1:5d:34:55:
54:92:37:4d:95:a1:6a:80:f0:cf:ed:8e:93:27:96:
1e:57:f0:d7:e6:30:e8:cf:7c:1f:e4:f4:56:26:87:
16:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:5D:79:73:8F:65:48:69:77:76:D7:90:48:77:37:22:F3:59:D9:8C
X509v3 Authority Key Identifier:
keyid:46:49:52:BC:16:54:41:EC:6E:2E:20:10:C9:33:DC:83:0F:36:17:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RklSvBZUQexuLiAQyTPcgw82FzE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/aV15c49lSGl3dteQSHc3IvNZ2Yw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/RklSvBZUQexuLiAQyTPcgw82FzE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.45.66.0/24
93.113.205.0/24
188.212.5.0/24
188.213.1.0/24
188.214.227.0/24
Signature Algorithm: sha256WithRSAEncryption
ca:c7:5f:71:3f:80:93:9a:6d:d7:95:2e:df:aa:7e:f0:8c:d0:
79:55:65:1b:48:fd:f3:db:ff:9e:a1:8a:f8:5c:54:89:4b:11:
23:56:19:5d:4e:99:76:d0:bb:9a:15:ac:54:84:b4:de:9e:60:
41:21:83:97:2b:b8:c6:1a:cc:71:88:91:7c:20:29:23:d4:5e:
7e:23:91:70:39:10:64:16:b1:e0:91:39:68:a4:e8:cf:50:3c:
5a:5f:55:b1:c0:29:5c:73:ee:f2:c4:c7:6d:14:c5:4f:f4:0d:
2c:f0:c9:f6:af:73:9b:1a:90:64:10:13:c0:d6:37:1f:37:43:
fb:25:5c:97:e3:cb:79:8d:76:68:da:cf:11:1c:3e:29:e3:8a:
c9:45:35:af:7b:36:d0:6d:91:ee:41:64:b8:1b:0a:53:5e:d8:
87:fa:db:a5:ea:61:b9:c7:bd:b8:f2:9a:58:f7:4d:94:93:6c:
27:7d:9d:34:fb:fb:d5:a1:0e:bd:90:7c:a2:43:89:df:73:30:
7c:dd:9e:5e:d9:b9:f7:cc:db:0b:e9:04:91:77:b2:9c:31:b0:
de:5b:36:2b:24:ba:31:12:7d:0a:af:d2:7f:cf:29:af:69:ec:
52:13:0f:69:e2:40:f4:3e:07:e8:d6:d9:b8:03:67:e7:08:55:
c4:d7:1f:5a
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ5oTLEgewwLhpGM8E6GgbvFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2NDk1MmJjMTY1NDQxZWM2ZTJlMjAxMGM5MzNkYzgzMGYz
NjE3MzEwHhcNMjYwNTI3MDcxODM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTVkNzk3MzhmNjU0ODY5Nzc3NmQ3OTA0ODc3MzcyMmYzNTlkOThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2RROUMKN2cKYmoluWtsKQdBUHNSj
CySDM25qYBOurGlJUQZnxFG7EYws9k6YnvnpLJr1tu+B9vi5tvgkS9kepNgSePBq
reNRT2FpMkwK8HPOlKQeqaqLTs72BR8fblhC6Cu/ZYkAIzyEei8JY6WvSnnaDwGV
qsTcVdKnKmhuqJTyixW+1R3VTaKPo5whFzWB8Qdh5FhAWkJ5/5aNJLkW/MvezQlz
xbo+djPB9XGKmdWu1B2/BJZ5fqtlXOcmMH2vx0lU7f61Hs6dMys0jZcj1GZDM/7Y
iPKPWkyXO8FdNFVUkjdNlaFqgPDP7Y6TJ5YeV/DX5jDoz3wf5PRWJocWUwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGldeXOPZUhpd3bXkEh3NyLzWdmMMB8GA1UdIwQY
MBaAFEZJUrwWVEHsbi4gEMkz3IMPNhcxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmtsU3ZCWlVRZXh1TGlBUXlUUGNndzgyRnpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8wMTA1OGEtNGE4Mi00ODE4LTk3MmQt
ODQyODU4MTIyYmJjLzEvYVYxNWM0OWxTR2wzZHRlUVNIYzNJdk5aMll3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8wMTA1OGEtNGE4Mi00ODE4LTk3MmQtODQyODU4MTIyYmJj
LzEvUmtsU3ZCWlVRZXh1TGlBUXlUUGNndzgyRnpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAWS1CAwQA
XXHNAwQAvNQFAwQAvNUBAwQAvNbjMA0GCSqGSIb3DQEBCwUAA4IBAQDKx19xP4CT
mm3XlS7fqn7wjNB5VWUbSP3z2/+eoYr4XFSJSxEjVhldTpl20LuaFaxUhLTenmBB
IYOXK7jGGsxxiJF8ICkj1F5+I5FwORBkFrHgkTlopOjPUDxaX1WxwClcc+7yxMdt
FMVP9A0s8Mn2r3ObGpBkEBPA1jcfN0P7JVyX48t5jXZo2s8RHD4p44rJRTWvezbQ
bZHuQWS4GwpTXtiH+tul6mG5x7248ppY902Uk2wnfZ00+/vVoQ69kHyiQ4nfczB8
3Z5e2bn3zNsL6QSRd7KcMbDeWzYrJLoxEn0Kr9J/zymvaexSEw9p4kD0Pgfo1tm4
A2fnCFXE1x9a
-----END CERTIFICATE-----
Generated at Fri Jun 12 02:49:42 2026 by rpki-client