Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/rIvCh2wWKNXSAhSj70dNaOV1qG4.roa
File: rIvCh2wWKNXSAhSj70dNaOV1qG4.roa (raw, json)
Hash identifier: DEg2wkeHracy/Du2xbU2oSAh/cIGiECMg7aH+4Y/Jhs=
Subject key identifier: AC:8B:C2:87:6C:16:28:D5:D2:02:14:A3:EF:47:4D:68:E5:75:A8:6E
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 019E2A9A025FCF273F4F560A41311A427DCD
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/rIvCh2wWKNXSAhSj70dNaOV1qG4.roa
Signing time: Fri 15 May 2026 07:46:36 +0000
ROA not before: Fri 15 May 2026 07:46:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 209630
IP address blocks: 91.92.41.0/24 maxlen: 24
91.92.42.0/24 maxlen: 24
93.152.233.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.mft
rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 20 May 2026 07:48:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:2a:9a:02:5f:cf:27:3f:4f:56:0a:41:31:1a:42:7d:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: May 15 07:46:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ac8bc2876c1628d5d20214a3ef474d68e575a86e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:92:6b:e4:f3:37:35:cb:9f:22:f6:c4:fc:1e:
f5:76:20:0b:5c:98:83:c8:d6:1b:00:c7:ef:f7:25:
32:ee:b7:f2:3d:25:06:0c:36:a7:54:3d:a8:00:a2:
17:86:d9:d5:bc:aa:e7:3a:6e:7c:8a:d9:e7:5f:bd:
c5:e6:59:13:40:e1:52:37:3f:df:1d:d3:7a:2c:bb:
16:d4:ce:52:28:59:62:8c:82:f2:cb:79:77:d1:e7:
03:6b:45:a3:43:d5:fa:e0:5e:24:11:ba:d6:b6:22:
82:ee:82:24:30:b2:e7:8a:38:63:43:aa:67:4b:b5:
fa:7a:c8:60:11:a0:d8:07:a1:fe:b5:7a:2c:bc:9d:
b9:6d:b4:e1:7d:64:60:e4:63:bd:62:15:6a:b7:b0:
9f:f6:73:8d:26:dc:79:f4:55:f8:a5:30:fb:fd:2e:
df:71:e3:02:6f:7a:2c:d2:29:c8:60:ef:c8:21:3e:
b2:ba:d9:e0:54:f9:70:a5:0c:c7:ca:86:61:dd:ce:
c4:3b:d3:b6:19:e8:81:f8:0a:a3:4d:89:bd:25:13:
05:40:fe:93:6d:1f:35:c4:9b:12:ed:d6:0c:b8:ba:
97:20:f0:16:19:94:9f:c9:06:c9:5b:1f:03:88:46:
33:af:e7:d4:44:01:51:83:0f:bc:f2:a7:c8:3c:4a:
2b:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:8B:C2:87:6C:16:28:D5:D2:02:14:A3:EF:47:4D:68:E5:75:A8:6E
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/rIvCh2wWKNXSAhSj70dNaOV1qG4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.92.41.0-91.92.42.255
93.152.233.0/24
Signature Algorithm: sha256WithRSAEncryption
85:cc:f8:e4:c0:c4:56:f0:ed:74:a5:16:19:b4:12:2b:67:3d:
52:8d:a7:7b:2e:58:df:06:9f:65:fe:75:f8:50:31:df:47:c2:
05:5a:47:22:28:80:b2:be:26:71:69:a4:b2:11:5f:20:8f:e7:
3b:0a:e3:ef:df:fd:cb:d3:fc:0f:a1:df:9e:18:15:2d:21:71:
b3:6d:f6:6d:10:4c:2f:de:42:c8:2e:69:20:a6:2f:cd:0d:5b:
a9:61:b4:c7:6c:95:4f:e6:3b:2e:af:14:6d:81:a6:6e:f5:90:
ce:70:3b:b1:06:68:46:87:b4:29:ef:10:65:9b:52:d6:ad:d1:
d1:96:6b:85:b7:dc:c5:51:e7:ee:32:7d:3f:53:92:45:35:6f:
70:45:16:91:cc:b2:c4:5c:d0:06:3a:a3:ff:73:10:05:6d:4d:
32:a3:27:61:60:df:17:87:2d:84:a7:17:69:49:ec:94:9b:02:
d4:66:e2:2e:cc:09:78:7a:9e:dc:d3:7a:a5:8b:67:4d:9c:88:
70:ae:5f:5d:30:3d:13:45:58:98:41:3e:f9:3e:5a:dc:b2:41:
9e:4a:a2:1e:dc:1b:e3:c7:bf:ae:80:94:c9:0f:22:ff:24:68:
99:be:4b:48:2d:54:70:93:15:e1:24:0b:be:c8:07:03:9d:22:
dd:c9:18:10
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZ4qmgJfzyc/T1YKQTEaQn3NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjYwNTE1MDc0NjM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzhiYzI4NzZjMTYyOGQ1ZDIwMjE0YTNlZjQ3NGQ2OGU1NzVhODZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZJr5PM3NcufIvbE/B71diALXJiD
yNYbAMfv9yUy7rfyPSUGDDanVD2oAKIXhtnVvKrnOm58itnnX73F5lkTQOFSNz/f
HdN6LLsW1M5SKFlijILyy3l30ecDa0WjQ9X64F4kEbrWtiKC7oIkMLLnijhjQ6pn
S7X6eshgEaDYB6H+tXosvJ25bbThfWRg5GO9YhVqt7Cf9nONJtx59FX4pTD7/S7f
ceMCb3os0inIYO/IIT6yutngVPlwpQzHyoZh3c7EO9O2GeiB+AqjTYm9JRMFQP6T
bR81xJsS7dYMuLqXIPAWGZSfyQbJWx8DiEYzr+fURAFRgw+88qfIPEordwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFKyLwodsFijV0gIUo+9HTWjldahuMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvckl2Q2gyd1dLTlhTQWhTajcwZE5hT1YxcUc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABbXCkD
BABbXCoDBABdmOkwDQYJKoZIhvcNAQELBQADggEBAIXM+OTAxFbw7XSlFhm0Eitn
PVKNp3suWN8Gn2X+dfhQMd9HwgVaRyIogLK+JnFppLIRXyCP5zsK4+/f/cvT/A+h
354YFS0hcbNt9m0QTC/eQsguaSCmL80NW6lhtMdslU/mOy6vFG2Bpm71kM5wO7EG
aEaHtCnvEGWbUtat0dGWa4W33MVR5+4yfT9TkkU1b3BFFpHMssRc0AY6o/9zEAVt
TTKjJ2Fg3xeHLYSnF2lJ7JSbAtRm4i7MCXh6ntzTeqWLZ02ciHCuX10wPRNFWJhB
Pvk+WtyyQZ5Koh7cG+PHv66AlMkPIv8kaJm+S0gtVHCTFeEkC77IBwOdIt3JGBA=
-----END CERTIFICATE-----
Generated at Tue May 19 15:17:51 2026 by rpki-client