Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/9f459f-264d-46ce-87b0-cbb7d2bf6fa1/1/sDWM_DhpRyRWUD2ROyiBU9tXXyU.roa
File: sDWM_DhpRyRWUD2ROyiBU9tXXyU.roa (raw, json)
Hash identifier: Jens7OiCrejocf06H1XaSPttnLpxxGplzlx3u03vPxw=
Subject key identifier: B0:35:8C:FC:38:69:47:24:56:50:3D:91:3B:28:81:53:DB:57:5F:25
Certificate issuer: /CN=f9356a96e74ea2d72b6545c87c79d212d72a7bde
Certificate serial: 019E8C739AC3FEA31227FF7422C0738E541C
Authority key identifier: F9:35:6A:96:E7:4E:A2:D7:2B:65:45:C8:7C:79:D2:12:D7:2A:7B:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-TVqludOotcrZUXIfHnSEtcqe94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/9f459f-264d-46ce-87b0-cbb7d2bf6fa1/1/sDWM_DhpRyRWUD2ROyiBU9tXXyU.roa
Signing time: Wed 03 Jun 2026 07:47:26 +0000
ROA not before: Wed 03 Jun 2026 07:47:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 15576
IP address blocks: 87.237.168.0/22 maxlen: 22
87.237.172.0/22 maxlen: 22
94.126.248.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e2/9f459f-264d-46ce-87b0-cbb7d2bf6fa1/1/1-TVqludOotcrZUXIfHnSEtcqe94.crl
rsync://rpki.ripe.net/repository/DEFAULT/e2/9f459f-264d-46ce-87b0-cbb7d2bf6fa1/1/1-TVqludOotcrZUXIfHnSEtcqe94.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-TVqludOotcrZUXIfHnSEtcqe94.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 20:26:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:8c:73:9a:c3:fe:a3:12:27:ff:74:22:c0:73:8e:54:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f9356a96e74ea2d72b6545c87c79d212d72a7bde
Validity
Not Before: Jun 3 07:47:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b0358cfc3869472456503d913b288153db575f25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:58:e5:fb:99:f1:67:0e:7f:94:47:3a:fb:7f:
fe:32:f1:61:10:a3:05:23:d0:d1:89:b1:51:05:fa:
7c:89:a4:c6:d8:3d:65:77:5b:d1:dd:be:77:83:cb:
d7:68:23:fd:1f:b4:fe:2e:db:b2:e9:7c:fc:14:a6:
64:1b:2a:7f:fa:68:75:05:30:39:02:5a:1b:2a:c9:
ba:3e:54:0e:e1:fd:f2:10:9c:6f:14:5d:d8:ca:a9:
28:4a:19:ba:77:59:08:f9:5d:88:04:6a:eb:ec:47:
25:94:e4:bc:da:81:a9:57:ac:f0:03:b5:40:a3:6d:
2c:ff:c5:78:c7:1f:fe:e0:cf:ee:7c:cb:08:f5:c0:
d1:f5:3b:74:08:93:43:45:40:0e:ef:5e:ec:89:e1:
b3:a5:bd:e9:b5:1d:62:eb:33:29:9d:69:0a:61:e4:
43:a2:17:83:01:71:fb:dd:d8:0b:2d:80:78:98:e8:
cb:92:aa:8e:26:f6:00:f2:50:df:a9:d5:92:06:0b:
60:a7:e8:42:1a:68:9e:5b:99:7b:7d:8d:e0:b9:96:
ce:0d:9a:0b:31:95:1f:90:f1:a1:48:3a:a3:b3:d8:
0c:c0:fd:ec:7b:67:0b:9a:5b:61:e8:6b:be:1d:54:
54:37:3b:7e:98:1b:11:51:a7:02:42:71:0d:a5:48:
3e:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:35:8C:FC:38:69:47:24:56:50:3D:91:3B:28:81:53:DB:57:5F:25
X509v3 Authority Key Identifier:
keyid:F9:35:6A:96:E7:4E:A2:D7:2B:65:45:C8:7C:79:D2:12:D7:2A:7B:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-TVqludOotcrZUXIfHnSEtcqe94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/9f459f-264d-46ce-87b0-cbb7d2bf6fa1/1/sDWM_DhpRyRWUD2ROyiBU9tXXyU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/9f459f-264d-46ce-87b0-cbb7d2bf6fa1/1/1-TVqludOotcrZUXIfHnSEtcqe94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.237.168.0/21
94.126.248.0/21
Signature Algorithm: sha256WithRSAEncryption
ac:2b:51:f9:33:be:2e:9d:33:fe:fc:a1:a6:37:fd:73:4a:26:
53:20:55:b7:83:28:3d:0b:d0:18:9c:26:da:0d:9f:d2:6c:2e:
07:7d:bc:0a:e4:bc:ce:4e:e9:88:c3:39:14:c8:ca:24:73:1a:
79:56:54:79:e6:5e:58:40:4c:2e:01:03:81:31:9c:78:51:47:
7c:4d:c5:a4:d7:41:88:89:40:03:b2:85:21:88:18:03:24:3a:
a3:c7:ff:0b:44:bd:da:2c:e3:6e:fa:67:eb:fd:5e:4d:64:14:
61:d5:a1:f5:1d:37:f0:01:92:18:c0:95:d4:68:a5:75:b7:53:
44:c6:99:0e:d6:61:a5:be:4a:a6:f3:fa:7c:bf:e5:19:28:34:
9d:6e:12:c8:0b:ce:a1:3d:57:f0:47:15:c2:c1:63:cb:46:32:
f5:8a:16:ba:91:dd:22:4f:94:56:a9:bd:f1:db:c0:1e:24:54:
6c:60:c6:22:cd:af:e1:56:da:ef:2c:95:e9:d4:90:e4:77:4c:
1f:fb:25:59:8b:d1:11:91:9f:99:49:d6:9b:94:45:71:ee:08:
dc:2a:41:a3:ec:4a:cd:68:42:0d:09:e6:8f:c7:b9:18:e9:5a:
44:4e:e4:43:b1:0c:71:31:e1:1f:90:94:59:df:b0:8f:2a:42:
6a:f7:95:8a
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZ6Mc5rD/qMSJ/90IsBzjlQcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5MzU2YTk2ZTc0ZWEyZDcyYjY1NDVjODdjNzlkMjEyZDcy
YTdiZGUwHhcNMjYwNjAzMDc0NzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDM1OGNmYzM4Njk0NzI0NTY1MDNkOTEzYjI4ODE1M2RiNTc1ZjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh1jl+5nxZw5/lEc6+3/+MvFhEKMF
I9DRibFRBfp8iaTG2D1ld1vR3b53g8vXaCP9H7T+Ltuy6Xz8FKZkGyp/+mh1BTA5
AlobKsm6PlQO4f3yEJxvFF3YyqkoShm6d1kI+V2IBGrr7EcllOS82oGpV6zwA7VA
o20s/8V4xx/+4M/ufMsI9cDR9Tt0CJNDRUAO717sieGzpb3ptR1i6zMpnWkKYeRD
oheDAXH73dgLLYB4mOjLkqqOJvYA8lDfqdWSBgtgp+hCGmieW5l7fY3guZbODZoL
MZUfkPGhSDqjs9gMwP3se2cLmlth6Gu+HVRUNzt+mBsRUacCQnENpUg+nwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFLA1jPw4aUckVlA9kTsogVPbV18lMB8GA1UdIwQY
MBaAFPk1apbnTqLXK2VFyHx50hLXKnveMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1UVnFsdWRPb3RjclpVWElmSG5TRXRjcWU5NC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTIvOWY0NTlmLTI2NGQtNDZjZS04N2Iw
LWNiYjdkMmJmNmZhMS8xL3NEV01fRGhwUnlSV1VEMlJPeWlCVTl0WFh5VS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTIvOWY0NTlmLTI2NGQtNDZjZS04N2IwLWNiYjdkMmJmNmZh
MS8xLzEtVFZxbHVkT290Y3JaVVhJZkhuU0V0Y3FlOTQuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBANX7agD
BANefvgwDQYJKoZIhvcNAQELBQADggEBAKwrUfkzvi6dM/78oaY3/XNKJlMgVbeD
KD0L0BicJtoNn9JsLgd9vArkvM5O6YjDORTIyiRzGnlWVHnmXlhATC4BA4ExnHhR
R3xNxaTXQYiJQAOyhSGIGAMkOqPH/wtEvdos4276Z+v9Xk1kFGHVofUdN/ABkhjA
ldRopXW3U0TGmQ7WYaW+Sqbz+ny/5RkoNJ1uEsgLzqE9V/BHFcLBY8tGMvWKFrqR
3SJPlFapvfHbwB4kVGxgxiLNr+FW2u8slenUkOR3TB/7JVmL0RGRn5lJ1puURXHu
CNwqQaPsSs1oQg0J5o/HuRjpWkRO5EOxDHEx4R+QlFnfsI8qQmr3lYo=
-----END CERTIFICATE-----
Generated at Fri Jun 12 02:40:50 2026 by rpki-client