Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS9121.roa
File: AS9121.roa (raw, json)
Hash identifier: Wu0R4jKszLORL3gEmLzCQyJGiq8JyOqJIGcEhzjYD8s=
Subject key identifier: 35:97:B8:A9:6D:61:C3:A1:B5:E7:8E:9A:8D:19:77:28:5F:27:DF:58
Certificate issuer: /CN=9dfbff217105df8877d463f6e9bac28a4084d20c
Certificate serial: 4B383F3F3940FB729F1FE75DE437482D7836E5D5
Authority key identifier: 9D:FB:FF:21:71:05:DF:88:77:D4:63:F6:E9:BA:C2:8A:40:84:D2:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS9121.roa
Signing time: Tue 21 Apr 2026 09:48:43 +0000
ROA not before: Tue 21 Apr 2026 09:43:43 +0000
ROA not after: Tue 20 Apr 2027 09:48:43 +0000
asID: 9121
IP address blocks: 212.87.196.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.crl
rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 Apr 2026 12:15:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:38:3f:3f:39:40:fb:72:9f:1f:e7:5d:e4:37:48:2d:78:36:e5:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9dfbff217105df8877d463f6e9bac28a4084d20c
Validity
Not Before: Apr 21 09:43:43 2026 GMT
Not After : Apr 20 09:48:43 2027 GMT
Subject: CN=3597B8A96D61C3A1B5E78E9A8D1977285F27DF58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:26:1f:24:78:83:18:eb:b3:9c:e4:90:51:fa:
97:30:c3:26:33:a8:f9:0d:cb:e7:6b:50:2d:80:99:
cc:a0:82:23:bc:e5:04:e4:db:1e:65:3f:72:05:c5:
8e:af:38:0f:cb:82:42:29:82:76:30:07:c5:54:a8:
57:b9:83:08:d9:cf:f5:70:57:72:23:97:1a:42:cc:
e9:0a:68:26:5c:e2:24:a8:33:ae:b1:b6:37:8d:c0:
55:d5:66:cc:ad:ce:38:01:dc:0a:a9:5a:15:8a:16:
5c:1b:3c:bc:6f:5a:46:51:ff:df:23:d0:f8:8c:e9:
c2:8b:59:df:ab:44:94:61:16:f8:92:27:ea:bc:90:
0c:82:9f:a6:4e:de:f4:0a:8d:38:52:22:c8:bb:de:
05:6d:1b:98:47:08:00:45:58:e1:02:e6:d3:a1:46:
ca:18:1b:92:63:48:17:e7:3f:7b:a4:c9:91:45:b5:
39:20:a2:49:6a:68:64:9b:4a:31:db:71:9d:a4:28:
6e:e9:a3:db:b3:a6:3d:48:4e:ab:51:1e:a1:99:a3:
0d:d5:50:f4:1e:af:9f:bd:c8:14:07:6c:83:fc:b7:
34:69:72:53:2c:39:5c:52:3e:cb:35:7f:50:5d:f6:
23:4f:b6:32:fb:79:21:f7:4d:8a:2a:e6:9d:81:8e:
e4:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:97:B8:A9:6D:61:C3:A1:B5:E7:8E:9A:8D:19:77:28:5F:27:DF:58
X509v3 Authority Key Identifier:
keyid:9D:FB:FF:21:71:05:DF:88:77:D4:63:F6:E9:BA:C2:8A:40:84:D2:0C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS9121.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.87.196.0/24
Signature Algorithm: sha256WithRSAEncryption
53:7d:bc:8d:16:27:bd:55:6e:91:28:7f:6c:48:8d:13:16:11:
2d:00:98:1d:f7:8b:e5:43:82:29:4c:36:01:8a:af:4f:23:9d:
bd:cc:b9:18:3c:c1:aa:27:40:dd:c9:9f:76:5a:74:01:90:f7:
e2:1a:4d:4b:8a:bc:b6:ba:33:38:10:cb:48:9e:da:b4:6f:70:
10:cc:4d:b7:b6:a4:ed:9b:fa:5d:a8:c5:ce:cd:8f:be:d5:17:
e1:0f:48:80:ad:3a:f6:6a:9c:ec:5b:4d:1c:49:13:da:3c:cf:
cc:b1:bc:d9:cb:3e:ff:43:84:1a:4c:6c:b6:db:dc:54:8b:75:
98:66:56:2b:73:a4:bb:18:c8:a1:7c:53:b0:ec:ee:ba:4e:4b:
0e:19:3a:95:d7:ef:07:bb:c8:64:db:f0:3a:5f:b0:07:23:df:
93:ec:42:52:bd:c1:e9:06:53:77:a3:83:5c:1a:6c:6b:73:7f:
7e:d4:2a:41:4b:14:10:b8:4e:bd:4d:cc:fe:24:60:43:6a:e7:
de:fa:e2:c7:db:f6:1e:95:44:a2:d8:47:83:a0:54:eb:6b:48:
9f:bb:e7:72:02:12:c7:29:60:aa:35:bf:03:e2:e3:5f:79:48:
8f:c9:5b:5c:61:76:00:30:2b:d2:19:c3:c6:f0:94:41:2f:c7:
f9:b4:6e:18
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIUSzg/PzlA+3KfH+dd5DdILXg25dUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmYmZmMjE3MTA1ZGY4ODc3ZDQ2M2Y2ZTliYWMyOGE0
MDg0ZDIwYzAeFw0yNjA0MjEwOTQzNDNaFw0yNzA0MjAwOTQ4NDNaMDMxMTAvBgNV
BAMTKDM1OTdCOEE5NkQ2MUMzQTFCNUU3OEU5QThEMTk3NzI4NUYyN0RGNTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGJh8keIMY67Oc5JBR+pcwwyYz
qPkNy+drUC2AmcyggiO85QTk2x5lP3IFxY6vOA/LgkIpgnYwB8VUqFe5gwjZz/Vw
V3IjlxpCzOkKaCZc4iSoM66xtjeNwFXVZsytzjgB3AqpWhWKFlwbPLxvWkZR/98j
0PiM6cKLWd+rRJRhFviSJ+q8kAyCn6ZO3vQKjThSIsi73gVtG5hHCABFWOEC5tOh
RsoYG5JjSBfnP3ukyZFFtTkgoklqaGSbSjHbcZ2kKG7po9uzpj1ITqtRHqGZow3V
UPQer5+9yBQHbIP8tzRpclMsOVxSPss1f1Bd9iNPtjL7eSH3TYoq5p2BjuSxAgMB
AAGjggIIMIICBDAdBgNVHQ4EFgQUNZe4qW1hw6G1546ajRl3KF8n31gwHwYDVR0j
BBgwFoAUnfv/IXEF34h31GP26brCikCE0gwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTViNGQ5ZTgtNDExMS00Mzk0LWEzYTYtYmQ4MjUxZTdm
YmJkLzAvOURGQkZGMjE3MTA1REY4ODc3RDQ2M0Y2RTlCQUMyOEE0MDg0RDIwQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25mdl9JWEVGMzRoMzFHUDI2YnJDaWtD
RTBndy5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzU1YjRkOWU4LTQxMTEt
NDM5NC1hM2E2LWJkODI1MWU3ZmJiZC8wL0FTOTEyMS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANRXxDAN
BgkqhkiG9w0BAQsFAAOCAQEAU328jRYnvVVukSh/bEiNExYRLQCYHfeL5UOCKUw2
AYqvTyOdvcy5GDzBqidA3cmfdlp0AZD34hpNS4q8trozOBDLSJ7atG9wEMxNt7ak
7Zv6XajFzs2PvtUX4Q9IgK069mqc7FtNHEkT2jzPzLG82cs+/0OEGkxsttvcVIt1
mGZWK3OkuxjIoXxTsOzuuk5LDhk6ldfvB7vIZNvwOl+wByPfk+xCUr3B6QZTd6OD
XBpsa3N/ftQqQUsUELhOvU3M/iRgQ2rn3vrix9v2HpVEothHg6BU62tIn7vncgIS
xylgqjW/A+LjX3lIj8lbXGF2ADAr0hnDxvCUQS/H+bRuGA==
-----END CERTIFICATE-----
Generated at Wed Apr 22 01:39:05 2026 by rpki-client