Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/c04d99-de44-40ab-a2c0-08279455f941/1/rsroaei2TqcIFnLEgGYzqyrWcFk.roa
File: rsroaei2TqcIFnLEgGYzqyrWcFk.roa (raw, json)
Hash identifier: 5AMA9aMta9Csy7KyS+5XAc3h7QHkQnnyf2Wg73Az1uw=
Subject key identifier: AE:CA:E8:69:E8:B6:4E:A7:08:16:72:C4:80:66:33:AB:2A:D6:70:59
Certificate issuer: /CN=faa6e5e86023c9b314ee651291fafe8c6dd69a83
Certificate serial: 019E4ADFBA664451A3DBA90A4B0AACE9967B
Authority key identifier: FA:A6:E5:E8:60:23:C9:B3:14:EE:65:12:91:FA:FE:8C:6D:D6:9A:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-qbl6GAjybMU7mUSkfr-jG3WmoM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/c04d99-de44-40ab-a2c0-08279455f941/1/rsroaei2TqcIFnLEgGYzqyrWcFk.roa
Signing time: Thu 21 May 2026 14:10:36 +0000
ROA not before: Thu 21 May 2026 14:10:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 200736
IP address blocks: 91.211.212.0/22 maxlen: 24
91.211.212.0/24 maxlen: 24
91.211.213.0/24 maxlen: 24
91.211.214.0/24 maxlen: 24
91.211.215.0/24 maxlen: 24
194.187.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/c04d99-de44-40ab-a2c0-08279455f941/1/1-qbl6GAjybMU7mUSkfr-jG3WmoM.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/c04d99-de44-40ab-a2c0-08279455f941/1/1-qbl6GAjybMU7mUSkfr-jG3WmoM.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-qbl6GAjybMU7mUSkfr-jG3WmoM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:4a:df:ba:66:44:51:a3:db:a9:0a:4b:0a:ac:e9:96:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=faa6e5e86023c9b314ee651291fafe8c6dd69a83
Validity
Not Before: May 21 14:10:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=aecae869e8b64ea7081672c4806633ab2ad67059
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:cc:2f:46:7d:7f:c0:5d:81:a9:fb:a9:34:41:
f3:24:b1:ea:2c:bf:02:2a:ad:07:97:ec:5f:25:43:
f6:84:f9:12:0b:f4:cb:f3:00:c6:a8:74:ae:07:3c:
68:eb:ac:04:ba:e2:7e:03:d5:3d:37:82:c0:05:a0:
ba:26:ef:69:44:91:f9:29:8b:8c:c6:bb:09:dc:b6:
df:42:26:e2:4c:ea:c2:34:b5:a7:35:4d:ee:cd:e1:
b0:d6:94:50:77:7f:04:49:83:2e:ff:fc:8a:1c:22:
33:ef:e5:81:c4:b7:22:4e:7a:4f:2c:2e:d9:92:34:
99:19:90:dd:5b:18:03:8b:7a:b9:a8:f0:95:5b:1a:
d4:ba:29:16:fc:ca:3e:63:64:65:2b:36:01:e8:c4:
95:83:b7:1b:06:4f:1d:07:b0:1c:79:93:85:1e:eb:
85:49:c3:66:a1:ee:5b:5a:a2:2d:7b:af:ff:8a:2b:
d0:bd:85:4e:a5:50:99:db:65:80:9f:6d:5f:07:e1:
c5:76:a6:b4:56:b0:cc:1f:e2:bd:9c:f8:a0:c7:82:
7d:96:3f:55:51:38:c2:61:74:67:f9:9b:be:c4:48:
9e:22:f1:19:d6:a1:15:e7:07:62:71:e0:de:28:76:
8f:5c:e8:5a:45:b2:7b:2b:e4:1a:32:fc:6a:df:fe:
3f:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:CA:E8:69:E8:B6:4E:A7:08:16:72:C4:80:66:33:AB:2A:D6:70:59
X509v3 Authority Key Identifier:
keyid:FA:A6:E5:E8:60:23:C9:B3:14:EE:65:12:91:FA:FE:8C:6D:D6:9A:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-qbl6GAjybMU7mUSkfr-jG3WmoM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c04d99-de44-40ab-a2c0-08279455f941/1/rsroaei2TqcIFnLEgGYzqyrWcFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c04d99-de44-40ab-a2c0-08279455f941/1/1-qbl6GAjybMU7mUSkfr-jG3WmoM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.211.212.0/22
194.187.255.0/24
Signature Algorithm: sha256WithRSAEncryption
c2:66:c4:a5:7f:5c:6b:40:41:0e:91:14:22:19:0e:a8:60:ea:
bf:34:56:2b:19:27:2a:20:e9:89:a3:96:2c:3d:a9:12:43:e5:
5d:ba:71:97:73:9c:56:01:d1:54:c6:be:7e:75:43:a5:5d:cc:
47:87:f0:3a:fd:62:ef:ca:47:b2:aa:50:c8:d5:d6:b9:4f:0b:
ad:f4:e0:a2:74:aa:f5:3a:37:95:16:b1:7e:90:64:11:0c:43:
ce:1b:c0:76:18:80:77:3b:fc:4e:4a:be:be:5a:cc:ce:72:cf:
4e:48:1c:e7:8b:b4:a7:fe:f4:46:50:91:1e:dc:3c:3a:ed:9f:
09:cf:60:25:bb:8f:de:75:f6:7f:fb:35:94:e9:65:5f:ad:49:
a9:5b:3d:a3:04:29:70:fe:b5:93:40:9a:d8:45:dd:a6:2c:79:
fc:bd:e1:9f:26:92:e2:93:a8:f5:bb:85:9f:58:66:9f:1b:3c:
b4:82:3f:21:72:a7:0d:5b:41:92:c4:1e:80:5b:ef:f3:d9:46:
e6:46:f4:52:63:8d:b3:4b:54:f1:a2:56:11:23:5f:bc:55:c7:
87:72:30:d1:d0:31:17:44:0a:6e:c3:ab:c5:98:8c:30:de:40:
1e:c0:4a:1c:6f:5a:bc:b7:61:8b:50:70:56:14:97:c0:b9:43:
8c:4d:04:0b
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZ5K37pmRFGj26kKSwqs6ZZ7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhYTZlNWU4NjAyM2M5YjMxNGVlNjUxMjkxZmFmZThjNmRk
NjlhODMwHhcNMjYwNTIxMTQxMDM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWNhZTg2OWU4YjY0ZWE3MDgxNjcyYzQ4MDY2MzNhYjJhZDY3MDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA68wvRn1/wF2BqfupNEHzJLHqLL8C
Kq0Hl+xfJUP2hPkSC/TL8wDGqHSuBzxo66wEuuJ+A9U9N4LABaC6Ju9pRJH5KYuM
xrsJ3LbfQibiTOrCNLWnNU3uzeGw1pRQd38ESYMu//yKHCIz7+WBxLciTnpPLC7Z
kjSZGZDdWxgDi3q5qPCVWxrUuikW/Mo+Y2RlKzYB6MSVg7cbBk8dB7AceZOFHuuF
ScNmoe5bWqIte6//iivQvYVOpVCZ22WAn21fB+HFdqa0VrDMH+K9nPigx4J9lj9V
UTjCYXRn+Zu+xEieIvEZ1qEV5wdiceDeKHaPXOhaRbJ7K+QaMvxq3/4/JwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFK7K6Gnotk6nCBZyxIBmM6sq1nBZMB8GA1UdIwQY
MBaAFPqm5ehgI8mzFO5lEpH6/oxt1pqDMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1xYmw2R0FqeWJNVTdtVVNrZnItakczV21vTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAvYzA0ZDk5LWRlNDQtNDBhYi1hMmMw
LTA4Mjc5NDU1Zjk0MS8xL3Jzcm9hZWkyVHFjSUZuTEVnR1l6cXlyV2NGay5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDAvYzA0ZDk5LWRlNDQtNDBhYi1hMmMwLTA4Mjc5NDU1Zjk0
MS8xLzEtcWJsNkdBanliTVU3bVVTa2ZyLWpHM1dtb00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAJb09QD
BADCu/8wDQYJKoZIhvcNAQELBQADggEBAMJmxKV/XGtAQQ6RFCIZDqhg6r80VisZ
Jyog6Ymjliw9qRJD5V26cZdznFYB0VTGvn51Q6VdzEeH8Dr9Yu/KR7KqUMjV1rlP
C6304KJ0qvU6N5UWsX6QZBEMQ84bwHYYgHc7/E5Kvr5azM5yz05IHOeLtKf+9EZQ
kR7cPDrtnwnPYCW7j9519n/7NZTpZV+tSalbPaMEKXD+tZNAmthF3aYsefy94Z8m
kuKTqPW7hZ9YZp8bPLSCPyFypw1bQZLEHoBb7/PZRuZG9FJjjbNLVPGiVhEjX7xV
x4dyMNHQMRdECm7Dq8WYjDDeQB7AShxvWry3YYtQcFYUl8C5Q4xNBAs=
-----END CERTIFICATE-----
Generated at Sat Jun 13 16:51:51 2026 by rpki-client