Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IuWE38RFW8zK1UmV9yojFw6fBOY.roa
File: IuWE38RFW8zK1UmV9yojFw6fBOY.roa (raw, json)
Hash identifier: HRTZncjwxf2AErDBui1/wPGiLAX/Mdi/BQhSNfiZKvM=
Subject key identifier: 22:E5:84:DF:C4:45:5B:CC:CA:D5:49:95:F7:2A:23:17:0E:9F:04:E6
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019D8EAE9CAD0A0BF202685777CAF5C38CCB
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IuWE38RFW8zK1UmV9yojFw6fBOY.roa
Signing time: Wed 15 Apr 2026 01:08:21 +0000
ROA not before: Wed 15 Apr 2026 01:08:21 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 87.120.68.0/24 maxlen: 24
185.252.160.0/23 maxlen: 24
193.37.44.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 19:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:8e:ae:9c:ad:0a:0b:f2:02:68:57:77:ca:f5:c3:8c:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 15 01:08:21 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=22e584dfc4455bcccad54995f72a23170e9f04e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:7e:8c:5d:5b:39:d1:00:5b:32:0f:e5:c7:92:
8b:a1:b2:ca:94:b1:10:46:8b:82:34:66:4f:e2:bf:
d9:4f:66:b6:9b:c8:d6:c6:3c:b3:22:79:3b:28:57:
80:e3:fe:1b:f8:6c:82:cb:cf:cf:d3:ea:84:88:9c:
59:a5:54:4c:9b:4f:db:58:d7:d4:92:8e:1d:e7:c4:
3c:ba:dc:58:59:a1:29:b6:11:3a:91:7f:df:03:19:
32:f7:06:a2:3f:91:fa:69:88:05:91:ad:3a:74:aa:
4f:9d:9b:42:3a:67:89:ce:0c:59:a3:b9:60:7e:76:
fc:aa:9d:37:f6:f3:c2:df:14:41:ca:a9:b8:6c:d5:
79:08:5e:b1:e3:5d:f7:eb:d2:ad:9e:4d:2f:84:22:
c9:a0:a9:47:c5:4e:36:e1:17:7b:71:dc:97:ee:2d:
24:0f:0d:03:be:e8:de:61:23:38:4a:f5:63:13:ce:
65:64:92:d7:12:b9:31:59:02:a7:ff:a2:17:9e:cf:
1d:00:32:9c:a0:29:85:0b:0e:6e:65:3c:be:51:88:
fc:74:d9:37:84:5c:f9:3f:7b:7e:cb:1f:25:86:a3:
bf:71:f8:33:83:5c:48:b2:b3:bd:ab:a9:7a:ff:74:
6f:1b:bc:da:9f:5d:e8:09:c6:3e:34:fd:3e:b1:16:
41:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:E5:84:DF:C4:45:5B:CC:CA:D5:49:95:F7:2A:23:17:0E:9F:04:E6
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IuWE38RFW8zK1UmV9yojFw6fBOY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.120.68.0/24
185.252.160.0/23
193.37.44.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:fc:04:a6:6a:df:54:0c:9a:82:0c:70:0e:17:db:67:eb:20:
59:c6:96:24:9b:a8:5a:0e:50:b5:3f:a2:c9:dd:e7:ca:b6:25:
8a:de:3a:34:18:e3:9f:eb:a0:39:78:05:20:89:5b:f7:62:98:
bf:5f:c0:fc:98:64:cb:d4:72:92:22:24:98:1c:a1:46:34:8d:
82:2c:82:c9:42:a2:b4:58:e3:99:af:96:e1:37:a5:3a:4e:fd:
b4:d6:51:2b:b2:81:27:41:ba:4f:96:f0:b3:a1:a2:e9:bd:c5:
1b:73:5d:ec:5b:f1:68:af:0f:9e:cb:fe:61:24:69:b8:b7:6b:
0f:4d:06:04:b2:38:08:41:fb:5c:aa:d5:11:87:b9:fd:99:43:
9e:92:60:74:7a:80:0e:6a:f5:82:bc:ad:d4:4a:07:b6:51:be:
86:02:1b:a1:38:64:05:06:90:56:09:c7:c4:9a:2e:71:4c:d9:
81:28:a5:a4:70:e5:77:0f:04:69:a7:52:91:dd:40:be:cb:e1:
97:f2:11:60:b7:83:22:35:90:90:35:de:b9:99:52:54:1a:1b:
9e:58:9c:f3:e5:f5:a9:75:a2:37:8b:9a:84:aa:61:0d:72:d8:
ca:7b:18:b0:aa:55:c4:7b:42:75:f8:e3:b6:a4:eb:39:c8:06:
37:93:be:9f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZ2OrpytCgvyAmhXd8r1w4zLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjYwNDE1MDEwODIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmU1ODRkZmM0NDU1YmNjY2FkNTQ5OTVmNzJhMjMxNzBlOWYwNGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy36MXVs50QBbMg/lx5KLobLKlLEQ
RouCNGZP4r/ZT2a2m8jWxjyzInk7KFeA4/4b+GyCy8/P0+qEiJxZpVRMm0/bWNfU
ko4d58Q8utxYWaEpthE6kX/fAxky9waiP5H6aYgFka06dKpPnZtCOmeJzgxZo7lg
fnb8qp039vPC3xRByqm4bNV5CF6x413369Ktnk0vhCLJoKlHxU424Rd7cdyX7i0k
Dw0DvujeYSM4SvVjE85lZJLXErkxWQKn/6IXns8dADKcoCmFCw5uZTy+UYj8dNk3
hFz5P3t+yx8lhqO/cfgzg1xIsrO9q6l6/3RvG7zan13oCcY+NP0+sRZBvwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCLlhN/ERVvMytVJlfcqIxcOnwTmMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvSXVXRTM4UkZXOHpLMVVtVjl5b2pGdzZmQk9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAV3hEAwQB
ufygAwQAwSUsMA0GCSqGSIb3DQEBCwUAA4IBAQA+/ASmat9UDJqCDHAOF9tn6yBZ
xpYkm6haDlC1P6LJ3efKtiWK3jo0GOOf66A5eAUgiVv3Ypi/X8D8mGTL1HKSIiSY
HKFGNI2CLILJQqK0WOOZr5bhN6U6Tv201lErsoEnQbpPlvCzoaLpvcUbc13sW/Fo
rw+ey/5hJGm4t2sPTQYEsjgIQftcqtURh7n9mUOekmB0eoAOavWCvK3USge2Ub6G
AhuhOGQFBpBWCcfEmi5xTNmBKKWkcOV3DwRpp1KR3UC+y+GX8hFgt4MiNZCQNd65
mVJUGhueWJzz5fWpdaI3i5qEqmENctjKexiwqlXEe0J1+OO2pOs5yAY3k76f
-----END CERTIFICATE-----
Generated at Fri Apr 17 01:49:58 2026 by rpki-client