Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/5b4426-a266-43ce-a9e6-b0e6058d4dd7/1/dxbyRDdv09ICKS6ChlM_L9Xumnw.roa
File: dxbyRDdv09ICKS6ChlM_L9Xumnw.roa (raw, json)
Hash identifier: lvevmivI4N4dOsAp3mTKLKEujagdYH7PHaCaaKJbn/g=
Subject key identifier: 77:16:F2:44:37:6F:D3:D2:02:29:2E:82:86:53:3F:2F:D5:EE:9A:7C
Certificate issuer: /CN=96d66966ffda0a5d0e131d134a79d93205c8c550
Certificate serial: 019CA9E5AC60F170AE85CEDCF5AC6E41273D
Authority key identifier: 96:D6:69:66:FF:DA:0A:5D:0E:13:1D:13:4A:79:D9:32:05:C8:C5:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ltZpZv_aCl0OEx0TSnnZMgXIxVA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/5b4426-a266-43ce-a9e6-b0e6058d4dd7/1/dxbyRDdv09ICKS6ChlM_L9Xumnw.roa
Signing time: Sun 01 Mar 2026 14:55:27 +0000
ROA not before: Sun 01 Mar 2026 14:55:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 203090
IP address blocks: 91.233.10.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/5b4426-a266-43ce-a9e6-b0e6058d4dd7/1/ltZpZv_aCl0OEx0TSnnZMgXIxVA.crl
rsync://rpki.ripe.net/repository/DEFAULT/06/5b4426-a266-43ce-a9e6-b0e6058d4dd7/1/ltZpZv_aCl0OEx0TSnnZMgXIxVA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ltZpZv_aCl0OEx0TSnnZMgXIxVA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:a9:e5:ac:60:f1:70:ae:85:ce:dc:f5:ac:6e:41:27:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96d66966ffda0a5d0e131d134a79d93205c8c550
Validity
Not Before: Mar 1 14:55:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7716f244376fd3d202292e8286533f2fd5ee9a7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:f6:66:96:da:9a:c8:49:f3:9f:50:b7:8f:b7:
ae:0c:0e:a4:02:df:36:6b:a8:5a:25:e6:04:e7:17:
58:ca:6d:15:17:83:98:58:04:37:3b:f4:20:7a:67:
ef:ba:4f:7e:ba:91:4b:06:37:97:38:45:e1:59:3d:
57:6a:ea:44:1b:9b:07:40:83:bf:8b:a6:c3:35:35:
c6:17:3c:a9:70:ee:65:99:7a:50:56:66:e4:7a:09:
fc:9a:a4:ad:51:79:6b:fa:2a:cc:ba:98:e2:e8:47:
f3:19:bf:00:5b:67:a9:e1:a5:96:6a:93:6f:38:45:
e6:05:35:a3:d4:3b:63:cc:fa:a4:76:fc:a9:bf:77:
58:e9:fa:03:d4:cd:28:fd:a1:74:91:58:63:97:9e:
d6:b7:18:02:ec:27:30:c8:98:fc:34:d4:b4:42:25:
a3:17:8d:b0:54:a9:a7:a4:ca:e4:b9:92:d4:2d:af:
bd:56:d2:46:4c:32:7f:88:a9:81:98:7f:0e:6d:27:
eb:1a:f1:02:5f:50:fd:d9:38:3c:d7:13:93:7d:7d:
95:e2:a7:52:ae:e0:49:9c:76:cf:47:ee:db:eb:a8:
8f:04:07:8d:f7:9e:3f:3d:f4:35:4e:c9:66:01:e7:
a7:ac:67:93:8b:f9:5a:3b:d7:64:59:40:31:a2:94:
78:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:16:F2:44:37:6F:D3:D2:02:29:2E:82:86:53:3F:2F:D5:EE:9A:7C
X509v3 Authority Key Identifier:
keyid:96:D6:69:66:FF:DA:0A:5D:0E:13:1D:13:4A:79:D9:32:05:C8:C5:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ltZpZv_aCl0OEx0TSnnZMgXIxVA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/5b4426-a266-43ce-a9e6-b0e6058d4dd7/1/dxbyRDdv09ICKS6ChlM_L9Xumnw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/5b4426-a266-43ce-a9e6-b0e6058d4dd7/1/ltZpZv_aCl0OEx0TSnnZMgXIxVA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.233.10.0/24
Signature Algorithm: sha256WithRSAEncryption
09:fa:da:7c:4b:12:82:24:0a:a0:69:46:e1:b4:83:f5:06:9f:
1b:5f:ac:cf:0b:93:44:89:73:d2:a3:3b:16:e8:ee:ea:db:c5:
b8:2e:cf:66:7a:92:ea:60:9e:32:28:a6:be:04:5d:d1:69:5d:
ed:1f:b8:bc:51:e9:f5:3d:46:ca:59:07:d8:2e:84:bc:ff:b8:
68:8b:71:93:6f:84:82:ab:d0:09:b9:ed:0b:ab:e7:ae:d1:e4:
a4:d1:5d:99:12:39:92:fd:31:c9:a1:2a:b3:a6:44:f4:8e:69:
12:72:58:1e:e9:f9:22:83:ac:a3:b3:d9:fd:4c:47:b2:67:2f:
8e:95:bf:7e:11:b8:12:b4:87:84:dc:3c:18:e5:f4:97:85:8e:
8a:e9:d7:00:8d:dd:65:bf:fa:71:ba:e7:11:3e:41:bd:26:43:
45:d4:63:6d:0e:7d:9e:43:7e:ce:5b:2d:26:fa:a2:2f:0e:7f:
4e:88:0e:24:9a:27:94:df:67:10:b5:55:64:52:98:d7:2a:f5:
84:6b:22:96:b3:8a:bf:0a:7e:59:dc:3f:dc:a1:30:06:1f:d6:
28:ef:a2:d9:bd:13:e5:92:3d:31:ec:c9:f5:b5:21:c0:37:c3:
fd:17:17:9e:1e:31:b9:16:1e:c0:92:06:03:f5:9d:7f:f6:4c:
1d:97:ba:73
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZyp5axg8XCuhc7c9axuQSc9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2ZDY2OTY2ZmZkYTBhNWQwZTEzMWQxMzRhNzlkOTMyMDVj
OGM1NTAwHhcNMjYwMzAxMTQ1NTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzE2ZjI0NDM3NmZkM2QyMDIyOTJlODI4NjUzM2YyZmQ1ZWU5YTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkfZmltqayEnzn1C3j7euDA6kAt82
a6haJeYE5xdYym0VF4OYWAQ3O/Qgemfvuk9+upFLBjeXOEXhWT1XaupEG5sHQIO/
i6bDNTXGFzypcO5lmXpQVmbkegn8mqStUXlr+irMupji6EfzGb8AW2ep4aWWapNv
OEXmBTWj1DtjzPqkdvypv3dY6foD1M0o/aF0kVhjl57WtxgC7CcwyJj8NNS0QiWj
F42wVKmnpMrkuZLULa+9VtJGTDJ/iKmBmH8ObSfrGvECX1D92Tg81xOTfX2V4qdS
ruBJnHbPR+7b66iPBAeN954/PfQ1TslmAeenrGeTi/laO9dkWUAxopR4MQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHcW8kQ3b9PSAikugoZTPy/V7pp8MB8GA1UdIwQY
MBaAFJbWaWb/2gpdDhMdE0p52TIFyMVQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHRacFp2X2FDbDBPRXgwVFNublpNZ1hJeFZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi81YjQ0MjYtYTI2Ni00M2NlLWE5ZTYt
YjBlNjA1OGQ0ZGQ3LzEvZHhieVJEZHYwOUlDS1M2Q2hsTV9MOVh1bW53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi81YjQ0MjYtYTI2Ni00M2NlLWE5ZTYtYjBlNjA1OGQ0ZGQ3
LzEvbHRacFp2X2FDbDBPRXgwVFNublpNZ1hJeFZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+kKMA0G
CSqGSIb3DQEBCwUAA4IBAQAJ+tp8SxKCJAqgaUbhtIP1Bp8bX6zPC5NEiXPSozsW
6O7q28W4Ls9mepLqYJ4yKKa+BF3RaV3tH7i8Uen1PUbKWQfYLoS8/7hoi3GTb4SC
q9AJue0Lq+eu0eSk0V2ZEjmS/THJoSqzpkT0jmkSclge6fkig6yjs9n9TEeyZy+O
lb9+EbgStIeE3DwY5fSXhY6K6dcAjd1lv/pxuucRPkG9JkNF1GNtDn2eQ37OWy0m
+qIvDn9OiA4kmieU32cQtVVkUpjXKvWEayKWs4q/Cn5Z3D/coTAGH9Yo76LZvRPl
kj0x7Mn1tSHAN8P9FxeeHjG5Fh7AkgYD9Z1/9kwdl7pz
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:52:37 2026 by rpki-client