Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/9AVi0AytA6eY79hA8YMYSG3Zp8o.roa
File: 9AVi0AytA6eY79hA8YMYSG3Zp8o.roa (raw, json)
Hash identifier: YrDqeleif3YZRdG0sXrE36Oxmwd3p/hjX0eOepoBnJg=
Subject key identifier: F4:05:62:D0:0C:AD:03:A7:98:EF:D8:40:F1:83:18:48:6D:D9:A7:CA
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 019D7B425F523A246AB59DA8AD7A3D81837C
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/9AVi0AytA6eY79hA8YMYSG3Zp8o.roa
Signing time: Sat 11 Apr 2026 06:37:20 +0000
ROA not before: Sat 11 Apr 2026 06:37:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 63150
IP address blocks: 178.239.122.0/24 maxlen: 24
178.239.123.0/24 maxlen: 24
178.239.124.0/24 maxlen: 24
178.239.125.0/24 maxlen: 24
178.239.126.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.mft
rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:7b:42:5f:52:3a:24:6a:b5:9d:a8:ad:7a:3d:81:83:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Apr 11 06:37:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f40562d00cad03a798efd840f18318486dd9a7ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:2c:7c:a7:be:54:61:64:12:c4:17:42:34:bb:
be:09:13:54:b9:c2:1c:aa:b4:95:6f:03:2e:c2:2f:
cc:e4:8c:ce:71:f4:06:4c:b3:3f:85:dc:43:cf:c7:
af:1c:82:41:6b:8f:e5:a4:f2:e7:25:99:3e:aa:29:
24:c3:f1:d0:c3:be:fd:67:47:10:89:cb:8c:24:62:
5e:41:6c:c9:5e:6c:ef:95:02:a3:ec:45:84:64:d2:
8d:fe:d2:90:2a:c3:40:84:c7:33:c8:c1:41:f9:6f:
3b:f8:4b:61:1b:f2:49:a1:15:b4:a0:3f:d6:a4:5b:
ab:a6:5f:2f:5c:fa:02:6d:8f:76:c7:ae:1c:7b:41:
0f:c5:58:13:fb:d6:74:43:d3:8e:b5:11:3a:f8:ad:
26:5e:ac:a2:d2:ca:f7:39:ee:92:e6:1d:bb:b9:13:
66:f7:12:35:6c:b5:7c:71:25:62:00:c6:e8:30:80:
ee:e9:90:40:d6:87:46:0a:63:a3:a7:5a:b9:a3:65:
b3:c7:07:c3:4c:98:bb:4a:be:c4:9d:8b:24:d2:41:
38:d1:9f:8d:39:01:34:a5:b5:ce:97:fc:bc:9c:e1:
d6:67:38:04:3b:1d:31:f8:87:7f:c0:23:d9:f7:b8:
b5:ef:ea:04:9c:5f:b4:6f:75:9a:9d:5c:84:e0:a1:
c5:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:05:62:D0:0C:AD:03:A7:98:EF:D8:40:F1:83:18:48:6D:D9:A7:CA
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/9AVi0AytA6eY79hA8YMYSG3Zp8o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.239.122.0-178.239.126.255
Signature Algorithm: sha256WithRSAEncryption
17:8a:37:62:96:34:f8:2d:99:d8:2a:e8:6d:d9:75:4b:7d:08:
f7:02:17:a9:36:57:f4:80:ac:a9:8e:72:e7:65:52:fc:58:e1:
a5:23:15:33:d8:ad:a4:25:90:7f:73:1d:0d:5f:f7:1a:77:8c:
37:33:f2:d5:7f:d4:27:fe:9f:a6:c7:46:63:c0:13:10:b9:d5:
1f:96:62:97:b8:2d:fe:e4:24:74:9c:8b:23:0f:d3:2f:ae:f8:
30:70:01:ca:01:cc:cb:5b:5f:46:7b:63:7f:54:e4:60:2d:53:
a0:c4:2c:0b:c6:86:ae:c2:b2:6e:a9:bb:c1:69:37:73:a0:b3:
f3:fd:c6:d2:5a:24:e3:86:62:43:15:84:f7:6f:ba:9f:95:18:
2d:58:43:10:0e:c5:63:6d:5c:8e:21:51:2a:9c:70:07:46:8e:
56:23:4d:ae:0c:fa:36:c0:b8:4d:c4:34:40:03:d1:48:54:c3:
72:54:f4:fe:77:6c:0d:27:2a:c3:45:c2:78:98:14:28:a0:96:
ad:a0:05:c0:36:66:e6:c0:3a:2c:30:2e:64:36:5e:f3:ed:08:
d9:92:5b:e1:2d:f4:0e:28:01:e3:46:38:5c:43:0a:fc:fc:6b:
00:26:e6:a6:08:b8:df:d7:ab:f7:6d:f1:4f:04:e3:38:e0:90:
97:81:26:51
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZ17Ql9SOiRqtZ2orXo9gYN8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy
ODRkMGYwHhcNMjYwNDExMDYzNzIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDA1NjJkMDBjYWQwM2E3OThlZmQ4NDBmMTgzMTg0ODZkZDlhN2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyx8p75UYWQSxBdCNLu+CRNUucIc
qrSVbwMuwi/M5IzOcfQGTLM/hdxDz8evHIJBa4/lpPLnJZk+qikkw/HQw779Z0cQ
icuMJGJeQWzJXmzvlQKj7EWEZNKN/tKQKsNAhMczyMFB+W87+EthG/JJoRW0oD/W
pFurpl8vXPoCbY92x64ce0EPxVgT+9Z0Q9OOtRE6+K0mXqyi0sr3Oe6S5h27uRNm
9xI1bLV8cSViAMboMIDu6ZBA1odGCmOjp1q5o2WzxwfDTJi7Sr7EnYsk0kE40Z+N
OQE0pbXOl/y8nOHWZzgEOx0x+Id/wCPZ97i17+oEnF+0b3WanVyE4KHFlQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFPQFYtAMrQOnmO/YQPGDGEht2afKMB8GA1UdIwQY
MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt
NGY1N2Q5Y2Y1Y2FhLzEvOUFWaTBBeXRBNmVZNzloQThZTVlTRzNacDhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3ZjgtNGY1N2Q5Y2Y1Y2Fh
LzEvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAGy73oD
BACy734wDQYJKoZIhvcNAQELBQADggEBABeKN2KWNPgtmdgq6G3ZdUt9CPcCF6k2
V/SArKmOcudlUvxY4aUjFTPYraQlkH9zHQ1f9xp3jDcz8tV/1Cf+n6bHRmPAExC5
1R+WYpe4Lf7kJHSciyMP0y+u+DBwAcoBzMtbX0Z7Y39U5GAtU6DELAvGhq7Csm6p
u8FpN3Ogs/P9xtJaJOOGYkMVhPdvup+VGC1YQxAOxWNtXI4hUSqccAdGjlYjTa4M
+jbAuE3ENEAD0UhUw3JU9P53bA0nKsNFwniYFCiglq2gBcA2ZubAOiwwLmQ2XvPt
CNmSW+Et9A4oAeNGOFxDCvz8awAm5qYIuN/Xq/dt8U8E4zjgkJeBJlE=
-----END CERTIFICATE-----
Generated at Fri Apr 17 06:50:18 2026 by rpki-client