Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/0b8a5e-66ea-4e20-9ea8-2edd21783703/1/pYomtf1SWtfdxwK0By1Z7f81J9g.roa
File: pYomtf1SWtfdxwK0By1Z7f81J9g.roa (raw, json)
Hash identifier: 9Tdoe2hUbvQQkVuoDseELmtNdkp6TbY6A9h5XS/GJxg=
Subject key identifier: A5:8A:26:B5:FD:52:5A:D7:DD:C7:02:B4:07:2D:59:ED:FF:35:27:D8
Certificate issuer: /CN=375619200ec963d194a8018d4163d778a5cb526a
Certificate serial: 019D6D45BCE28E722ACF6D1C0890F0EB7C10
Authority key identifier: 37:56:19:20:0E:C9:63:D1:94:A8:01:8D:41:63:D7:78:A5:CB:52:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N1YZIA7JY9GUqAGNQWPXeKXLUmo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/0b8a5e-66ea-4e20-9ea8-2edd21783703/1/pYomtf1SWtfdxwK0By1Z7f81J9g.roa
Signing time: Wed 08 Apr 2026 13:26:20 +0000
ROA not before: Wed 08 Apr 2026 13:26:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 199738
IP address blocks: 213.173.12.0/24 maxlen: 24
213.173.13.0/24 maxlen: 24
2a13:8040::/32 maxlen: 32
2a13:8041::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/0b8a5e-66ea-4e20-9ea8-2edd21783703/1/N1YZIA7JY9GUqAGNQWPXeKXLUmo.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/0b8a5e-66ea-4e20-9ea8-2edd21783703/1/N1YZIA7JY9GUqAGNQWPXeKXLUmo.mft
rsync://rpki.ripe.net/repository/DEFAULT/N1YZIA7JY9GUqAGNQWPXeKXLUmo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 13:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:6d:45:bc:e2:8e:72:2a:cf:6d:1c:08:90:f0:eb:7c:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=375619200ec963d194a8018d4163d778a5cb526a
Validity
Not Before: Apr 8 13:26:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a58a26b5fd525ad7ddc702b4072d59edff3527d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:a8:bc:3e:c2:ca:09:cd:82:cb:03:0f:4c:94:
bd:32:a6:77:94:93:18:34:72:4f:00:52:e6:27:f0:
8f:80:44:05:81:62:d6:9a:d0:79:64:59:15:0a:6d:
d1:69:fb:c3:87:50:83:a0:40:89:fa:b5:bf:61:8e:
c4:e6:5d:b3:6e:9e:60:9c:70:01:f3:a7:3f:df:cb:
94:01:93:c3:46:b5:fe:28:0a:c0:49:e4:15:11:6c:
22:ee:26:92:1b:d1:42:f2:d5:18:28:00:bb:59:a0:
76:be:c4:23:b2:8c:94:6e:e6:5f:85:88:d2:07:28:
46:3e:18:b1:3f:6c:e9:38:cf:c6:ea:46:f2:d3:00:
58:1c:df:d4:77:e2:70:80:65:50:5e:24:d3:ea:1b:
cc:15:54:ae:67:85:9e:3a:cc:a5:ac:c8:fe:d9:ff:
ec:6f:dd:30:e1:3a:b4:d1:e1:ea:e4:f0:24:4c:fb:
8e:ff:37:aa:d1:3c:2e:be:6b:69:67:97:e3:29:b3:
d1:60:1a:6e:cf:c5:44:52:9a:5f:5b:b6:6e:94:3e:
92:5f:6f:6d:23:b3:8d:1b:40:7a:1c:73:df:b2:30:
9b:a9:28:d2:4d:d5:cc:04:5d:58:a4:39:cb:7e:39:
93:ee:de:9c:ff:43:a4:90:56:61:2e:21:c6:5d:48:
3e:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:8A:26:B5:FD:52:5A:D7:DD:C7:02:B4:07:2D:59:ED:FF:35:27:D8
X509v3 Authority Key Identifier:
keyid:37:56:19:20:0E:C9:63:D1:94:A8:01:8D:41:63:D7:78:A5:CB:52:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N1YZIA7JY9GUqAGNQWPXeKXLUmo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/0b8a5e-66ea-4e20-9ea8-2edd21783703/1/pYomtf1SWtfdxwK0By1Z7f81J9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/0b8a5e-66ea-4e20-9ea8-2edd21783703/1/N1YZIA7JY9GUqAGNQWPXeKXLUmo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.173.12.0/23
IPv6:
2a13:8040::/31
Signature Algorithm: sha256WithRSAEncryption
4c:2e:86:f0:de:b1:5b:78:08:7c:14:fd:b9:72:67:be:72:eb:
ee:b9:ba:0d:c8:c1:f8:eb:93:3c:07:94:5d:78:59:58:b6:ad:
7e:cf:b8:e5:56:7f:dd:3e:3f:ca:09:7c:62:58:e3:02:e1:9e:
92:11:ec:6c:ed:48:ea:b3:fa:49:f8:38:45:32:39:54:03:d4:
7c:48:53:25:97:98:c6:48:0b:5b:e0:7b:7b:15:5b:a0:12:13:
97:91:2a:10:ea:25:bc:2d:35:3c:a7:61:de:6b:fa:1c:79:b3:
4a:44:f4:3b:f0:70:54:ee:c9:ce:75:c0:17:32:35:98:eb:63:
df:90:67:38:61:db:dd:31:b1:f5:bb:ed:de:d4:19:62:5f:44:
bd:7e:8c:9d:9f:7d:4e:4e:55:56:c9:bc:28:61:db:2a:ff:44:
9a:95:f7:0a:24:6a:a3:5e:6b:b1:a2:eb:0b:68:d7:15:96:7f:
07:64:5a:5f:2f:0d:ef:1e:6f:19:60:93:2a:7a:3b:50:ac:b0:
7f:8d:8d:7e:02:97:c9:64:a2:ee:39:ef:43:8c:58:5b:5f:b5:
31:d0:47:81:32:55:bc:8c:7e:e2:52:b8:dc:6b:3b:17:f2:06:
64:ff:01:e7:e7:64:76:a7:42:05:e2:23:2e:69:44:40:86:e8:
77:79:dd:82
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZ1tRbzijnIqz20cCJDw63wQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NTYxOTIwMGVjOTYzZDE5NGE4MDE4ZDQxNjNkNzc4YTVj
YjUyNmEwHhcNMjYwNDA4MTMyNjIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNThhMjZiNWZkNTI1YWQ3ZGRjNzAyYjQwNzJkNTllZGZmMzUyN2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv6i8PsLKCc2CywMPTJS9MqZ3lJMY
NHJPAFLmJ/CPgEQFgWLWmtB5ZFkVCm3RafvDh1CDoECJ+rW/YY7E5l2zbp5gnHAB
86c/38uUAZPDRrX+KArASeQVEWwi7iaSG9FC8tUYKAC7WaB2vsQjsoyUbuZfhYjS
ByhGPhixP2zpOM/G6kby0wBYHN/Ud+JwgGVQXiTT6hvMFVSuZ4WeOsylrMj+2f/s
b90w4Tq00eHq5PAkTPuO/zeq0TwuvmtpZ5fjKbPRYBpuz8VEUppfW7ZulD6SX29t
I7ONG0B6HHPfsjCbqSjSTdXMBF1YpDnLfjmT7t6c/0OkkFZhLiHGXUg+4QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKWKJrX9UlrX3ccCtActWe3/NSfYMB8GA1UdIwQY
MBaAFDdWGSAOyWPRlKgBjUFj13ily1JqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjFZWklBN0pZOUdVcUFHTlFXUFhlS1hMVW1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8wYjhhNWUtNjZlYS00ZTIwLTllYTgt
MmVkZDIxNzgzNzAzLzEvcFlvbXRmMVNXdGZkeHdLMEJ5MVo3ZjgxSjlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8wYjhhNWUtNjZlYS00ZTIwLTllYTgtMmVkZDIxNzgzNzAz
LzEvTjFZWklBN0pZOUdVcUFHTlFXUFhlS1hMVW1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQB1a0MMA0E
AgACMAcDBQEqE4BAMA0GCSqGSIb3DQEBCwUAA4IBAQBMLobw3rFbeAh8FP25cme+
cuvuuboNyMH465M8B5RdeFlYtq1+z7jlVn/dPj/KCXxiWOMC4Z6SEexs7Ujqs/pJ
+DhFMjlUA9R8SFMll5jGSAtb4Ht7FVugEhOXkSoQ6iW8LTU8p2Hea/ocebNKRPQ7
8HBU7snOdcAXMjWY62PfkGc4YdvdMbH1u+3e1BliX0S9foydn31OTlVWybwoYdsq
/0SalfcKJGqjXmuxousLaNcVln8HZFpfLw3vHm8ZYJMqejtQrLB/jY1+ApfJZKLu
Oe9DjFhbX7Ux0EeBMlW8jH7iUrjcazsX8gZk/wHn52R2p0IF4iMuaURAhuh3ed2C
-----END CERTIFICATE-----
Generated at Fri Apr 17 23:23:19 2026 by rpki-client