Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/e2934c-053a-4b97-aa2a-62808bbbdd21/1/vv3CReJV7LkCDD7lq-2ePD1bHSw.roa
File: vv3CReJV7LkCDD7lq-2ePD1bHSw.roa (raw, json)
Hash identifier: vcOUmLLDOnBolotJp01JH8ANPyx16KLiqHkliISm6TA=
Subject key identifier: BE:FD:C2:45:E2:55:EC:B9:02:0C:3E:E5:AB:ED:9E:3C:3D:5B:1D:2C
Certificate issuer: /CN=12b87c6caf81de3625fe1ce0559f39e30505a051
Certificate serial: 019D9A66C8EB9E9BB11D62F5173A038ED652
Authority key identifier: 12:B8:7C:6C:AF:81:DE:36:25:FE:1C:E0:55:9F:39:E3:05:05:A0:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Erh8bK-B3jYl_hzgVZ854wUFoFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/e2934c-053a-4b97-aa2a-62808bbbdd21/1/vv3CReJV7LkCDD7lq-2ePD1bHSw.roa
Signing time: Fri 17 Apr 2026 07:45:20 +0000
ROA not before: Fri 17 Apr 2026 07:45:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212238
IP address blocks: 185.238.216.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/e2934c-053a-4b97-aa2a-62808bbbdd21/1/Erh8bK-B3jYl_hzgVZ854wUFoFE.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/e2934c-053a-4b97-aa2a-62808bbbdd21/1/Erh8bK-B3jYl_hzgVZ854wUFoFE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Erh8bK-B3jYl_hzgVZ854wUFoFE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 15:03:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9a:66:c8:eb:9e:9b:b1:1d:62:f5:17:3a:03:8e:d6:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12b87c6caf81de3625fe1ce0559f39e30505a051
Validity
Not Before: Apr 17 07:45:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=befdc245e255ecb9020c3ee5abed9e3c3d5b1d2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:2d:74:75:23:66:50:cb:7d:a5:51:f0:41:12:
03:03:51:fb:36:b4:8d:69:55:4d:3e:6b:f7:44:46:
e2:21:32:b4:dd:e0:03:0a:87:a9:a2:90:4f:b5:24:
69:1a:ff:d3:89:77:fc:30:47:52:53:72:90:82:9a:
71:6c:76:28:8c:0a:73:e3:15:8d:85:78:8b:3f:2c:
05:bd:87:d4:27:98:47:4d:80:e1:32:ac:41:37:6f:
cb:ff:2e:42:33:81:b5:9a:b1:53:cd:de:ff:1e:29:
f1:04:68:43:be:f0:33:ea:ce:fc:3a:84:d5:ad:a0:
36:9f:fe:b8:73:f6:c0:a3:31:f3:b3:93:33:c3:36:
9d:b9:db:70:2b:c1:14:64:ae:f6:cc:1b:7e:ec:f3:
d2:a9:18:4a:be:ff:9d:f9:61:41:63:42:57:13:84:
34:33:c0:22:4b:64:b4:50:d1:1b:a5:d3:cb:37:70:
a0:a9:e5:16:bb:be:f1:d2:1f:9b:cc:97:46:26:7f:
6b:dc:96:09:b7:88:bd:10:58:f0:28:22:3a:77:97:
62:97:a7:7a:43:c8:9b:2f:04:25:18:59:6f:9b:73:
c3:29:b9:fa:af:10:41:45:27:c3:18:12:48:41:be:
58:04:80:3b:90:65:06:5b:b2:d5:a9:c3:3f:be:11:
c2:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:FD:C2:45:E2:55:EC:B9:02:0C:3E:E5:AB:ED:9E:3C:3D:5B:1D:2C
X509v3 Authority Key Identifier:
keyid:12:B8:7C:6C:AF:81:DE:36:25:FE:1C:E0:55:9F:39:E3:05:05:A0:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Erh8bK-B3jYl_hzgVZ854wUFoFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/e2934c-053a-4b97-aa2a-62808bbbdd21/1/vv3CReJV7LkCDD7lq-2ePD1bHSw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/e2934c-053a-4b97-aa2a-62808bbbdd21/1/Erh8bK-B3jYl_hzgVZ854wUFoFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.238.216.0/24
Signature Algorithm: sha256WithRSAEncryption
22:0f:ff:de:64:90:fa:0f:a6:19:76:93:0f:dd:59:cd:14:9f:
6f:81:84:9b:9a:ef:6d:82:80:3b:57:75:f2:c4:52:c7:34:77:
e4:c4:90:32:1e:2d:29:fc:98:c2:a3:66:0f:6a:5e:6e:67:ea:
1a:e7:e9:70:7e:12:ed:cd:7d:3c:ff:a3:89:61:28:0b:71:bc:
da:55:56:1c:43:5f:02:9c:52:78:ca:35:66:6b:d6:34:6b:d8:
45:b3:33:e9:a1:d7:41:88:00:88:9a:05:6f:57:4f:65:9a:85:
c5:62:2a:08:e5:2b:c7:3c:0c:c2:dd:e1:25:fb:40:cf:7b:2c:
0f:05:ca:33:8c:24:68:93:d7:8d:54:77:7e:9a:51:32:c8:1b:
db:f1:91:aa:b6:7b:95:5e:1c:c0:86:78:63:77:a8:2d:c5:ce:
55:e3:5f:5d:64:c4:95:ca:d5:9c:68:0c:6b:c7:b5:29:58:83:
22:a0:89:04:cf:4d:f6:25:4f:85:65:fa:14:e3:fd:c0:5c:d2:
03:df:87:7c:03:ca:ec:93:1b:bc:08:e4:40:e2:19:e7:17:a4:
e7:df:06:a6:1c:84:06:7a:33:ea:9b:ea:34:58:72:16:18:52:
80:6a:d0:5d:1d:80:a4:f8:39:d8:14:dc:4a:ce:5d:30:fc:1f:
79:68:c4:fd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ2aZsjrnpuxHWL1FzoDjtZSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyYjg3YzZjYWY4MWRlMzYyNWZlMWNlMDU1OWYzOWUzMDUw
NWEwNTEwHhcNMjYwNDE3MDc0NTIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWZkYzI0NWUyNTVlY2I5MDIwYzNlZTVhYmVkOWUzYzNkNWIxZDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwC10dSNmUMt9pVHwQRIDA1H7NrSN
aVVNPmv3REbiITK03eADCoepopBPtSRpGv/TiXf8MEdSU3KQgppxbHYojApz4xWN
hXiLPywFvYfUJ5hHTYDhMqxBN2/L/y5CM4G1mrFTzd7/HinxBGhDvvAz6s78OoTV
raA2n/64c/bAozHzs5MzwzadudtwK8EUZK72zBt+7PPSqRhKvv+d+WFBY0JXE4Q0
M8AiS2S0UNEbpdPLN3CgqeUWu77x0h+bzJdGJn9r3JYJt4i9EFjwKCI6d5dil6d6
Q8ibLwQlGFlvm3PDKbn6rxBBRSfDGBJIQb5YBIA7kGUGW7LVqcM/vhHCWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL79wkXiVey5Agw+5avtnjw9Wx0sMB8GA1UdIwQY
MBaAFBK4fGyvgd42Jf4c4FWfOeMFBaBRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXJoOGJLLUIzallsX2h6Z1ZaODU0d1VGb0ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy9lMjkzNGMtMDUzYS00Yjk3LWFhMmEt
NjI4MDhiYmJkZDIxLzEvdnYzQ1JlSlY3TGtDREQ3bHEtMmVQRDFiSFN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy9lMjkzNGMtMDUzYS00Yjk3LWFhMmEtNjI4MDhiYmJkZDIx
LzEvRXJoOGJLLUIzallsX2h6Z1ZaODU0d1VGb0ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAue7YMA0G
CSqGSIb3DQEBCwUAA4IBAQAiD//eZJD6D6YZdpMP3VnNFJ9vgYSbmu9tgoA7V3Xy
xFLHNHfkxJAyHi0p/JjCo2YPal5uZ+oa5+lwfhLtzX08/6OJYSgLcbzaVVYcQ18C
nFJ4yjVma9Y0a9hFszPpoddBiACImgVvV09lmoXFYioI5SvHPAzC3eEl+0DPeywP
BcozjCRok9eNVHd+mlEyyBvb8ZGqtnuVXhzAhnhjd6gtxc5V419dZMSVytWcaAxr
x7UpWIMioIkEz032JU+FZfoU4/3AXNID34d8A8rskxu8CORA4hnnF6Tn3wamHIQG
ejPqm+o0WHIWGFKAatBdHYCk+DnYFNxKzl0w/B95aMT9
-----END CERTIFICATE-----
Generated at Fri Apr 17 19:51:35 2026 by rpki-client