Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/0c7243-1ffb-49d2-b5c1-b402e8a1d934/1/S011qoZgUr3TdXed9KAGGlppxpI.roa
File: S011qoZgUr3TdXed9KAGGlppxpI.roa (raw, json)
Hash identifier: 4dkyy7vE9sYAnGtx1tZpzgZa+OvFsz74uGbm0kgHTFI=
Subject key identifier: 4B:4D:75:AA:86:60:52:BD:D3:75:77:9D:F4:A0:06:1A:5A:69:C6:92
Certificate issuer: /CN=7fe0e759354e83cc19320381109de22da0f1a700
Certificate serial: 019E8ED42C64F2218A332F1CE177AF08D5F4
Authority key identifier: 7F:E0:E7:59:35:4E:83:CC:19:32:03:81:10:9D:E2:2D:A0:F1:A7:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f-DnWTVOg8wZMgOBEJ3iLaDxpwA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/0c7243-1ffb-49d2-b5c1-b402e8a1d934/1/S011qoZgUr3TdXed9KAGGlppxpI.roa
Signing time: Wed 03 Jun 2026 18:52:10 +0000
ROA not before: Wed 03 Jun 2026 18:52:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 49814
IP address blocks: 31.24.24.0/21 maxlen: 21
80.72.212.0/23 maxlen: 23
91.226.73.0/24 maxlen: 24
176.65.32.0/19 maxlen: 19
2a00:9700::/32 maxlen: 32
2a00:9700::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/0c7243-1ffb-49d2-b5c1-b402e8a1d934/1/f-DnWTVOg8wZMgOBEJ3iLaDxpwA.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/0c7243-1ffb-49d2-b5c1-b402e8a1d934/1/f-DnWTVOg8wZMgOBEJ3iLaDxpwA.mft
rsync://rpki.ripe.net/repository/DEFAULT/f-DnWTVOg8wZMgOBEJ3iLaDxpwA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 15 Jun 2026 04:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:8e:d4:2c:64:f2:21:8a:33:2f:1c:e1:77:af:08:d5:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7fe0e759354e83cc19320381109de22da0f1a700
Validity
Not Before: Jun 3 18:52:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4b4d75aa866052bdd375779df4a0061a5a69c692
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:4a:07:ad:2d:5d:0b:a2:56:31:10:d8:c0:54:
b2:4d:9d:2b:8e:90:92:eb:b0:b8:ac:b5:12:b8:92:
24:2a:52:6f:61:9b:ba:d6:a6:07:e4:e1:62:82:32:
ee:7c:d7:2c:84:5f:63:69:20:ed:98:d9:15:b5:1f:
66:8f:ff:37:8f:ea:f4:68:d1:5c:5a:99:ad:ad:13:
75:09:e1:5e:8f:fa:27:61:5b:0d:da:35:f3:30:a9:
4b:2a:7e:0f:fe:b9:0f:c4:09:71:64:22:e7:fe:67:
65:5b:49:ca:b5:4d:eb:e7:37:03:66:0c:1b:f5:cd:
9d:d8:4d:70:0d:03:83:7b:d5:b0:8a:fd:18:38:3c:
57:5f:f4:72:4a:0e:59:5c:a1:0d:d4:d4:b2:c4:78:
2b:72:f5:db:e4:50:77:e8:31:87:ce:9c:03:11:e5:
a0:cc:e5:1a:66:2e:0c:1e:b9:c9:9a:82:6b:df:85:
65:f2:6b:e4:68:4a:c1:31:ff:84:2c:86:7c:8f:6f:
e6:05:91:55:7a:85:33:40:16:ba:96:dd:d0:af:34:
7a:8b:37:6b:16:e3:ec:6e:2f:fa:0e:28:b1:57:8c:
e3:73:23:53:ef:81:d2:39:58:62:12:8f:ea:32:f4:
34:05:cf:3f:02:39:2a:32:52:94:84:35:14:cb:89:
3a:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:4D:75:AA:86:60:52:BD:D3:75:77:9D:F4:A0:06:1A:5A:69:C6:92
X509v3 Authority Key Identifier:
keyid:7F:E0:E7:59:35:4E:83:CC:19:32:03:81:10:9D:E2:2D:A0:F1:A7:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f-DnWTVOg8wZMgOBEJ3iLaDxpwA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/0c7243-1ffb-49d2-b5c1-b402e8a1d934/1/S011qoZgUr3TdXed9KAGGlppxpI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/0c7243-1ffb-49d2-b5c1-b402e8a1d934/1/f-DnWTVOg8wZMgOBEJ3iLaDxpwA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.24.0/21
80.72.212.0/23
91.226.73.0/24
176.65.32.0/19
IPv6:
2a00:9700::/32
Signature Algorithm: sha256WithRSAEncryption
59:26:72:b2:c5:c8:f1:fa:85:49:13:08:51:b6:9a:87:d9:f0:
52:6b:f9:bd:9b:f5:7c:74:74:6e:02:86:c9:8e:71:5d:e4:cd:
1f:1a:81:63:fc:01:86:ab:9d:4d:32:be:45:2c:d2:87:3f:90:
46:b3:67:bc:bc:2b:02:61:63:04:56:23:ce:be:7b:7d:2d:cd:
7a:f8:8f:0c:50:89:02:2f:19:2b:e9:39:ff:14:ee:98:82:c1:
31:4b:cd:6b:78:ce:c9:4f:bc:2a:ae:f7:ea:0c:35:3b:3f:be:
c4:9c:d1:ed:74:f4:3d:59:64:35:f8:53:e7:52:c2:c1:7b:46:
7a:24:31:8b:54:8e:12:02:4b:74:82:05:8e:f7:c8:3f:89:67:
7e:c9:06:60:09:00:22:9f:1a:39:40:36:02:ab:93:3d:76:fd:
c1:e4:6d:97:b4:4f:d5:ad:ec:46:2f:cb:cd:21:8c:8c:46:18:
d4:a8:28:88:3b:9f:da:ea:56:64:29:94:d9:3e:5c:8b:2e:18:
62:ee:bd:45:ee:53:db:ad:40:00:bd:84:1b:5d:b6:f5:3b:14:
82:00:44:31:02:cf:68:ad:98:f9:9a:8f:c3:61:45:c6:44:f4:
20:92:5a:34:85:aa:94:6a:65:cb:95:94:df:9b:c5:db:bd:fd:
60:5a:83:ef
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZ6O1Cxk8iGKMy8c4XevCNX0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmZTBlNzU5MzU0ZTgzY2MxOTMyMDM4MTEwOWRlMjJkYTBm
MWE3MDAwHhcNMjYwNjAzMTg1MjEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjRkNzVhYTg2NjA1MmJkZDM3NTc3OWRmNGEwMDYxYTVhNjljNjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0koHrS1dC6JWMRDYwFSyTZ0rjpCS
67C4rLUSuJIkKlJvYZu61qYH5OFigjLufNcshF9jaSDtmNkVtR9mj/83j+r0aNFc
WpmtrRN1CeFej/onYVsN2jXzMKlLKn4P/rkPxAlxZCLn/mdlW0nKtU3r5zcDZgwb
9c2d2E1wDQODe9Wwiv0YODxXX/RySg5ZXKEN1NSyxHgrcvXb5FB36DGHzpwDEeWg
zOUaZi4MHrnJmoJr34Vl8mvkaErBMf+ELIZ8j2/mBZFVeoUzQBa6lt3QrzR6izdr
FuPsbi/6DiixV4zjcyNT74HSOVhiEo/qMvQ0Bc8/AjkqMlKUhDUUy4k6uwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFEtNdaqGYFK903V3nfSgBhpaacaSMB8GA1UdIwQY
MBaAFH/g51k1ToPMGTIDgRCd4i2g8acAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZi1EbldUVk9nOHdaTWdPQkVKM2lMYUR4cHdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8wYzcyNDMtMWZmYi00OWQyLWI1YzEt
YjQwMmU4YTFkOTM0LzEvUzAxMXFvWmdVcjNUZFhlZDlLQUdHbHBweHBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8wYzcyNDMtMWZmYi00OWQyLWI1YzEtYjQwMmU4YTFkOTM0
LzEvZi1EbldUVk9nOHdaTWdPQkVKM2lMYUR4cHdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDHxgYAwQB
UEjUAwQAW+JJAwQFsEEgMA0EAgACMAcDBQAqAJcAMA0GCSqGSIb3DQEBCwUAA4IB
AQBZJnKyxcjx+oVJEwhRtpqH2fBSa/m9m/V8dHRuAobJjnFd5M0fGoFj/AGGq51N
Mr5FLNKHP5BGs2e8vCsCYWMEViPOvnt9Lc16+I8MUIkCLxkr6Tn/FO6YgsExS81r
eM7JT7wqrvfqDDU7P77EnNHtdPQ9WWQ1+FPnUsLBe0Z6JDGLVI4SAkt0ggWO98g/
iWd+yQZgCQAinxo5QDYCq5M9dv3B5G2XtE/VrexGL8vNIYyMRhjUqCiIO5/a6lZk
KZTZPlyLLhhi7r1F7lPbrUAAvYQbXbb1OxSCAEQxAs9orZj5mo/DYUXGRPQgklo0
haqUamXLlZTfm8Xbvf1gWoPv
-----END CERTIFICATE-----
Generated at Sun Jun 14 13:24:48 2026 by rpki-client