Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/s5heQ19LizKGGfMDqK5Iq5EUCS8.roa
File: s5heQ19LizKGGfMDqK5Iq5EUCS8.roa (raw, json)
Hash identifier: 3YsMiK/Tzw6pZesf/Yk4bL7YB+iCygnfpI53A+Wi7eo=
Subject key identifier: B3:98:5E:43:5F:4B:8B:32:86:19:F3:03:A8:AE:48:AB:91:14:09:2F
Certificate issuer: /CN=626a28b7c63ef6ab214a52cfa7c3e78db9a40823
Certificate serial: 019D8F9723E62FDF741E4D3747C1CB3A9817
Authority key identifier: 62:6A:28:B7:C6:3E:F6:AB:21:4A:52:CF:A7:C3:E7:8D:B9:A4:08:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ymoot8Y-9qshSlLPp8PnjbmkCCM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/s5heQ19LizKGGfMDqK5Iq5EUCS8.roa
Signing time: Wed 15 Apr 2026 05:22:20 +0000
ROA not before: Wed 15 Apr 2026 05:22:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 206092
IP address blocks: 158.173.77.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/Ymoot8Y-9qshSlLPp8PnjbmkCCM.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/Ymoot8Y-9qshSlLPp8PnjbmkCCM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ymoot8Y-9qshSlLPp8PnjbmkCCM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:8f:97:23:e6:2f:df:74:1e:4d:37:47:c1:cb:3a:98:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=626a28b7c63ef6ab214a52cfa7c3e78db9a40823
Validity
Not Before: Apr 15 05:22:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b3985e435f4b8b328619f303a8ae48ab9114092f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:80:d0:d0:4d:f2:63:64:2e:5b:ac:53:71:43:
7f:9b:54:c7:56:d0:c5:9a:cf:65:be:cc:26:2d:4f:
5c:ac:c3:ea:8f:7b:61:f5:df:fd:6f:22:89:48:8f:
ee:fb:44:97:83:db:9c:0d:0b:89:50:57:3c:de:c9:
9b:53:5d:30:d0:ce:2c:bc:39:39:e8:56:a5:ff:f2:
28:64:60:ae:ed:f1:39:4a:38:1e:c4:ac:61:3e:18:
de:6d:28:06:98:66:a1:f1:cf:b9:81:27:e7:8f:4d:
57:16:45:c3:2a:db:44:07:62:26:48:4e:b6:5f:24:
54:28:7b:c1:6e:49:d6:94:00:d0:bf:a9:71:93:4d:
ff:cd:73:eb:e3:01:06:bd:83:87:2f:f4:62:47:c1:
43:9d:32:74:9c:a7:9b:c5:d9:5f:68:55:0f:9a:fc:
77:3b:58:e1:b1:67:8e:ec:f0:7e:04:69:60:08:c2:
c5:bb:31:1f:1f:a4:4e:b2:3b:41:fb:16:14:d4:c2:
75:e8:06:fb:cc:69:2b:ee:15:b6:21:12:f2:b8:54:
1d:6f:ea:9b:44:ae:f7:84:fc:fc:da:be:f0:8a:2d:
1a:c2:27:7b:c0:b1:32:7f:00:76:b8:1d:d8:c2:67:
bf:54:89:0d:56:a7:a5:26:78:d1:29:14:cf:50:6a:
17:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:98:5E:43:5F:4B:8B:32:86:19:F3:03:A8:AE:48:AB:91:14:09:2F
X509v3 Authority Key Identifier:
keyid:62:6A:28:B7:C6:3E:F6:AB:21:4A:52:CF:A7:C3:E7:8D:B9:A4:08:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ymoot8Y-9qshSlLPp8PnjbmkCCM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/s5heQ19LizKGGfMDqK5Iq5EUCS8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/Ymoot8Y-9qshSlLPp8PnjbmkCCM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.173.77.0/24
Signature Algorithm: sha256WithRSAEncryption
07:ea:7e:e3:9f:e4:00:fb:03:29:95:d6:d3:22:f1:ed:f4:46:
c2:3c:a9:4f:2e:3e:c8:f3:fe:47:8f:cc:e9:eb:e4:fc:a9:ba:
25:3d:a6:33:d6:36:9e:68:f0:91:2d:05:5e:99:46:f4:7a:21:
71:25:61:f4:df:58:43:4e:8d:a8:d9:b7:dd:bb:ea:22:eb:92:
dd:5e:a0:60:a3:8b:3f:a7:2f:f1:03:52:7a:77:ea:6e:a1:37:
93:4d:3f:7c:76:ab:59:3b:70:e7:4d:5b:ec:90:98:ca:6e:4c:
71:5d:cb:4f:8e:37:20:06:46:d7:44:d1:7c:df:a8:6b:05:ec:
42:16:9e:19:84:44:5e:95:07:13:a3:13:ac:bd:13:1b:5a:fa:
5c:5b:1f:9b:19:4b:23:ec:60:6a:51:db:01:35:dc:e3:0c:1b:
77:54:cd:36:1d:5f:ec:9f:88:1f:af:39:1c:00:4f:dd:cf:ed:
b9:66:cb:80:63:ee:f6:fc:a6:d7:90:d2:d0:14:5e:db:6a:41:
0c:2b:a6:59:22:22:b2:67:89:37:25:46:39:67:f0:d2:fd:14:
a6:cb:f2:e2:c1:9b:20:e2:96:de:3c:06:1d:71:ed:56:c1:b5:
bf:4c:17:0d:91:89:39:73:f5:d0:bb:20:0b:19:af:4a:1b:5b:
3d:c6:68:63
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ2PlyPmL990Hk03R8HLOpgXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNmEyOGI3YzYzZWY2YWIyMTRhNTJjZmE3YzNlNzhkYjlh
NDA4MjMwHhcNMjYwNDE1MDUyMjIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzk4NWU0MzVmNGI4YjMyODYxOWYzMDNhOGFlNDhhYjkxMTQwOTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2IDQ0E3yY2QuW6xTcUN/m1THVtDF
ms9lvswmLU9crMPqj3th9d/9byKJSI/u+0SXg9ucDQuJUFc83smbU10w0M4svDk5
6Fal//IoZGCu7fE5SjgexKxhPhjebSgGmGah8c+5gSfnj01XFkXDKttEB2ImSE62
XyRUKHvBbknWlADQv6lxk03/zXPr4wEGvYOHL/RiR8FDnTJ0nKebxdlfaFUPmvx3
O1jhsWeO7PB+BGlgCMLFuzEfH6ROsjtB+xYU1MJ16Ab7zGkr7hW2IRLyuFQdb+qb
RK73hPz82r7wii0awid7wLEyfwB2uB3Ywme/VIkNVqelJnjRKRTPUGoXKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLOYXkNfS4syhhnzA6iuSKuRFAkvMB8GA1UdIwQY
MBaAFGJqKLfGPvarIUpSz6fD5425pAgjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWW1vb3Q4WS05cXNoU2xMUHA4UG5qYm1rQ0NNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS8zYzA3ODUtYjI3My00MDcyLWE2MzUt
ZDJjZDI2YjY5ZGYxLzEvczVoZVExOUxpektHR2ZNRHFLNUlxNUVVQ1M4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS8zYzA3ODUtYjI3My00MDcyLWE2MzUtZDJjZDI2YjY5ZGYx
LzEvWW1vb3Q4WS05cXNoU2xMUHA4UG5qYm1rQ0NNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnq1NMA0G
CSqGSIb3DQEBCwUAA4IBAQAH6n7jn+QA+wMpldbTIvHt9EbCPKlPLj7I8/5Hj8zp
6+T8qbolPaYz1jaeaPCRLQVemUb0eiFxJWH031hDTo2o2bfdu+oi65LdXqBgo4s/
py/xA1J6d+puoTeTTT98dqtZO3DnTVvskJjKbkxxXctPjjcgBkbXRNF836hrBexC
Fp4ZhERelQcToxOsvRMbWvpcWx+bGUsj7GBqUdsBNdzjDBt3VM02HV/sn4gfrzkc
AE/dz+25ZsuAY+72/KbXkNLQFF7bakEMK6ZZIiKyZ4k3JUY5Z/DS/RSmy/LiwZsg
4pbePAYdce1WwbW/TBcNkYk5c/XQuyALGa9KG1s9xmhj
-----END CERTIFICATE-----
Generated at Sun Apr 19 10:04:42 2026 by rpki-client