Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/YQbYw6Sjmkcw-PriLMboyD5oqpw.roa
File: YQbYw6Sjmkcw-PriLMboyD5oqpw.roa (raw, json)
Hash identifier: CkYZCmTjK5M/pzRV8HfyxOUnPPJDXjvEalR82dcl+Lg=
Subject key identifier: 61:06:D8:C3:A4:A3:9A:47:30:F8:FA:E2:2C:C6:E8:C8:3E:68:AA:9C
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 019EA629151851939D80C4F30E0CFDF3E238
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/YQbYw6Sjmkcw-PriLMboyD5oqpw.roa
Signing time: Mon 08 Jun 2026 07:36:10 +0000
ROA not before: Mon 08 Jun 2026 07:36:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 63099
IP address blocks: 87.229.108.0/24 maxlen: 24
87.229.112.0/24 maxlen: 24
87.229.124.0/24 maxlen: 24
87.229.125.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.mft
rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:a6:29:15:18:51:93:9d:80:c4:f3:0e:0c:fd:f3:e2:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Jun 8 07:36:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6106d8c3a4a39a4730f8fae22cc6e8c83e68aa9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:be:e3:3a:d4:d1:8b:76:0d:42:6f:05:c5:f1:
c3:a8:94:8e:98:b5:4b:8d:4e:92:f9:ac:df:a3:a6:
51:93:b6:e6:57:1d:42:17:38:1b:32:a1:7b:ec:84:
47:7f:a2:63:b3:c2:86:23:4c:9f:fb:d4:5a:67:a7:
02:6b:db:5b:68:b5:c5:98:2e:fa:23:f9:75:1f:80:
54:86:31:81:12:0a:c2:af:ef:6f:67:6b:37:bb:38:
30:27:ab:5d:df:b7:95:6b:e7:d9:3c:77:bb:f5:cd:
2c:80:e0:4c:a9:83:22:9e:38:c1:61:88:92:e2:c5:
08:90:03:e5:77:08:72:ba:33:00:5d:fb:9e:6b:75:
29:10:1d:2a:74:77:f2:8e:ed:58:22:6a:fb:42:6d:
2b:c2:6e:10:93:4d:ef:b4:1a:ac:86:12:aa:d9:55:
ba:39:db:af:d7:fd:d7:e0:95:82:d0:58:90:cc:bc:
2b:90:da:fe:8e:5e:e9:67:62:89:0a:98:92:71:0b:
f2:40:af:dd:9b:37:9f:54:85:16:b9:8e:50:38:18:
05:e6:a5:3f:b3:5f:42:a4:7d:76:0c:49:a3:11:a9:
9c:d8:8d:f5:67:e2:5c:9d:b7:13:97:37:a4:c3:f7:
53:6b:8f:f8:d6:8b:ef:ad:41:68:7c:ac:26:cc:f8:
21:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:06:D8:C3:A4:A3:9A:47:30:F8:FA:E2:2C:C6:E8:C8:3E:68:AA:9C
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/YQbYw6Sjmkcw-PriLMboyD5oqpw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.229.108.0/24
87.229.112.0/24
87.229.124.0/23
Signature Algorithm: sha256WithRSAEncryption
9d:e8:1f:2b:78:4c:85:ce:83:11:b1:9b:5c:06:75:31:e0:32:
d0:04:a1:72:7f:35:9c:fe:22:f8:06:a5:1e:6b:ab:74:0e:a3:
bf:88:36:2c:be:90:04:7f:67:bb:e0:3e:6d:ba:8f:59:45:5b:
f4:b5:73:94:82:48:5b:8f:07:3e:32:43:96:3e:f8:ac:24:12:
69:06:bf:21:4e:00:b8:15:a1:6e:05:eb:96:86:fc:1e:67:ce:
73:6f:92:1c:d6:d0:a5:a3:5f:85:11:ed:08:b0:a8:f0:6c:66:
50:79:06:0e:44:ad:dd:0d:98:d8:4d:5a:1a:37:7b:46:87:c0:
65:59:10:f3:25:33:02:06:e2:21:6e:01:dd:06:52:d9:fb:99:
85:00:8f:5b:20:a8:ec:7a:d0:ec:80:71:a7:4c:ff:5a:15:fa:
77:5b:4e:46:06:57:f2:6e:77:34:d3:e0:21:69:9d:72:ac:19:
6e:b1:a4:43:bc:66:49:8f:bf:51:11:d3:bc:1e:00:54:4d:35:
f4:71:09:05:5f:c1:63:c6:ef:ef:3c:a6:ee:a3:3c:39:c4:c7:
2d:d5:f1:d5:f1:22:64:5c:21:1e:63:ef:15:e6:f8:e2:23:90:
1f:49:fb:47:de:ab:91:9a:a8:2c:56:46:41:d5:b2:d8:7f:2a:
2b:58:e3:ed
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZ6mKRUYUZOdgMTzDgz98+I4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjYwNjA4MDczNjEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTA2ZDhjM2E0YTM5YTQ3MzBmOGZhZTIyY2M2ZThjODNlNjhhYTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwL7jOtTRi3YNQm8FxfHDqJSOmLVL
jU6S+azfo6ZRk7bmVx1CFzgbMqF77IRHf6Jjs8KGI0yf+9RaZ6cCa9tbaLXFmC76
I/l1H4BUhjGBEgrCr+9vZ2s3uzgwJ6td37eVa+fZPHe79c0sgOBMqYMinjjBYYiS
4sUIkAPldwhyujMAXfuea3UpEB0qdHfyju1YImr7Qm0rwm4Qk03vtBqshhKq2VW6
Oduv1/3X4JWC0FiQzLwrkNr+jl7pZ2KJCpiScQvyQK/dmzefVIUWuY5QOBgF5qU/
s19CpH12DEmjEamc2I31Z+JcnbcTlzekw/dTa4/41ovvrUFofKwmzPghNQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGEG2MOko5pHMPj64izG6Mg+aKqcMB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvWVFiWXc2U2pta2N3LVByaUxNYm95RDVvcXB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAV+VsAwQA
V+VwAwQBV+V8MA0GCSqGSIb3DQEBCwUAA4IBAQCd6B8reEyFzoMRsZtcBnUx4DLQ
BKFyfzWc/iL4BqUea6t0DqO/iDYsvpAEf2e74D5tuo9ZRVv0tXOUgkhbjwc+MkOW
PvisJBJpBr8hTgC4FaFuBeuWhvweZ85zb5Ic1tClo1+FEe0IsKjwbGZQeQYORK3d
DZjYTVoaN3tGh8BlWRDzJTMCBuIhbgHdBlLZ+5mFAI9bIKjsetDsgHGnTP9aFfp3
W05GBlfybnc00+AhaZ1yrBlusaRDvGZJj79REdO8HgBUTTX0cQkFX8Fjxu/vPKbu
ozw5xMct1fHV8SJkXCEeY+8V5vjiI5AfSftH3quRmqgsVkZB1bLYfyorWOPt
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:04:59 2026 by rpki-client