Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/ca0228-57ee-4f65-962f-35d0595e12f0/1/rqIaBu_TAw0bkjfVmzHhGlXj0S4.roa
File: rqIaBu_TAw0bkjfVmzHhGlXj0S4.roa (raw, json)
Hash identifier: h/QS/PS2X88hf1VBWzWKesx3zaUoQHRuabe3HvKirCc=
Subject key identifier: AE:A2:1A:06:EF:D3:03:0D:1B:92:37:D5:9B:31:E1:1A:55:E3:D1:2E
Certificate issuer: /CN=63883a79789d9f65815292f18d4980ba9c5ed221
Certificate serial: 019EA92DCD19CC2AA77D7C7BA605835C96E2
Authority key identifier: 63:88:3A:79:78:9D:9F:65:81:52:92:F1:8D:49:80:BA:9C:5E:D2:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y4g6eXidn2WBUpLxjUmAupxe0iE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/ca0228-57ee-4f65-962f-35d0595e12f0/1/rqIaBu_TAw0bkjfVmzHhGlXj0S4.roa
Signing time: Mon 08 Jun 2026 21:40:11 +0000
ROA not before: Mon 08 Jun 2026 21:40:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 262287
IP address blocks: 152.236.10.0/24 maxlen: 24
152.236.13.0/24 maxlen: 24
152.236.19.0/24 maxlen: 24
152.236.22.0/24 maxlen: 24
152.236.23.0/24 maxlen: 24
152.236.29.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/ca0228-57ee-4f65-962f-35d0595e12f0/1/Y4g6eXidn2WBUpLxjUmAupxe0iE.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/ca0228-57ee-4f65-962f-35d0595e12f0/1/Y4g6eXidn2WBUpLxjUmAupxe0iE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y4g6eXidn2WBUpLxjUmAupxe0iE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 17:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:a9:2d:cd:19:cc:2a:a7:7d:7c:7b:a6:05:83:5c:96:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63883a79789d9f65815292f18d4980ba9c5ed221
Validity
Not Before: Jun 8 21:40:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=aea21a06efd3030d1b9237d59b31e11a55e3d12e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:4e:33:16:3e:cb:b1:63:40:4d:33:e5:f5:9a:
ce:be:41:79:00:bb:1e:a3:91:4b:68:cf:09:2f:02:
df:32:c4:77:cf:48:c1:a0:e8:7a:15:3f:48:03:12:
da:91:07:3f:e3:87:5b:01:c4:53:fa:9d:09:73:73:
08:4c:d8:b2:58:1a:99:4d:bb:94:e8:2c:ce:80:3b:
40:1c:ed:59:ee:0f:a2:b8:d2:e1:c2:12:bb:6f:10:
ea:57:4f:6e:0a:bc:88:12:ee:bf:0e:41:55:4b:bb:
61:ef:cb:7f:65:b3:dc:87:ce:a9:70:95:1f:ed:84:
85:8e:e1:ba:ee:aa:fd:30:c7:b5:86:c0:bd:19:04:
45:05:a1:0a:99:46:77:71:1a:9e:24:03:3a:bd:3f:
d7:d4:61:d0:e6:d7:61:49:e5:65:c0:8b:e7:df:91:
3a:06:f9:1e:66:dd:a9:a9:06:14:7d:2f:43:df:94:
31:25:f9:7f:55:2a:cb:ac:d8:6a:23:95:29:60:db:
e8:ce:5c:50:11:a0:db:ea:b3:67:88:30:59:09:7e:
93:f1:ad:4e:59:da:4a:a8:ac:c4:b5:5f:6f:ec:7c:
41:64:42:0c:2e:b1:42:08:90:4b:66:a4:80:3a:c1:
10:c1:93:8a:f0:5e:c6:0f:59:5f:52:d3:f4:68:c1:
f3:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:A2:1A:06:EF:D3:03:0D:1B:92:37:D5:9B:31:E1:1A:55:E3:D1:2E
X509v3 Authority Key Identifier:
keyid:63:88:3A:79:78:9D:9F:65:81:52:92:F1:8D:49:80:BA:9C:5E:D2:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y4g6eXidn2WBUpLxjUmAupxe0iE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/ca0228-57ee-4f65-962f-35d0595e12f0/1/rqIaBu_TAw0bkjfVmzHhGlXj0S4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/ca0228-57ee-4f65-962f-35d0595e12f0/1/Y4g6eXidn2WBUpLxjUmAupxe0iE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.236.10.0/24
152.236.13.0/24
152.236.19.0/24
152.236.22.0/23
152.236.29.0/24
Signature Algorithm: sha256WithRSAEncryption
62:1d:f2:23:cb:d7:79:e8:11:23:6c:5e:32:a1:66:df:e0:90:
3f:ed:67:ae:b2:c5:75:c1:8d:3b:3c:86:6f:92:58:59:25:7f:
e0:a8:e1:7c:61:4c:7b:0a:88:6f:db:5e:36:9b:fd:4d:e1:65:
e2:65:f0:42:44:e6:83:60:05:83:b7:3f:34:b3:70:2a:b9:43:
41:1b:e8:14:c3:f6:af:9e:d7:52:ce:5b:39:8a:b1:28:7e:16:
66:33:ef:66:2a:8b:5e:5e:00:58:5e:2e:19:cf:b9:3c:ec:0a:
c4:a8:2c:79:37:74:4a:f5:e3:53:44:e8:bf:df:4c:8b:b2:8c:
90:8c:80:b8:e8:fb:8b:77:f8:d1:5c:34:6e:51:83:ff:df:4e:
a5:74:3c:8e:1b:7e:23:d4:26:95:db:bb:93:d3:8d:6a:5d:4e:
6d:c0:f3:ad:b2:e0:90:03:0a:9f:db:24:15:54:d7:82:e3:32:
70:c3:b8:59:bd:7f:70:c0:46:af:28:ec:16:bb:26:58:b5:b0:
f0:94:7c:a8:62:d4:8a:3f:a7:82:5c:c7:c2:85:e9:36:cb:5c:
bb:03:ff:68:1f:73:f4:53:de:45:be:45:7f:08:2a:8b:18:6a:
d1:2e:c8:c1:ff:c7:c7:01:0f:30:91:e4:ef:24:7c:9e:94:52:
e0:6c:d0:7b
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ6pLc0ZzCqnfXx7pgWDXJbiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzODgzYTc5Nzg5ZDlmNjU4MTUyOTJmMThkNDk4MGJhOWM1
ZWQyMjEwHhcNMjYwNjA4MjE0MDExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWEyMWEwNmVmZDMwMzBkMWI5MjM3ZDU5YjMxZTExYTU1ZTNkMTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArU4zFj7LsWNATTPl9ZrOvkF5ALse
o5FLaM8JLwLfMsR3z0jBoOh6FT9IAxLakQc/44dbAcRT+p0Jc3MITNiyWBqZTbuU
6CzOgDtAHO1Z7g+iuNLhwhK7bxDqV09uCryIEu6/DkFVS7th78t/ZbPch86pcJUf
7YSFjuG67qr9MMe1hsC9GQRFBaEKmUZ3cRqeJAM6vT/X1GHQ5tdhSeVlwIvn35E6
BvkeZt2pqQYUfS9D35QxJfl/VSrLrNhqI5UpYNvozlxQEaDb6rNniDBZCX6T8a1O
WdpKqKzEtV9v7HxBZEIMLrFCCJBLZqSAOsEQwZOK8F7GD1lfUtP0aMHzWwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFK6iGgbv0wMNG5I31Zsx4RpV49EuMB8GA1UdIwQY
MBaAFGOIOnl4nZ9lgVKS8Y1JgLqcXtIhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTRnNmVYaWRuMldCVXBMeGpVbUF1cHhlMGlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9jYTAyMjgtNTdlZS00ZjY1LTk2MmYt
MzVkMDU5NWUxMmYwLzEvcnFJYUJ1X1RBdzBia2pmVm16SGhHbFhqMFM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9jYTAyMjgtNTdlZS00ZjY1LTk2MmYtMzVkMDU5NWUxMmYw
LzEvWTRnNmVYaWRuMldCVXBMeGpVbUF1cHhlMGlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAmOwKAwQA
mOwNAwQAmOwTAwQBmOwWAwQAmOwdMA0GCSqGSIb3DQEBCwUAA4IBAQBiHfIjy9d5
6BEjbF4yoWbf4JA/7WeussV1wY07PIZvklhZJX/gqOF8YUx7Cohv2142m/1N4WXi
ZfBCROaDYAWDtz80s3AquUNBG+gUw/avntdSzls5irEofhZmM+9mKoteXgBYXi4Z
z7k87ArEqCx5N3RK9eNTROi/30yLsoyQjIC46PuLd/jRXDRuUYP/306ldDyOG34j
1CaV27uT041qXU5twPOtsuCQAwqf2yQVVNeC4zJww7hZvX9wwEavKOwWuyZYtbDw
lHyoYtSKP6eCXMfChek2y1y7A/9oH3P0U95FvkV/CCqLGGrRLsjB/8fHAQ8wkeTv
JHyelFLgbNB7
-----END CERTIFICATE-----
Generated at Sat Jun 13 21:53:17 2026 by rpki-client