Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/UsyvIMzbpwCQaqi98UeXxjdxQJg.roa
File: UsyvIMzbpwCQaqi98UeXxjdxQJg.roa (raw, json)
Hash identifier: sJkdbS6hTBzgBfeTzou6A0lF/eVe4aXSvavthlsCze4=
Subject key identifier: 52:CC:AF:20:CC:DB:A7:00:90:6A:A8:BD:F1:47:97:C6:37:71:40:98
Certificate issuer: /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial: 019D579C7A796DCB521FB2AEAC24AA13DC77
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/UsyvIMzbpwCQaqi98UeXxjdxQJg.roa
Signing time: Sat 04 Apr 2026 08:29:25 +0000
ROA not before: Sat 04 Apr 2026 08:29:25 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 56486
IP address blocks: 37.202.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.mft
rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 Apr 2026 01:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:57:9c:7a:79:6d:cb:52:1f:b2:ae:ac:24:aa:13:dc:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
Validity
Not Before: Apr 4 08:29:25 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=52ccaf20ccdba700906aa8bdf14797c637714098
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:76:ce:ea:09:6d:d0:1b:34:0c:f6:9f:3b:cd:
71:4c:93:83:85:9e:a1:e9:8a:c5:23:c3:5b:7c:08:
ed:21:ef:30:e1:8c:1b:32:65:3a:53:31:78:88:d1:
41:74:5e:5f:bb:60:ca:08:38:c1:e5:1b:42:50:94:
0d:10:20:db:09:54:51:d5:47:2f:52:07:9b:49:f7:
1a:84:4f:16:5f:a5:7e:43:33:3b:e7:0b:98:0f:78:
4d:c4:e0:32:3e:a8:eb:2a:b4:63:65:75:ac:62:84:
4a:8f:8a:63:75:b5:22:51:32:66:cc:ba:a3:67:de:
c2:14:33:6e:76:2e:bf:b7:69:0d:58:e6:53:52:f3:
a8:95:03:77:e4:23:f0:25:93:d5:d0:9d:f7:42:ec:
58:cd:0a:05:b9:08:4c:79:35:43:a8:bc:2f:42:d0:
38:76:50:d7:ae:f6:ae:2b:df:4c:10:7c:a5:15:56:
44:0e:78:bf:5a:0a:80:63:bb:c1:85:c6:bd:0c:92:
5c:16:6e:e5:25:80:38:c9:a5:3c:4b:0a:ed:9f:27:
57:35:4d:bf:91:8d:68:a7:21:b3:08:fc:67:c5:69:
0e:3f:50:33:27:4a:bf:f8:6b:30:07:ac:a5:73:95:
74:58:87:3c:d7:89:38:c7:45:4a:f6:6d:0f:78:08:
12:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:CC:AF:20:CC:DB:A7:00:90:6A:A8:BD:F1:47:97:C6:37:71:40:98
X509v3 Authority Key Identifier:
keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/UsyvIMzbpwCQaqi98UeXxjdxQJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.243.0/24
Signature Algorithm: sha256WithRSAEncryption
43:b4:75:b2:df:a4:92:36:40:4e:19:bf:f0:9e:9e:ea:ec:64:
2a:ce:cc:e8:d0:47:8e:5a:44:29:94:34:96:eb:b5:d1:4c:11:
b8:79:16:a5:f8:28:d4:6f:1a:1b:28:5b:fb:57:fc:c1:d5:27:
9f:91:34:d5:ce:4c:0e:e0:98:9a:0d:cc:24:b8:f8:b6:a0:76:
0a:a3:57:bd:a9:cf:aa:7c:51:fc:02:67:74:ad:75:78:2d:1f:
34:f1:85:da:00:66:48:4b:2f:ba:28:3e:59:c8:2a:c7:c4:84:
e1:a1:94:1a:8f:6d:c2:67:04:d5:04:56:81:30:ef:5c:cc:ac:
21:8b:8d:67:62:f1:02:f1:e7:72:41:c7:57:a1:e6:24:39:6a:
32:75:4a:46:d6:4d:46:68:d6:41:13:b9:c0:2c:8e:48:83:18:
56:2e:5b:63:a8:13:2b:be:f7:93:2a:43:dc:a7:2a:fd:22:dd:
28:9d:62:5a:3c:4c:9d:3b:13:56:d6:ec:ca:3d:55:a0:71:15:
b3:ea:1e:8b:b5:ee:8c:c3:55:77:c6:b8:71:87:9a:10:9d:2e:
e3:73:d2:0f:b5:34:1c:91:45:05:08:05:4f:79:d4:2e:4e:6c:
32:41:a4:3b:65:8b:65:3b:62:42:24:5e:61:69:ad:ba:48:93:
28:88:04:e0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ1XnHp5bctSH7KurCSqE9x3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjQ5MTQ4OGE3Y2Q4NDQ4YTQyMDk0NTg3MWMwYjk5Njcy
ZGM2NmUwHhcNMjYwNDA0MDgyOTI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmNjYWYyMGNjZGJhNzAwOTA2YWE4YmRmMTQ3OTdjNjM3NzE0MDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6HbO6glt0Bs0DPafO81xTJODhZ6h
6YrFI8NbfAjtIe8w4YwbMmU6UzF4iNFBdF5fu2DKCDjB5RtCUJQNECDbCVRR1Ucv
UgebSfcahE8WX6V+QzM75wuYD3hNxOAyPqjrKrRjZXWsYoRKj4pjdbUiUTJmzLqj
Z97CFDNudi6/t2kNWOZTUvOolQN35CPwJZPV0J33QuxYzQoFuQhMeTVDqLwvQtA4
dlDXrvauK99MEHylFVZEDni/WgqAY7vBhca9DJJcFm7lJYA4yaU8SwrtnydXNU2/
kY1opyGzCPxnxWkOP1AzJ0q/+GswB6ylc5V0WIc814k4x0VK9m0PeAgSJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFLMryDM26cAkGqovfFHl8Y3cUCYMB8GA1UdIwQY
MBaAFK30kUiKfNhEikIJRYccC5lnLcZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQt
MGJlZTA2MTI2YjFhLzEvVXN5dklNemJwd0NRYXFpOThVZVh4amR4UUpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQtMGJlZTA2MTI2YjFh
LzEvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJcrzMA0G
CSqGSIb3DQEBCwUAA4IBAQBDtHWy36SSNkBOGb/wnp7q7GQqzszo0EeOWkQplDSW
67XRTBG4eRal+CjUbxobKFv7V/zB1SefkTTVzkwO4JiaDcwkuPi2oHYKo1e9qc+q
fFH8Amd0rXV4LR808YXaAGZISy+6KD5ZyCrHxIThoZQaj23CZwTVBFaBMO9czKwh
i41nYvEC8edyQcdXoeYkOWoydUpG1k1GaNZBE7nALI5IgxhWLltjqBMrvveTKkPc
pyr9It0onWJaPEydOxNW1uzKPVWgcRWz6h6Lte6Mw1V3xrhxh5oQnS7jc9IPtTQc
kUUFCAVPedQuTmwyQaQ7ZYtlO2JCJF5haa26SJMoiATg
-----END CERTIFICATE-----
Generated at Sat Apr 18 10:05:49 2026 by rpki-client