Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/8a734a-d2b8-411e-a557-50d6ba6aacb8/1/vQqnvARNn1FXtEGfZ3CHw5z70o0.roa
File: vQqnvARNn1FXtEGfZ3CHw5z70o0.roa (raw, json)
Hash identifier: +SKN+m/Zy5SnpDyhDQfSEvZM8oK3F3dFeyWqxYSrWok=
Subject key identifier: BD:0A:A7:BC:04:4D:9F:51:57:B4:41:9F:67:70:87:C3:9C:FB:D2:8D
Certificate issuer: /CN=560d1e89b4e742e69062a95d351deea96b5178fb
Certificate serial: 019C912F5F7892B7EB0FD80DCDF591D33C44
Authority key identifier: 56:0D:1E:89:B4:E7:42:E6:90:62:A9:5D:35:1D:EE:A9:6B:51:78:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vg0eibTnQuaQYqldNR3uqWtRePs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/8a734a-d2b8-411e-a557-50d6ba6aacb8/1/vQqnvARNn1FXtEGfZ3CHw5z70o0.roa
Signing time: Tue 24 Feb 2026 19:45:26 +0000
ROA not before: Tue 24 Feb 2026 19:45:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 36680
IP address blocks: 91.231.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/8a734a-d2b8-411e-a557-50d6ba6aacb8/1/Vg0eibTnQuaQYqldNR3uqWtRePs.crl
rsync://rpki.ripe.net/repository/DEFAULT/91/8a734a-d2b8-411e-a557-50d6ba6aacb8/1/Vg0eibTnQuaQYqldNR3uqWtRePs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Vg0eibTnQuaQYqldNR3uqWtRePs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:91:2f:5f:78:92:b7:eb:0f:d8:0d:cd:f5:91:d3:3c:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=560d1e89b4e742e69062a95d351deea96b5178fb
Validity
Not Before: Feb 24 19:45:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=bd0aa7bc044d9f5157b4419f677087c39cfbd28d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:ec:92:ef:4c:67:81:ab:13:99:e4:d2:6a:a7:
85:46:ef:f0:8a:0d:c7:35:a3:36:a8:ea:02:f2:93:
fc:b3:00:ff:96:0e:f7:59:d9:c1:34:97:ae:74:0d:
61:f7:ce:cb:d9:14:c5:88:8b:8b:3c:b9:03:ed:e2:
78:07:e9:05:be:56:35:2e:10:ce:a4:49:9c:b4:53:
00:9b:33:cf:d3:7a:4b:92:4b:fd:73:d2:f8:68:0a:
1a:7c:0d:4e:57:54:95:7b:b2:41:17:05:53:c0:64:
64:c3:de:cb:18:6b:8a:2f:fb:fd:47:a1:a5:99:71:
87:89:4c:d5:f1:b1:9e:f8:3b:f8:60:64:16:ca:b1:
4b:50:ba:d8:52:61:2e:4a:09:a3:13:bc:47:b7:af:
ca:23:82:fc:4c:06:24:cf:d6:04:0c:f9:4e:38:17:
95:0c:25:e8:24:58:de:4c:16:ae:1a:5f:67:83:27:
be:50:4a:d6:34:1f:38:65:b7:d3:19:04:f3:32:c6:
05:3a:e7:b9:eb:17:e5:22:85:19:4e:83:b0:40:c8:
bd:40:89:87:7f:0a:52:24:22:a8:e2:27:a9:1f:e7:
9e:04:92:10:9d:d1:7c:f7:3d:1b:bb:9a:f5:41:ec:
d9:9a:58:e3:0a:04:71:eb:78:91:3f:3e:1c:3c:56:
a9:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:0A:A7:BC:04:4D:9F:51:57:B4:41:9F:67:70:87:C3:9C:FB:D2:8D
X509v3 Authority Key Identifier:
keyid:56:0D:1E:89:B4:E7:42:E6:90:62:A9:5D:35:1D:EE:A9:6B:51:78:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vg0eibTnQuaQYqldNR3uqWtRePs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/8a734a-d2b8-411e-a557-50d6ba6aacb8/1/vQqnvARNn1FXtEGfZ3CHw5z70o0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/8a734a-d2b8-411e-a557-50d6ba6aacb8/1/Vg0eibTnQuaQYqldNR3uqWtRePs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.231.222.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:8e:cb:e3:e8:53:5f:44:7f:0f:39:2c:53:50:10:68:70:d1:
3d:43:44:5e:22:d9:0e:c4:79:11:c9:00:22:a1:3d:0c:97:47:
d2:6a:14:f8:b8:8e:2f:c7:4d:84:3c:2f:e2:92:17:69:01:0e:
ca:73:3d:1b:31:1b:55:49:03:71:c2:ec:f2:16:bb:53:cc:6c:
54:e7:b7:be:f8:03:dc:f5:d9:bc:52:07:aa:0e:59:a7:ab:f5:
5b:d0:94:b1:7f:6e:95:ba:71:cc:2c:e2:8e:0a:59:f2:98:c5:
95:2c:aa:c9:d8:e2:35:0d:38:55:0f:14:6d:65:ac:d5:f0:44:
76:b1:8d:49:fd:b9:2c:52:c7:00:f7:6d:4f:8e:ff:29:7d:80:
2f:58:9f:2b:97:6f:1a:ad:90:8e:83:f5:dd:78:ee:1c:95:f7:
83:ad:2c:91:c8:b7:0d:31:eb:7e:61:dc:c6:08:f8:ca:d8:db:
48:01:ac:a7:e0:d3:dc:eb:b3:31:0b:8e:07:a9:72:b4:b3:f0:
e4:46:cd:df:33:d8:aa:6f:1d:74:b9:23:32:c1:06:df:da:93:
0c:89:4f:23:19:21:07:79:58:64:08:4c:73:41:01:7d:9f:ad:
d7:5a:c2:ae:82:61:1e:d6:ca:a3:68:6d:c6:d9:be:b8:32:a3:
7b:00:64:92
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZyRL194krfrD9gNzfWR0zxEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2MGQxZTg5YjRlNzQyZTY5MDYyYTk1ZDM1MWRlZWE5NmI1
MTc4ZmIwHhcNMjYwMjI0MTk0NTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDBhYTdiYzA0NGQ5ZjUxNTdiNDQxOWY2NzcwODdjMzljZmJkMjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3uyS70xngasTmeTSaqeFRu/wig3H
NaM2qOoC8pP8swD/lg73WdnBNJeudA1h987L2RTFiIuLPLkD7eJ4B+kFvlY1LhDO
pEmctFMAmzPP03pLkkv9c9L4aAoafA1OV1SVe7JBFwVTwGRkw97LGGuKL/v9R6Gl
mXGHiUzV8bGe+Dv4YGQWyrFLULrYUmEuSgmjE7xHt6/KI4L8TAYkz9YEDPlOOBeV
DCXoJFjeTBauGl9ngye+UErWNB84ZbfTGQTzMsYFOue56xflIoUZToOwQMi9QImH
fwpSJCKo4iepH+eeBJIQndF89z0bu5r1QezZmljjCgRx63iRPz4cPFapowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL0Kp7wETZ9RV7RBn2dwh8Oc+9KNMB8GA1UdIwQY
MBaAFFYNHom050LmkGKpXTUd7qlrUXj7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVmcwZWliVG5RdWFRWXFsZE5SM3VxV3RSZVBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS84YTczNGEtZDJiOC00MTFlLWE1NTct
NTBkNmJhNmFhY2I4LzEvdlFxbnZBUk5uMUZYdEVHZlozQ0h3NXo3MG8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS84YTczNGEtZDJiOC00MTFlLWE1NTctNTBkNmJhNmFhY2I4
LzEvVmcwZWliVG5RdWFRWXFsZE5SM3VxV3RSZVBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+feMA0G
CSqGSIb3DQEBCwUAA4IBAQCLjsvj6FNfRH8POSxTUBBocNE9Q0ReItkOxHkRyQAi
oT0Ml0fSahT4uI4vx02EPC/ikhdpAQ7Kcz0bMRtVSQNxwuzyFrtTzGxU57e++APc
9dm8UgeqDlmnq/Vb0JSxf26VunHMLOKOClnymMWVLKrJ2OI1DThVDxRtZazV8ER2
sY1J/bksUscA921Pjv8pfYAvWJ8rl28arZCOg/XdeO4clfeDrSyRyLcNMet+YdzG
CPjK2NtIAayn4NPc67MxC44HqXK0s/DkRs3fM9iqbx10uSMywQbf2pMMiU8jGSEH
eVhkCExzQQF9n63XWsKugmEe1sqjaG3G2b64MqN7AGSS
-----END CERTIFICATE-----
Generated at Mon Mar 2 12:31:55 2026 by rpki-client