Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/4Cbw1B-SQMwnhIKZykMpYDEhTP0.roa
File: 4Cbw1B-SQMwnhIKZykMpYDEhTP0.roa (raw, json)
Hash identifier: xec0pvAkKmvao2Oj0f1rkBlZI/EXkkS0qjlzIBxwHiA=
Subject key identifier: E0:26:F0:D4:1F:92:40:CC:27:84:82:99:CA:43:29:60:31:21:4C:FD
Certificate issuer: /CN=914aa557c3d3d1e6b7f0525c34cc1d488a5a9294
Certificate serial: 019E52F128F4CA65BE629450E92065C0E51B
Authority key identifier: 91:4A:A5:57:C3:D3:D1:E6:B7:F0:52:5C:34:CC:1D:48:8A:5A:92:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/4Cbw1B-SQMwnhIKZykMpYDEhTP0.roa
Signing time: Sat 23 May 2026 03:46:36 +0000
ROA not before: Sat 23 May 2026 03:46:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215120
IP address blocks: 150.107.49.0/24 maxlen: 24
222.167.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:52:f1:28:f4:ca:65:be:62:94:50:e9:20:65:c0:e5:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=914aa557c3d3d1e6b7f0525c34cc1d488a5a9294
Validity
Not Before: May 23 03:46:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e026f0d41f9240cc27848299ca43296031214cfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:da:ce:03:b2:12:10:92:d8:95:8a:b2:12:99:
9d:1a:04:7a:f9:36:53:48:31:86:8e:b5:12:a0:ad:
93:4e:43:e8:b9:a6:9f:3a:6f:4d:93:e6:af:c7:00:
00:f3:2f:74:a4:1b:25:09:cb:ee:60:dd:1d:58:7a:
52:47:08:b6:4c:78:88:1c:20:92:34:9e:43:12:dc:
10:18:fd:17:f5:6f:34:3b:fe:a8:27:66:5a:03:4a:
21:61:93:54:cb:57:eb:8f:a1:98:aa:1f:25:bd:23:
40:3c:50:1e:98:ce:1f:c0:12:a7:9c:6e:dd:c6:02:
7c:dd:1f:f2:75:d8:a6:5e:6a:6b:2a:7d:49:f0:a3:
1e:e3:31:de:6d:8c:a9:60:b4:85:f6:22:75:ce:e8:
c5:e9:2e:f0:92:91:06:d1:f8:3c:fb:9a:4e:d8:8d:
67:e4:7e:6d:9f:40:80:06:48:0f:34:20:ef:eb:b6:
8d:bd:9d:fd:23:f2:6f:16:6f:07:f6:7c:9f:5c:4b:
1f:75:c7:c3:96:78:d0:e0:d1:7d:a9:2e:68:9b:d6:
e8:2b:a2:14:4f:ba:fd:98:38:75:80:3f:64:6b:a1:
2a:48:cf:9d:9f:6b:7b:c5:12:47:3c:cb:66:3f:49:
f6:b7:78:1d:dd:06:3c:5e:d0:b3:0d:ee:dd:7b:fa:
eb:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:26:F0:D4:1F:92:40:CC:27:84:82:99:CA:43:29:60:31:21:4C:FD
X509v3 Authority Key Identifier:
keyid:91:4A:A5:57:C3:D3:D1:E6:B7:F0:52:5C:34:CC:1D:48:8A:5A:92:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/4Cbw1B-SQMwnhIKZykMpYDEhTP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
150.107.49.0/24
222.167.250.0/24
Signature Algorithm: sha256WithRSAEncryption
02:88:a2:bb:cc:0a:86:03:94:c0:7b:d0:ee:7e:30:36:e7:bf:
c7:ba:2f:ca:96:8a:36:7b:db:be:66:15:b2:da:85:02:ab:f9:
0a:06:2c:48:da:07:06:70:1e:5f:8f:45:62:64:e2:2a:0e:e7:
1b:0c:64:a5:f0:ea:a1:03:64:30:7f:3f:ab:87:cd:6c:d0:24:
ff:6b:a9:f0:78:a0:e8:96:23:b6:5c:1c:83:9e:51:9d:b9:46:
60:b4:a8:6a:ea:39:ae:8c:7b:1a:6e:5d:88:fd:e2:5d:ec:d5:
92:4a:d3:93:89:02:67:2d:d2:24:96:e4:07:23:ae:d2:e8:4a:
fd:0b:52:d0:d7:b5:ec:a0:c4:a0:5b:24:92:ce:61:7a:ac:5c:
9d:07:01:c9:0a:40:e6:3a:36:d8:20:b4:7a:df:9a:ba:73:5e:
66:69:56:1b:f9:21:9b:21:f8:3c:60:eb:13:5c:c8:9b:31:6b:
3f:6f:15:af:31:41:9c:c4:0f:9f:05:7b:84:98:26:58:16:dd:
5b:da:a7:db:ac:a1:21:34:f4:a4:d8:43:8f:4f:44:68:d4:d3:
49:0d:df:8c:41:10:cf:1e:37:eb:70:5b:ca:9d:0f:75:ea:35:
d6:6a:ff:ce:fc:cb:73:40:c3:61:08:96:af:2f:7c:64:cc:c7:
7d:7d:b9:9d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ5S8Sj0ymW+YpRQ6SBlwOUbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxNGFhNTU3YzNkM2QxZTZiN2YwNTI1YzM0Y2MxZDQ4OGE1
YTkyOTQwHhcNMjYwNTIzMDM0NjM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDI2ZjBkNDFmOTI0MGNjMjc4NDgyOTljYTQzMjk2MDMxMjE0Y2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlNrOA7ISEJLYlYqyEpmdGgR6+TZT
SDGGjrUSoK2TTkPouaafOm9Nk+avxwAA8y90pBslCcvuYN0dWHpSRwi2THiIHCCS
NJ5DEtwQGP0X9W80O/6oJ2ZaA0ohYZNUy1frj6GYqh8lvSNAPFAemM4fwBKnnG7d
xgJ83R/yddimXmprKn1J8KMe4zHebYypYLSF9iJ1zujF6S7wkpEG0fg8+5pO2I1n
5H5tn0CABkgPNCDv67aNvZ39I/JvFm8H9nyfXEsfdcfDlnjQ4NF9qS5om9boK6IU
T7r9mDh1gD9ka6EqSM+dn2t7xRJHPMtmP0n2t3gd3QY8XtCzDe7de/rrHwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOAm8NQfkkDMJ4SCmcpDKWAxIUz9MB8GA1UdIwQY
MBaAFJFKpVfD09Hmt/BSXDTMHUiKWpKUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1VxbFY4UFQwZWEzOEZKY05Nd2RTSXBha3BRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9kYjk3ZDAtMjhmMi00MzI5LWI4NTYt
NGEzNDhlN2JlNDQxLzEvNENidzFCLVNRTXduaElLWnlrTXBZREVoVFAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9kYjk3ZDAtMjhmMi00MzI5LWI4NTYtNGEzNDhlN2JlNDQx
LzEva1VxbFY4UFQwZWEzOEZKY05Nd2RTSXBha3BRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAlmsxAwQA
3qf6MA0GCSqGSIb3DQEBCwUAA4IBAQACiKK7zAqGA5TAe9DufjA257/Hui/Kloo2
e9u+ZhWy2oUCq/kKBixI2gcGcB5fj0ViZOIqDucbDGSl8OqhA2Qwfz+rh81s0CT/
a6nweKDoliO2XByDnlGduUZgtKhq6jmujHsabl2I/eJd7NWSStOTiQJnLdIkluQH
I67S6Er9C1LQ17XsoMSgWySSzmF6rFydBwHJCkDmOjbYILR635q6c15maVYb+SGb
Ifg8YOsTXMibMWs/bxWvMUGcxA+fBXuEmCZYFt1b2qfbrKEhNPSk2EOPT0Ro1NNJ
Dd+MQRDPHjfrcFvKnQ916jXWav/O/MtzQMNhCJavL3xkzMd9fbmd
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:45:13 2026 by rpki-client