Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/bPR7e06l0z3yHkCjX6e5ZYlNG58.roa
File: bPR7e06l0z3yHkCjX6e5ZYlNG58.roa (raw, json)
Hash identifier: 16PD+MPza49JpZOC5naDf1k4kej4zcmsb8eqUuWHb8s=
Subject key identifier: 6C:F4:7B:7B:4E:A5:D3:3D:F2:1E:40:A3:5F:A7:B9:65:89:4D:1B:9F
Certificate issuer: /CN=914aa557c3d3d1e6b7f0525c34cc1d488a5a9294
Certificate serial: 019D87803A1B2F0FB9189693D8FB959F2F6C
Authority key identifier: 91:4A:A5:57:C3:D3:D1:E6:B7:F0:52:5C:34:CC:1D:48:8A:5A:92:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/bPR7e06l0z3yHkCjX6e5ZYlNG58.roa
Signing time: Mon 13 Apr 2026 15:40:20 +0000
ROA not before: Mon 13 Apr 2026 15:40:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 198250
IP address blocks: 222.167.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:87:80:3a:1b:2f:0f:b9:18:96:93:d8:fb:95:9f:2f:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=914aa557c3d3d1e6b7f0525c34cc1d488a5a9294
Validity
Not Before: Apr 13 15:40:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6cf47b7b4ea5d33df21e40a35fa7b965894d1b9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:b6:12:6c:d9:ea:13:1d:6e:a8:55:c4:fb:7b:
94:28:c9:cf:3b:90:bc:55:9c:2e:af:19:0d:ce:3f:
c9:9c:62:19:64:9a:a5:ff:0e:43:66:bd:f7:fe:19:
0c:0e:60:7f:94:c4:bc:23:91:be:65:1d:eb:19:e0:
3c:6d:89:2c:c1:64:f5:ce:ad:b6:92:0a:76:70:3a:
14:18:06:e7:47:fa:04:57:fe:74:01:fc:67:61:b0:
53:5b:91:01:df:25:f4:70:00:ed:37:5d:f4:99:0a:
74:9f:88:cc:34:17:24:ec:8f:50:46:97:f6:c9:8a:
fb:b7:67:de:03:ab:ee:09:4b:ba:86:15:ae:e9:e2:
ae:6f:5c:53:8b:20:89:88:a8:cc:f8:55:74:ef:f0:
2e:44:a5:e1:78:8b:09:a5:9d:a8:0b:e1:49:29:c5:
9e:c1:1e:a6:08:8c:47:ca:76:a2:36:92:c6:af:c3:
52:0f:75:a2:47:87:ec:78:11:65:c6:59:5d:59:de:
03:f9:4a:b7:13:ff:be:cd:c2:18:9d:75:07:34:53:
c5:d2:27:9f:27:36:61:e1:f7:39:60:3d:24:2e:e2:
b2:26:0e:c7:e3:10:65:b4:4d:b8:89:5e:aa:23:8f:
c1:48:42:c4:38:ec:9e:87:13:da:e4:a5:29:5a:52:
6e:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:F4:7B:7B:4E:A5:D3:3D:F2:1E:40:A3:5F:A7:B9:65:89:4D:1B:9F
X509v3 Authority Key Identifier:
keyid:91:4A:A5:57:C3:D3:D1:E6:B7:F0:52:5C:34:CC:1D:48:8A:5A:92:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/bPR7e06l0z3yHkCjX6e5ZYlNG58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
222.167.241.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:98:68:97:6d:47:96:53:3a:4d:9e:ed:4b:47:2a:84:30:31:
60:09:18:87:a2:97:8b:14:02:0b:ab:46:e4:0a:c1:6a:23:34:
04:e9:37:6f:09:e0:fd:f2:7f:3b:53:d1:9b:82:e7:9e:d5:ce:
0a:6c:6c:c4:1f:72:4f:ac:15:6a:4e:98:ba:68:7e:08:b8:47:
a6:30:cf:8e:7b:a8:49:a9:a9:ea:65:62:9e:26:98:ea:38:06:
96:f1:7e:2e:c3:ac:ec:3c:b5:a9:9f:bf:e9:f8:e4:bb:07:ab:
05:08:c0:b5:bb:2b:03:f9:09:39:f2:3e:b2:ed:3c:9a:69:3d:
f3:a4:ab:81:b8:80:81:55:4c:35:09:44:3e:63:4f:ce:85:2f:
56:e1:18:1d:a9:d1:82:fa:3d:6a:83:9a:47:f1:0f:da:13:29:
6a:c0:77:99:84:a8:cb:94:f4:78:f5:1b:4b:4c:10:a3:37:56:
e6:a5:bb:0f:b9:24:ff:de:f2:53:06:7a:83:9e:d3:bc:97:88:
fb:6a:4b:f1:ba:a6:58:2e:8f:91:e0:be:2b:3e:9b:62:15:9e:
a6:61:06:aa:68:22:6d:e2:38:d3:6f:ed:2b:8b:cc:77:df:42:
03:6c:d6:2c:b8:2c:3b:ce:e4:3c:3b:02:fb:fc:74:e5:d4:4c:
58:24:3f:67
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ2HgDobLw+5GJaT2PuVny9sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxNGFhNTU3YzNkM2QxZTZiN2YwNTI1YzM0Y2MxZDQ4OGE1
YTkyOTQwHhcNMjYwNDEzMTU0MDIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2Y0N2I3YjRlYTVkMzNkZjIxZTQwYTM1ZmE3Yjk2NTg5NGQxYjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnrYSbNnqEx1uqFXE+3uUKMnPO5C8
VZwurxkNzj/JnGIZZJql/w5DZr33/hkMDmB/lMS8I5G+ZR3rGeA8bYkswWT1zq22
kgp2cDoUGAbnR/oEV/50AfxnYbBTW5EB3yX0cADtN130mQp0n4jMNBck7I9QRpf2
yYr7t2feA6vuCUu6hhWu6eKub1xTiyCJiKjM+FV07/AuRKXheIsJpZ2oC+FJKcWe
wR6mCIxHynaiNpLGr8NSD3WiR4fseBFlxlldWd4D+Uq3E/++zcIYnXUHNFPF0ief
JzZh4fc5YD0kLuKyJg7H4xBltE24iV6qI4/BSELEOOyehxPa5KUpWlJuhwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGz0e3tOpdM98h5Ao1+nuWWJTRufMB8GA1UdIwQY
MBaAFJFKpVfD09Hmt/BSXDTMHUiKWpKUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1VxbFY4UFQwZWEzOEZKY05Nd2RTSXBha3BRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9kYjk3ZDAtMjhmMi00MzI5LWI4NTYt
NGEzNDhlN2JlNDQxLzEvYlBSN2UwNmwwejN5SGtDalg2ZTVaWWxORzU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9kYjk3ZDAtMjhmMi00MzI5LWI4NTYtNGEzNDhlN2JlNDQx
LzEva1VxbFY4UFQwZWEzOEZKY05Nd2RTSXBha3BRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA3qfxMA0G
CSqGSIb3DQEBCwUAA4IBAQAKmGiXbUeWUzpNnu1LRyqEMDFgCRiHopeLFAILq0bk
CsFqIzQE6TdvCeD98n87U9Gbguee1c4KbGzEH3JPrBVqTpi6aH4IuEemMM+Oe6hJ
qanqZWKeJpjqOAaW8X4uw6zsPLWpn7/p+OS7B6sFCMC1uysD+Qk58j6y7TyaaT3z
pKuBuICBVUw1CUQ+Y0/OhS9W4RgdqdGC+j1qg5pH8Q/aEylqwHeZhKjLlPR49RtL
TBCjN1bmpbsPuST/3vJTBnqDntO8l4j7akvxuqZYLo+R4L4rPptiFZ6mYQaqaCJt
4jjTb+0ri8x330IDbNYsuCw7zuQ8OwL7/HTl1ExYJD9n
-----END CERTIFICATE-----
Generated at Fri Apr 17 13:28:53 2026 by rpki-client