Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/1-vkSUj3IhBaF6QCupk9p-QFNkpg.roa
File: 1-vkSUj3IhBaF6QCupk9p-QFNkpg.roa (raw, json)
Hash identifier: NyoZpDBj6nyKZfID52EDPnf8kCWXyPjqV37Bafp3IEk=
Subject key identifier: FA:F9:12:52:3D:C8:84:16:85:E9:00:AE:A6:4F:69:F9:01:4D:92:98
Certificate issuer: /CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Certificate serial: 019EBB91711D1590293E57588F5DEC9B5372
Authority key identifier: F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/1-vkSUj3IhBaF6QCupk9p-QFNkpg.roa
Signing time: Fri 12 Jun 2026 11:22:11 +0000
ROA not before: Fri 12 Jun 2026 11:22:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 28878
IP address blocks: 31.223.160.0/20 maxlen: 20
37.17.208.0/20 maxlen: 20
78.108.128.0/20 maxlen: 20
80.246.192.0/20 maxlen: 20
80.255.240.0/20 maxlen: 20
81.21.136.0/21 maxlen: 21
81.30.32.0/20 maxlen: 20
85.10.160.0/19 maxlen: 24
141.255.176.0/22 maxlen: 24
171.33.128.0/21 maxlen: 21
176.74.224.0/19 maxlen: 19
185.15.248.0/22 maxlen: 22
217.21.240.0/20 maxlen: 20
217.149.128.0/20 maxlen: 20
2001:4cb8::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.mft
rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:bb:91:71:1d:15:90:29:3e:57:58:8f:5d:ec:9b:53:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Validity
Not Before: Jun 12 11:22:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=faf912523dc8841685e900aea64f69f9014d9298
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:3f:9a:47:4e:f2:b2:43:a2:3a:54:2d:f1:2c:
9b:00:e1:82:20:f9:36:14:62:49:a1:09:c6:6d:76:
70:68:6f:71:be:fb:d2:7d:e5:be:41:87:24:85:be:
ad:21:1b:56:ff:89:73:e3:3e:0e:28:23:32:70:9b:
1f:93:f9:0b:64:b2:8e:0a:86:2f:23:7f:24:b8:86:
a2:a3:14:bd:59:d6:79:fa:15:1c:d5:9b:83:a2:a7:
48:7a:c6:4e:2b:13:8f:8a:2d:a0:91:67:e4:53:2b:
be:0c:8c:4d:4e:26:ca:2f:81:b2:2d:3b:47:45:3d:
f8:89:0f:74:ba:8d:2d:f0:ba:5a:42:9f:62:a1:41:
aa:35:1c:31:44:fb:ca:96:75:53:03:1b:46:17:ad:
7b:39:77:1a:84:2b:15:74:1c:82:35:cd:fc:ce:8d:
7f:54:47:c1:5b:ba:6c:b1:f2:74:1f:d0:1f:15:bf:
af:21:c6:f3:e2:48:82:b9:d9:68:c5:1a:ad:c8:90:
fc:b8:ce:3c:d7:d7:09:7e:1c:3b:4d:88:c3:37:d9:
25:23:54:6f:27:96:d2:98:15:b3:1a:68:68:c7:1e:
a6:5b:e6:0d:38:82:36:7d:fc:6c:ac:c9:8a:bc:cf:
ea:30:24:e5:63:7a:52:32:cb:80:42:8a:e5:43:2f:
8d:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:F9:12:52:3D:C8:84:16:85:E9:00:AE:A6:4F:69:F9:01:4D:92:98
X509v3 Authority Key Identifier:
keyid:F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/1-vkSUj3IhBaF6QCupk9p-QFNkpg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.223.160.0/20
37.17.208.0/20
78.108.128.0/20
80.246.192.0/20
80.255.240.0/20
81.21.136.0/21
81.30.32.0/20
85.10.160.0/19
141.255.176.0/22
171.33.128.0/21
176.74.224.0/19
185.15.248.0/22
217.21.240.0/20
217.149.128.0/20
IPv6:
2001:4cb8::/29
Signature Algorithm: sha256WithRSAEncryption
3c:3b:31:a7:6c:d5:61:b5:02:30:b6:ca:6e:d2:3c:f5:58:b5:
ea:ec:36:57:7f:2c:2e:7f:e5:d1:6a:17:1a:13:49:ac:90:58:
31:a4:cc:c4:20:e8:da:fc:d4:ed:95:cd:e7:6d:28:fa:99:05:
4d:18:ee:71:b6:82:cd:69:26:18:69:a7:69:f3:3f:bd:01:f0:
b2:91:10:a2:da:ec:8f:b8:6a:5a:e7:3b:30:6b:d3:0c:04:41:
c6:e9:f8:73:e4:59:8c:0c:f7:55:d4:a6:8c:03:58:04:eb:7c:
bc:9b:8e:04:d7:d9:00:04:01:b9:c1:d8:38:a4:03:0f:8b:d4:
90:01:78:a6:8e:4d:f1:15:37:2d:a7:51:30:29:97:fc:a9:90:
68:3f:83:76:f5:98:05:ba:16:8e:18:2f:47:b8:53:64:ec:f5:
b4:db:a1:ed:a5:24:98:b9:45:4b:bc:31:8a:20:e7:23:03:56:
59:a5:2f:5d:6d:a8:cc:95:45:7a:fa:38:ec:06:8d:fa:f8:13:
a9:57:65:67:65:29:7d:cc:f3:00:28:dd:2c:07:27:80:ad:26:
21:c0:78:55:e1:2a:ed:75:f5:78:b5:0c:bb:99:25:35:87:4e:
ff:a9:26:4b:d3:7e:54:f3:29:e5:d4:1d:3b:20:5e:c5:8e:9b:
33:db:91:ef
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAZ67kXEdFZApPldYj13sm1NyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MTM2OWNjYmY4NmIxZTg0ZTFhZWI0NmU2ZDMzNmQzOWY3
NTJhZTcwHhcNMjYwNjEyMTEyMjExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWY5MTI1MjNkYzg4NDE2ODVlOTAwYWVhNjRmNjlmOTAxNGQ5Mjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9z+aR07yskOiOlQt8SybAOGCIPk2
FGJJoQnGbXZwaG9xvvvSfeW+QYckhb6tIRtW/4lz4z4OKCMycJsfk/kLZLKOCoYv
I38kuIaioxS9WdZ5+hUc1ZuDoqdIesZOKxOPii2gkWfkUyu+DIxNTibKL4GyLTtH
RT34iQ90uo0t8LpaQp9ioUGqNRwxRPvKlnVTAxtGF617OXcahCsVdByCNc38zo1/
VEfBW7pssfJ0H9AfFb+vIcbz4kiCudloxRqtyJD8uM4819cJfhw7TYjDN9klI1Rv
J5bSmBWzGmhoxx6mW+YNOII2ffxsrMmKvM/qMCTlY3pSMsuAQorlQy+NqQIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFPr5ElI9yIQWhekArqZPafkBTZKYMB8GA1UdIwQY
MBaAFPUTacy/hrHoThrrRubTNtOfdSrnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUt
MmI5MjBiZGUzOTkwLzEvMS12a1NVajNJaEJhRjZRQ3VwazlwLVFGTmtwZy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTIvMmQ1YmRmLTUyNjUtNDliOC04YWZlLTJiOTIwYmRlMzk5
MC8xLzlSTnB6TC1Hc2VoT0d1dEc1dE0yMDU5MUt1Yy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjB8BggrBgEFBQcBBwEB/wRtMGswWgQCAAEwVAMEBB/foAME
BCUR0AMEBE5sgAMEBFD2wAMEBFD/8AMEA1EViAMEBFEeIAMEBVUKoAMEAo3/sAME
A6shgAMEBbBK4AMEArkP+AMEBNkV8AMEBNmVgDANBAIAAjAHAwUDIAFMuDANBgkq
hkiG9w0BAQsFAAOCAQEAPDsxp2zVYbUCMLbKbtI89Vi16uw2V38sLn/l0WoXGhNJ
rJBYMaTMxCDo2vzU7ZXN520o+pkFTRjucbaCzWkmGGmnafM/vQHwspEQotrsj7hq
Wuc7MGvTDARBxun4c+RZjAz3VdSmjANYBOt8vJuOBNfZAAQBucHYOKQDD4vUkAF4
po5N8RU3LadRMCmX/KmQaD+DdvWYBboWjhgvR7hTZOz1tNuh7aUkmLlFS7wxiiDn
IwNWWaUvXW2ozJVFevo47AaN+vgTqVdlZ2UpfczzACjdLAcngK0mIcB4VeEq7XX1
eLUMu5klNYdO/6kmS9N+VPMp5dQdOyBexY6bM9uR7w==
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:50:08 2026 by rpki-client