Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/1-lRhzID0tFMbdlzS02IqfVXKBIE.roa
File: 1-lRhzID0tFMbdlzS02IqfVXKBIE.roa (raw, json)
Hash identifier: 1hKVs8qteOkHFrAM6Jt7PWsCcQe8VwZ1ACSk67ugkU0=
Subject key identifier: FA:54:61:CC:80:F4:B4:53:1B:76:5C:D2:D3:62:2A:7D:55:CA:04:81
Certificate issuer: /CN=a952d0d266557385836aab7ae3fdced4ca74ad89
Certificate serial: 019EA82B997C02D426C92247BE44D7BA21C7
Authority key identifier: A9:52:D0:D2:66:55:73:85:83:6A:AB:7A:E3:FD:CE:D4:CA:74:AD:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qVLQ0mZVc4WDaqt64_3O1Mp0rYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/1-lRhzID0tFMbdlzS02IqfVXKBIE.roa
Signing time: Mon 08 Jun 2026 16:58:10 +0000
ROA not before: Mon 08 Jun 2026 16:58:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 205007
IP address blocks: 178.217.100.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/qVLQ0mZVc4WDaqt64_3O1Mp0rYk.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/qVLQ0mZVc4WDaqt64_3O1Mp0rYk.mft
rsync://rpki.ripe.net/repository/DEFAULT/qVLQ0mZVc4WDaqt64_3O1Mp0rYk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 13:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:a8:2b:99:7c:02:d4:26:c9:22:47:be:44:d7:ba:21:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a952d0d266557385836aab7ae3fdced4ca74ad89
Validity
Not Before: Jun 8 16:58:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=fa5461cc80f4b4531b765cd2d3622a7d55ca0481
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:d4:69:6a:bd:66:30:8d:01:f3:51:7f:db:8b:
a8:a6:4e:37:cd:3d:a7:0d:2a:cf:48:5a:e4:07:a8:
4c:77:b4:3f:14:3d:c2:2e:36:b9:b5:99:85:e9:cc:
26:05:f6:11:52:fb:9a:35:b5:b0:d5:a4:73:99:85:
4e:b1:33:49:2a:37:dd:4a:e0:c4:3e:eb:19:f6:cc:
f7:60:30:80:96:40:a8:3c:33:b2:1f:62:b1:e7:33:
4d:fc:89:8f:e7:03:58:68:bd:7a:af:92:68:1b:7c:
3e:6e:e1:b3:19:68:fa:19:ac:1a:31:fb:fc:fc:98:
59:c9:7e:1a:9e:7a:2a:4b:d5:a0:99:14:56:b0:13:
57:6a:87:5f:b6:7d:0b:cf:12:ed:c5:24:91:a0:fb:
4e:79:87:81:c0:87:87:b7:3e:c0:b2:89:57:9a:9e:
15:2b:3c:9a:1f:1d:9a:6b:41:b0:9f:e9:0d:ba:7b:
6c:bc:ae:e8:0e:cf:75:18:49:e0:40:f9:a7:1f:26:
89:8c:8c:b8:8d:5f:d3:b3:4a:dd:fd:60:93:da:d8:
01:7b:53:d6:b8:1e:52:d8:35:ee:38:73:c4:96:fc:
4b:7c:16:94:65:8f:36:c5:e9:bb:1b:0b:46:6b:2c:
00:2b:1f:f6:58:0d:8e:30:65:f2:6d:94:b5:32:ca:
7b:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:54:61:CC:80:F4:B4:53:1B:76:5C:D2:D3:62:2A:7D:55:CA:04:81
X509v3 Authority Key Identifier:
keyid:A9:52:D0:D2:66:55:73:85:83:6A:AB:7A:E3:FD:CE:D4:CA:74:AD:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qVLQ0mZVc4WDaqt64_3O1Mp0rYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/1-lRhzID0tFMbdlzS02IqfVXKBIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/qVLQ0mZVc4WDaqt64_3O1Mp0rYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.217.100.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:ff:f3:9c:be:fe:f0:75:c0:28:d0:05:e2:92:2a:45:b8:21:
dd:4f:bf:d7:2d:f0:c7:44:28:ff:ed:23:9a:37:b5:1f:ed:b6:
5f:65:f4:85:54:5c:dd:e9:15:17:1d:f6:81:d6:60:b9:37:e0:
b0:73:80:f6:75:3b:18:5a:af:c4:a2:91:21:13:53:fb:7c:0c:
60:ce:60:a0:8d:81:10:bb:20:55:9d:f0:b4:1a:6e:0c:b6:09:
85:d2:78:bb:24:40:6f:86:9e:73:0d:96:3e:e8:54:2a:cf:97:
4e:64:dd:42:f9:e6:25:7b:34:49:3f:73:f6:d0:0d:86:65:2d:
2a:a2:ce:9f:41:cc:57:64:84:c2:d7:67:d0:90:a9:8f:87:2b:
15:12:41:af:e3:1f:e7:ca:ab:45:91:48:5c:60:c2:96:a5:be:
91:1f:f1:cb:ec:0a:33:0e:1f:f1:26:0e:bb:5e:f6:33:39:6a:
68:a2:eb:d5:c2:ad:77:25:48:82:e6:6f:cb:e8:79:f8:49:8e:
ca:85:c2:e7:d3:34:21:69:82:82:3f:31:33:1c:a0:bc:41:98:
61:b9:80:fa:8b:be:46:af:e6:a8:8c:ba:63:8a:26:b5:23:4c:
54:f2:0c:fa:6e:66:8a:fe:bf:b7:d7:88:8f:05:59:75:2a:e5:
d1:b9:7b:78
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZ6oK5l8AtQmySJHvkTXuiHHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5NTJkMGQyNjY1NTczODU4MzZhYWI3YWUzZmRjZWQ0Y2E3
NGFkODkwHhcNMjYwNjA4MTY1ODEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTU0NjFjYzgwZjRiNDUzMWI3NjVjZDJkMzYyMmE3ZDU1Y2EwNDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNRpar1mMI0B81F/24uopk43zT2n
DSrPSFrkB6hMd7Q/FD3CLja5tZmF6cwmBfYRUvuaNbWw1aRzmYVOsTNJKjfdSuDE
PusZ9sz3YDCAlkCoPDOyH2Kx5zNN/ImP5wNYaL16r5JoG3w+buGzGWj6GawaMfv8
/JhZyX4annoqS9WgmRRWsBNXaodftn0LzxLtxSSRoPtOeYeBwIeHtz7AsolXmp4V
KzyaHx2aa0Gwn+kNuntsvK7oDs91GEngQPmnHyaJjIy4jV/Ts0rd/WCT2tgBe1PW
uB5S2DXuOHPElvxLfBaUZY82xem7GwtGaywAKx/2WA2OMGXybZS1Msp7FwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPpUYcyA9LRTG3Zc0tNiKn1VygSBMB8GA1UdIwQY
MBaAFKlS0NJmVXOFg2qreuP9ztTKdK2JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVZMUTBtWlZjNFdEYXF0NjRfM08xTXAwcllrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi8yNzBhOTEtY2JmZC00NTAzLWI5NjAt
NGMyMWE1MDVmMzQ2LzEvMS1sUmh6SUQwdEZNYmRselMwMklxZlZYS0JJRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYmYvMjcwYTkxLWNiZmQtNDUwMy1iOTYwLTRjMjFhNTA1ZjM0
Ni8xL3FWTFEwbVpWYzRXRGFxdDY0XzNPMU1wMHJZay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALLZZDAN
BgkqhkiG9w0BAQsFAAOCAQEATv/znL7+8HXAKNAF4pIqRbgh3U+/1y3wx0Qo/+0j
mje1H+22X2X0hVRc3ekVFx32gdZguTfgsHOA9nU7GFqvxKKRIRNT+3wMYM5goI2B
ELsgVZ3wtBpuDLYJhdJ4uyRAb4aecw2WPuhUKs+XTmTdQvnmJXs0ST9z9tANhmUt
KqLOn0HMV2SEwtdn0JCpj4crFRJBr+Mf58qrRZFIXGDClqW+kR/xy+wKMw4f8SYO
u172MzlqaKLr1cKtdyVIguZvy+h5+EmOyoXC59M0IWmCgj8xMxygvEGYYbmA+ou+
Rq/mqIy6Y4omtSNMVPIM+m5miv6/t9eIjwVZdSrl0bl7eA==
-----END CERTIFICATE-----
Generated at Sat Jun 13 22:18:55 2026 by rpki-client