Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/47c973-205b-4197-8698-cc1d2c5e1b31/1/1YkIJofGDPbAKhB5ldovfVVJQaQ.roa
File: 1YkIJofGDPbAKhB5ldovfVVJQaQ.roa (raw, json)
Hash identifier: ft15usCMKxpuecv7eKItu1OCSt1aYNUn7zhbarfUJ4o=
Subject key identifier: D5:89:08:26:87:C6:0C:F6:C0:2A:10:79:95:DA:2F:7D:55:49:41:A4
Certificate issuer: /CN=dc6a3742f0f0fb120922b339ef01cecf87f4d1ee
Certificate serial: 019E6F11A1B4A5D89B25DA76ADA929E22061
Authority key identifier: DC:6A:37:42:F0:F0:FB:12:09:22:B3:39:EF:01:CE:CF:87:F4:D1:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3Go3QvDw-xIJIrM57wHOz4f00e4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/47c973-205b-4197-8698-cc1d2c5e1b31/1/1YkIJofGDPbAKhB5ldovfVVJQaQ.roa
Signing time: Thu 28 May 2026 14:51:26 +0000
ROA not before: Thu 28 May 2026 14:51:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 43284
IP address blocks: 77.73.240.0/21 maxlen: 21
80.241.96.0/20 maxlen: 20
185.69.136.0/22 maxlen: 22
194.56.219.0/24 maxlen: 24
213.159.80.0/20 maxlen: 20
2a02:2108::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/47c973-205b-4197-8698-cc1d2c5e1b31/1/3Go3QvDw-xIJIrM57wHOz4f00e4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/47c973-205b-4197-8698-cc1d2c5e1b31/1/3Go3QvDw-xIJIrM57wHOz4f00e4.mft
rsync://rpki.ripe.net/repository/DEFAULT/3Go3QvDw-xIJIrM57wHOz4f00e4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 17:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:6f:11:a1:b4:a5:d8:9b:25:da:76:ad:a9:29:e2:20:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc6a3742f0f0fb120922b339ef01cecf87f4d1ee
Validity
Not Before: May 28 14:51:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d589082687c60cf6c02a107995da2f7d554941a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:56:11:88:a5:9f:7d:db:de:48:55:00:7d:4c:
49:47:4f:12:f4:6b:14:fe:76:47:56:d3:5f:8f:23:
a9:24:17:29:e2:5d:18:83:c7:e8:44:e6:9a:9f:f2:
28:f4:3a:f5:d8:db:5e:8f:2d:1a:14:78:51:ea:53:
b5:8a:04:b5:36:13:cd:e0:c6:1a:de:52:03:4f:be:
13:92:b4:83:bc:e5:fe:17:68:b0:52:28:b8:5d:3a:
91:78:ca:79:38:1b:98:26:34:d1:ce:c7:74:6e:4a:
f6:17:15:eb:c2:06:bc:ce:b1:0a:6e:5f:3c:44:84:
9e:ed:71:ca:d4:a7:47:d4:45:a2:60:95:20:36:9e:
6d:d4:a8:ce:91:ca:29:e3:dd:e4:83:d8:9d:76:99:
8f:c4:cf:62:14:d5:ac:65:a8:1c:0d:8a:b9:c7:25:
37:5a:21:07:fc:f4:d5:a3:5f:d6:aa:e6:80:df:82:
5a:ab:46:b8:24:2a:9a:fb:8c:7e:5e:c9:7c:35:aa:
89:80:80:3c:32:96:27:d3:91:32:e6:88:03:d3:30:
28:24:be:1d:1f:2c:a7:e0:8d:60:f6:5b:d8:e9:5a:
81:75:49:14:91:bf:f3:6b:37:c2:65:2c:67:93:ab:
04:6a:9f:36:b7:18:db:60:c4:65:64:c3:e6:e5:95:
90:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:89:08:26:87:C6:0C:F6:C0:2A:10:79:95:DA:2F:7D:55:49:41:A4
X509v3 Authority Key Identifier:
keyid:DC:6A:37:42:F0:F0:FB:12:09:22:B3:39:EF:01:CE:CF:87:F4:D1:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Go3QvDw-xIJIrM57wHOz4f00e4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/47c973-205b-4197-8698-cc1d2c5e1b31/1/1YkIJofGDPbAKhB5ldovfVVJQaQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/47c973-205b-4197-8698-cc1d2c5e1b31/1/3Go3QvDw-xIJIrM57wHOz4f00e4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.73.240.0/21
80.241.96.0/20
185.69.136.0/22
194.56.219.0/24
213.159.80.0/20
IPv6:
2a02:2108::/32
Signature Algorithm: sha256WithRSAEncryption
99:38:dd:00:98:b3:1f:19:60:85:ed:ac:64:4a:73:b1:e2:64:
0e:c3:e7:04:b9:00:5b:13:5e:32:b4:e1:f7:cf:14:ed:de:b1:
c9:6b:d7:82:ae:34:e9:5f:bd:78:29:76:b5:a2:51:48:35:a9:
36:f2:ae:b7:3f:08:59:6b:c5:25:de:6e:92:24:6e:ec:39:59:
c4:62:1c:b0:f4:d6:14:69:c2:1e:06:b2:f1:4b:24:dc:44:d6:
38:4b:85:1b:65:b7:27:d5:3b:7d:11:5f:8f:46:a0:b5:54:d2:
0e:65:b1:4b:1e:77:c7:61:fd:1c:51:e2:1c:fa:b2:7a:dc:24:
d7:0b:b0:29:fb:c0:a0:5e:2a:0d:02:bf:94:29:31:3f:f7:a5:
9c:b6:fa:17:56:51:e5:4a:9a:c1:68:72:4c:f9:ef:fe:7a:c6:
84:af:ac:94:f9:36:bc:31:fa:6c:25:59:4c:2b:fe:d7:d7:2c:
08:50:56:b8:ac:1a:07:8f:ab:16:7a:4f:e4:7b:72:0e:42:84:
df:b9:ea:95:ba:3b:9f:70:96:5d:9d:a3:f0:57:9a:53:ad:da:
0a:b7:36:b1:7c:a1:6a:30:40:f0:d5:36:19:a5:4e:4e:2e:e8:
5e:f8:f7:13:af:4b:74:e6:64:ae:c7:e5:3d:b3:fa:8d:89:e8:
b6:02:17:2e
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZ5vEaG0pdibJdp2rakp4iBhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNmEzNzQyZjBmMGZiMTIwOTIyYjMzOWVmMDFjZWNmODdm
NGQxZWUwHhcNMjYwNTI4MTQ1MTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTg5MDgyNjg3YzYwY2Y2YzAyYTEwNzk5NWRhMmY3ZDU1NDk0MWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5VYRiKWffdveSFUAfUxJR08S9GsU
/nZHVtNfjyOpJBcp4l0Yg8foROaan/Io9Dr12Ntejy0aFHhR6lO1igS1NhPN4MYa
3lIDT74TkrSDvOX+F2iwUii4XTqReMp5OBuYJjTRzsd0bkr2FxXrwga8zrEKbl88
RISe7XHK1KdH1EWiYJUgNp5t1KjOkcop493kg9iddpmPxM9iFNWsZagcDYq5xyU3
WiEH/PTVo1/WquaA34Jaq0a4JCqa+4x+Xsl8NaqJgIA8MpYn05Ey5ogD0zAoJL4d
Hyyn4I1g9lvY6VqBdUkUkb/zazfCZSxnk6sEap82txjbYMRlZMPm5ZWQZQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFNWJCCaHxgz2wCoQeZXaL31VSUGkMB8GA1UdIwQY
MBaAFNxqN0Lw8PsSCSKzOe8Bzs+H9NHuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0dvM1F2RHcteElKSXJNNTd3SE96NGYwMGU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy80N2M5NzMtMjA1Yi00MTk3LTg2OTgt
Y2MxZDJjNWUxYjMxLzEvMVlrSUpvZkdEUGJBS2hCNWxkb3ZmVlZKUWFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy80N2M5NzMtMjA1Yi00MTk3LTg2OTgtY2MxZDJjNWUxYjMx
LzEvM0dvM1F2RHcteElKSXJNNTd3SE96NGYwMGU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDTUnwAwQE
UPFgAwQCuUWIAwQAwjjbAwQE1Z9QMA0EAgACMAcDBQAqAiEIMA0GCSqGSIb3DQEB
CwUAA4IBAQCZON0AmLMfGWCF7axkSnOx4mQOw+cEuQBbE14ytOH3zxTt3rHJa9eC
rjTpX714KXa1olFINak28q63PwhZa8Ul3m6SJG7sOVnEYhyw9NYUacIeBrLxSyTc
RNY4S4UbZbcn1Tt9EV+PRqC1VNIOZbFLHnfHYf0cUeIc+rJ63CTXC7Ap+8CgXioN
Ar+UKTE/96WctvoXVlHlSprBaHJM+e/+esaEr6yU+Ta8MfpsJVlMK/7X1ywIUFa4
rBoHj6sWek/ke3IOQoTfueqVujufcJZdnaPwV5pTrdoKtzaxfKFqMEDw1TYZpU5O
Luhe+PcTr0t05mSux+U9s/qNiei2Ahcu
-----END CERTIFICATE-----
Generated at Sat Jun 13 21:54:47 2026 by rpki-client