Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/21e68c-1c4c-4559-9e30-135d709b59e0/1/1y_PVDrf292ypVubKlcfPa0VLTs.roa
File: 1y_PVDrf292ypVubKlcfPa0VLTs.roa (raw, json)
Hash identifier: 0XpTQ3RyKshZ7qbm+aFTzxAKabtVi92GLDrjmKUXNmw=
Subject key identifier: D7:2F:CF:54:3A:DF:DB:DD:B2:A5:5B:9B:2A:57:1F:3D:AD:15:2D:3B
Certificate issuer: /CN=fc9128a762ceeb6b59f5431568bc13fce41aba12
Certificate serial: 019EBB064829B5A365F01B40108A774A5F31
Authority key identifier: FC:91:28:A7:62:CE:EB:6B:59:F5:43:15:68:BC:13:FC:E4:1A:BA:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_JEop2LO62tZ9UMVaLwT_OQauhI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/21e68c-1c4c-4559-9e30-135d709b59e0/1/1y_PVDrf292ypVubKlcfPa0VLTs.roa
Signing time: Fri 12 Jun 2026 08:50:11 +0000
ROA not before: Fri 12 Jun 2026 08:50:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 200993
IP address blocks: 91.193.111.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/21e68c-1c4c-4559-9e30-135d709b59e0/1/_JEop2LO62tZ9UMVaLwT_OQauhI.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/21e68c-1c4c-4559-9e30-135d709b59e0/1/_JEop2LO62tZ9UMVaLwT_OQauhI.mft
rsync://rpki.ripe.net/repository/DEFAULT/_JEop2LO62tZ9UMVaLwT_OQauhI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:bb:06:48:29:b5:a3:65:f0:1b:40:10:8a:77:4a:5f:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc9128a762ceeb6b59f5431568bc13fce41aba12
Validity
Not Before: Jun 12 08:50:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d72fcf543adfdbddb2a55b9b2a571f3dad152d3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:fc:12:a4:24:70:4e:68:58:29:98:cc:24:00:
bc:24:05:fc:b9:75:85:a2:5a:3e:4e:e9:4c:70:7b:
62:e7:72:a6:c8:c4:9a:ff:c2:84:ea:f7:b4:f1:4b:
34:05:93:c1:61:e5:a6:53:9f:af:81:9a:e1:9f:52:
ce:e6:b1:a3:aa:21:40:c3:3b:0b:83:c3:25:e7:b7:
f2:2b:5f:e1:ef:97:1f:85:8a:00:3f:d9:5e:1a:11:
6b:66:39:d5:ea:57:e8:40:f3:fb:df:07:bb:c7:25:
65:54:1f:3b:45:07:bb:23:33:f5:fb:d2:34:d1:c1:
da:c2:7d:8c:a2:57:72:7f:12:d7:31:c6:d2:94:51:
65:8e:08:4b:8b:8f:03:07:57:75:f9:81:e8:f9:3c:
7a:21:72:51:ba:f1:ee:47:62:57:e5:48:ce:fb:02:
a8:66:27:61:f0:2e:bd:6b:5a:94:a2:f8:1f:fc:25:
24:92:3e:1e:a9:75:09:71:a5:fe:71:f4:14:74:26:
45:2b:52:58:ac:37:dc:44:72:ba:57:2a:b4:4f:cd:
b1:09:14:98:19:da:ab:3f:75:ea:64:c3:67:c8:37:
51:dd:7f:28:1b:19:52:e4:eb:44:e4:57:b4:ff:00:
70:53:1f:5c:2f:80:e5:4f:a3:07:d9:a9:db:d8:38:
b6:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:2F:CF:54:3A:DF:DB:DD:B2:A5:5B:9B:2A:57:1F:3D:AD:15:2D:3B
X509v3 Authority Key Identifier:
keyid:FC:91:28:A7:62:CE:EB:6B:59:F5:43:15:68:BC:13:FC:E4:1A:BA:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_JEop2LO62tZ9UMVaLwT_OQauhI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/21e68c-1c4c-4559-9e30-135d709b59e0/1/1y_PVDrf292ypVubKlcfPa0VLTs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/21e68c-1c4c-4559-9e30-135d709b59e0/1/_JEop2LO62tZ9UMVaLwT_OQauhI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.193.111.0/24
Signature Algorithm: sha256WithRSAEncryption
08:a4:e5:c9:d5:03:8f:dc:f8:a6:eb:5b:e4:ae:10:1e:bd:7b:
1e:8c:1f:54:53:1f:0a:36:e6:85:52:52:c3:41:e2:d4:da:7b:
0e:65:07:a3:a9:7c:14:1e:19:95:8f:51:63:fb:9a:28:8c:c2:
64:33:93:4a:22:61:c2:aa:98:9c:fa:8d:b3:ab:4d:48:e8:80:
ec:42:03:ea:68:e0:c4:07:83:03:de:63:f1:01:bb:76:64:92:
9d:f3:72:63:14:28:1e:88:5e:81:77:33:5e:1f:da:52:0e:83:
d1:7b:06:b4:43:dc:d4:48:83:40:ae:ce:18:b8:83:8e:47:20:
49:bd:93:52:ec:6a:2a:2a:18:7c:9f:92:a4:a6:0c:de:13:d1:
44:79:e5:7c:96:99:22:52:ad:5b:b7:56:04:ae:bc:28:88:34:
79:83:47:40:19:8e:34:41:2e:7a:f7:df:89:02:0f:96:09:0e:
25:9c:48:d6:51:ed:ef:e1:e4:c7:aa:ed:4a:e3:9e:9f:90:6e:
7a:d0:ac:f5:66:fd:fb:f3:f4:25:7c:38:89:0d:49:f6:4c:a5:
2b:b4:97:62:01:fc:64:81:f2:57:24:ea:16:a6:7a:55:19:24:
b3:a8:03:53:d8:f4:34:fd:10:ad:8b:ec:b4:50:1c:79:ea:29:
c9:a1:99:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ67BkgptaNl8BtAEIp3Sl8xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjOTEyOGE3NjJjZWViNmI1OWY1NDMxNTY4YmMxM2ZjZTQx
YWJhMTIwHhcNMjYwNjEyMDg1MDExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzJmY2Y1NDNhZGZkYmRkYjJhNTViOWIyYTU3MWYzZGFkMTUyZDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPwSpCRwTmhYKZjMJAC8JAX8uXWF
olo+TulMcHti53KmyMSa/8KE6ve08Us0BZPBYeWmU5+vgZrhn1LO5rGjqiFAwzsL
g8Ml57fyK1/h75cfhYoAP9leGhFrZjnV6lfoQPP73we7xyVlVB87RQe7IzP1+9I0
0cHawn2MoldyfxLXMcbSlFFljghLi48DB1d1+YHo+Tx6IXJRuvHuR2JX5UjO+wKo
Zidh8C69a1qUovgf/CUkkj4eqXUJcaX+cfQUdCZFK1JYrDfcRHK6Vyq0T82xCRSY
GdqrP3XqZMNnyDdR3X8oGxlS5OtE5Fe0/wBwUx9cL4DlT6MH2anb2Di20QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNcvz1Q639vdsqVbmypXHz2tFS07MB8GA1UdIwQY
MBaAFPyRKKdizutrWfVDFWi8E/zkGroSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0pFb3AyTE82MnRaOVVNVmFMd1RfT1FhdWhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi8yMWU2OGMtMWM0Yy00NTU5LTllMzAt
MTM1ZDcwOWI1OWUwLzEvMXlfUFZEcmYyOTJ5cFZ1YktsY2ZQYTBWTFRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi8yMWU2OGMtMWM0Yy00NTU5LTllMzAtMTM1ZDcwOWI1OWUw
LzEvX0pFb3AyTE82MnRaOVVNVmFMd1RfT1FhdWhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8FvMA0G
CSqGSIb3DQEBCwUAA4IBAQAIpOXJ1QOP3Pim61vkrhAevXsejB9UUx8KNuaFUlLD
QeLU2nsOZQejqXwUHhmVj1Fj+5oojMJkM5NKImHCqpic+o2zq01I6IDsQgPqaODE
B4MD3mPxAbt2ZJKd83JjFCgeiF6BdzNeH9pSDoPRewa0Q9zUSINArs4YuIOORyBJ
vZNS7GoqKhh8n5KkpgzeE9FEeeV8lpkiUq1bt1YErrwoiDR5g0dAGY40QS5699+J
Ag+WCQ4lnEjWUe3v4eTHqu1K456fkG560Kz1Zv378/QlfDiJDUn2TKUrtJdiAfxk
gfJXJOoWpnpVGSSzqANT2PQ0/RCti+y0UBx56inJoZmv
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:05:47 2026 by rpki-client