Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/15d271-05cd-461e-a7b6-43013b28d9d6/1/XRpeo1hgYiwp4bqhBtHy8vKgFro.roa
File: XRpeo1hgYiwp4bqhBtHy8vKgFro.roa (raw, json)
Hash identifier: KpWSEc+iqgjcBLMAxea9v15WND9BIwwgPKkIhWFrsDs=
Subject key identifier: 5D:1A:5E:A3:58:60:62:2C:29:E1:BA:A1:06:D1:F2:F2:F2:A0:16:BA
Certificate issuer: /CN=d4b95330734c9aaf66d11bcd2bedd380f410f93f
Certificate serial: 019DA2190061858678A27DB14D4B9A689120
Authority key identifier: D4:B9:53:30:73:4C:9A:AF:66:D1:1B:CD:2B:ED:D3:80:F4:10:F9:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1LlTMHNMmq9m0RvNK-3TgPQQ-T8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/15d271-05cd-461e-a7b6-43013b28d9d6/1/XRpeo1hgYiwp4bqhBtHy8vKgFro.roa
Signing time: Sat 18 Apr 2026 19:37:20 +0000
ROA not before: Sat 18 Apr 2026 19:37:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 207057
IP address blocks: 132.243.229.0/24 maxlen: 24
195.226.93.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/15d271-05cd-461e-a7b6-43013b28d9d6/1/1LlTMHNMmq9m0RvNK-3TgPQQ-T8.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/15d271-05cd-461e-a7b6-43013b28d9d6/1/1LlTMHNMmq9m0RvNK-3TgPQQ-T8.mft
rsync://rpki.ripe.net/repository/DEFAULT/1LlTMHNMmq9m0RvNK-3TgPQQ-T8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:a2:19:00:61:85:86:78:a2:7d:b1:4d:4b:9a:68:91:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4b95330734c9aaf66d11bcd2bedd380f410f93f
Validity
Not Before: Apr 18 19:37:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5d1a5ea35860622c29e1baa106d1f2f2f2a016ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:7f:8d:72:c5:2b:fd:c6:0d:ae:af:9b:9f:a8:
55:ed:ca:99:4f:bf:91:f1:16:4c:25:3e:dd:1e:6b:
a1:28:d1:01:da:58:54:b0:b2:71:5b:d9:b4:54:5f:
03:18:23:07:95:97:b8:06:59:e7:85:e2:87:8a:d7:
99:cf:4c:83:52:91:67:41:d8:ee:02:64:3c:23:78:
fa:ff:8d:ef:a5:33:c5:04:06:5f:70:58:8a:75:cf:
08:3a:db:28:1d:3e:75:b7:36:62:09:64:f0:9a:81:
31:69:4b:32:2f:4c:d7:9a:2f:e2:d9:dd:65:12:2f:
23:f4:be:5d:90:1e:81:75:6f:a3:54:c1:ef:f8:11:
4a:d8:50:e4:cb:b8:af:e0:ec:8b:0e:23:6b:b8:73:
94:8a:f1:63:0a:32:ab:5f:07:8f:af:60:53:c8:2f:
bb:8b:4b:72:d8:7a:00:9a:2c:35:69:dd:10:e8:94:
ec:85:48:8f:a9:c4:b2:ca:ac:74:72:ff:b4:53:7c:
bd:c4:19:15:31:dd:b5:80:32:b2:12:ec:a2:12:b5:
1b:b3:e8:85:e9:cd:d5:56:a4:f1:c4:1a:79:ea:ec:
d0:f0:ac:ce:a2:c5:8d:c3:7e:24:a7:7b:b4:17:f9:
f8:65:ff:5b:31:48:83:5c:7e:a4:9c:7f:f0:fd:4f:
26:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:1A:5E:A3:58:60:62:2C:29:E1:BA:A1:06:D1:F2:F2:F2:A0:16:BA
X509v3 Authority Key Identifier:
keyid:D4:B9:53:30:73:4C:9A:AF:66:D1:1B:CD:2B:ED:D3:80:F4:10:F9:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1LlTMHNMmq9m0RvNK-3TgPQQ-T8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/15d271-05cd-461e-a7b6-43013b28d9d6/1/XRpeo1hgYiwp4bqhBtHy8vKgFro.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/15d271-05cd-461e-a7b6-43013b28d9d6/1/1LlTMHNMmq9m0RvNK-3TgPQQ-T8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
132.243.229.0/24
195.226.93.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:62:97:60:a5:b8:d8:c2:1f:47:01:cd:65:14:b4:11:1d:ea:
7c:e4:9d:ce:61:48:02:68:cd:fd:7c:53:d5:9a:78:36:95:5b:
3c:87:8f:64:6f:a7:eb:43:f0:5a:d2:78:43:a5:09:b5:4f:c4:
b8:19:28:a9:d9:1c:9f:26:8a:a2:8a:ae:42:b6:49:33:45:49:
ae:fa:d0:fd:dd:7a:34:3c:d9:11:39:fd:80:29:a5:a2:c9:06:
90:6d:c1:ff:2e:0d:29:e9:5c:f4:1d:0f:49:6b:25:3a:67:cf:
f1:8a:43:69:33:1a:37:55:53:0b:5a:1e:e5:ca:6a:fa:13:70:
fb:7d:21:40:f3:71:07:47:b4:44:80:9b:6d:5e:2b:d7:d5:ca:
a5:05:bf:b6:13:59:5b:b5:a5:22:ec:5a:13:ea:68:d0:92:2c:
88:83:aa:01:4e:72:32:a9:b0:6d:31:c9:7f:df:56:9d:50:54:
3b:d1:25:ed:3e:d2:56:31:7b:86:12:bd:53:59:64:6b:a2:16:
0d:19:82:16:f4:08:d7:c3:9f:5c:f5:6f:3d:af:79:1b:aa:e3:
bf:48:b9:e9:b1:5e:55:08:09:cd:57:e4:b4:65:36:c7:a8:fd:
8c:c1:3a:9e:b6:25:19:a9:01:ff:13:24:28:92:77:f2:01:78:
9f:ed:4f:dd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ2iGQBhhYZ4on2xTUuaaJEgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0Yjk1MzMwNzM0YzlhYWY2NmQxMWJjZDJiZWRkMzgwZjQx
MGY5M2YwHhcNMjYwNDE4MTkzNzIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDFhNWVhMzU4NjA2MjJjMjllMWJhYTEwNmQxZjJmMmYyYTAxNmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9n+NcsUr/cYNrq+bn6hV7cqZT7+R
8RZMJT7dHmuhKNEB2lhUsLJxW9m0VF8DGCMHlZe4BlnnheKHiteZz0yDUpFnQdju
AmQ8I3j6/43vpTPFBAZfcFiKdc8IOtsoHT51tzZiCWTwmoExaUsyL0zXmi/i2d1l
Ei8j9L5dkB6BdW+jVMHv+BFK2FDky7iv4OyLDiNruHOUivFjCjKrXwePr2BTyC+7
i0ty2HoAmiw1ad0Q6JTshUiPqcSyyqx0cv+0U3y9xBkVMd21gDKyEuyiErUbs+iF
6c3VVqTxxBp56uzQ8KzOosWNw34kp3u0F/n4Zf9bMUiDXH6knH/w/U8mawIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFF0aXqNYYGIsKeG6oQbR8vLyoBa6MB8GA1UdIwQY
MBaAFNS5UzBzTJqvZtEbzSvt04D0EPk/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUxsVE1ITk1tcTltMFJ2TkstM1RnUFFRLVQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8xNWQyNzEtMDVjZC00NjFlLWE3YjYt
NDMwMTNiMjhkOWQ2LzEvWFJwZW8xaGdZaXdwNGJxaEJ0SHk4dktnRnJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8xNWQyNzEtMDVjZC00NjFlLWE3YjYtNDMwMTNiMjhkOWQ2
LzEvMUxsVE1ITk1tcTltMFJ2TkstM1RnUFFRLVQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAhPPlAwQA
w+JdMA0GCSqGSIb3DQEBCwUAA4IBAQAtYpdgpbjYwh9HAc1lFLQRHep85J3OYUgC
aM39fFPVmng2lVs8h49kb6frQ/Ba0nhDpQm1T8S4GSip2RyfJoqiiq5CtkkzRUmu
+tD93Xo0PNkROf2AKaWiyQaQbcH/Lg0p6Vz0HQ9JayU6Z8/xikNpMxo3VVMLWh7l
ymr6E3D7fSFA83EHR7REgJttXivX1cqlBb+2E1lbtaUi7FoT6mjQkiyIg6oBTnIy
qbBtMcl/31adUFQ70SXtPtJWMXuGEr1TWWRrohYNGYIW9AjXw59c9W89r3kbquO/
SLnpsV5VCAnNV+S0ZTbHqP2MwTqetiUZqQH/EyQoknfyAXif7U/d
-----END CERTIFICATE-----
Generated at Sun Apr 19 10:27:58 2026 by rpki-client