Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/kbDl7yPpektKwVNxrpjtKZA2nlo.roa
File: kbDl7yPpektKwVNxrpjtKZA2nlo.roa (raw, json)
Hash identifier: d36zlW6Z2DgAcLCmRqlcx/u7HM97YBnDPEL5pAu6CNE=
Subject key identifier: 91:B0:E5:EF:23:E9:7A:4B:4A:C1:53:71:AE:98:ED:29:90:36:9E:5A
Certificate issuer: /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Certificate serial: 019C8F3E3FE6392AFC126F5B2ACE619A5078
Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/kbDl7yPpektKwVNxrpjtKZA2nlo.roa
Signing time: Tue 24 Feb 2026 10:42:27 +0000
ROA not before: Tue 24 Feb 2026 10:42:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 21840
IP address blocks: 213.220.7.0/24 maxlen: 24
213.220.18.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.mft
rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:8f:3e:3f:e6:39:2a:fc:12:6f:5b:2a:ce:61:9a:50:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Validity
Not Before: Feb 24 10:42:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=91b0e5ef23e97a4b4ac15371ae98ed2990369e5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:fb:74:40:32:f8:0d:93:a0:45:a6:33:d8:d2:
94:99:c9:9e:54:62:95:b3:2b:c7:2b:a2:e0:9c:cd:
7f:ae:44:15:cd:e7:a0:90:f2:a7:43:b0:e1:07:52:
7f:be:cb:e6:1a:92:dc:55:53:2e:2e:c2:74:10:8f:
de:43:fc:7d:e0:72:a0:bf:04:11:4c:d7:40:d3:0e:
94:22:70:97:31:0b:90:65:35:78:0d:5a:3b:05:98:
2d:aa:fb:7b:a5:dd:f1:0d:6f:98:bf:e2:75:2f:c3:
34:b3:52:b9:41:50:a7:74:f8:f7:d0:fa:09:14:e9:
eb:98:da:83:ff:e1:14:48:a2:96:ed:f2:94:97:f6:
16:fc:a2:89:ba:01:f9:a3:c1:c4:5b:9b:26:20:4e:
42:1e:0e:1c:53:22:72:be:d3:66:46:b4:1c:51:90:
ef:7a:ca:40:b4:18:7e:90:90:3b:e5:9c:56:ec:04:
c0:bc:08:47:c9:6e:cd:28:66:9b:fb:10:3f:53:3c:
6f:40:76:e5:d1:be:1d:a4:c8:63:1f:cb:ed:20:39:
05:e8:cd:1f:f2:42:3e:73:34:f0:0d:d0:d0:6a:3a:
76:81:bb:76:0d:80:a0:7b:89:23:3a:cf:f5:6e:7f:
37:91:7c:93:58:75:96:d7:c7:f9:9a:e8:fa:69:f0:
62:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:B0:E5:EF:23:E9:7A:4B:4A:C1:53:71:AE:98:ED:29:90:36:9E:5A
X509v3 Authority Key Identifier:
keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/kbDl7yPpektKwVNxrpjtKZA2nlo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.220.7.0/24
213.220.18.0/24
Signature Algorithm: sha256WithRSAEncryption
59:12:a9:72:ee:cf:a3:9d:6a:c7:2a:b4:f8:03:a4:ef:7a:b1:
f5:a3:17:95:12:13:02:1d:cc:91:01:f0:35:e5:53:4c:0b:e3:
bf:c0:d0:f1:a8:d3:22:59:ff:fb:1c:ca:8d:30:e8:a7:74:cd:
ed:96:17:30:02:ed:2f:fd:8c:ff:ee:f2:47:79:65:cb:84:3e:
b0:be:10:d9:66:58:1f:96:b8:c8:3d:07:47:92:6f:09:db:e6:
22:3f:47:07:2b:7c:36:66:81:0e:05:f9:93:5a:de:9a:80:e5:
61:5d:b1:c7:ee:b8:05:1a:85:d3:d5:61:0b:95:2a:1b:09:79:
f6:c9:98:48:7c:3f:c2:c1:35:a2:cd:01:2d:5d:e8:61:bb:01:
77:58:0f:a1:54:c7:12:e9:93:c6:03:86:ec:d2:b9:eb:d4:dc:
3e:ee:64:52:36:f7:78:bf:a8:e7:3b:bb:59:27:62:ce:c1:6c:
c5:9f:7b:dd:75:b3:48:e9:38:a1:f0:03:b0:b6:17:82:4a:05:
fa:a5:af:56:c8:43:0d:09:cb:e9:35:cc:df:6f:d9:5f:4c:5f:
8a:e8:69:12:86:d5:af:67:08:06:7f:21:26:ea:97:2d:a5:f2:
18:ca:39:45:20:43:ef:9b:b6:1f:c2:bb:11:62:74:0c:b9:80:
64:b6:ad:17
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZyPPj/mOSr8Em9bKs5hmlB4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy
MGFlMmUwHhcNMjYwMjI0MTA0MjI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWIwZTVlZjIzZTk3YTRiNGFjMTUzNzFhZTk4ZWQyOTkwMzY5ZTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlvt0QDL4DZOgRaYz2NKUmcmeVGKV
syvHK6LgnM1/rkQVzeegkPKnQ7DhB1J/vsvmGpLcVVMuLsJ0EI/eQ/x94HKgvwQR
TNdA0w6UInCXMQuQZTV4DVo7BZgtqvt7pd3xDW+Yv+J1L8M0s1K5QVCndPj30PoJ
FOnrmNqD/+EUSKKW7fKUl/YW/KKJugH5o8HEW5smIE5CHg4cUyJyvtNmRrQcUZDv
espAtBh+kJA75ZxW7ATAvAhHyW7NKGab+xA/UzxvQHbl0b4dpMhjH8vtIDkF6M0f
8kI+czTwDdDQajp2gbt2DYCge4kjOs/1bn83kXyTWHWW18f5muj6afBiVwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJGw5e8j6XpLSsFTca6Y7SmQNp5aMB8GA1UdIwQY
MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt
MWRkZWM0Y2NlMjRjLzEva2JEbDd5UHBla3RLd1ZOeHJwanRLWkEybmxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGItMWRkZWM0Y2NlMjRj
LzEvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA1dwHAwQA
1dwSMA0GCSqGSIb3DQEBCwUAA4IBAQBZEqly7s+jnWrHKrT4A6TverH1oxeVEhMC
HcyRAfA15VNMC+O/wNDxqNMiWf/7HMqNMOindM3tlhcwAu0v/Yz/7vJHeWXLhD6w
vhDZZlgflrjIPQdHkm8J2+YiP0cHK3w2ZoEOBfmTWt6agOVhXbHH7rgFGoXT1WEL
lSobCXn2yZhIfD/CwTWizQEtXehhuwF3WA+hVMcS6ZPGA4bs0rnr1Nw+7mRSNvd4
v6jnO7tZJ2LOwWzFn3vddbNI6Tih8AOwtheCSgX6pa9WyEMNCcvpNczfb9lfTF+K
6GkShtWvZwgGfyEm6pctpfIYyjlFIEPvm7YfwrsRYnQMuYBktq0X
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:03:24 2026 by rpki-client