Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/p0GDdN-xxKyg8Gf7N5r5gMiQ4M0.roa
File: p0GDdN-xxKyg8Gf7N5r5gMiQ4M0.roa (raw, json)
Hash identifier: 3BflJNAULniEze9ExWAF/NtnD5BDpxEJYWJuUEJNS7k=
Subject key identifier: A7:41:83:74:DF:B1:C4:AC:A0:F0:67:FB:37:9A:F9:80:C8:90:E0:CD
Certificate issuer: /CN=70e5b30272e43053208978dbe44bfee10a5d007e
Certificate serial: 019D8A90D327C46C8190FE017D5E02EFEA6A
Authority key identifier: 70:E5:B3:02:72:E4:30:53:20:89:78:DB:E4:4B:FE:E1:0A:5D:00:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/p0GDdN-xxKyg8Gf7N5r5gMiQ4M0.roa
Signing time: Tue 14 Apr 2026 05:57:20 +0000
ROA not before: Tue 14 Apr 2026 05:57:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 51395
IP address blocks: 79.132.141.0/24 maxlen: 24
89.127.196.0/24 maxlen: 24
194.154.29.0/24 maxlen: 24
199.68.196.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.mft
rsync://rpki.ripe.net/repository/DEFAULT/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 01:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:8a:90:d3:27:c4:6c:81:90:fe:01:7d:5e:02:ef:ea:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70e5b30272e43053208978dbe44bfee10a5d007e
Validity
Not Before: Apr 14 05:57:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a7418374dfb1c4aca0f067fb379af980c890e0cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:fd:a2:c7:84:2e:92:7b:fd:26:71:1f:3e:2b:
c1:ad:fc:34:41:c2:29:07:8a:5e:7f:03:da:9c:aa:
ac:94:40:20:d8:c8:2c:56:f0:f9:be:5c:53:2b:09:
19:af:6e:d7:2b:09:51:dd:17:ac:5c:95:57:79:8e:
d3:2e:36:52:5a:4d:32:fb:48:c7:c8:7f:bb:c0:c0:
19:95:20:fd:07:21:bd:2f:4e:6a:a1:ff:55:42:3e:
56:74:47:d5:a0:ce:8e:d1:af:a0:8f:1b:d9:45:d7:
bf:aa:6d:29:11:b4:2a:dc:07:55:c9:db:c8:8e:c2:
f0:bd:bf:6f:5a:b0:af:4e:ee:c5:63:ac:c8:4c:1e:
08:a0:12:df:da:63:93:01:e2:58:d2:d4:e0:5e:46:
c3:f7:ed:55:13:fe:5f:26:f5:4a:98:74:eb:5f:ae:
43:52:cd:22:29:a0:ee:6c:49:df:8a:0f:7a:34:3d:
6f:d5:f9:22:0c:13:da:5a:7d:e4:48:85:71:cf:fd:
4d:f9:35:4e:64:fd:e2:26:61:97:e3:2f:35:6c:1c:
d0:ef:6d:11:a9:c6:10:48:dd:c8:f6:1c:3d:e9:56:
64:66:66:27:99:24:e0:bb:dd:1d:42:92:7d:90:8b:
79:9e:fc:5f:1e:b6:77:14:81:00:09:40:d4:97:ad:
32:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:41:83:74:DF:B1:C4:AC:A0:F0:67:FB:37:9A:F9:80:C8:90:E0:CD
X509v3 Authority Key Identifier:
keyid:70:E5:B3:02:72:E4:30:53:20:89:78:DB:E4:4B:FE:E1:0A:5D:00:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/p0GDdN-xxKyg8Gf7N5r5gMiQ4M0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.132.141.0/24
89.127.196.0/24
194.154.29.0/24
199.68.196.0/24
Signature Algorithm: sha256WithRSAEncryption
53:22:09:34:15:09:d3:a7:38:2d:e5:ca:5c:23:2d:55:2c:c8:
4a:5f:db:14:a7:cc:7c:9d:c1:da:3e:ea:8a:dc:24:bb:ad:76:
d8:ed:54:41:93:f9:12:b0:3d:fd:cb:97:e3:e6:20:fd:ca:84:
2a:35:41:a8:e9:53:32:01:27:00:3c:54:f7:bd:a4:52:59:01:
74:01:42:2a:db:b7:e7:3d:c5:3d:d9:87:cb:cc:33:f2:3c:62:
ea:3e:fa:b7:ce:e8:b5:58:15:38:48:1d:53:6c:1e:f3:47:fe:
b6:d8:75:3c:a3:79:58:5a:8d:d2:8c:de:2b:93:f2:14:bb:a7:
6c:92:93:81:7d:ce:72:0b:3f:f8:c1:c1:b3:6e:06:47:ab:4f:
9d:69:a7:73:4b:0d:a7:47:71:31:4c:ec:08:8f:fa:50:a8:ba:
7a:68:08:16:eb:92:5c:bf:b6:69:a2:37:3a:e1:53:05:bf:47:
88:ee:cb:ef:7d:dc:06:df:7f:46:6b:5d:53:9b:ea:50:a5:5d:
3d:f8:ce:22:e2:f8:b2:77:c4:d2:43:25:70:4c:6e:c1:d5:69:
b8:f2:28:c4:26:37:03:23:46:3c:de:97:01:b0:64:3b:65:2c:
41:4e:e7:21:db:9b:f8:36:d8:a8:4b:29:64:26:a2:98:48:b2:
96:ca:88:c9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ2KkNMnxGyBkP4BfV4C7+pqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZTViMzAyNzJlNDMwNTMyMDg5NzhkYmU0NGJmZWUxMGE1
ZDAwN2UwHhcNMjYwNDE0MDU1NzIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzQxODM3NGRmYjFjNGFjYTBmMDY3ZmIzNzlhZjk4MGM4OTBlMGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApv2ix4Quknv9JnEfPivBrfw0QcIp
B4pefwPanKqslEAg2MgsVvD5vlxTKwkZr27XKwlR3ResXJVXeY7TLjZSWk0y+0jH
yH+7wMAZlSD9ByG9L05qof9VQj5WdEfVoM6O0a+gjxvZRde/qm0pEbQq3AdVydvI
jsLwvb9vWrCvTu7FY6zITB4IoBLf2mOTAeJY0tTgXkbD9+1VE/5fJvVKmHTrX65D
Us0iKaDubEnfig96ND1v1fkiDBPaWn3kSIVxz/1N+TVOZP3iJmGX4y81bBzQ720R
qcYQSN3I9hw96VZkZmYnmSTgu90dQpJ9kIt5nvxfHrZ3FIEACUDUl60yVwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKdBg3TfscSsoPBn+zea+YDIkODNMB8GA1UdIwQY
MBaAFHDlswJy5DBTIIl42+RL/uEKXQB+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY09XekFuTGtNRk1naVhqYjVFdi00UXBkQUg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8yMmYxZDUtZjI2OS00ZjRmLWJmOGEt
MWZiYzY0MWI1MGIxLzEvcDBHRGROLXh4S3lnOEdmN041cjVnTWlRNE0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8yMmYxZDUtZjI2OS00ZjRmLWJmOGEtMWZiYzY0MWI1MGIx
LzEvY09XekFuTGtNRk1naVhqYjVFdi00UXBkQUg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAT4SNAwQA
WX/EAwQAwpodAwQAx0TEMA0GCSqGSIb3DQEBCwUAA4IBAQBTIgk0FQnTpzgt5cpc
Iy1VLMhKX9sUp8x8ncHaPuqK3CS7rXbY7VRBk/kSsD39y5fj5iD9yoQqNUGo6VMy
AScAPFT3vaRSWQF0AUIq27fnPcU92YfLzDPyPGLqPvq3zui1WBU4SB1TbB7zR/62
2HU8o3lYWo3SjN4rk/IUu6dskpOBfc5yCz/4wcGzbgZHq0+daadzSw2nR3ExTOwI
j/pQqLp6aAgW65Jcv7Zpojc64VMFv0eI7svvfdwG339Ga11Tm+pQpV09+M4i4viy
d8TSQyVwTG7B1Wm48ijEJjcDI0Y83pcBsGQ7ZSxBTuch25v4NtioSylkJqKYSLKW
yojJ
-----END CERTIFICATE-----
Generated at Fri Apr 17 11:26:18 2026 by rpki-client