Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/5d6c15-a588-41dc-a6a2-f89977a45b60/1/aWkix5BEPhzF9HtAUh40Ya0hP5U.roa
File: aWkix5BEPhzF9HtAUh40Ya0hP5U.roa (raw, json)
Hash identifier: M4zeKlcKBskhzVuZ5EZH3G1hReQMWU2Dxp+IVnGHsic=
Subject key identifier: 69:69:22:C7:90:44:3E:1C:C5:F4:7B:40:52:1E:34:61:AD:21:3F:95
Certificate issuer: /CN=c5662f98020da4e37d50ed3bb30202774f292d7a
Certificate serial: 019D8B49C238E2DBD9605B84839B89542FA7
Authority key identifier: C5:66:2F:98:02:0D:A4:E3:7D:50:ED:3B:B3:02:02:77:4F:29:2D:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xWYvmAINpON9UO07swICd08pLXo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/5d6c15-a588-41dc-a6a2-f89977a45b60/1/aWkix5BEPhzF9HtAUh40Ya0hP5U.roa
Signing time: Tue 14 Apr 2026 09:19:20 +0000
ROA not before: Tue 14 Apr 2026 09:19:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 43937
IP address blocks: 87.251.0.0/20 maxlen: 24
93.89.16.0/20 maxlen: 24
2a02:7980::/32 maxlen: 32
2a02:7980:105::/48 maxlen: 48
2a02:7980:200::/48 maxlen: 48
2a02:7980:201::/48 maxlen: 48
2a02:7980:202::/48 maxlen: 48
2a02:7980:203::/48 maxlen: 48
2a02:7980:204::/48 maxlen: 48
2a02:7980:300::/48 maxlen: 48
2a02:7980:301::/48 maxlen: 48
2a02:7980:302::/48 maxlen: 48
2a02:7980:303::/48 maxlen: 48
2a02:7980:306::/48 maxlen: 48
2a02:7980:308::/48 maxlen: 48
2a02:7980:309::/48 maxlen: 48
2a02:7980:310::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/5d6c15-a588-41dc-a6a2-f89977a45b60/1/xWYvmAINpON9UO07swICd08pLXo.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/5d6c15-a588-41dc-a6a2-f89977a45b60/1/xWYvmAINpON9UO07swICd08pLXo.mft
rsync://rpki.ripe.net/repository/DEFAULT/xWYvmAINpON9UO07swICd08pLXo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:8b:49:c2:38:e2:db:d9:60:5b:84:83:9b:89:54:2f:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5662f98020da4e37d50ed3bb30202774f292d7a
Validity
Not Before: Apr 14 09:19:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=696922c790443e1cc5f47b40521e3461ad213f95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:9e:61:58:ac:fa:42:dc:6e:c0:55:d3:23:38:
7d:3a:f9:ec:2d:41:75:c2:05:7a:16:9d:9b:7c:ee:
a4:7f:8e:0d:b9:73:e0:8d:a0:08:7b:d4:e7:af:20:
d6:d3:15:67:31:cc:81:96:4a:ee:ba:9d:9e:e4:39:
c3:b5:57:05:3c:21:0c:bc:65:79:0b:5a:c8:c1:d8:
eb:42:a3:e3:63:a4:8f:eb:04:fc:63:72:c6:13:3a:
1a:cf:69:07:43:2a:bf:8d:3f:95:8e:1b:50:fe:1a:
54:02:8e:26:c2:48:3a:f2:ff:8e:78:4f:0d:1e:77:
25:d1:bc:fc:4b:a6:bc:ff:07:44:1c:9b:36:47:82:
32:84:1f:41:20:48:03:a7:a3:10:d7:da:5e:19:42:
2f:bc:a6:0b:71:c7:47:fd:69:32:bf:53:c1:8c:f4:
04:fb:6a:d2:88:90:53:58:5e:78:55:f2:f2:7e:7e:
8e:0e:54:06:e9:15:ee:54:cc:10:e1:e6:0b:1a:07:
f2:16:7f:86:51:4c:42:fc:33:41:21:41:45:62:01:
df:30:f0:8b:78:52:51:60:1a:96:52:d4:a2:38:db:
7e:cc:f3:97:a5:18:fa:07:db:32:9d:6f:76:e0:c3:
e6:98:14:ae:cd:4f:2a:cb:57:83:7b:b0:65:71:47:
26:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:69:22:C7:90:44:3E:1C:C5:F4:7B:40:52:1E:34:61:AD:21:3F:95
X509v3 Authority Key Identifier:
keyid:C5:66:2F:98:02:0D:A4:E3:7D:50:ED:3B:B3:02:02:77:4F:29:2D:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xWYvmAINpON9UO07swICd08pLXo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/5d6c15-a588-41dc-a6a2-f89977a45b60/1/aWkix5BEPhzF9HtAUh40Ya0hP5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/5d6c15-a588-41dc-a6a2-f89977a45b60/1/xWYvmAINpON9UO07swICd08pLXo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.251.0.0/20
93.89.16.0/20
IPv6:
2a02:7980::/32
Signature Algorithm: sha256WithRSAEncryption
a2:27:09:91:5c:31:d3:6a:59:db:3d:d3:7f:01:84:57:41:f0:
df:dc:1b:22:2f:90:b1:ff:9d:39:7e:dc:e5:08:fd:c8:5d:50:
d0:0e:ff:c5:b7:bd:65:70:c3:3a:e1:ca:bd:ba:b1:45:a3:fb:
c1:67:48:f6:21:46:4a:a9:28:4b:a9:eb:92:9c:12:af:37:06:
ec:78:73:4d:22:55:c7:4c:62:a7:34:f7:ea:91:de:9c:38:95:
8e:b3:cc:e1:48:e4:8c:3b:c2:51:00:fb:57:86:84:21:c0:48:
27:ad:74:a3:50:ff:15:92:ed:b1:35:31:98:f0:6a:11:5e:bf:
df:35:89:f1:22:d1:75:f2:48:e8:d7:f4:9f:ea:d7:5b:e7:ae:
28:95:bf:94:c6:4d:4c:1e:3f:a3:f8:c8:b2:0d:a4:b8:dd:1e:
09:3c:a0:e0:9a:7c:18:54:94:dd:f8:f3:cd:21:c8:3d:0c:49:
9a:c9:f6:b9:02:f2:84:1f:48:69:79:93:1c:e8:72:8b:0c:8b:
6b:17:f0:68:e0:9c:1d:7e:ec:68:09:dd:5b:0d:4d:76:8f:e3:
e0:32:e8:7b:e0:7c:fb:f2:9d:4a:0c:f7:cf:5f:7f:ac:15:54:
9a:f1:00:cc:a6:7f:58:93:13:94:13:2b:8f:e8:da:97:87:78:
78:65:1a:c7
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZ2LScI44tvZYFuEg5uJVC+nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1NjYyZjk4MDIwZGE0ZTM3ZDUwZWQzYmIzMDIwMjc3NGYy
OTJkN2EwHhcNMjYwNDE0MDkxOTIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTY5MjJjNzkwNDQzZTFjYzVmNDdiNDA1MjFlMzQ2MWFkMjEzZjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA255hWKz6QtxuwFXTIzh9OvnsLUF1
wgV6Fp2bfO6kf44NuXPgjaAIe9TnryDW0xVnMcyBlkruup2e5DnDtVcFPCEMvGV5
C1rIwdjrQqPjY6SP6wT8Y3LGEzoaz2kHQyq/jT+VjhtQ/hpUAo4mwkg68v+OeE8N
Hncl0bz8S6a8/wdEHJs2R4IyhB9BIEgDp6MQ19peGUIvvKYLccdH/Wkyv1PBjPQE
+2rSiJBTWF54VfLyfn6ODlQG6RXuVMwQ4eYLGgfyFn+GUUxC/DNBIUFFYgHfMPCL
eFJRYBqWUtSiONt+zPOXpRj6B9synW924MPmmBSuzU8qy1eDe7BlcUcmmQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGlpIseQRD4cxfR7QFIeNGGtIT+VMB8GA1UdIwQY
MBaAFMVmL5gCDaTjfVDtO7MCAndPKS16MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFdZdm1BSU5wT045VU8wN3N3SUNkMDhwTFhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi81ZDZjMTUtYTU4OC00MWRjLWE2YTIt
Zjg5OTc3YTQ1YjYwLzEvYVdraXg1QkVQaHpGOUh0QVVoNDBZYTBoUDVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi81ZDZjMTUtYTU4OC00MWRjLWE2YTItZjg5OTc3YTQ1YjYw
LzEveFdZdm1BSU5wT045VU8wN3N3SUNkMDhwTFhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEV/sAAwQE
XVkQMA0EAgACMAcDBQAqAnmAMA0GCSqGSIb3DQEBCwUAA4IBAQCiJwmRXDHTalnb
PdN/AYRXQfDf3BsiL5Cx/505ftzlCP3IXVDQDv/Ft71lcMM64cq9urFFo/vBZ0j2
IUZKqShLqeuSnBKvNwbseHNNIlXHTGKnNPfqkd6cOJWOs8zhSOSMO8JRAPtXhoQh
wEgnrXSjUP8Vku2xNTGY8GoRXr/fNYnxItF18kjo1/Sf6tdb564olb+Uxk1MHj+j
+MiyDaS43R4JPKDgmnwYVJTd+PPNIcg9DEmayfa5AvKEH0hpeZMc6HKLDItrF/Bo
4JwdfuxoCd1bDU12j+PgMuh74Hz78p1KDPfPX3+sFVSa8QDMpn9YkxOUEyuP6NqX
h3h4ZRrH
-----END CERTIFICATE-----
Generated at Fri Apr 17 17:20:07 2026 by rpki-client