Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/79a8c1-51fc-4aad-8f74-015760467cd1/1/lty9FU9-lvCivlXe3WOpvJPkZAU.roa
File: lty9FU9-lvCivlXe3WOpvJPkZAU.roa (raw, json)
Hash identifier: w7emHClyLxjQcPa4VKPJS2kQf8ZhF6GvGuiuy4vd4PI=
Subject key identifier: 96:DC:BD:15:4F:7E:96:F0:A2:BE:55:DE:DD:63:A9:BC:93:E4:64:05
Certificate issuer: /CN=ec1fa9ce83ca141d29aabeec00c5f9f7cba993c6
Certificate serial: 019E137DDEFD479F5EEA5631817FCE7CC02D
Authority key identifier: EC:1F:A9:CE:83:CA:14:1D:29:AA:BE:EC:00:C5:F9:F7:CB:A9:93:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7B-pzoPKFB0pqr7sAMX598upk8Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/79a8c1-51fc-4aad-8f74-015760467cd1/1/lty9FU9-lvCivlXe3WOpvJPkZAU.roa
Signing time: Sun 10 May 2026 20:04:36 +0000
ROA not before: Sun 10 May 2026 20:04:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 31736
IP address blocks: 171.33.243.0/24 maxlen: 24
212.108.104.0/24 maxlen: 24
2a12:44c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/79a8c1-51fc-4aad-8f74-015760467cd1/1/7B-pzoPKFB0pqr7sAMX598upk8Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/79a8c1-51fc-4aad-8f74-015760467cd1/1/7B-pzoPKFB0pqr7sAMX598upk8Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/7B-pzoPKFB0pqr7sAMX598upk8Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:13:7d:de:fd:47:9f:5e:ea:56:31:81:7f:ce:7c:c0:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec1fa9ce83ca141d29aabeec00c5f9f7cba993c6
Validity
Not Before: May 10 20:04:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=96dcbd154f7e96f0a2be55dedd63a9bc93e46405
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:03:7c:93:86:55:52:e4:2e:32:04:c3:28:fe:
bc:8b:d8:f5:a7:97:2a:fa:3e:8a:c3:38:1c:ca:39:
5f:8f:9a:e2:14:f0:5d:0f:58:2d:49:1f:e8:08:ee:
d6:e2:b0:a3:56:3b:d8:54:8c:dc:db:c1:99:61:4a:
49:49:74:54:8b:f4:49:64:52:aa:73:72:ea:5b:2e:
ab:06:f2:06:e8:8d:c0:16:a0:de:10:f1:a2:b0:61:
ea:68:0c:55:90:fd:c8:d8:54:de:15:bc:7f:50:2b:
5d:43:9f:61:53:9b:c0:68:40:93:d8:62:78:0d:78:
ad:2b:14:0e:88:61:9e:45:71:7b:33:11:90:eb:57:
f2:81:0a:85:7f:b9:2c:ac:8d:75:d5:00:b8:21:fc:
61:f8:57:da:32:82:e6:71:e7:35:c5:3c:5f:6c:74:
2a:45:5b:84:73:5a:41:c6:41:17:17:72:4a:8b:74:
cc:ad:f6:d1:15:a9:df:0e:5c:6b:34:fe:2a:eb:3c:
ba:55:47:7e:86:20:eb:f0:39:5f:5e:be:72:ce:a8:
33:40:ca:34:cd:65:4e:1d:21:eb:30:8e:23:76:94:
e4:df:ee:0d:f2:33:66:04:8d:4b:bb:b7:1b:c5:88:
8e:0d:4f:b3:34:d9:8d:18:ec:fd:b0:f0:73:ed:ad:
18:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:DC:BD:15:4F:7E:96:F0:A2:BE:55:DE:DD:63:A9:BC:93:E4:64:05
X509v3 Authority Key Identifier:
keyid:EC:1F:A9:CE:83:CA:14:1D:29:AA:BE:EC:00:C5:F9:F7:CB:A9:93:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7B-pzoPKFB0pqr7sAMX598upk8Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/79a8c1-51fc-4aad-8f74-015760467cd1/1/lty9FU9-lvCivlXe3WOpvJPkZAU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/79a8c1-51fc-4aad-8f74-015760467cd1/1/7B-pzoPKFB0pqr7sAMX598upk8Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.33.243.0/24
212.108.104.0/24
IPv6:
2a12:44c0::/29
Signature Algorithm: sha256WithRSAEncryption
67:1f:66:a1:ff:21:0a:83:94:fe:ad:db:f0:2d:cd:19:d8:12:
b6:44:5d:d5:e4:ae:cc:3b:89:1d:78:a0:da:2a:83:b1:96:33:
0a:45:0d:65:6e:6b:05:34:c4:1c:59:44:37:ae:24:89:13:4c:
2d:65:83:6f:ed:56:29:ad:02:95:39:bb:d5:6a:e8:43:33:a8:
6c:a7:2a:e3:19:ae:fa:78:a3:94:db:46:ad:3d:28:c0:cf:58:
81:46:b7:6b:ba:a3:8a:23:3b:9e:b1:d4:af:de:9d:f4:ea:f6:
53:e6:2a:ca:34:d7:d2:57:6f:66:0c:87:ce:9a:27:90:b4:f4:
7d:fe:62:6d:a9:72:82:62:cc:5c:d7:b9:4f:e1:f4:95:38:e4:
4c:b8:34:b6:bf:07:f8:ac:75:5b:3c:60:22:c1:c3:06:54:2d:
57:84:66:7d:73:85:59:c4:a3:0d:f7:f2:aa:3f:e2:46:55:91:
4d:1f:f6:9a:e2:bb:c5:8f:49:4a:e0:43:d2:18:3a:55:08:82:
6a:1e:a5:3a:d0:7f:3e:c0:6e:33:1c:b1:6c:11:74:95:14:ef:
e6:6c:45:9a:16:73:c0:22:78:4b:5b:98:2c:5d:c4:7c:f4:eb:
3b:5d:70:8c:f3:8e:06:f4:d4:e4:e2:0c:03:7f:02:9e:b2:1a:
b8:bf:f1:2b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZ4Tfd79R59e6lYxgX/OfMAtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjMWZhOWNlODNjYTE0MWQyOWFhYmVlYzAwYzVmOWY3Y2Jh
OTkzYzYwHhcNMjYwNTEwMjAwNDM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmRjYmQxNTRmN2U5NmYwYTJiZTU1ZGVkZDYzYTliYzkzZTQ2NDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1AN8k4ZVUuQuMgTDKP68i9j1p5cq
+j6Kwzgcyjlfj5riFPBdD1gtSR/oCO7W4rCjVjvYVIzc28GZYUpJSXRUi/RJZFKq
c3LqWy6rBvIG6I3AFqDeEPGisGHqaAxVkP3I2FTeFbx/UCtdQ59hU5vAaECT2GJ4
DXitKxQOiGGeRXF7MxGQ61fygQqFf7ksrI111QC4Ifxh+FfaMoLmcec1xTxfbHQq
RVuEc1pBxkEXF3JKi3TMrfbRFanfDlxrNP4q6zy6VUd+hiDr8DlfXr5yzqgzQMo0
zWVOHSHrMI4jdpTk3+4N8jNmBI1Lu7cbxYiODU+zNNmNGOz9sPBz7a0YDwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJbcvRVPfpbwor5V3t1jqbyT5GQFMB8GA1UdIwQY
MBaAFOwfqc6DyhQdKaq+7ADF+ffLqZPGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0ItcHpvUEtGQjBwcXI3c0FNWDU5OHVwazhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi83OWE4YzEtNTFmYy00YWFkLThmNzQt
MDE1NzYwNDY3Y2QxLzEvbHR5OUZVOS1sdkNpdmxYZTNXT3B2SlBrWkFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi83OWE4YzEtNTFmYy00YWFkLThmNzQtMDE1NzYwNDY3Y2Qx
LzEvN0ItcHpvUEtGQjBwcXI3c0FNWDU5OHVwazhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAqyHzAwQA
1GxoMA0EAgACMAcDBQMqEkTAMA0GCSqGSIb3DQEBCwUAA4IBAQBnH2ah/yEKg5T+
rdvwLc0Z2BK2RF3V5K7MO4kdeKDaKoOxljMKRQ1lbmsFNMQcWUQ3riSJE0wtZYNv
7VYprQKVObvVauhDM6hspyrjGa76eKOU20atPSjAz1iBRrdruqOKIzuesdSv3p30
6vZT5irKNNfSV29mDIfOmieQtPR9/mJtqXKCYsxc17lP4fSVOORMuDS2vwf4rHVb
PGAiwcMGVC1XhGZ9c4VZxKMN9/KqP+JGVZFNH/aa4rvFj0lK4EPSGDpVCIJqHqU6
0H8+wG4zHLFsEXSVFO/mbEWaFnPAInhLW5gsXcR89Os7XXCM844G9NTk4gwDfwKe
shq4v/Er
-----END CERTIFICATE-----
Generated at Tue May 12 21:42:14 2026 by rpki-client