Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/6UKkSKfU0ht47BdR21ogWmcbnLc.roa
File: 6UKkSKfU0ht47BdR21ogWmcbnLc.roa (raw, json)
Hash identifier: 2RVBvajLST+6tjzeU2uwJqlbqfZXjnsCy/3WIsLZ9Gc=
Subject key identifier: E9:42:A4:48:A7:D4:D2:1B:78:EC:17:51:DB:5A:20:5A:67:1B:9C:B7
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019E1700EFDD134FAD4CCCAB250F4A12D1AF
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/6UKkSKfU0ht47BdR21ogWmcbnLc.roa
Signing time: Mon 11 May 2026 12:26:37 +0000
ROA not before: Mon 11 May 2026 12:26:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 216416
IP address blocks: 85.31.47.0/24 maxlen: 24
87.120.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 06:33:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:17:00:ef:dd:13:4f:ad:4c:cc:ab:25:0f:4a:12:d1:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 11 12:26:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e942a448a7d4d21b78ec1751db5a205a671b9cb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:cc:db:1f:d0:46:93:e5:30:eb:b2:73:ec:9d:
f7:08:fe:66:3d:b1:c9:68:a6:57:94:c5:4c:9b:16:
e9:5b:ca:f8:d3:d8:e4:ca:4e:4e:76:2c:e1:df:08:
e8:01:e0:67:37:5a:00:ab:ba:3b:2a:06:9b:03:7f:
1d:39:6e:dd:8c:ab:1d:af:c9:50:c5:4f:69:d1:ff:
9a:f0:78:34:5b:da:e8:72:65:bc:08:dd:79:a4:4f:
d1:8c:76:0b:44:be:ba:01:7e:d8:fa:28:d9:15:2a:
eb:9c:20:97:f2:71:ff:6b:d8:59:e2:4c:d3:3a:e5:
27:5d:1f:e8:e3:58:df:ee:f0:c7:f4:64:67:56:20:
47:a3:dc:58:8a:b2:a4:54:8d:b3:e3:a0:7d:14:94:
bc:b9:87:e0:d5:54:4c:eb:da:0e:24:22:ab:aa:2c:
ee:93:5b:35:93:7a:46:8b:92:85:f8:9d:18:7b:f3:
e3:98:99:e5:ea:60:7c:b6:59:be:18:df:7c:70:9c:
87:eb:63:5d:3e:80:71:95:e0:41:7b:ee:e1:18:73:
b6:db:f3:26:e5:57:de:e3:d3:f7:a8:27:d4:27:84:
e2:4b:77:85:bc:ed:69:cb:ed:b5:96:63:b7:5a:6c:
22:a3:09:97:86:d9:99:5f:8b:80:93:5a:8c:1d:43:
51:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:42:A4:48:A7:D4:D2:1B:78:EC:17:51:DB:5A:20:5A:67:1B:9C:B7
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/6UKkSKfU0ht47BdR21ogWmcbnLc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.31.47.0/24
87.120.191.0/24
Signature Algorithm: sha256WithRSAEncryption
74:81:5a:38:51:0d:68:ff:e7:21:23:0f:8d:2d:75:af:80:74:
82:ae:54:78:c3:76:ec:52:c7:6f:7b:e0:04:cc:25:3e:c6:62:
1f:57:fc:8d:79:4f:fd:de:9b:d0:a4:87:a6:87:24:04:ef:2e:
8f:1b:66:53:92:45:26:64:7d:c3:a6:6c:ad:4f:16:39:fc:ab:
73:32:f6:57:4b:45:5c:e7:53:9f:8e:34:84:18:90:20:c2:d6:
e1:b8:cb:13:be:4e:fe:51:f9:d3:be:35:35:d9:49:ec:42:09:
65:07:0a:59:35:e7:7a:ed:eb:cc:48:78:07:a3:04:8f:ea:a5:
dc:2f:0c:61:85:78:3e:5e:b6:f2:d5:e2:1e:e8:ca:dd:18:cd:
1e:4b:9b:97:08:4f:ae:be:f8:ed:42:68:2b:c6:cc:4c:0a:13:
90:eb:c7:7f:33:92:25:44:d7:f5:90:a3:d4:96:a1:d2:a2:73:
8d:a0:d4:37:dd:90:b0:6b:c4:62:ca:7f:f1:aa:f5:dd:46:9a:
e0:8b:ce:c6:d9:e3:db:af:55:1a:7c:da:48:d1:be:47:33:f7:
31:6c:a3:37:ed:7d:d5:39:ea:11:50:6c:98:5c:dd:2b:14:53:
2a:2b:53:a6:e9:4c:43:ff:b3:97:06:e5:7d:14:ca:b7:8a:b4:
28:b7:df:9f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ4XAO/dE0+tTMyrJQ9KEtGvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjYwNTExMTIyNjM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTQyYTQ0OGE3ZDRkMjFiNzhlYzE3NTFkYjVhMjA1YTY3MWI5Y2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuMzbH9BGk+Uw67Jz7J33CP5mPbHJ
aKZXlMVMmxbpW8r409jkyk5Odizh3wjoAeBnN1oAq7o7KgabA38dOW7djKsdr8lQ
xU9p0f+a8Hg0W9rocmW8CN15pE/RjHYLRL66AX7Y+ijZFSrrnCCX8nH/a9hZ4kzT
OuUnXR/o41jf7vDH9GRnViBHo9xYirKkVI2z46B9FJS8uYfg1VRM69oOJCKrqizu
k1s1k3pGi5KF+J0Ye/PjmJnl6mB8tlm+GN98cJyH62NdPoBxleBBe+7hGHO22/Mm
5Vfe49P3qCfUJ4TiS3eFvO1py+21lmO3WmwiowmXhtmZX4uAk1qMHUNRFwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOlCpEin1NIbeOwXUdtaIFpnG5y3MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvNlVLa1NLZlUwaHQ0N0JkUjIxb2dXbWNibkxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVR8vAwQA
V3i/MA0GCSqGSIb3DQEBCwUAA4IBAQB0gVo4UQ1o/+chIw+NLXWvgHSCrlR4w3bs
Usdve+AEzCU+xmIfV/yNeU/93pvQpIemhyQE7y6PG2ZTkkUmZH3DpmytTxY5/Ktz
MvZXS0Vc51OfjjSEGJAgwtbhuMsTvk7+UfnTvjU12UnsQgllBwpZNed67evMSHgH
owSP6qXcLwxhhXg+Xrby1eIe6MrdGM0eS5uXCE+uvvjtQmgrxsxMChOQ68d/M5Il
RNf1kKPUlqHSonONoNQ33ZCwa8Riyn/xqvXdRprgi87G2ePbr1UafNpI0b5HM/cx
bKM37X3VOeoRUGyYXN0rFFMqK1Om6UxD/7OXBuV9FMq3irQot9+f
-----END CERTIFICATE-----
Generated at Wed May 13 13:30:31 2026 by rpki-client