Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/41DwvvTFD9Qs2hnrDdBKBcR7l1Q.roa
File: 41DwvvTFD9Qs2hnrDdBKBcR7l1Q.roa (raw, json)
Hash identifier: BMkkI81LCqcEqnXuvm+HyIe94CPXRLmId7uTf9DMF1k=
Subject key identifier: E3:50:F0:BE:F4:C5:0F:D4:2C:DA:19:EB:0D:D0:4A:05:C4:7B:97:54
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 019DB05051437BA79EB1B2E9D4AFF1858306
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/41DwvvTFD9Qs2hnrDdBKBcR7l1Q.roa
Signing time: Tue 21 Apr 2026 13:52:26 +0000
ROA not before: Tue 21 Apr 2026 13:52:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 22427
IP address blocks: 85.239.152.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.mft
rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:b0:50:51:43:7b:a7:9e:b1:b2:e9:d4:af:f1:85:83:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Apr 21 13:52:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e350f0bef4c50fd42cda19eb0dd04a05c47b9754
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:0a:97:c5:7e:0f:92:6d:7e:b4:43:a8:cd:89:
9d:78:1c:c6:49:09:0e:67:8a:68:c6:78:2a:09:4f:
2d:5a:da:70:0b:42:23:43:b8:c4:fc:71:54:04:9a:
5c:34:4a:28:88:5d:be:92:cf:ce:c5:40:fc:c3:63:
4f:ad:09:43:b9:6a:5e:ce:52:c2:a3:bf:2a:4a:25:
57:d7:9c:97:eb:d0:51:54:70:40:36:41:e2:87:3f:
e8:c8:2b:2d:7e:66:fd:64:8f:0c:e2:4a:ad:7a:d0:
5d:f7:37:c8:63:3f:c5:90:f6:53:5c:47:60:0e:16:
7d:95:56:72:db:f7:5a:58:cb:de:bb:85:3e:16:3f:
62:91:c6:c8:f2:d7:94:fd:ba:c1:e6:dc:a0:76:f0:
89:78:13:25:cc:05:9c:9c:35:d2:1a:cc:96:cd:0e:
5c:1f:8c:d6:69:c7:57:a6:0e:54:7e:50:2e:a2:56:
5c:5e:f2:37:75:92:f8:dd:f0:68:3e:88:9e:21:3c:
58:df:61:5f:36:18:4a:c1:d9:62:9b:10:cb:c5:b2:
45:f6:67:29:52:10:82:97:60:95:b3:50:d8:0f:38:
36:c9:ac:d8:7d:3b:fb:32:ed:ca:74:cf:6f:79:e7:
41:07:59:c4:75:03:61:61:0e:b0:8e:88:c8:53:61:
74:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:50:F0:BE:F4:C5:0F:D4:2C:DA:19:EB:0D:D0:4A:05:C4:7B:97:54
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/41DwvvTFD9Qs2hnrDdBKBcR7l1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.152.0/24
Signature Algorithm: sha256WithRSAEncryption
49:8c:cd:8c:fe:73:ed:76:9b:7e:53:a5:cf:9f:bd:6d:c0:ea:
2a:cc:de:f8:c4:b5:d8:1e:65:8e:56:48:e3:5a:d1:28:3d:c3:
9a:14:f8:4b:d8:b6:6a:a7:7d:6e:d0:e9:22:5a:cb:bb:d0:e5:
fe:f7:01:f7:b5:09:5f:04:e1:a9:ab:a3:c9:61:a4:2b:09:ef:
58:b3:49:2b:de:9a:38:19:5f:4e:05:ea:7d:ab:38:92:fb:31:
aa:19:e3:69:be:fe:3d:61:06:e1:56:5a:ed:77:4d:eb:42:7d:
e8:04:5f:46:68:16:4e:9b:54:e4:5b:53:58:4e:c0:b9:2d:c7:
73:73:0b:9d:49:1c:8e:54:88:e4:40:8f:8c:ff:43:aa:30:43:
f9:67:76:61:29:4d:9f:b0:c2:d6:b4:0d:16:1a:b9:a0:57:be:
ff:c1:bd:37:ee:85:0d:44:e6:d8:d9:a8:44:f5:be:f1:22:ae:
2f:2b:a0:6c:c6:f1:0d:b8:03:b9:b4:36:09:96:3f:5d:7e:15:
37:98:08:ad:a9:1e:a0:c2:df:93:88:61:bb:3a:e5:d2:3e:3a:
af:b5:ec:c0:4d:2e:df:79:78:70:cb:0b:74:8f:48:69:47:a3:
f5:b1:bd:bd:0f:2e:13:48:b1:93:6e:cf:ac:64:a5:e6:ed:14:
1e:4a:e6:71
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ2wUFFDe6eesbLp1K/xhYMGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy
ODRkMGYwHhcNMjYwNDIxMTM1MjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzUwZjBiZWY0YzUwZmQ0MmNkYTE5ZWIwZGQwNGEwNWM0N2I5NzU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApgqXxX4Pkm1+tEOozYmdeBzGSQkO
Z4poxngqCU8tWtpwC0IjQ7jE/HFUBJpcNEooiF2+ks/OxUD8w2NPrQlDuWpezlLC
o78qSiVX15yX69BRVHBANkHihz/oyCstfmb9ZI8M4kqtetBd9zfIYz/FkPZTXEdg
DhZ9lVZy2/daWMveu4U+Fj9ikcbI8teU/brB5tygdvCJeBMlzAWcnDXSGsyWzQ5c
H4zWacdXpg5UflAuolZcXvI3dZL43fBoPoieITxY32FfNhhKwdlimxDLxbJF9mcp
UhCCl2CVs1DYDzg2yazYfTv7Mu3KdM9veedBB1nEdQNhYQ6wjojIU2F0swIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFONQ8L70xQ/ULNoZ6w3QSgXEe5dUMB8GA1UdIwQY
MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt
NGY1N2Q5Y2Y1Y2FhLzEvNDFEd3Z2VEZEOVFzMmhuckRkQktCY1I3bDFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3ZjgtNGY1N2Q5Y2Y1Y2Fh
LzEvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVe+YMA0G
CSqGSIb3DQEBCwUAA4IBAQBJjM2M/nPtdpt+U6XPn71twOoqzN74xLXYHmWOVkjj
WtEoPcOaFPhL2LZqp31u0OkiWsu70OX+9wH3tQlfBOGpq6PJYaQrCe9Ys0kr3po4
GV9OBep9qziS+zGqGeNpvv49YQbhVlrtd03rQn3oBF9GaBZOm1TkW1NYTsC5Lcdz
cwudSRyOVIjkQI+M/0OqMEP5Z3ZhKU2fsMLWtA0WGrmgV77/wb037oUNRObY2ahE
9b7xIq4vK6BsxvENuAO5tDYJlj9dfhU3mAitqR6gwt+TiGG7OuXSPjqvtezATS7f
eXhwywt0j0hpR6P1sb29Dy4TSLGTbs+sZKXm7RQeSuZx
-----END CERTIFICATE-----
Generated at Tue May 12 21:53:20 2026 by rpki-client