Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/pPHNibjZV3CPhF2_bg_3naWgTQU.roa
File: pPHNibjZV3CPhF2_bg_3naWgTQU.roa (raw, json)
Hash identifier: fQbm1nu3x6eiHMye9jFU3JNR18kYqmXrHVckLvuKbUU=
Subject key identifier: A4:F1:CD:89:B8:D9:57:70:8F:84:5D:BF:6E:0F:F7:9D:A5:A0:4D:05
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 019E0E21828252F77D617B265D74240D1EB3
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/pPHNibjZV3CPhF2_bg_3naWgTQU.roa
Signing time: Sat 09 May 2026 19:05:37 +0000
ROA not before: Sat 09 May 2026 19:05:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 58212
IP address blocks: 5.231.70.0/24 maxlen: 24
77.90.22.0/24 maxlen: 24
89.144.46.0/24 maxlen: 24
2a02:2fc0:19::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 20:10:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:0e:21:82:82:52:f7:7d:61:7b:26:5d:74:24:0d:1e:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: May 9 19:05:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a4f1cd89b8d957708f845dbf6e0ff79da5a04d05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:6c:69:18:3b:ca:63:1d:d0:70:61:a6:29:c7:
1b:ba:8c:13:e6:a6:07:35:71:5b:ec:ac:66:4e:f0:
93:99:a0:2d:90:01:32:4c:93:ef:7f:69:60:34:25:
98:93:bd:88:0c:f5:37:a5:1f:ae:33:40:1c:20:45:
3d:a1:f3:63:79:55:b0:bc:43:14:27:50:a7:09:54:
ce:e7:8c:bc:90:38:6f:d0:71:90:82:7a:2e:0f:d9:
ad:14:5d:c5:1c:1a:ca:9d:02:c1:e2:9a:72:ce:bd:
d6:16:4b:c6:15:47:84:2e:3f:d8:f5:99:48:c0:d8:
d1:3e:a7:be:22:c1:53:08:26:ff:f8:cc:c5:0b:a8:
8f:70:51:3f:ec:3d:50:ac:7d:31:cb:d7:a7:a6:4c:
fd:f6:0d:5e:5d:27:5b:af:07:8e:63:09:60:6d:0d:
c1:10:ca:a7:68:4f:17:96:29:a8:5a:e8:07:d7:1b:
a9:de:9a:b5:e1:96:80:74:bf:ef:f0:8d:52:2e:2f:
30:37:bd:4d:79:13:ec:20:c1:ac:48:15:d1:92:83:
e1:3d:50:77:34:e9:59:a5:0b:3e:48:6d:37:42:47:
85:76:4b:14:32:93:e2:d6:ed:a9:1e:97:e2:b9:1c:
cc:d5:0b:97:62:89:b3:14:29:b7:7a:3d:d2:0f:10:
b4:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:F1:CD:89:B8:D9:57:70:8F:84:5D:BF:6E:0F:F7:9D:A5:A0:4D:05
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/pPHNibjZV3CPhF2_bg_3naWgTQU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.231.70.0/24
77.90.22.0/24
89.144.46.0/24
IPv6:
2a02:2fc0:19::/48
Signature Algorithm: sha256WithRSAEncryption
d0:6f:37:01:76:a4:85:b3:80:9a:9e:6d:e7:35:fe:1e:91:f6:
c8:29:62:26:1e:32:65:e3:54:6d:0d:bc:10:2f:20:89:54:d3:
c6:5f:ce:fa:f5:37:29:1f:89:89:83:0b:cb:c1:50:a0:56:0b:
6f:6b:08:96:bb:e8:b5:c8:33:5f:4a:50:b7:7f:e2:33:41:aa:
72:94:c0:0e:60:36:46:93:c4:2d:9e:c4:b7:05:dc:a4:ae:a5:
60:71:ee:c1:ce:37:28:e4:2e:cf:15:4e:83:eb:1c:ed:2c:a9:
b7:36:20:d5:74:6a:80:bc:4e:a3:99:51:89:eb:fd:1b:db:5c:
8c:46:d2:a4:b3:02:35:d0:ff:51:b8:c3:b8:2b:bc:5b:94:10:
e2:02:e7:53:bf:0f:f1:78:20:2f:72:95:72:c9:1c:f9:ec:6c:
28:73:43:5a:c4:53:80:fa:dd:38:40:c0:84:07:42:71:b8:05:
af:6c:9d:e4:6c:17:c1:1c:d7:4d:df:bf:28:a3:5e:b1:ab:1e:
7e:20:34:38:a2:e1:b6:cb:60:ea:de:8e:59:43:44:97:63:2c:
ce:7c:df:28:cb:3e:bc:d8:a1:42:19:d9:ed:0a:f1:5d:4a:2a:
c7:a9:18:9e:f2:0a:47:11:25:23:10:bc:90:53:91:7a:8f:00:
36:e5:77:23
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZ4OIYKCUvd9YXsmXXQkDR6zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjYwNTA5MTkwNTM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGYxY2Q4OWI4ZDk1NzcwOGY4NDVkYmY2ZTBmZjc5ZGE1YTA0ZDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9WxpGDvKYx3QcGGmKccbuowT5qYH
NXFb7KxmTvCTmaAtkAEyTJPvf2lgNCWYk72IDPU3pR+uM0AcIEU9ofNjeVWwvEMU
J1CnCVTO54y8kDhv0HGQgnouD9mtFF3FHBrKnQLB4ppyzr3WFkvGFUeELj/Y9ZlI
wNjRPqe+IsFTCCb/+MzFC6iPcFE/7D1QrH0xy9enpkz99g1eXSdbrweOYwlgbQ3B
EMqnaE8XlimoWugH1xup3pq14ZaAdL/v8I1SLi8wN71NeRPsIMGsSBXRkoPhPVB3
NOlZpQs+SG03QkeFdksUMpPi1u2pHpfiuRzM1QuXYomzFCm3ej3SDxC0pwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFKTxzYm42Vdwj4Rdv24P952loE0FMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvcFBITmlialpWM0NQaEYyX2JnXzNuYVdnVFFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQABedGAwQA
TVoWAwQAWZAuMA8EAgACMAkDBwAqAi/AABkwDQYJKoZIhvcNAQELBQADggEBANBv
NwF2pIWzgJqebec1/h6R9sgpYiYeMmXjVG0NvBAvIIlU08Zfzvr1NykfiYmDC8vB
UKBWC29rCJa76LXIM19KULd/4jNBqnKUwA5gNkaTxC2exLcF3KSupWBx7sHONyjk
Ls8VToPrHO0sqbc2INV0aoC8TqOZUYnr/RvbXIxG0qSzAjXQ/1G4w7grvFuUEOIC
51O/D/F4IC9ylXLJHPnsbChzQ1rEU4D63ThAwIQHQnG4Ba9sneRsF8Ec103fvyij
XrGrHn4gNDii4bbLYOrejllDRJdjLM583yjLPrzYoUIZ2e0K8V1KKsepGJ7yCkcR
JSMQvJBTkXqPADbldyM=
-----END CERTIFICATE-----
Generated at Wed May 13 02:59:00 2026 by rpki-client