Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/e849bb-1304-44ea-838f-1a39c3d34f08/1/g2RgzQfRtI2o8X5sMP-NXjF8Uho.roa
File: g2RgzQfRtI2o8X5sMP-NXjF8Uho.roa (raw, json)
Hash identifier: QHdSplXR9hrky5KPz8Vf+POncO+1O6g9pizr3/G9QPY=
Subject key identifier: 83:64:60:CD:07:D1:B4:8D:A8:F1:7E:6C:30:FF:8D:5E:31:7C:52:1A
Certificate issuer: /CN=be604ff35a29c91156be4bd229b3baf77c8397bd
Certificate serial: 019DFBE7E5F302C0688F480996B68DE66C45
Authority key identifier: BE:60:4F:F3:5A:29:C9:11:56:BE:4B:D2:29:B3:BA:F7:7C:83:97:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vmBP81opyRFWvkvSKbO693yDl70.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/e849bb-1304-44ea-838f-1a39c3d34f08/1/g2RgzQfRtI2o8X5sMP-NXjF8Uho.roa
Signing time: Wed 06 May 2026 06:09:32 +0000
ROA not before: Wed 06 May 2026 06:09:32 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215013
IP address blocks: 94.131.190.0/24 maxlen: 32
94.131.191.0/24 maxlen: 32
2a07:aa40:40::/48 maxlen: 48
2a07:aa40:41::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/e849bb-1304-44ea-838f-1a39c3d34f08/1/vmBP81opyRFWvkvSKbO693yDl70.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/e849bb-1304-44ea-838f-1a39c3d34f08/1/vmBP81opyRFWvkvSKbO693yDl70.mft
rsync://rpki.ripe.net/repository/DEFAULT/vmBP81opyRFWvkvSKbO693yDl70.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:fb:e7:e5:f3:02:c0:68:8f:48:09:96:b6:8d:e6:6c:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be604ff35a29c91156be4bd229b3baf77c8397bd
Validity
Not Before: May 6 06:09:32 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=836460cd07d1b48da8f17e6c30ff8d5e317c521a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:60:0c:cb:84:78:b6:6f:ac:0f:95:d4:d7:26:
b3:6a:6c:1e:69:c3:be:69:8e:77:b6:c1:43:04:4e:
f5:d9:19:45:f6:98:fd:f3:ad:21:42:00:8c:f7:fe:
c8:6b:af:8c:8f:4f:0f:b7:2c:bf:77:e6:bb:7f:51:
e1:b7:3c:54:74:8b:9e:6f:07:e4:d0:b9:70:df:4a:
f4:8a:ae:ff:29:94:ef:b3:70:43:98:64:64:6f:70:
c0:0f:54:8c:d4:49:56:fa:34:c4:59:d0:73:ad:45:
85:fe:13:d4:c4:47:8a:18:36:09:2c:48:21:78:7c:
61:dc:f0:aa:31:57:9c:8e:05:ad:0a:a0:ae:8e:5c:
f1:42:e9:ad:8b:12:52:66:4e:eb:40:05:d3:34:d3:
7c:0b:e1:4c:b5:cb:c8:c3:dd:10:95:94:f6:5d:63:
dd:6e:11:01:10:9f:11:9a:a6:d9:79:4b:62:2f:8f:
76:10:b7:ca:9e:86:84:29:b0:33:76:c7:c3:68:05:
54:06:ee:c3:8a:8f:bb:71:8a:b7:a0:41:cb:7d:44:
87:a4:c9:1a:eb:58:cf:99:d9:cb:2e:3c:1a:2b:38:
d0:f0:c6:61:0f:2d:94:97:1c:ee:b1:98:08:b3:2c:
59:68:08:d7:e9:b4:b3:0f:f7:c5:79:a8:c3:b4:5b:
9d:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:64:60:CD:07:D1:B4:8D:A8:F1:7E:6C:30:FF:8D:5E:31:7C:52:1A
X509v3 Authority Key Identifier:
keyid:BE:60:4F:F3:5A:29:C9:11:56:BE:4B:D2:29:B3:BA:F7:7C:83:97:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vmBP81opyRFWvkvSKbO693yDl70.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/e849bb-1304-44ea-838f-1a39c3d34f08/1/g2RgzQfRtI2o8X5sMP-NXjF8Uho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/e849bb-1304-44ea-838f-1a39c3d34f08/1/vmBP81opyRFWvkvSKbO693yDl70.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.190.0/23
IPv6:
2a07:aa40:40::/47
Signature Algorithm: sha256WithRSAEncryption
8e:8f:7e:81:44:37:05:29:dd:a6:e8:72:57:bd:06:e6:8d:0e:
56:e7:f0:c6:73:b1:4c:4b:65:89:da:7c:10:6d:57:a9:8c:d2:
7e:eb:6e:8a:2b:da:b8:8f:5d:78:ca:4c:33:31:37:58:48:7e:
9d:52:52:45:37:de:f2:f3:62:46:93:81:c0:3b:ce:10:6f:c7:
96:79:50:65:ef:4f:be:bf:3d:6b:69:f8:4a:40:fd:f0:e8:a9:
e2:ff:f2:b2:07:bf:f3:07:b1:62:14:36:02:63:33:05:cd:26:
3c:23:7e:11:7c:e2:87:1f:9a:14:f1:78:80:cb:36:60:e3:4a:
5a:15:6f:15:63:3f:37:66:a5:ea:2c:d6:60:6f:79:3c:ed:2c:
48:83:db:db:45:f3:2e:7e:c7:8c:bb:7d:ef:e9:2e:41:a5:70:
a2:8c:e3:39:c7:36:96:76:61:2c:bd:c3:9f:68:87:29:0e:72:
ab:8d:7f:4e:54:10:c5:9c:7e:7b:a3:22:7c:57:8e:b6:a2:9f:
be:cc:18:e7:11:84:51:f0:78:62:1b:af:d3:e4:3d:03:b4:98:
03:c3:11:d6:20:32:fc:54:a7:35:31:b4:49:04:97:7d:bc:3f:
f2:30:f6:15:26:c3:3e:b2:eb:7f:f5:97:ad:12:92:85:85:7a:
af:c0:79:49
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZ375+XzAsBoj0gJlraN5mxFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNjA0ZmYzNWEyOWM5MTE1NmJlNGJkMjI5YjNiYWY3N2M4
Mzk3YmQwHhcNMjYwNTA2MDYwOTMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzY0NjBjZDA3ZDFiNDhkYThmMTdlNmMzMGZmOGQ1ZTMxN2M1MjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9mAMy4R4tm+sD5XU1yazamweacO+
aY53tsFDBE712RlF9pj9860hQgCM9/7Ia6+Mj08Ptyy/d+a7f1HhtzxUdIuebwfk
0Llw30r0iq7/KZTvs3BDmGRkb3DAD1SM1ElW+jTEWdBzrUWF/hPUxEeKGDYJLEgh
eHxh3PCqMVecjgWtCqCujlzxQumtixJSZk7rQAXTNNN8C+FMtcvIw90QlZT2XWPd
bhEBEJ8RmqbZeUtiL492ELfKnoaEKbAzdsfDaAVUBu7Dio+7cYq3oEHLfUSHpMka
61jPmdnLLjwaKzjQ8MZhDy2UlxzusZgIsyxZaAjX6bSzD/fFeajDtFudTwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFINkYM0H0bSNqPF+bDD/jV4xfFIaMB8GA1UdIwQY
MBaAFL5gT/NaKckRVr5L0imzuvd8g5e9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdm1CUDgxb3B5UkZXdmt2U0tiTzY5M3lEbDcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9lODQ5YmItMTMwNC00NGVhLTgzOGYt
MWEzOWMzZDM0ZjA4LzEvZzJSZ3pRZlJ0STJvOFg1c01QLU5YakY4VWhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9lODQ5YmItMTMwNC00NGVhLTgzOGYtMWEzOWMzZDM0ZjA4
LzEvdm1CUDgxb3B5UkZXdmt2U0tiTzY5M3lEbDcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBXoO+MA8E
AgACMAkDBwEqB6pAAEAwDQYJKoZIhvcNAQELBQADggEBAI6PfoFENwUp3abocle9
BuaNDlbn8MZzsUxLZYnafBBtV6mM0n7rboor2riPXXjKTDMxN1hIfp1SUkU33vLz
YkaTgcA7zhBvx5Z5UGXvT76/PWtp+EpA/fDoqeL/8rIHv/MHsWIUNgJjMwXNJjwj
fhF84ocfmhTxeIDLNmDjSloVbxVjPzdmpeos1mBveTztLEiD29tF8y5+x4y7fe/p
LkGlcKKM4znHNpZ2YSy9w59ohykOcquNf05UEMWcfnujInxXjrain77MGOcRhFHw
eGIbr9PkPQO0mAPDEdYgMvxUpzUxtEkEl328P/Iw9hUmwz6y63/1l60SkoWFeq/A
eUk=
-----END CERTIFICATE-----
Generated at Wed May 13 05:37:46 2026 by rpki-client