Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/1faa3e-884c-445f-845d-79b3db659dfc/1/c9MRmnhU7G5UbCBGEHdpLFzsaXY.roa
File: c9MRmnhU7G5UbCBGEHdpLFzsaXY.roa (raw, json)
Hash identifier: lmKAJaGimhpXG3IgAt2SCEHhEUBaeY2YUPKf/h17Txk=
Subject key identifier: 73:D3:11:9A:78:54:EC:6E:54:6C:20:46:10:77:69:2C:5C:EC:69:76
Certificate issuer: /CN=5188dedacdc240b4b2f786f12342e0a83d8ae80f
Certificate serial: 019DF7278AE29E53B7C16F8DA7A61E74A9E2
Authority key identifier: 51:88:DE:DA:CD:C2:40:B4:B2:F7:86:F1:23:42:E0:A8:3D:8A:E8:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UYje2s3CQLSy94bxI0LgqD2K6A8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/1faa3e-884c-445f-845d-79b3db659dfc/1/c9MRmnhU7G5UbCBGEHdpLFzsaXY.roa
Signing time: Tue 05 May 2026 08:00:56 +0000
ROA not before: Tue 05 May 2026 08:00:56 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 31529
IP address blocks: 45.142.220.0/24 maxlen: 24
45.142.221.0/24 maxlen: 24
45.142.222.0/24 maxlen: 24
45.142.223.0/24 maxlen: 24
2a0e:dbc0::/48 maxlen: 48
2a0e:dbc0:1::/48 maxlen: 48
2a0e:dbc0:2::/48 maxlen: 48
2a0e:dbc0:3::/48 maxlen: 48
2a0e:dbc0:1000::/36 maxlen: 48
2a0e:dbc0:3000::/48 maxlen: 48
2a0e:dbc0:4000::/48 maxlen: 48
2a0e:dbc0:5000::/36 maxlen: 48
2a0e:dbc0:8000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/1faa3e-884c-445f-845d-79b3db659dfc/1/UYje2s3CQLSy94bxI0LgqD2K6A8.crl
rsync://rpki.ripe.net/repository/DEFAULT/26/1faa3e-884c-445f-845d-79b3db659dfc/1/UYje2s3CQLSy94bxI0LgqD2K6A8.mft
rsync://rpki.ripe.net/repository/DEFAULT/UYje2s3CQLSy94bxI0LgqD2K6A8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 05:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:f7:27:8a:e2:9e:53:b7:c1:6f:8d:a7:a6:1e:74:a9:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5188dedacdc240b4b2f786f12342e0a83d8ae80f
Validity
Not Before: May 5 08:00:56 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=73d3119a7854ec6e546c20461077692c5cec6976
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:2f:f2:07:c3:10:41:0a:b2:49:1e:a5:b1:84:
00:6b:71:9f:c4:33:11:24:81:68:e6:49:88:6c:6c:
08:1c:dd:b2:f4:bb:d5:22:df:69:df:16:a7:7a:ba:
24:dc:3c:39:77:65:87:99:b6:f5:1d:c4:a6:dc:35:
bc:4c:eb:9a:d3:35:86:82:b1:0a:00:f5:ef:45:10:
6e:c5:fe:16:83:cd:e6:c3:5f:e2:07:5f:34:16:49:
5f:7d:e4:14:13:56:f2:bc:bc:6d:73:96:a0:4c:61:
cf:23:31:69:d2:c2:a4:9c:a1:84:d3:30:10:e7:8f:
2c:33:eb:bd:47:44:b5:06:45:5e:0e:ca:be:b4:c5:
5a:77:5c:9d:20:84:36:f9:21:91:5d:c3:dd:e4:fa:
21:89:b9:75:ae:3c:51:b7:11:c1:59:f8:37:9b:ca:
28:01:ee:d1:f8:bf:d8:7d:24:6f:47:88:cc:bc:b8:
64:e7:db:84:1b:d2:59:df:14:58:ae:2f:c5:5e:2f:
f7:76:65:ff:3b:06:25:b4:01:a1:4c:4d:ba:7f:ea:
22:76:91:b0:56:50:00:ec:0d:24:8d:43:90:9d:8a:
fa:20:eb:70:22:2e:0f:57:13:76:64:7d:0d:26:13:
4b:f0:18:de:c1:98:11:d5:c7:04:e8:7e:4d:88:13:
55:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:D3:11:9A:78:54:EC:6E:54:6C:20:46:10:77:69:2C:5C:EC:69:76
X509v3 Authority Key Identifier:
keyid:51:88:DE:DA:CD:C2:40:B4:B2:F7:86:F1:23:42:E0:A8:3D:8A:E8:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UYje2s3CQLSy94bxI0LgqD2K6A8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/1faa3e-884c-445f-845d-79b3db659dfc/1/c9MRmnhU7G5UbCBGEHdpLFzsaXY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/1faa3e-884c-445f-845d-79b3db659dfc/1/UYje2s3CQLSy94bxI0LgqD2K6A8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.220.0/22
IPv6:
2a0e:dbc0::/46
2a0e:dbc0:1000::/36
2a0e:dbc0:3000::/48
2a0e:dbc0:4000::/48
2a0e:dbc0:5000::/36
2a0e:dbc0:8000::/36
Signature Algorithm: sha256WithRSAEncryption
96:b5:83:c0:70:21:e3:4a:9f:a1:56:d5:ec:e3:ac:e8:9d:a3:
c6:87:af:ed:58:00:f6:f9:73:90:64:69:a4:48:a6:e0:6e:ba:
66:3d:b3:5b:d1:33:5e:d4:7a:bd:b9:c0:ad:67:f1:bb:80:a5:
af:0b:9e:31:96:a4:25:c3:d7:6a:46:0b:9e:4f:d4:12:74:4a:
2f:fa:0f:37:5e:20:0e:4c:3b:eb:8b:39:2b:43:04:a2:0e:75:
16:4e:76:ba:25:4e:49:98:b9:96:a5:35:e9:a1:e6:74:36:65:
69:c5:9b:7b:37:bf:69:5f:aa:92:d5:76:ea:1d:0e:16:37:cd:
7a:8d:6e:30:7c:d2:61:c1:4f:21:e8:08:7b:e8:ad:95:91:c5:
21:f4:b4:ab:19:ed:fb:53:11:c2:04:76:36:7a:20:c8:4e:d1:
4b:51:b3:ba:ca:37:64:a3:e4:f1:f9:03:78:ea:6d:54:10:7f:
8b:37:51:ca:bc:1b:a9:8f:50:60:3e:a5:39:33:6a:5b:c1:79:
b2:b5:43:82:17:9a:ff:ba:dc:57:98:47:0a:98:44:f4:07:d2:
bc:54:4f:52:17:41:be:09:e3:b4:2f:f7:c1:2f:5d:70:5e:4f:
9d:dc:7a:e0:a4:36:7a:d8:bf:73:0f:35:75:34:52:6b:0b:82:
0e:7a:65:5f
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAZ33J4rinlO3wW+Np6YedKniMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxODhkZWRhY2RjMjQwYjRiMmY3ODZmMTIzNDJlMGE4M2Q4
YWU4MGYwHhcNMjYwNTA1MDgwMDU2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2QzMTE5YTc4NTRlYzZlNTQ2YzIwNDYxMDc3NjkyYzVjZWM2OTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnC/yB8MQQQqySR6lsYQAa3GfxDMR
JIFo5kmIbGwIHN2y9LvVIt9p3xanerok3Dw5d2WHmbb1HcSm3DW8TOua0zWGgrEK
APXvRRBuxf4Wg83mw1/iB180FklffeQUE1byvLxtc5agTGHPIzFp0sKknKGE0zAQ
548sM+u9R0S1BkVeDsq+tMVad1ydIIQ2+SGRXcPd5Pohibl1rjxRtxHBWfg3m8oo
Ae7R+L/YfSRvR4jMvLhk59uEG9JZ3xRYri/FXi/3dmX/OwYltAGhTE26f+oidpGw
VlAA7A0kjUOQnYr6IOtwIi4PVxN2ZH0NJhNL8BjewZgR1ccE6H5NiBNVKwIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFHPTEZp4VOxuVGwgRhB3aSxc7Gl2MB8GA1UdIwQY
MBaAFFGI3trNwkC0sveG8SNC4Kg9iugPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVlqZTJzM0NRTFN5OTRieEkwTGdxRDJLNkE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8xZmFhM2UtODg0Yy00NDVmLTg0NWQt
NzliM2RiNjU5ZGZjLzEvYzlNUm1uaFU3RzVVYkNCR0VIZHBMRnpzYVhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8xZmFhM2UtODg0Yy00NDVmLTg0NWQtNzliM2RiNjU5ZGZj
LzEvVVlqZTJzM0NRTFN5OTRieEkwTGdxRDJLNkE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTAMBAIAATAGAwQCLY7cMDkE
AgACMDMDBwIqDtvAAAADBgQqDtvAEAMHACoO28AwAAMHACoO28BAAAMGBCoO28BQ
AwYEKg7bwIAwDQYJKoZIhvcNAQELBQADggEBAJa1g8BwIeNKn6FW1ezjrOido8aH
r+1YAPb5c5BkaaRIpuBuumY9s1vRM17Uer25wK1n8buApa8LnjGWpCXD12pGC55P
1BJ0Si/6DzdeIA5MO+uLOStDBKIOdRZOdrolTkmYuZalNemh5nQ2ZWnFm3s3v2lf
qpLVduodDhY3zXqNbjB80mHBTyHoCHvorZWRxSH0tKsZ7ftTEcIEdjZ6IMhO0UtR
s7rKN2Sj5PH5A3jqbVQQf4s3Ucq8G6mPUGA+pTkzalvBebK1Q4IXmv+63FeYRwqY
RPQH0rxUT1IXQb4J47Qv98EvXXBeT53ceuCkNnrYv3MPNXU0UmsLgg56ZV8=
-----END CERTIFICATE-----
Generated at Wed May 13 12:40:31 2026 by rpki-client