Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/1-967ekgT1PpNNIPNMAdxvO-xJzI.roa
File: 1-967ekgT1PpNNIPNMAdxvO-xJzI.roa (raw, json)
Hash identifier: 3qXocVT9OLk/4aU8CYrygi8nHBKrfDuY1kOjc9DKhzQ=
Subject key identifier: FB:DE:BB:7A:48:13:D4:FA:4D:34:83:CD:30:07:71:BC:EF:B1:27:32
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019E1CDAC012ACAEFC5440A163E913C601CB
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/1-967ekgT1PpNNIPNMAdxvO-xJzI.roa
Signing time: Tue 12 May 2026 15:42:38 +0000
ROA not before: Tue 12 May 2026 15:42:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215228
IP address blocks: 94.183.238.0/24 maxlen: 24
94.183.239.0/24 maxlen: 24
217.60.68.0/22 maxlen: 24
217.60.192.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1c:da:c0:12:ac:ae:fc:54:40:a1:63:e9:13:c6:01:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: May 12 15:42:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=fbdebb7a4813d4fa4d3483cd300771bcefb12732
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:9c:67:b5:d1:47:06:ae:21:9b:c9:c0:03:bb:
55:b9:ca:29:af:cc:90:d0:45:c6:6b:f3:bb:dd:3c:
a9:76:57:8d:29:cd:6c:90:6f:d5:d3:0f:3b:ce:6d:
15:eb:be:a4:16:9f:3d:61:e1:a5:41:87:8f:ba:c2:
f6:72:84:c0:b0:b1:f9:0d:30:4d:ec:4d:9c:5e:ce:
9b:2c:a1:c7:fe:61:9c:5e:07:e9:b5:4e:ce:c8:4a:
26:9d:a4:f4:51:03:5e:1c:68:b7:fe:3f:a0:be:e9:
9b:32:d9:3e:a1:d7:cc:77:a3:06:98:cc:a3:16:0c:
8b:96:5e:f6:d1:c0:95:e0:a2:79:20:2e:a1:3e:64:
a8:54:a8:99:aa:f7:a2:02:f0:bd:b8:99:4e:dc:7a:
d7:ef:2f:db:c6:2f:80:73:a6:0e:51:0a:68:bf:40:
d9:1c:6f:c4:e7:04:64:ee:00:fa:b3:58:4a:08:44:
28:c0:64:10:78:37:63:17:41:c7:b4:8a:0d:33:59:
a1:c9:2c:d6:b7:84:5c:42:44:5f:a3:7c:11:7a:68:
16:fd:bb:95:cb:a2:1c:30:35:32:da:d7:12:d9:40:
d8:83:4e:37:e0:39:12:d0:86:47:b2:93:1d:1a:8d:
9a:5f:22:47:c5:ad:4e:ec:39:1f:e6:53:eb:57:a1:
68:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:DE:BB:7A:48:13:D4:FA:4D:34:83:CD:30:07:71:BC:EF:B1:27:32
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/1-967ekgT1PpNNIPNMAdxvO-xJzI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.183.238.0/23
217.60.68.0/22
217.60.192.0/22
Signature Algorithm: sha256WithRSAEncryption
49:33:a4:50:b8:88:a3:78:04:0c:b5:d1:39:fe:9a:bd:92:ba:
97:bf:cd:c2:68:a2:df:ad:a9:5c:d7:db:5a:00:14:78:df:19:
da:cf:6a:d1:4a:bc:e7:29:b7:08:66:0f:14:f1:a6:d5:39:4b:
10:5c:d7:ad:7a:0a:ca:3d:7d:e5:f6:f7:e8:77:8d:6b:33:3b:
bd:84:8b:d2:ad:3a:42:7f:47:34:f0:44:03:f2:b3:c7:f8:15:
62:67:80:f5:01:7a:44:6d:e9:41:98:b0:f8:79:27:41:c1:b8:
a4:c6:54:56:01:2e:6b:08:c3:c7:e1:e2:b1:d7:2d:e9:0a:72:
32:dd:f5:ac:06:a2:15:5b:59:65:d4:52:db:18:ac:7c:f0:e9:
1e:2a:98:23:84:14:f9:88:02:66:7c:0e:6e:a1:46:8e:0a:7c:
ce:50:48:dd:db:ca:11:6e:d8:39:54:94:4b:d1:72:bf:a3:84:
1a:8d:4e:17:ff:18:ad:6d:98:22:81:a7:a4:43:26:46:c3:93:
ce:b7:e1:97:07:9e:c5:eb:d5:f9:1d:a2:7c:93:38:c0:08:bb:
b9:d1:6b:fd:61:ac:b9:85:43:76:93:87:aa:e4:ae:4c:53:a6:
7c:8a:f0:2e:5e:50:bf:3a:d6:12:32:6f:73:17:b3:e3:25:bd:
f9:a7:63:44
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZ4c2sASrK78VEChY+kTxgHLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwNTEyMTU0MjM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmRlYmI3YTQ4MTNkNGZhNGQzNDgzY2QzMDA3NzFiY2VmYjEyNzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5xntdFHBq4hm8nAA7tVucopr8yQ
0EXGa/O73TypdleNKc1skG/V0w87zm0V676kFp89YeGlQYePusL2coTAsLH5DTBN
7E2cXs6bLKHH/mGcXgfptU7OyEomnaT0UQNeHGi3/j+gvumbMtk+odfMd6MGmMyj
FgyLll720cCV4KJ5IC6hPmSoVKiZqveiAvC9uJlO3HrX7y/bxi+Ac6YOUQpov0DZ
HG/E5wRk7gD6s1hKCEQowGQQeDdjF0HHtIoNM1mhySzWt4RcQkRfo3wRemgW/buV
y6IcMDUy2tcS2UDYg0434DkS0IZHspMdGo2aXyJHxa1O7Dkf5lPrV6FoxwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPveu3pIE9T6TTSDzTAHcbzvsScyMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvMS05Njdla2dUMVBwTk5JUE5NQWR4dk8teEp6SS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTIvNTExZjk1LWU0YmYtNDNmMS1hZjJmLWI4MTFjZmNiOWZk
NS8xL1R4c0pYNnRuWXp3Qko5WWY5b1Y0Wk9wckpjVS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAV637gME
Atk8RAMEAtk8wDANBgkqhkiG9w0BAQsFAAOCAQEASTOkULiIo3gEDLXROf6avZK6
l7/Nwmii362pXNfbWgAUeN8Z2s9q0Uq85ym3CGYPFPGm1TlLEFzXrXoKyj195fb3
6HeNazM7vYSL0q06Qn9HNPBEA/Kzx/gVYmeA9QF6RG3pQZiw+HknQcG4pMZUVgEu
awjDx+Hisdct6QpyMt31rAaiFVtZZdRS2xisfPDpHiqYI4QU+YgCZnwObqFGjgp8
zlBI3dvKEW7YOVSUS9Fyv6OEGo1OF/8YrW2YIoGnpEMmRsOTzrfhlweexevV+R2i
fJM4wAi7udFr/WGsuYVDdpOHquSuTFOmfIrwLl5QvzrWEjJvcxez4yW9+adjRA==
-----END CERTIFICATE-----
Generated at Wed May 13 04:20:38 2026 by rpki-client