Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/Ioyar__PFXzijWbc0MU1XofjiaI.roa
File: Ioyar__PFXzijWbc0MU1XofjiaI.roa (raw, json)
Hash identifier: M5rcW7n40rBZV0kxaawpdCNe6Te5Gw9h5lOH4ExrcDg=
Subject key identifier: 22:8C:9A:AF:FF:CF:15:7C:E2:8D:66:DC:D0:C5:35:5E:87:E3:89:A2
Certificate issuer: /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial: 019DE3DEE82FDC6B8F26BFB6FE79A71892F2
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/Ioyar__PFXzijWbc0MU1XofjiaI.roa
Signing time: Fri 01 May 2026 14:08:49 +0000
ROA not before: Fri 01 May 2026 14:08:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213732
IP address blocks: 37.32.42.0/24 maxlen: 24
178.239.144.0/24 maxlen: 24
178.239.149.0/24 maxlen: 24
185.243.49.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:e3:de:e8:2f:dc:6b:8f:26:bf:b6:fe:79:a7:18:92:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Validity
Not Before: May 1 14:08:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=228c9aafffcf157ce28d66dcd0c5355e87e389a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:31:50:0a:3e:53:36:c9:88:0b:76:97:08:45:
a6:24:44:32:16:19:fe:98:46:3a:86:24:93:f8:ee:
e6:d2:1a:6c:15:5b:8d:ab:77:24:e0:b9:7c:d0:d5:
ad:5c:ab:fc:87:14:16:1e:e5:a5:86:52:96:bf:05:
99:d1:dd:e9:64:66:fd:ce:f9:6f:ac:86:dc:32:f3:
29:6e:82:0a:25:a4:ee:32:f8:ff:de:5a:6d:b2:4e:
26:2d:78:db:6f:b0:17:06:18:b7:87:fd:35:29:7d:
c2:d9:25:ce:86:5c:33:8e:32:3c:3a:e0:ea:3a:81:
94:29:66:46:c4:99:fa:94:3d:71:af:19:61:6b:ee:
98:20:72:fb:ef:01:ae:7f:af:52:0e:b4:58:d6:a8:
66:e0:ad:29:76:7e:14:2f:e0:ed:a2:4c:91:39:ce:
da:22:cd:0f:2a:d7:e5:da:f2:fb:df:86:f9:14:8f:
74:14:a0:7e:a3:c0:58:9f:30:e3:ff:17:94:d7:04:
db:7c:56:c6:b7:ee:85:bf:ed:a2:03:89:4d:be:04:
d3:4f:bf:7d:cd:02:b3:0e:5f:1a:ba:8f:25:08:84:
bf:72:72:20:e6:74:6e:77:71:eb:91:4c:ea:7e:09:
8f:91:e0:1d:99:f0:ed:dd:1a:f0:4c:8f:dd:c4:70:
44:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:8C:9A:AF:FF:CF:15:7C:E2:8D:66:DC:D0:C5:35:5E:87:E3:89:A2
X509v3 Authority Key Identifier:
keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/Ioyar__PFXzijWbc0MU1XofjiaI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.42.0/24
178.239.144.0/24
178.239.149.0/24
185.243.49.0/24
Signature Algorithm: sha256WithRSAEncryption
00:cf:1c:c8:d6:16:54:5f:46:40:65:3b:da:51:83:94:ac:9f:
0c:d9:25:de:c0:2a:df:12:ef:ef:e6:9e:32:05:e1:d7:c2:cf:
5d:96:d5:6f:db:0d:1b:4e:48:7c:17:ff:73:c3:d5:72:c8:71:
83:9e:b8:dd:ef:68:30:8e:fc:10:14:5d:42:7a:28:9b:8d:94:
28:33:fd:f7:45:35:3d:43:17:f7:72:a8:c1:20:01:bf:fe:87:
2b:6e:3e:67:08:d4:f6:7f:30:49:19:21:29:84:b4:24:17:8c:
75:8b:00:b0:28:c9:e1:18:0e:a8:32:26:61:15:a8:f6:5f:7a:
0b:de:5b:10:ab:3f:1d:ba:af:ad:dd:93:91:b7:c7:80:00:d3:
80:49:38:b5:9d:a7:6c:12:2c:d4:fc:09:32:f6:3a:5a:ad:da:
61:f8:da:99:ea:bb:80:00:32:b4:c7:f0:eb:bf:7d:ae:dc:0e:
89:ae:75:83:bf:14:ab:82:0d:b6:f7:0b:4d:37:ec:2b:0c:86:
e3:d2:87:ae:4e:3e:87:d7:e1:f6:ef:0e:a0:5f:a8:53:be:8f:
5c:cd:d2:eb:49:67:f1:d1:cb:72:5a:99:0d:14:a1:24:98:85:
11:c0:4c:60:ab:11:45:08:89:0c:10:df:50:43:56:41:3e:84:
9e:46:d2:c6
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ3j3ugv3GuPJr+2/nmnGJLyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzUzMzM5OWY1NWViNTJlNmIyMjAwYzdjYWU0MjcyYjc0
ZDY0NjQwHhcNMjYwNTAxMTQwODQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjhjOWFhZmZmY2YxNTdjZTI4ZDY2ZGNkMGM1MzU1ZTg3ZTM4OWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxzFQCj5TNsmIC3aXCEWmJEQyFhn+
mEY6hiST+O7m0hpsFVuNq3ck4Ll80NWtXKv8hxQWHuWlhlKWvwWZ0d3pZGb9zvlv
rIbcMvMpboIKJaTuMvj/3lptsk4mLXjbb7AXBhi3h/01KX3C2SXOhlwzjjI8OuDq
OoGUKWZGxJn6lD1xrxlha+6YIHL77wGuf69SDrRY1qhm4K0pdn4UL+DtokyROc7a
Is0PKtfl2vL734b5FI90FKB+o8BYnzDj/xeU1wTbfFbGt+6Fv+2iA4lNvgTTT799
zQKzDl8auo8lCIS/cnIg5nRud3HrkUzqfgmPkeAdmfDt3RrwTI/dxHBEFQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCKMmq//zxV84o1m3NDFNV6H44miMB8GA1UdIwQY
MBaAFPE1MzmfVetS5rIgDHyuQnK3TWRkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEt
OTg5MTY2ODgxOTY5LzEvSW95YXJfX1BGWHppaldiYzBNVTFYb2ZqaWFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEtOTg5MTY2ODgxOTY5
LzEvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJSAqAwQA
su+QAwQAsu+VAwQAufMxMA0GCSqGSIb3DQEBCwUAA4IBAQAAzxzI1hZUX0ZAZTva
UYOUrJ8M2SXewCrfEu/v5p4yBeHXws9dltVv2w0bTkh8F/9zw9VyyHGDnrjd72gw
jvwQFF1CeiibjZQoM/33RTU9Qxf3cqjBIAG//ocrbj5nCNT2fzBJGSEphLQkF4x1
iwCwKMnhGA6oMiZhFaj2X3oL3lsQqz8duq+t3ZORt8eAANOASTi1nadsEizU/Aky
9jpardph+NqZ6ruAADK0x/Drv32u3A6JrnWDvxSrgg229wtNN+wrDIbj0oeuTj6H
1+H27w6gX6hTvo9czdLrSWfx0ctyWpkNFKEkmIURwExgqxFFCIkMEN9QQ1ZBPoSe
RtLG
-----END CERTIFICATE-----
Generated at Tue May 12 21:24:48 2026 by rpki-client