Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/1d5ad0-4785-4046-b8e6-a0e70e5056ef/1/nYZv6aCyKNkSHK0TW-C6_rBKfok.roa
File: nYZv6aCyKNkSHK0TW-C6_rBKfok.roa (raw, json)
Hash identifier: TXxMdkvqhc80p8aS6mgnsGO0OfNyLInR3EwtIMCLCws=
Subject key identifier: 9D:86:6F:E9:A0:B2:28:D9:12:1C:AD:13:5B:E0:BA:FE:B0:4A:7E:89
Certificate issuer: /CN=794838864d6805162693bdf249f3b8ac31f680bd
Certificate serial: 019DDCF35A47C9AA7CFEA10F2C52107464BF
Authority key identifier: 79:48:38:86:4D:68:05:16:26:93:BD:F2:49:F3:B8:AC:31:F6:80:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eUg4hk1oBRYmk73ySfO4rDH2gL0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/1d5ad0-4785-4046-b8e6-a0e70e5056ef/1/nYZv6aCyKNkSHK0TW-C6_rBKfok.roa
Signing time: Thu 30 Apr 2026 05:53:49 +0000
ROA not before: Thu 30 Apr 2026 05:53:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 152586
IP address blocks: 201.78.129.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b5/1d5ad0-4785-4046-b8e6-a0e70e5056ef/1/eUg4hk1oBRYmk73ySfO4rDH2gL0.crl
rsync://rpki.ripe.net/repository/DEFAULT/b5/1d5ad0-4785-4046-b8e6-a0e70e5056ef/1/eUg4hk1oBRYmk73ySfO4rDH2gL0.mft
rsync://rpki.ripe.net/repository/DEFAULT/eUg4hk1oBRYmk73ySfO4rDH2gL0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 22:01:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:dc:f3:5a:47:c9:aa:7c:fe:a1:0f:2c:52:10:74:64:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=794838864d6805162693bdf249f3b8ac31f680bd
Validity
Not Before: Apr 30 05:53:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9d866fe9a0b228d9121cad135be0bafeb04a7e89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:d3:5b:08:c0:56:c9:a2:ba:78:7b:46:72:b3:
d3:10:d8:3b:bd:0c:91:0c:8f:ee:16:15:55:df:c1:
42:39:b4:ba:ce:b4:4f:1d:5c:cf:d5:e4:1d:11:4c:
3e:88:11:0e:59:f3:1a:85:06:a7:e4:5d:98:15:29:
0b:1d:52:eb:ea:f6:01:17:3a:5a:97:c3:97:b0:00:
19:85:16:44:91:5b:55:50:30:36:e5:af:84:5b:e8:
17:b4:ac:20:5a:10:70:63:b5:61:3d:d5:bd:f8:9f:
87:89:26:76:87:87:4c:4a:df:4f:89:76:d4:78:eb:
86:a1:ce:29:93:18:01:22:59:27:ff:39:e7:c7:03:
e5:00:d9:9e:10:93:b8:34:59:8c:18:98:fd:f1:3a:
94:96:ed:a5:1f:4c:52:c5:e3:4d:cf:b4:8b:6f:74:
9b:48:e5:2e:8e:05:db:5e:6f:31:89:0b:80:ae:aa:
87:57:8e:22:00:7a:b0:de:8b:55:28:55:09:59:e3:
ad:2f:b5:e2:0d:cc:61:9a:15:fa:aa:38:9b:0a:bf:
9b:47:a6:4a:1d:13:f2:88:55:a4:41:ce:6c:46:40:
87:2b:65:88:33:2a:91:48:58:0f:8a:4a:15:b4:8d:
ab:75:9a:0c:60:48:2f:84:1f:18:cf:f4:7c:09:0f:
e3:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:86:6F:E9:A0:B2:28:D9:12:1C:AD:13:5B:E0:BA:FE:B0:4A:7E:89
X509v3 Authority Key Identifier:
keyid:79:48:38:86:4D:68:05:16:26:93:BD:F2:49:F3:B8:AC:31:F6:80:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eUg4hk1oBRYmk73ySfO4rDH2gL0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/1d5ad0-4785-4046-b8e6-a0e70e5056ef/1/nYZv6aCyKNkSHK0TW-C6_rBKfok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/1d5ad0-4785-4046-b8e6-a0e70e5056ef/1/eUg4hk1oBRYmk73ySfO4rDH2gL0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
201.78.129.0/24
Signature Algorithm: sha256WithRSAEncryption
09:dc:08:e6:80:c3:9b:ad:1a:5a:6d:e8:02:ed:5a:1a:1b:56:
a0:04:80:4d:0e:b0:5c:f0:76:ad:d2:e1:91:59:66:a0:0f:0f:
78:bf:51:95:77:34:de:61:fb:4d:78:90:33:b1:29:86:58:60:
94:3c:96:37:01:73:d6:71:fd:41:ac:2a:91:67:87:15:f7:25:
0e:82:08:c3:e5:08:ad:e9:b5:de:c7:d4:20:13:41:7b:9e:e0:
0e:6a:b7:d9:88:99:19:0a:40:b7:44:6b:72:bf:7b:60:7e:00:
9a:94:6b:06:31:54:e7:4a:80:21:75:13:39:78:71:76:ba:ff:
f0:70:c1:cf:c0:55:60:82:fd:2d:43:b4:51:61:14:85:74:31:
ac:02:18:4b:05:d1:89:bd:0d:d9:be:08:67:d4:38:ad:da:46:
0f:d6:09:20:5e:ef:7c:32:42:1f:63:dd:d4:50:35:38:09:c8:
41:20:21:a5:49:3d:cb:81:dd:86:dc:be:8e:14:61:48:2c:7f:
88:51:0e:df:c9:66:e8:87:0c:95:36:58:31:95:f0:25:4c:5a:
0e:6b:ec:22:a1:26:e8:31:15:da:b5:37:7b:89:e0:25:0b:8b:
31:cb:2b:df:b5:7c:44:67:d7:25:72:5b:d9:51:e7:e5:70:c7:
80:9a:31:cf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ3c81pHyap8/qEPLFIQdGS/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5NDgzODg2NGQ2ODA1MTYyNjkzYmRmMjQ5ZjNiOGFjMzFm
NjgwYmQwHhcNMjYwNDMwMDU1MzQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDg2NmZlOWEwYjIyOGQ5MTIxY2FkMTM1YmUwYmFmZWIwNGE3ZTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdNbCMBWyaK6eHtGcrPTENg7vQyR
DI/uFhVV38FCObS6zrRPHVzP1eQdEUw+iBEOWfMahQan5F2YFSkLHVLr6vYBFzpa
l8OXsAAZhRZEkVtVUDA25a+EW+gXtKwgWhBwY7VhPdW9+J+HiSZ2h4dMSt9PiXbU
eOuGoc4pkxgBIlkn/znnxwPlANmeEJO4NFmMGJj98TqUlu2lH0xSxeNNz7SLb3Sb
SOUujgXbXm8xiQuArqqHV44iAHqw3otVKFUJWeOtL7XiDcxhmhX6qjibCr+bR6ZK
HRPyiFWkQc5sRkCHK2WIMyqRSFgPikoVtI2rdZoMYEgvhB8Yz/R8CQ/jlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ2Gb+mgsijZEhytE1vguv6wSn6JMB8GA1UdIwQY
MBaAFHlIOIZNaAUWJpO98knzuKwx9oC9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVVnNGhrMW9CUlltazczeVNmTzRyREgyZ0wwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS8xZDVhZDAtNDc4NS00MDQ2LWI4ZTYt
YTBlNzBlNTA1NmVmLzEvblladjZhQ3lLTmtTSEswVFctQzZfckJLZm9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS8xZDVhZDAtNDc4NS00MDQ2LWI4ZTYtYTBlNzBlNTA1NmVm
LzEvZVVnNGhrMW9CUlltazczeVNmTzRyREgyZ0wwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAyU6BMA0G
CSqGSIb3DQEBCwUAA4IBAQAJ3AjmgMObrRpabegC7VoaG1agBIBNDrBc8Hat0uGR
WWagDw94v1GVdzTeYftNeJAzsSmGWGCUPJY3AXPWcf1BrCqRZ4cV9yUOggjD5Qit
6bXex9QgE0F7nuAOarfZiJkZCkC3RGtyv3tgfgCalGsGMVTnSoAhdRM5eHF2uv/w
cMHPwFVggv0tQ7RRYRSFdDGsAhhLBdGJvQ3Zvghn1Dit2kYP1gkgXu98MkIfY93U
UDU4CchBICGlST3Lgd2G3L6OFGFILH+IUQ7fyWbohwyVNlgxlfAlTFoOa+wioSbo
MRXatTd7ieAlC4sxyyvftXxEZ9clclvZUeflcMeAmjHP
-----END CERTIFICATE-----
Generated at Wed May 13 04:53:54 2026 by rpki-client