Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/fklZOg-ylmNCCl3jKht8-L05QeU.roa
File: fklZOg-ylmNCCl3jKht8-L05QeU.roa (raw, json)
Hash identifier: MZ0+wxoLGvYFobYYEek8fJQdJK3ft9ROdL1FmBB7iZk=
Subject key identifier: 7E:49:59:3A:0F:B2:96:63:42:0A:5D:E3:2A:1B:7C:F8:BD:39:41:E5
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019E033927142C902AA9CA6235583C395C6C
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/fklZOg-ylmNCCl3jKht8-L05QeU.roa
Signing time: Thu 07 May 2026 16:15:37 +0000
ROA not before: Thu 07 May 2026 16:15:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 207590
IP address blocks: 2.26.216.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 21:35:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:03:39:27:14:2c:90:2a:a9:ca:62:35:58:3c:39:5c:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: May 7 16:15:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7e49593a0fb29663420a5de32a1b7cf8bd3941e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:f3:15:08:a4:62:53:9f:be:f3:33:cf:ba:c9:
ff:23:db:a8:6f:2d:a0:d1:1e:61:f8:3c:03:48:08:
af:78:1c:b2:b5:26:23:37:3c:69:0b:e7:66:ed:d7:
89:2d:9e:b8:2f:b6:10:54:4c:33:fc:53:54:34:5f:
68:19:11:e5:30:c3:ad:db:56:d5:ba:7e:24:01:9f:
12:b9:0c:19:3d:11:5e:a2:5c:e3:61:35:a7:b9:72:
2f:66:ca:32:63:a0:9a:df:4c:a1:19:c8:29:f8:0f:
4b:e8:6c:0f:e5:80:80:fa:34:43:92:6d:ec:4f:1d:
d4:8f:71:a8:ab:29:0d:49:2d:91:8e:1d:05:9b:f5:
f3:7c:ca:1e:75:7f:31:f5:99:30:f5:98:45:63:d6:
96:8c:77:2f:fe:a0:11:e1:17:8e:1e:ee:78:df:6d:
27:6f:4c:cb:79:43:45:35:bf:c9:f3:cb:f3:56:29:
27:8b:76:04:6f:f2:0f:52:dd:4b:2a:cc:34:20:ae:
84:a9:d2:70:2f:2b:f6:e4:1f:b4:6d:e4:0a:b1:01:
df:b7:9a:ed:39:10:de:ec:de:a7:11:25:0b:fc:d3:
7c:02:21:87:33:94:9c:e0:59:6a:10:4c:98:24:14:
72:cd:ab:1c:94:71:6e:c9:8c:76:51:e9:05:19:f4:
9c:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:49:59:3A:0F:B2:96:63:42:0A:5D:E3:2A:1B:7C:F8:BD:39:41:E5
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/fklZOg-ylmNCCl3jKht8-L05QeU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.26.216.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:e1:a7:0b:d2:4e:8a:f5:8b:5d:b0:78:c8:f3:47:ad:4e:17:
4d:64:e1:19:ac:48:01:b5:99:c9:1e:43:8c:e0:7b:85:4d:57:
f0:6c:bc:ac:51:fa:98:a0:fb:7a:ba:63:84:ab:09:e6:7c:2f:
df:f5:40:03:ce:7e:75:25:b4:55:d0:49:b1:2f:88:ce:39:d7:
40:70:55:26:ff:38:62:f2:37:bd:25:73:c4:7d:cd:df:1f:a7:
1f:f4:4c:b7:26:ee:68:6f:7b:21:10:b0:41:61:a9:e4:a1:34:
5d:7c:6c:9e:8f:24:c2:5f:0d:94:0c:5e:5f:99:f5:ec:5a:a7:
df:06:7b:1a:89:1e:9d:37:0a:5d:38:aa:3c:c2:ea:17:99:51:
97:9c:66:bf:4e:e7:05:c0:3f:2a:15:38:a4:b7:00:c5:48:11:
a2:3e:74:ec:2d:af:e8:82:21:84:93:79:ff:43:b3:92:bc:6b:
50:4e:02:84:9b:a6:ea:a3:b8:a4:59:10:88:9c:7b:e2:7b:cb:
44:1c:61:5c:f8:10:73:b9:ee:5f:72:ce:2f:c4:71:db:36:69:
c2:99:17:03:41:81:fd:30:e8:1f:79:d8:00:88:c6:6d:52:6e:
ca:1c:ee:6b:7f:1b:26:1d:77:58:ce:91:02:b3:29:4c:c8:24:
bf:ee:ec:bc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ4DOScULJAqqcpiNVg8OVxsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwNTA3MTYxNTM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTQ5NTkzYTBmYjI5NjYzNDIwYTVkZTMyYTFiN2NmOGJkMzk0MWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAufMVCKRiU5++8zPPusn/I9uoby2g
0R5h+DwDSAiveByytSYjNzxpC+dm7deJLZ64L7YQVEwz/FNUNF9oGRHlMMOt21bV
un4kAZ8SuQwZPRFeolzjYTWnuXIvZsoyY6Ca30yhGcgp+A9L6GwP5YCA+jRDkm3s
Tx3Uj3GoqykNSS2Rjh0Fm/XzfMoedX8x9Zkw9ZhFY9aWjHcv/qAR4ReOHu54320n
b0zLeUNFNb/J88vzVikni3YEb/IPUt1LKsw0IK6EqdJwLyv25B+0beQKsQHft5rt
ORDe7N6nESUL/NN8AiGHM5Sc4FlqEEyYJBRyzasclHFuyYx2UekFGfScsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH5JWToPspZjQgpd4yobfPi9OUHlMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvZmtsWk9nLXlsbU5DQ2wzaktodDgtTDA1UWVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAhrYMA0G
CSqGSIb3DQEBCwUAA4IBAQBd4acL0k6K9YtdsHjI80etThdNZOEZrEgBtZnJHkOM
4HuFTVfwbLysUfqYoPt6umOEqwnmfC/f9UADzn51JbRV0EmxL4jOOddAcFUm/zhi
8je9JXPEfc3fH6cf9Ey3Ju5ob3shELBBYankoTRdfGyejyTCXw2UDF5fmfXsWqff
BnsaiR6dNwpdOKo8wuoXmVGXnGa/TucFwD8qFTiktwDFSBGiPnTsLa/ogiGEk3n/
Q7OSvGtQTgKEm6bqo7ikWRCInHvie8tEHGFc+BBzue5fcs4vxHHbNmnCmRcDQYH9
MOgfedgAiMZtUm7KHO5rfxsmHXdYzpECsylMyCS/7uy8
-----END CERTIFICATE-----
Generated at Wed May 13 09:14:55 2026 by rpki-client