Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/7d7e1d-33c0-4342-b259-a7bf3bf902d8/1/iz1NumDDEP4HEocZooUpzgUrWuA.roa
File: iz1NumDDEP4HEocZooUpzgUrWuA.roa (raw, json)
Hash identifier: Xh3SqqlYQ0WusNga4Qj1Gif5nRzkl+/fhOngglLEBZs=
Subject key identifier: 8B:3D:4D:BA:60:C3:10:FE:07:12:87:19:A2:85:29:CE:05:2B:5A:E0
Certificate issuer: /CN=576705b557b823086b6a532324bfbba36995cb1c
Certificate serial: 019E0DC6DC06530BDF20A65C68262239AB86
Authority key identifier: 57:67:05:B5:57:B8:23:08:6B:6A:53:23:24:BF:BB:A3:69:95:CB:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V2cFtVe4IwhralMjJL-7o2mVyxw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/7d7e1d-33c0-4342-b259-a7bf3bf902d8/1/iz1NumDDEP4HEocZooUpzgUrWuA.roa
Signing time: Sat 09 May 2026 17:26:36 +0000
ROA not before: Sat 09 May 2026 17:26:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 214098
IP address blocks: 185.56.161.0/24 maxlen: 24
2a07:5c0:1::/48 maxlen: 48
2a07:5c0:2::/48 maxlen: 48
2a07:5c0:3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/7d7e1d-33c0-4342-b259-a7bf3bf902d8/1/V2cFtVe4IwhralMjJL-7o2mVyxw.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/7d7e1d-33c0-4342-b259-a7bf3bf902d8/1/V2cFtVe4IwhralMjJL-7o2mVyxw.mft
rsync://rpki.ripe.net/repository/DEFAULT/V2cFtVe4IwhralMjJL-7o2mVyxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 17:01:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:0d:c6:dc:06:53:0b:df:20:a6:5c:68:26:22:39:ab:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=576705b557b823086b6a532324bfbba36995cb1c
Validity
Not Before: May 9 17:26:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8b3d4dba60c310fe07128719a28529ce052b5ae0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:f9:b5:43:99:f7:e5:87:63:ff:91:65:4d:6c:
15:97:7d:c4:78:6c:34:db:1b:53:7e:8a:c3:33:bb:
9c:f7:94:3a:23:30:42:15:36:25:df:fd:5f:ec:6f:
fe:f6:6b:cd:36:d6:2a:87:fa:e5:43:10:ed:ca:65:
8e:f7:ee:d0:e3:0e:54:3e:ba:67:55:d1:c6:1c:b1:
49:6d:34:ef:0a:b3:6c:0a:35:cb:d2:0b:d8:bf:66:
a6:c1:d9:24:7e:89:2a:6e:11:8d:48:60:f6:8b:8f:
3c:9d:ca:9c:4f:62:f0:52:9f:3b:4b:f6:9a:51:43:
18:bd:24:1f:d7:ec:08:d4:2f:3c:a5:2d:b2:d2:ca:
73:d8:07:32:87:97:95:48:73:5c:cb:5b:e7:b6:8d:
01:ba:c0:5e:a5:37:a0:d4:f1:1e:02:bb:8d:9d:c1:
73:72:f5:08:15:61:78:c2:e5:e0:00:c3:6c:f9:75:
23:50:f8:fd:5f:f6:9c:8e:d7:a8:51:ba:c8:72:da:
3d:df:61:f0:c5:11:60:0f:92:65:3c:f0:97:69:93:
e9:b8:32:a7:6f:c5:c7:10:92:10:a5:42:39:d0:d9:
6e:d5:7e:b3:4a:0a:a2:f9:aa:f8:15:eb:90:13:40:
10:3f:53:a4:54:f2:13:98:98:a7:9f:3f:8d:65:55:
e7:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:3D:4D:BA:60:C3:10:FE:07:12:87:19:A2:85:29:CE:05:2B:5A:E0
X509v3 Authority Key Identifier:
keyid:57:67:05:B5:57:B8:23:08:6B:6A:53:23:24:BF:BB:A3:69:95:CB:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V2cFtVe4IwhralMjJL-7o2mVyxw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/7d7e1d-33c0-4342-b259-a7bf3bf902d8/1/iz1NumDDEP4HEocZooUpzgUrWuA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/7d7e1d-33c0-4342-b259-a7bf3bf902d8/1/V2cFtVe4IwhralMjJL-7o2mVyxw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.56.161.0/24
IPv6:
2a07:5c0:1::-2a07:5c0:3:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
78:8a:63:cd:5e:ef:c1:7b:a7:c9:ab:82:3e:c9:03:90:76:d1:
94:09:52:df:b9:57:60:f0:9e:b6:a2:94:fe:3d:5b:63:13:0e:
f2:ab:9a:80:aa:3f:4f:29:49:cd:48:0e:73:a0:9b:03:88:23:
9a:a9:c1:35:72:5f:80:c5:20:1b:c1:3d:19:21:cf:86:10:76:
b0:06:c3:ba:55:13:02:44:8c:87:b7:74:a6:56:a4:b1:9b:7d:
c7:7e:18:59:5f:d5:be:3f:c3:a9:1b:1d:f0:19:26:1e:0f:23:
33:c8:0f:48:1c:4e:e9:c5:4b:a1:b1:dc:c2:74:57:ad:0f:af:
51:92:95:aa:2b:90:ae:37:2c:92:6e:5e:a0:78:d9:07:59:14:
e9:70:72:6b:e5:65:35:e4:52:10:53:b3:3f:a4:f0:b5:4e:c4:
08:11:ba:5a:f1:ad:25:82:ef:b2:6d:42:d9:1c:fc:5a:03:8f:
c4:f2:58:5c:85:80:1b:84:d5:46:60:85:75:2b:99:5a:f9:43:
c1:fd:06:d5:e4:5d:c6:4b:f8:ba:f3:5a:81:57:17:09:26:5c:
7b:0a:b0:70:7e:23:95:5f:f7:f2:04:c2:20:6c:60:11:3d:56:
b1:67:b9:48:5a:27:8b:a5:7f:67:dd:8a:ec:7d:09:12:a1:37:
fd:38:39:71
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZ4NxtwGUwvfIKZcaCYiOauGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NjcwNWI1NTdiODIzMDg2YjZhNTMyMzI0YmZiYmEzNjk5
NWNiMWMwHhcNMjYwNTA5MTcyNjM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjNkNGRiYTYwYzMxMGZlMDcxMjg3MTlhMjg1MjljZTA1MmI1YWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkPm1Q5n35Ydj/5FlTWwVl33EeGw0
2xtTforDM7uc95Q6IzBCFTYl3/1f7G/+9mvNNtYqh/rlQxDtymWO9+7Q4w5UPrpn
VdHGHLFJbTTvCrNsCjXL0gvYv2amwdkkfokqbhGNSGD2i488ncqcT2LwUp87S/aa
UUMYvSQf1+wI1C88pS2y0spz2Acyh5eVSHNcy1vnto0BusBepTeg1PEeAruNncFz
cvUIFWF4wuXgAMNs+XUjUPj9X/acjteoUbrIcto932HwxRFgD5JlPPCXaZPpuDKn
b8XHEJIQpUI50Nlu1X6zSgqi+ar4FeuQE0AQP1OkVPITmJinnz+NZVXnMQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFIs9TbpgwxD+BxKHGaKFKc4FK1rgMB8GA1UdIwQY
MBaAFFdnBbVXuCMIa2pTIyS/u6NplcscMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjJjRnRWZTRJd2hyYWxNakpMLTdvMm1WeXh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC83ZDdlMWQtMzNjMC00MzQyLWIyNTkt
YTdiZjNiZjkwMmQ4LzEvaXoxTnVtRERFUDRIRW9jWm9vVXB6Z1VyV3VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC83ZDdlMWQtMzNjMC00MzQyLWIyNTktYTdiZjNiZjkwMmQ4
LzEvVjJjRnRWZTRJd2hyYWxNakpMLTdvMm1WeXh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQAuTihMBoE
AgACMBQwEgMHACoHBcAAAQMHAioHBcAAADANBgkqhkiG9w0BAQsFAAOCAQEAeIpj
zV7vwXunyauCPskDkHbRlAlS37lXYPCetqKU/j1bYxMO8quagKo/TylJzUgOc6Cb
A4gjmqnBNXJfgMUgG8E9GSHPhhB2sAbDulUTAkSMh7d0plaksZt9x34YWV/Vvj/D
qRsd8BkmHg8jM8gPSBxO6cVLobHcwnRXrQ+vUZKVqiuQrjcskm5eoHjZB1kU6XBy
a+VlNeRSEFOzP6TwtU7ECBG6WvGtJYLvsm1C2Rz8WgOPxPJYXIWAG4TVRmCFdSuZ
WvlDwf0G1eRdxkv4uvNagVcXCSZcewqwcH4jlV/38gTCIGxgET1WsWe5SFoni6V/
Z92K7H0JEqE3/Tg5cQ==
-----END CERTIFICATE-----
Generated at Wed May 13 02:38:29 2026 by rpki-client