Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/1c090c-74db-4531-96f7-fac63c03c25a/1/i2keX2tmfJC9gpuyYPgLLi5zYak.roa
File: i2keX2tmfJC9gpuyYPgLLi5zYak.roa (raw, json)
Hash identifier: iSciV2gaKioHzNvZ/l6NgMx2jf4AZrXPTduBLLjh9iE=
Subject key identifier: 8B:69:1E:5F:6B:66:7C:90:BD:82:9B:B2:60:F8:0B:2E:2E:73:61:A9
Certificate issuer: /CN=ccca763f3db2965a1e4eb0bf76c1cb868baae46d
Certificate serial: 019CD7BF66DE8DB8823BBF504AAA2535D525
Authority key identifier: CC:CA:76:3F:3D:B2:96:5A:1E:4E:B0:BF:76:C1:CB:86:8B:AA:E4:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zMp2Pz2ylloeTrC_dsHLhouq5G0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/1c090c-74db-4531-96f7-fac63c03c25a/1/i2keX2tmfJC9gpuyYPgLLi5zYak.roa
Signing time: Tue 10 Mar 2026 12:36:10 +0000
ROA not before: Tue 10 Mar 2026 12:36:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 200924
IP address blocks: 217.147.56.0/23 maxlen: 23
217.147.58.0/23 maxlen: 23
217.147.62.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/1c090c-74db-4531-96f7-fac63c03c25a/1/zMp2Pz2ylloeTrC_dsHLhouq5G0.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/1c090c-74db-4531-96f7-fac63c03c25a/1/zMp2Pz2ylloeTrC_dsHLhouq5G0.mft
rsync://rpki.ripe.net/repository/DEFAULT/zMp2Pz2ylloeTrC_dsHLhouq5G0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 21:01:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:d7:bf:66:de:8d:b8:82:3b:bf:50:4a:aa:25:35:d5:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccca763f3db2965a1e4eb0bf76c1cb868baae46d
Validity
Not Before: Mar 10 12:36:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8b691e5f6b667c90bd829bb260f80b2e2e7361a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:98:64:48:f2:c8:d4:28:59:4b:8f:f9:0a:c2:
3f:fb:e7:f6:bf:08:cf:7e:2b:d3:69:fc:f3:43:39:
72:a8:8a:77:1f:74:7e:d5:83:60:4e:2f:d1:5d:d7:
76:5d:fa:4f:2f:4c:57:5f:c5:06:55:b5:87:15:82:
41:8f:fc:fd:10:23:c3:b9:bd:3c:96:fa:a5:c8:c3:
59:37:a2:9f:8e:ba:56:a3:26:d8:a7:b5:ac:07:6b:
74:6e:86:27:23:7f:8d:11:b2:03:74:f8:9e:16:c9:
b8:a0:fd:f1:6e:a2:e6:a4:34:9f:2c:c9:77:ef:cc:
8f:a4:27:97:9c:5a:f6:3e:73:75:e5:4d:cd:9a:65:
c3:b4:8e:90:71:63:8b:6e:8e:8f:6a:93:4f:7f:9a:
b6:50:2f:ce:1c:90:37:24:5f:0d:e6:e7:88:97:1a:
42:10:17:22:49:d5:09:23:7d:20:d3:3d:1a:b6:de:
e5:00:18:e6:62:27:f3:a8:80:ab:32:4b:40:0d:33:
2a:e2:83:48:10:04:05:6e:1c:24:03:3e:e8:d3:92:
81:47:86:63:5c:67:bb:81:34:6e:3a:fd:b9:ed:fb:
a3:7c:19:bb:ac:5c:cc:ce:45:df:80:cc:45:27:89:
14:0d:8c:4b:10:ad:2c:8f:3c:52:cd:a1:f8:5e:1e:
1f:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:69:1E:5F:6B:66:7C:90:BD:82:9B:B2:60:F8:0B:2E:2E:73:61:A9
X509v3 Authority Key Identifier:
keyid:CC:CA:76:3F:3D:B2:96:5A:1E:4E:B0:BF:76:C1:CB:86:8B:AA:E4:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zMp2Pz2ylloeTrC_dsHLhouq5G0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/1c090c-74db-4531-96f7-fac63c03c25a/1/i2keX2tmfJC9gpuyYPgLLi5zYak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/1c090c-74db-4531-96f7-fac63c03c25a/1/zMp2Pz2ylloeTrC_dsHLhouq5G0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.147.56.0/22
217.147.62.0/23
Signature Algorithm: sha256WithRSAEncryption
78:e9:8e:c4:12:41:aa:9f:24:23:4e:be:76:e5:a3:f6:71:7a:
41:23:b6:4d:80:83:63:a5:15:4d:31:e9:6c:60:6c:b6:14:68:
93:f5:06:56:c8:1d:fa:1d:71:43:8c:74:b9:a5:9c:9c:a3:57:
28:72:15:2f:9c:7b:24:26:75:81:04:0d:3a:9e:35:a2:60:c3:
ba:4e:9a:1e:80:2f:24:9d:50:8c:a4:8e:84:33:35:08:df:16:
5d:64:5b:3c:a9:78:e1:e5:84:6e:85:98:cc:a2:69:06:a0:aa:
4a:8e:48:d3:d5:a4:5b:a2:0a:d7:e9:48:9e:a1:90:65:c1:47:
06:1f:95:28:f7:0d:94:35:27:6e:63:a5:76:fa:2d:9c:34:a7:
82:c7:a5:c6:ef:ab:47:0e:1e:1e:a8:78:ec:e8:ea:31:77:ae:
e5:01:6b:26:89:62:ce:15:90:c6:70:ec:09:ca:3d:e5:63:90:
3c:9c:e6:52:89:ec:0d:d3:be:e9:40:75:93:21:30:cf:10:fb:
44:29:53:70:22:aa:3d:bd:45:dc:35:c5:69:af:54:fb:4e:fe:
f9:10:7d:1f:13:e8:5c:af:d9:8e:3b:75:bb:38:b9:dc:11:f4:
80:89:f1:38:6d:2e:9a:51:76:32:fd:22:dd:cb:36:d4:76:7e:
cd:07:f0:29
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZzXv2bejbiCO79QSqolNdUlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjY2E3NjNmM2RiMjk2NWExZTRlYjBiZjc2YzFjYjg2OGJh
YWU0NmQwHhcNMjYwMzEwMTIzNjEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjY5MWU1ZjZiNjY3YzkwYmQ4MjliYjI2MGY4MGIyZTJlNzM2MWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ZhkSPLI1ChZS4/5CsI/++f2vwjP
fivTafzzQzlyqIp3H3R+1YNgTi/RXdd2XfpPL0xXX8UGVbWHFYJBj/z9ECPDub08
lvqlyMNZN6KfjrpWoybYp7WsB2t0boYnI3+NEbIDdPieFsm4oP3xbqLmpDSfLMl3
78yPpCeXnFr2PnN15U3NmmXDtI6QcWOLbo6PapNPf5q2UC/OHJA3JF8N5ueIlxpC
EBciSdUJI30g0z0att7lABjmYifzqICrMktADTMq4oNIEAQFbhwkAz7o05KBR4Zj
XGe7gTRuOv257fujfBm7rFzMzkXfgMxFJ4kUDYxLEK0sjzxSzaH4Xh4ftQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFItpHl9rZnyQvYKbsmD4Cy4uc2GpMB8GA1UdIwQY
MBaAFMzKdj89spZaHk6wv3bBy4aLquRtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek1wMlB6MnlsbG9lVHJDX2RzSExob3VxNUcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8xYzA5MGMtNzRkYi00NTMxLTk2Zjct
ZmFjNjNjMDNjMjVhLzEvaTJrZVgydG1mSkM5Z3B1eVlQZ0xMaTV6WWFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi8xYzA5MGMtNzRkYi00NTMxLTk2ZjctZmFjNjNjMDNjMjVh
LzEvek1wMlB6MnlsbG9lVHJDX2RzSExob3VxNUcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQC2ZM4AwQB
2ZM+MA0GCSqGSIb3DQEBCwUAA4IBAQB46Y7EEkGqnyQjTr525aP2cXpBI7ZNgINj
pRVNMelsYGy2FGiT9QZWyB36HXFDjHS5pZyco1cochUvnHskJnWBBA06njWiYMO6
TpoegC8knVCMpI6EMzUI3xZdZFs8qXjh5YRuhZjMomkGoKpKjkjT1aRbogrX6Uie
oZBlwUcGH5Uo9w2UNSduY6V2+i2cNKeCx6XG76tHDh4eqHjs6Ooxd67lAWsmiWLO
FZDGcOwJyj3lY5A8nOZSiewN077pQHWTITDPEPtEKVNwIqo9vUXcNcVpr1T7Tv75
EH0fE+hcr9mOO3W7OLncEfSAifE4bS6aUXYy/SLdyzbUdn7NB/Ap
-----END CERTIFICATE-----
Generated at Thu Mar 26 04:58:17 2026 by rpki-client