Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/n1ZFa3P7MR_QzdwXgNvQprb0PRE.roa
File: n1ZFa3P7MR_QzdwXgNvQprb0PRE.roa (raw, json)
Hash identifier: 3ixmZpMWq/9mLgKBBWXxzyCac0PcM7A2ra0kjPh/DHU=
Subject key identifier: 9F:56:45:6B:73:FB:31:1F:D0:CD:DC:17:80:DB:D0:A6:B6:F4:3D:11
Certificate issuer: /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial: 019E07B44D161F4E59E82AC53DB0B07C2F98
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/n1ZFa3P7MR_QzdwXgNvQprb0PRE.roa
Signing time: Fri 08 May 2026 13:08:37 +0000
ROA not before: Fri 08 May 2026 13:08:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 207691
IP address blocks: 78.128.10.0/23 maxlen: 24
185.43.56.0/23 maxlen: 24
185.43.56.0/24 maxlen: 24
185.43.57.0/24 maxlen: 24
217.174.145.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.mft
rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 16:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:07:b4:4d:16:1f:4e:59:e8:2a:c5:3d:b0:b0:7c:2f:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Validity
Not Before: May 8 13:08:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9f56456b73fb311fd0cddc1780dbd0a6b6f43d11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:2d:84:31:d0:25:78:8d:fd:a0:b7:eb:d5:4a:
13:cb:1d:72:b7:30:b1:c6:7a:4f:65:09:f5:58:48:
70:8e:3d:a9:e6:d4:82:85:69:bc:ec:e5:6d:e5:52:
4c:7b:b2:44:c9:02:95:74:d9:d9:f9:6a:2d:55:ff:
f2:96:db:86:ef:2e:f2:2a:53:6f:b9:f8:e5:d0:94:
b0:29:23:33:8b:0f:92:12:09:3a:e0:05:db:9a:c7:
05:ee:27:fa:7a:ff:0b:5a:32:4e:fb:b8:9d:1f:c9:
05:79:b1:f9:3c:68:b8:93:5a:47:c5:6b:07:22:14:
5a:c4:09:e2:40:79:8d:10:8f:68:1d:6a:dc:42:2a:
c2:8b:f3:c3:72:32:b6:88:8d:19:d4:0f:9a:a8:8c:
c2:8c:59:24:45:df:71:c8:92:b7:b1:2f:1c:ad:c1:
81:91:d2:ae:28:4a:79:b2:aa:b6:0d:c7:4c:b6:a1:
e5:a7:9b:85:6d:3c:a6:27:ce:3f:ba:bf:a1:36:87:
6e:31:8c:94:93:76:7c:4e:1d:8b:00:f1:db:f3:d9:
bb:f0:41:92:ab:a9:18:cb:a4:fb:59:ff:7b:ad:92:
38:79:ac:9c:46:ff:15:7d:0d:9e:3d:89:00:fd:4b:
1d:24:53:76:5e:e2:b9:d2:59:68:29:bd:36:38:16:
ce:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:56:45:6B:73:FB:31:1F:D0:CD:DC:17:80:DB:D0:A6:B6:F4:3D:11
X509v3 Authority Key Identifier:
keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/n1ZFa3P7MR_QzdwXgNvQprb0PRE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.128.10.0/23
185.43.56.0/23
217.174.145.0/24
Signature Algorithm: sha256WithRSAEncryption
42:90:dd:05:83:3a:bf:b5:e2:2c:db:1e:31:50:dc:f7:36:1b:
52:9d:dd:73:4d:03:0c:a4:a2:e9:18:c2:0d:ae:fd:71:47:05:
02:8e:82:62:6d:5b:ea:84:a2:76:ab:d4:2c:b0:b9:f2:72:6f:
36:04:b0:29:ae:4f:a6:da:c0:83:4c:93:32:1b:e3:7b:98:6d:
d9:c1:58:74:89:00:4f:94:53:6f:f1:39:64:ed:f1:c7:ed:05:
57:04:b8:01:cc:8f:3c:e7:25:93:88:43:85:3d:3a:ac:ae:48:
dd:4c:7f:e5:99:c7:18:c2:9a:0a:60:29:4f:63:a5:ea:08:83:
cf:48:06:63:04:a8:a5:26:a0:3f:10:1f:59:76:ec:60:e2:91:
02:1f:91:09:8b:80:e8:28:68:78:5f:c2:ad:1e:d0:26:79:f4:
10:51:8f:d8:ad:7c:ff:6d:cc:61:a3:ea:91:fd:c6:40:43:90:
8e:e0:b2:34:f0:b3:2c:cf:58:ce:72:b7:f0:07:d3:cd:7d:15:
36:49:65:19:07:4c:81:f7:62:09:c6:82:46:19:0a:91:cc:76:
3b:c2:a9:99:b2:a2:08:56:d9:e7:38:6c:3a:4c:31:15:1a:c7:
34:fa:65:45:e5:ea:a7:81:79:fb:7e:87:e3:c5:9f:2e:5a:42:
00:10:97:9f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZ4HtE0WH05Z6CrFPbCwfC+YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1
Y2IyYWEwHhcNMjYwNTA4MTMwODM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjU2NDU2YjczZmIzMTFmZDBjZGRjMTc4MGRiZDBhNmI2ZjQzZDExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1i2EMdAleI39oLfr1UoTyx1ytzCx
xnpPZQn1WEhwjj2p5tSChWm87OVt5VJMe7JEyQKVdNnZ+WotVf/yltuG7y7yKlNv
ufjl0JSwKSMziw+SEgk64AXbmscF7if6ev8LWjJO+7idH8kFebH5PGi4k1pHxWsH
IhRaxAniQHmNEI9oHWrcQirCi/PDcjK2iI0Z1A+aqIzCjFkkRd9xyJK3sS8crcGB
kdKuKEp5sqq2DcdMtqHlp5uFbTymJ84/ur+hNoduMYyUk3Z8Th2LAPHb89m78EGS
q6kYy6T7Wf97rZI4eaycRv8VfQ2ePYkA/UsdJFN2XuK50lloKb02OBbOBQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJ9WRWtz+zEf0M3cF4Db0Ka29D0RMB8GA1UdIwQY
MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt
ZGFjYjVmMzU2ZWEzLzEvbjFaRmEzUDdNUl9RemR3WGdOdlFwcmIwUFJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz
LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBToAKAwQB
uSs4AwQA2a6RMA0GCSqGSIb3DQEBCwUAA4IBAQBCkN0Fgzq/teIs2x4xUNz3NhtS
nd1zTQMMpKLpGMINrv1xRwUCjoJibVvqhKJ2q9QssLnycm82BLAprk+m2sCDTJMy
G+N7mG3ZwVh0iQBPlFNv8Tlk7fHH7QVXBLgBzI885yWTiEOFPTqsrkjdTH/lmccY
wpoKYClPY6XqCIPPSAZjBKilJqA/EB9Zduxg4pECH5EJi4DoKGh4X8KtHtAmefQQ
UY/YrXz/bcxho+qR/cZAQ5CO4LI08LMsz1jOcrfwB9PNfRU2SWUZB0yB92IJxoJG
GQqRzHY7wqmZsqIIVtnnOGw6TDEVGsc0+mVF5eqngXn7fofjxZ8uWkIAEJef
-----END CERTIFICATE-----
Generated at Wed May 13 02:20:19 2026 by rpki-client