Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/1d1b45-86e9-46ee-991c-0eddeb48e3ae/1/R7Ev9HH_K9DOIOMp6xmYQSBJ3LQ.roa
File: R7Ev9HH_K9DOIOMp6xmYQSBJ3LQ.roa (raw, json)
Hash identifier: X1Rxis2xsh9D70KdlclAD1iUcJEca7H7zmBLpXbXixs=
Subject key identifier: 47:B1:2F:F4:71:FF:2B:D0:CE:20:E3:29:EB:19:98:41:20:49:DC:B4
Certificate issuer: /CN=9dcf5edc4e6aedc8df4245a62fa37fa22a620eaa
Certificate serial: 019DDF961898935AD8D516193102E27D5E25
Authority key identifier: 9D:CF:5E:DC:4E:6A:ED:C8:DF:42:45:A6:2F:A3:7F:A2:2A:62:0E:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nc9e3E5q7cjfQkWmL6N_oipiDqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/1d1b45-86e9-46ee-991c-0eddeb48e3ae/1/R7Ev9HH_K9DOIOMp6xmYQSBJ3LQ.roa
Signing time: Thu 30 Apr 2026 18:10:49 +0000
ROA not before: Thu 30 Apr 2026 18:10:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 206141
IP address blocks: 87.237.160.0/22 maxlen: 24
2a06:13c0::/29 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/1d1b45-86e9-46ee-991c-0eddeb48e3ae/1/nc9e3E5q7cjfQkWmL6N_oipiDqo.crl
rsync://rpki.ripe.net/repository/DEFAULT/d7/1d1b45-86e9-46ee-991c-0eddeb48e3ae/1/nc9e3E5q7cjfQkWmL6N_oipiDqo.mft
rsync://rpki.ripe.net/repository/DEFAULT/nc9e3E5q7cjfQkWmL6N_oipiDqo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 18:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:df:96:18:98:93:5a:d8:d5:16:19:31:02:e2:7d:5e:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9dcf5edc4e6aedc8df4245a62fa37fa22a620eaa
Validity
Not Before: Apr 30 18:10:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=47b12ff471ff2bd0ce20e329eb1998412049dcb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:a6:aa:5e:2d:b9:35:78:47:ec:00:34:15:db:
65:1d:0a:ea:54:9b:c4:60:86:b4:11:ad:2e:77:04:
05:00:86:38:26:fb:01:02:a0:60:88:74:6b:8e:0e:
b0:29:b4:2c:e9:47:ff:4a:b0:17:5d:df:8c:9c:cd:
dd:71:2f:95:fc:8a:19:9e:9b:48:8d:84:60:7f:09:
a1:f0:9c:20:63:6b:51:c8:ac:7a:10:8d:3f:8d:21:
44:4c:27:1b:e6:f2:9c:d6:a6:10:33:55:8c:03:f6:
1b:93:f0:00:05:7b:01:20:4b:13:d7:58:6b:da:65:
03:43:12:90:33:3b:49:a7:e3:dc:ff:15:89:4b:1a:
18:07:62:13:67:06:cb:54:3f:2f:f0:98:4d:1c:aa:
3b:97:e1:56:02:81:bc:11:d7:57:9a:81:9c:4b:7f:
c7:a9:72:1c:fd:25:4b:7e:81:aa:88:bc:98:1a:2d:
67:d7:c4:e6:8b:8d:21:95:a6:3b:56:c9:6a:21:b9:
3e:c5:9a:68:e1:78:99:48:33:b3:b4:8a:f0:75:1c:
60:41:45:24:72:51:c4:88:ba:7d:7e:a2:01:74:24:
6d:d8:7d:68:35:07:91:d7:cb:ee:c5:02:9c:c9:11:
04:83:22:cf:da:e7:5a:23:c8:99:e0:f1:1b:e3:cb:
5a:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:B1:2F:F4:71:FF:2B:D0:CE:20:E3:29:EB:19:98:41:20:49:DC:B4
X509v3 Authority Key Identifier:
keyid:9D:CF:5E:DC:4E:6A:ED:C8:DF:42:45:A6:2F:A3:7F:A2:2A:62:0E:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nc9e3E5q7cjfQkWmL6N_oipiDqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/1d1b45-86e9-46ee-991c-0eddeb48e3ae/1/R7Ev9HH_K9DOIOMp6xmYQSBJ3LQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/1d1b45-86e9-46ee-991c-0eddeb48e3ae/1/nc9e3E5q7cjfQkWmL6N_oipiDqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.237.160.0/22
IPv6:
2a06:13c0::/29
Signature Algorithm: sha256WithRSAEncryption
30:89:a8:24:33:cc:0a:c9:77:b8:31:a0:28:ca:3f:41:49:85:
3b:8b:08:c4:6a:9c:0b:1b:8f:2c:d4:17:9c:00:2c:8f:47:9c:
a8:b8:bf:4e:02:3e:27:ef:a3:3b:72:6d:5a:0e:13:80:58:3b:
2f:24:29:a6:3a:a4:d8:b4:e6:c5:fa:8f:57:97:23:90:e9:59:
06:07:db:aa:ea:0f:ac:33:5d:5a:9f:6a:03:7b:87:e1:b7:07:
56:c7:bf:8e:f9:e1:ff:e3:13:ae:94:52:90:9b:b4:b0:c5:81:
15:cc:f4:9b:b2:df:a8:97:84:5f:31:74:84:ed:2a:c8:e9:09:
77:4e:0f:28:01:73:1e:db:b0:7b:11:30:6b:50:85:65:45:e4:
a4:0e:be:22:d3:6b:4b:c0:65:d8:ae:1f:48:96:c0:30:04:22:
b0:47:18:a2:5c:eb:d1:4e:d7:fb:bf:6a:3b:28:a3:66:2f:fa:
be:38:c7:2f:7b:81:b9:ff:7b:ca:b1:df:27:e2:11:60:41:51:
93:e8:4d:a7:7f:39:c4:81:b1:b6:9e:0d:b8:14:f1:d9:1e:94:
50:a0:60:ea:b5:58:bb:05:8f:20:18:9d:2b:36:8a:2a:ed:3c:
6d:20:f6:2b:fb:25:f0:37:1c:7c:d0:e6:d7:56:4e:0b:56:60:
7f:e1:f4:0f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZ3flhiYk1rY1RYZMQLifV4lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkY2Y1ZWRjNGU2YWVkYzhkZjQyNDVhNjJmYTM3ZmEyMmE2
MjBlYWEwHhcNMjYwNDMwMTgxMDQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2IxMmZmNDcxZmYyYmQwY2UyMGUzMjllYjE5OTg0MTIwNDlkY2I0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKaqXi25NXhH7AA0FdtlHQrqVJvE
YIa0Ea0udwQFAIY4JvsBAqBgiHRrjg6wKbQs6Uf/SrAXXd+MnM3dcS+V/IoZnptI
jYRgfwmh8JwgY2tRyKx6EI0/jSFETCcb5vKc1qYQM1WMA/Ybk/AABXsBIEsT11hr
2mUDQxKQMztJp+Pc/xWJSxoYB2ITZwbLVD8v8JhNHKo7l+FWAoG8EddXmoGcS3/H
qXIc/SVLfoGqiLyYGi1n18Tmi40hlaY7VslqIbk+xZpo4XiZSDOztIrwdRxgQUUk
clHEiLp9fqIBdCRt2H1oNQeR18vuxQKcyREEgyLP2udaI8iZ4PEb48ta8QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEexL/Rx/yvQziDjKesZmEEgSdy0MB8GA1UdIwQY
MBaAFJ3PXtxOau3I30JFpi+jf6IqYg6qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmM5ZTNFNXE3Y2pmUWtXbUw2Tl9vaXBpRHFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy8xZDFiNDUtODZlOS00NmVlLTk5MWMt
MGVkZGViNDhlM2FlLzEvUjdFdjlISF9LOURPSU9NcDZ4bVlRU0JKM0xRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy8xZDFiNDUtODZlOS00NmVlLTk5MWMtMGVkZGViNDhlM2Fl
LzEvbmM5ZTNFNXE3Y2pmUWtXbUw2Tl9vaXBpRHFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCV+2gMA0E
AgACMAcDBQMqBhPAMA0GCSqGSIb3DQEBCwUAA4IBAQAwiagkM8wKyXe4MaAoyj9B
SYU7iwjEapwLG48s1BecACyPR5youL9OAj4n76M7cm1aDhOAWDsvJCmmOqTYtObF
+o9XlyOQ6VkGB9uq6g+sM11an2oDe4fhtwdWx7+O+eH/4xOulFKQm7SwxYEVzPSb
st+ol4RfMXSE7SrI6Ql3Tg8oAXMe27B7ETBrUIVlReSkDr4i02tLwGXYrh9IlsAw
BCKwRxiiXOvRTtf7v2o7KKNmL/q+OMcve4G5/3vKsd8n4hFgQVGT6E2nfznEgbG2
ng24FPHZHpRQoGDqtVi7BY8gGJ0rNooq7TxtIPYr+yXwNxx80ObXVk4LVmB/4fQP
-----END CERTIFICATE-----
Generated at Wed May 13 05:44:07 2026 by rpki-client