Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/f1d697-bc8e-4f14-8b37-b53e30e1412a/1/qd9Yg6x5MP3_V4qiqdIRziNkpWc.roa
File: qd9Yg6x5MP3_V4qiqdIRziNkpWc.roa (raw, json)
Hash identifier: ffLKUP8Rre60VxB3R0J9RgVCBO6NnyVYNiz6flfZxK0=
Subject key identifier: A9:DF:58:83:AC:79:30:FD:FF:57:8A:A2:A9:D2:11:CE:23:64:A5:67
Certificate issuer: /CN=92bf6464ce6e19a4dcf8a32b27a2f1cbe1551055
Certificate serial: 019E13207CD672FF1E806DECE67A64493B9C
Authority key identifier: 92:BF:64:64:CE:6E:19:A4:DC:F8:A3:2B:27:A2:F1:CB:E1:55:10:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kr9kZM5uGaTc-KMrJ6Lxy-FVEFU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/f1d697-bc8e-4f14-8b37-b53e30e1412a/1/qd9Yg6x5MP3_V4qiqdIRziNkpWc.roa
Signing time: Sun 10 May 2026 18:22:36 +0000
ROA not before: Sun 10 May 2026 18:22:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 214431
IP address blocks: 5.56.133.0/24 maxlen: 24
2a03:9382::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/f1d697-bc8e-4f14-8b37-b53e30e1412a/1/kr9kZM5uGaTc-KMrJ6Lxy-FVEFU.crl
rsync://rpki.ripe.net/repository/DEFAULT/d7/f1d697-bc8e-4f14-8b37-b53e30e1412a/1/kr9kZM5uGaTc-KMrJ6Lxy-FVEFU.mft
rsync://rpki.ripe.net/repository/DEFAULT/kr9kZM5uGaTc-KMrJ6Lxy-FVEFU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 20:10:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:13:20:7c:d6:72:ff:1e:80:6d:ec:e6:7a:64:49:3b:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92bf6464ce6e19a4dcf8a32b27a2f1cbe1551055
Validity
Not Before: May 10 18:22:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a9df5883ac7930fdff578aa2a9d211ce2364a567
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:d3:0c:94:a7:63:cf:61:3f:ae:44:0b:b8:91:
8d:dd:2f:c9:7b:14:46:3a:ad:c3:af:62:8c:a3:c2:
62:7d:d3:30:38:77:ab:26:11:5f:dc:de:72:8d:16:
6c:e5:a2:59:6f:d2:77:ef:10:e0:74:e5:b0:b2:23:
e4:0a:38:1d:1d:43:14:97:cb:b6:ef:4d:0a:f6:26:
62:fb:bf:1a:bc:f6:f1:85:5d:f6:c1:9b:10:79:15:
23:dc:79:75:4e:d6:86:39:97:14:82:1d:b9:c4:b3:
f2:83:e1:f5:f3:63:68:90:56:0b:70:92:9c:21:f3:
20:2b:72:7c:36:8d:de:c4:f4:c9:75:5e:2b:00:93:
b6:ef:13:d4:93:1e:5f:f1:a5:e2:30:ea:40:d0:bf:
8b:01:00:53:e8:b5:bb:c0:35:26:08:6c:11:13:80:
c5:88:5a:1e:b9:31:55:12:4a:12:8a:39:00:aa:a5:
fa:3c:0a:e4:07:c8:cd:8d:a7:31:f6:33:85:1a:64:
dc:55:48:d8:52:d4:99:3e:45:1d:8f:53:e6:b1:58:
91:e8:7c:b6:2c:7c:56:6e:83:23:56:f4:44:62:20:
48:3f:5b:f4:a7:ba:aa:56:d2:d9:c6:b8:87:8e:a2:
46:1b:cd:5c:35:50:d3:95:46:b4:79:0f:df:e2:12:
13:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:DF:58:83:AC:79:30:FD:FF:57:8A:A2:A9:D2:11:CE:23:64:A5:67
X509v3 Authority Key Identifier:
keyid:92:BF:64:64:CE:6E:19:A4:DC:F8:A3:2B:27:A2:F1:CB:E1:55:10:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kr9kZM5uGaTc-KMrJ6Lxy-FVEFU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/f1d697-bc8e-4f14-8b37-b53e30e1412a/1/qd9Yg6x5MP3_V4qiqdIRziNkpWc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/f1d697-bc8e-4f14-8b37-b53e30e1412a/1/kr9kZM5uGaTc-KMrJ6Lxy-FVEFU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.56.133.0/24
IPv6:
2a03:9382::/48
Signature Algorithm: sha256WithRSAEncryption
1e:29:0b:ea:02:82:44:a8:fe:1d:61:34:18:d1:fa:52:d1:4a:
0b:92:88:a5:92:2a:c3:c8:f9:6c:7e:bc:6d:46:19:99:19:0c:
1a:2c:92:5a:8b:58:a0:96:d6:2a:28:ce:ab:21:b8:31:42:1b:
32:93:93:73:c0:1b:bf:c3:6a:a0:a4:ac:4d:e5:4f:14:b3:41:
02:f1:39:36:b0:41:d4:c5:ac:03:35:2a:38:19:cf:cc:ff:47:
67:2f:c6:53:ad:54:af:b9:2d:85:ad:1c:90:50:40:ed:ea:12:
94:bb:64:9d:cf:67:c1:69:f1:9b:ad:3c:77:38:d6:46:f8:fb:
d8:1d:46:f0:91:48:f0:0f:f6:80:2c:44:93:2e:fd:11:dc:bd:
b2:f4:1d:33:a4:8d:2c:1a:14:36:ac:a9:ba:9e:29:42:52:79:
13:c1:40:bd:91:b2:e4:1c:bb:d1:25:9d:bd:6a:36:4f:1d:da:
0a:86:9f:81:26:93:f5:2b:68:ba:89:0b:94:4c:1b:95:ba:88:
05:74:c6:fa:fb:52:03:14:4c:6a:f9:e6:4b:03:93:86:bf:0b:
32:57:d5:7e:24:9c:5e:40:87:8f:55:c3:e5:bf:ae:0e:ab:64:
0f:f5:26:d2:f2:4d:fc:ea:ee:62:74:2a:73:c1:be:3b:29:28:
8b:fa:69:85
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZ4TIHzWcv8egG3s5npkSTucMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyYmY2NDY0Y2U2ZTE5YTRkY2Y4YTMyYjI3YTJmMWNiZTE1
NTEwNTUwHhcNMjYwNTEwMTgyMjM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWRmNTg4M2FjNzkzMGZkZmY1NzhhYTJhOWQyMTFjZTIzNjRhNTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNMMlKdjz2E/rkQLuJGN3S/JexRG
Oq3Dr2KMo8JifdMwOHerJhFf3N5yjRZs5aJZb9J37xDgdOWwsiPkCjgdHUMUl8u2
700K9iZi+78avPbxhV32wZsQeRUj3Hl1TtaGOZcUgh25xLPyg+H182NokFYLcJKc
IfMgK3J8No3exPTJdV4rAJO27xPUkx5f8aXiMOpA0L+LAQBT6LW7wDUmCGwRE4DF
iFoeuTFVEkoSijkAqqX6PArkB8jNjacx9jOFGmTcVUjYUtSZPkUdj1PmsViR6Hy2
LHxWboMjVvREYiBIP1v0p7qqVtLZxriHjqJGG81cNVDTlUa0eQ/f4hITfwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKnfWIOseTD9/1eKoqnSEc4jZKVnMB8GA1UdIwQY
MBaAFJK/ZGTObhmk3PijKyei8cvhVRBVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3I5a1pNNXVHYVRjLUtNcko2THh5LUZWRUZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9mMWQ2OTctYmM4ZS00ZjE0LThiMzct
YjUzZTMwZTE0MTJhLzEvcWQ5WWc2eDVNUDNfVjRxaXFkSVJ6aU5rcFdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9mMWQ2OTctYmM4ZS00ZjE0LThiMzctYjUzZTMwZTE0MTJh
LzEva3I5a1pNNXVHYVRjLUtNcko2THh5LUZWRUZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQABTiFMA8E
AgACMAkDBwAqA5OCAAAwDQYJKoZIhvcNAQELBQADggEBAB4pC+oCgkSo/h1hNBjR
+lLRSguSiKWSKsPI+Wx+vG1GGZkZDBosklqLWKCW1ioozqshuDFCGzKTk3PAG7/D
aqCkrE3lTxSzQQLxOTawQdTFrAM1KjgZz8z/R2cvxlOtVK+5LYWtHJBQQO3qEpS7
ZJ3PZ8Fp8ZutPHc41kb4+9gdRvCRSPAP9oAsRJMu/RHcvbL0HTOkjSwaFDasqbqe
KUJSeRPBQL2RsuQcu9Elnb1qNk8d2gqGn4Emk/UraLqJC5RMG5W6iAV0xvr7UgMU
TGr55ksDk4a/CzJX1X4knF5Ah49Vw+W/rg6rZA/1JtLyTfzq7mJ0KnPBvjspKIv6
aYU=
-----END CERTIFICATE-----
Generated at Wed May 13 03:15:53 2026 by rpki-client