Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/mK2pu5R5lWqvIXqErk7jVZFlmp0.roa
File: mK2pu5R5lWqvIXqErk7jVZFlmp0.roa (raw, json)
Hash identifier: sRCHMyj+p8pY5eOLzabWVtPff0jbe7Rz87+1B+O4SIc=
Subject key identifier: 98:AD:A9:BB:94:79:95:6A:AF:21:7A:84:AE:4E:E3:55:91:65:9A:9D
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 019DD9A56ADCAD2E1712240C5E014832D125
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/mK2pu5R5lWqvIXqErk7jVZFlmp0.roa
Signing time: Wed 29 Apr 2026 14:29:49 +0000
ROA not before: Wed 29 Apr 2026 14:29:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 29518
IP address blocks: 193.234.92.0/24 maxlen: 24
193.235.85.0/24 maxlen: 24
2a01:280:330::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 20:10:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d9:a5:6a:dc:ad:2e:17:12:24:0c:5e:01:48:32:d1:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Apr 29 14:29:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=98ada9bb9479956aaf217a84ae4ee35591659a9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:34:e1:d4:1d:ec:e4:60:06:65:06:97:c4:fb:
13:5e:7d:d0:d7:e3:45:f9:d0:c5:7b:b2:c9:c2:c9:
cb:41:21:b6:b1:69:78:5c:9c:6d:17:12:0a:bb:c6:
b9:d6:cb:a3:f1:7b:24:41:db:1c:b6:5b:66:fa:f9:
0f:da:33:72:a1:42:6e:0a:42:98:d0:9c:c0:be:67:
71:da:e6:d3:33:0c:b1:a7:55:e4:a1:38:f9:9e:a9:
1a:5f:17:60:1a:12:9f:5e:4f:51:19:8c:01:21:b1:
1b:cf:63:4d:df:1a:d8:29:f7:a7:c8:78:db:56:02:
65:27:bd:48:fa:c3:8c:ba:66:0e:16:d7:b6:c1:25:
ce:08:be:05:57:3b:5d:41:69:63:15:57:43:b7:d0:
79:c8:db:f1:81:6f:37:8d:59:80:a9:6f:ab:a4:80:
8a:d5:bb:66:87:0e:66:c5:3a:16:0e:24:50:ba:26:
77:27:b5:89:01:4f:52:83:96:6b:ed:19:38:4a:79:
89:c0:30:b0:4b:02:39:fa:bf:04:f1:bb:91:be:9e:
84:4d:9b:39:bb:0e:d8:e0:71:98:01:26:a5:1b:51:
ea:08:2c:31:e6:da:c8:98:7e:e7:ab:87:2b:9b:7f:
b4:0d:60:34:fe:3b:3f:2b:b1:d4:fa:09:f9:f3:48:
6e:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:AD:A9:BB:94:79:95:6A:AF:21:7A:84:AE:4E:E3:55:91:65:9A:9D
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/mK2pu5R5lWqvIXqErk7jVZFlmp0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.234.92.0/24
193.235.85.0/24
IPv6:
2a01:280:330::/48
Signature Algorithm: sha256WithRSAEncryption
59:e1:58:ad:a0:e6:71:e1:5c:ae:40:9f:f9:9d:fe:5c:da:9e:
fd:30:3f:3a:cc:4b:d7:ae:bd:07:0f:d0:b8:95:76:08:2b:c3:
e4:a4:ad:2c:ba:6f:1f:e5:6c:64:0b:4a:d7:68:b9:55:d1:a6:
6f:53:a5:bf:53:9f:2a:38:f5:0f:63:b8:e0:03:e3:87:fc:a7:
55:95:09:c4:59:24:38:fb:7a:ac:cf:2f:2e:6f:1e:20:43:8c:
a8:ef:33:5f:8c:7a:50:50:36:b6:90:d9:fd:0f:ee:cf:56:c7:
0d:30:14:a8:c8:86:82:39:af:7c:65:f4:cc:1a:7e:d2:93:0d:
99:33:82:38:40:b8:12:dd:1d:c4:90:08:55:aa:86:6e:9f:74:
59:8b:07:62:93:6b:0d:66:51:28:bd:6d:fd:e6:b3:1d:28:ee:
c4:21:6e:e2:8e:cd:05:0b:e7:99:e3:45:d1:e3:a6:28:a0:2b:
24:a9:11:91:6a:c8:00:01:00:ba:74:41:f8:b8:55:7b:54:65:
36:91:98:d5:08:1f:ae:0f:9e:d2:51:4f:40:a8:b6:78:54:ad:
06:d1:d4:46:e1:80:05:ff:7d:08:af:c9:6d:17:9d:ac:12:e7:
60:2a:7d:db:7d:5e:7b:47:b4:c8:a4:9a:81:2e:d0:73:0c:b2:
48:b8:d8:95
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZ3ZpWrcrS4XEiQMXgFIMtElMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjYwNDI5MTQyOTQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGFkYTliYjk0Nzk5NTZhYWYyMTdhODRhZTRlZTM1NTkxNjU5YTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlzTh1B3s5GAGZQaXxPsTXn3Q1+NF
+dDFe7LJwsnLQSG2sWl4XJxtFxIKu8a51suj8XskQdsctltm+vkP2jNyoUJuCkKY
0JzAvmdx2ubTMwyxp1XkoTj5nqkaXxdgGhKfXk9RGYwBIbEbz2NN3xrYKfenyHjb
VgJlJ71I+sOMumYOFte2wSXOCL4FVztdQWljFVdDt9B5yNvxgW83jVmAqW+rpICK
1btmhw5mxToWDiRQuiZ3J7WJAU9Sg5Zr7Rk4SnmJwDCwSwI5+r8E8buRvp6ETZs5
uw7Y4HGYASalG1HqCCwx5trImH7nq4crm3+0DWA0/js/K7HU+gn580humQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFJitqbuUeZVqryF6hK5O41WRZZqdMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvbUsycHU1UjVsV3F2SVhxRXJrN2pWWkZsbXAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAwepcAwQA
wetVMA8EAgACMAkDBwAqAQKAAzAwDQYJKoZIhvcNAQELBQADggEBAFnhWK2g5nHh
XK5An/md/lzanv0wPzrMS9euvQcP0LiVdggrw+SkrSy6bx/lbGQLStdouVXRpm9T
pb9Tnyo49Q9juOAD44f8p1WVCcRZJDj7eqzPLy5vHiBDjKjvM1+MelBQNraQ2f0P
7s9Wxw0wFKjIhoI5r3xl9MwaftKTDZkzgjhAuBLdHcSQCFWqhm6fdFmLB2KTaw1m
USi9bf3msx0o7sQhbuKOzQUL55njRdHjpiigKySpEZFqyAABALp0Qfi4VXtUZTaR
mNUIH64PntJRT0CotnhUrQbR1EbhgAX/fQivyW0XnawS52Aqfdt9XntHtMikmoEu
0HMMski42JU=
-----END CERTIFICATE-----
Generated at Wed May 13 02:38:06 2026 by rpki-client