Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/0fbf48-5db7-49fe-bf44-6a36705bba6f/1/0Zv7gbcee3oYhoixuKSpzeAn6hc.roa
File: 0Zv7gbcee3oYhoixuKSpzeAn6hc.roa (raw, json)
Hash identifier: g3K2VjxQqR918zAxnhQ8qYXe0zM7/nlsaCescrnOAFg=
Subject key identifier: D1:9B:FB:81:B7:1E:7B:7A:18:86:88:B1:B8:A4:A9:CD:E0:27:EA:17
Certificate issuer: /CN=0c05ca111c0093b56514215be467b515dda56c06
Certificate serial: 019E175E506841B0D47432D6A31339F88C1F
Authority key identifier: 0C:05:CA:11:1C:00:93:B5:65:14:21:5B:E4:67:B5:15:DD:A5:6C:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DAXKERwAk7VlFCFb5Ge1Fd2lbAY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/0fbf48-5db7-49fe-bf44-6a36705bba6f/1/0Zv7gbcee3oYhoixuKSpzeAn6hc.roa
Signing time: Mon 11 May 2026 14:08:37 +0000
ROA not before: Mon 11 May 2026 14:08:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 209824
IP address blocks: 91.221.223.0/24 maxlen: 24
217.113.54.0/23 maxlen: 23
217.113.54.0/24 maxlen: 24
2a13:e700::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/0fbf48-5db7-49fe-bf44-6a36705bba6f/1/DAXKERwAk7VlFCFb5Ge1Fd2lbAY.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/0fbf48-5db7-49fe-bf44-6a36705bba6f/1/DAXKERwAk7VlFCFb5Ge1Fd2lbAY.mft
rsync://rpki.ripe.net/repository/DEFAULT/DAXKERwAk7VlFCFb5Ge1Fd2lbAY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:17:5e:50:68:41:b0:d4:74:32:d6:a3:13:39:f8:8c:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c05ca111c0093b56514215be467b515dda56c06
Validity
Not Before: May 11 14:08:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d19bfb81b71e7b7a188688b1b8a4a9cde027ea17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:f1:e9:94:17:f0:5d:19:ab:69:ac:fe:6f:44:
66:5c:b7:18:13:a7:28:2e:74:12:3c:3f:71:95:92:
40:72:19:fb:4d:f9:27:92:b1:da:0c:3e:95:41:6c:
e4:7d:45:ee:13:38:64:eb:31:84:7d:4c:83:eb:da:
5f:7a:41:11:80:48:5a:db:b7:d6:f2:6c:0a:16:88:
bf:55:21:67:50:e2:3e:48:55:75:85:c7:fa:dc:e8:
8b:1c:bd:21:2e:90:e5:69:a9:5b:38:fb:ea:66:be:
5d:80:18:05:d8:4e:78:85:eb:e4:67:34:54:7e:e3:
6e:d0:91:f8:0c:1a:46:76:6b:91:77:6a:92:74:15:
a6:bf:9c:8d:11:8a:ee:38:c1:1b:74:b1:bd:37:53:
cb:c8:3e:5a:8f:0b:2f:99:3e:00:5b:6f:84:94:3f:
d9:26:33:32:c2:69:4d:4e:65:4a:bf:b6:fc:82:a5:
79:0f:7d:e7:b3:af:27:66:ca:9b:b4:ee:15:95:82:
e5:41:fa:27:b2:2c:9c:bb:a3:65:bf:5e:fa:20:37:
63:62:19:7b:8f:27:1f:76:aa:35:3b:2e:25:cf:e4:
0d:28:15:e1:bf:b1:4c:a3:bb:6b:25:fc:ae:bf:ee:
44:a1:c8:21:dd:b6:e0:94:3a:58:ab:91:78:22:8f:
98:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:9B:FB:81:B7:1E:7B:7A:18:86:88:B1:B8:A4:A9:CD:E0:27:EA:17
X509v3 Authority Key Identifier:
keyid:0C:05:CA:11:1C:00:93:B5:65:14:21:5B:E4:67:B5:15:DD:A5:6C:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DAXKERwAk7VlFCFb5Ge1Fd2lbAY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/0fbf48-5db7-49fe-bf44-6a36705bba6f/1/0Zv7gbcee3oYhoixuKSpzeAn6hc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/0fbf48-5db7-49fe-bf44-6a36705bba6f/1/DAXKERwAk7VlFCFb5Ge1Fd2lbAY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.221.223.0/24
217.113.54.0/23
IPv6:
2a13:e700::/48
Signature Algorithm: sha256WithRSAEncryption
28:ec:a8:56:c7:0a:20:9e:fd:96:69:04:b7:e0:16:4f:f3:af:
8d:69:ed:c5:63:5a:2e:06:a7:b3:9d:74:6d:de:05:3c:22:61:
de:7c:0e:c4:08:21:ae:bf:0e:fa:6c:4c:a6:03:f9:4e:43:34:
42:9e:54:2f:6a:4a:6d:07:c3:3f:33:15:8b:6a:bf:e7:6f:10:
4e:f2:73:99:4a:38:e9:cd:4d:80:9c:46:82:2f:0a:f0:25:75:
87:b9:60:44:bd:d8:14:63:b1:75:ef:4f:8f:20:a6:46:fe:7b:
93:44:50:e3:09:98:54:95:17:32:cb:9c:7f:84:29:12:fd:4a:
52:6d:43:61:f8:99:8d:85:ed:bd:f7:64:ec:e8:01:90:8e:95:
1d:fa:db:17:b1:25:4a:af:f7:c8:3c:98:db:d6:5b:ae:a4:d8:
9b:e9:fb:0f:5c:1c:74:f1:78:14:3f:dc:47:b0:2c:cb:1e:98:
95:f1:ed:04:00:08:20:77:a8:30:d5:fe:18:67:57:59:d9:d6:
a8:d7:39:f7:ee:71:a7:cb:96:4b:8d:90:89:ab:06:be:45:90:
45:10:a0:a8:b3:93:48:36:f9:6b:a0:0f:52:a4:66:66:cb:19:
12:3f:20:06:ac:09:4b:85:01:eb:46:71:4e:1d:d3:2f:43:0e:
eb:64:e3:da
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZ4XXlBoQbDUdDLWoxM5+IwfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjMDVjYTExMWMwMDkzYjU2NTE0MjE1YmU0NjdiNTE1ZGRh
NTZjMDYwHhcNMjYwNTExMTQwODM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTliZmI4MWI3MWU3YjdhMTg4Njg4YjFiOGE0YTljZGUwMjdlYTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/HplBfwXRmraaz+b0RmXLcYE6co
LnQSPD9xlZJAchn7TfknkrHaDD6VQWzkfUXuEzhk6zGEfUyD69pfekERgEha27fW
8mwKFoi/VSFnUOI+SFV1hcf63OiLHL0hLpDlaalbOPvqZr5dgBgF2E54hevkZzRU
fuNu0JH4DBpGdmuRd2qSdBWmv5yNEYruOMEbdLG9N1PLyD5ajwsvmT4AW2+ElD/Z
JjMywmlNTmVKv7b8gqV5D33ns68nZsqbtO4VlYLlQfonsiycu6Nlv176IDdjYhl7
jycfdqo1Oy4lz+QNKBXhv7FMo7trJfyuv+5Eocgh3bbglDpYq5F4Io+YdQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFNGb+4G3Hnt6GIaIsbikqc3gJ+oXMB8GA1UdIwQY
MBaAFAwFyhEcAJO1ZRQhW+RntRXdpWwGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREFYS0VSd0FrN1ZsRkNGYjVHZTFGZDJsYkFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8wZmJmNDgtNWRiNy00OWZlLWJmNDQt
NmEzNjcwNWJiYTZmLzEvMFp2N2diY2VlM29ZaG9peHVLU3B6ZUFuNmhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8wZmJmNDgtNWRiNy00OWZlLWJmNDQtNmEzNjcwNWJiYTZm
LzEvREFYS0VSd0FrN1ZsRkNGYjVHZTFGZDJsYkFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAW93fAwQB
2XE2MA8EAgACMAkDBwAqE+cAAAAwDQYJKoZIhvcNAQELBQADggEBACjsqFbHCiCe
/ZZpBLfgFk/zr41p7cVjWi4Gp7OddG3eBTwiYd58DsQIIa6/DvpsTKYD+U5DNEKe
VC9qSm0Hwz8zFYtqv+dvEE7yc5lKOOnNTYCcRoIvCvAldYe5YES92BRjsXXvT48g
pkb+e5NEUOMJmFSVFzLLnH+EKRL9SlJtQ2H4mY2F7b33ZOzoAZCOlR362xexJUqv
98g8mNvWW66k2Jvp+w9cHHTxeBQ/3EewLMsemJXx7QQACCB3qDDV/hhnV1nZ1qjX
OffucafLlkuNkImrBr5FkEUQoKizk0g2+WugD1KkZmbLGRI/IAasCUuFAetGcU4d
0y9DDutk49o=
-----END CERTIFICATE-----
Generated at Tue May 12 21:24:33 2026 by rpki-client