Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/jC0FytHOQo8nsOSr_TxJG9hBpPo.roa
File: jC0FytHOQo8nsOSr_TxJG9hBpPo.roa (raw, json)
Hash identifier: ct8GEHFwAhk9z+v/Ee8wgNDnWwu3VuXy1Nh1/WS1afk=
Subject key identifier: 8C:2D:05:CA:D1:CE:42:8F:27:B0:E4:AB:FD:3C:49:1B:D8:41:A4:FA
Certificate issuer: /CN=618478f198fe569010c3df6219142f530c4f5e56
Certificate serial: 019DCDECE2C7B74302452E6D0570E9F14726
Authority key identifier: 61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/jC0FytHOQo8nsOSr_TxJG9hBpPo.roa
Signing time: Mon 27 Apr 2026 07:52:26 +0000
ROA not before: Mon 27 Apr 2026 07:52:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 57013
IP address blocks: 91.231.187.0/24 maxlen: 24
92.63.181.0/24 maxlen: 24
93.92.115.0/24 maxlen: 24
109.196.105.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl
rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.mft
rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:cd:ec:e2:c7:b7:43:02:45:2e:6d:05:70:e9:f1:47:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=618478f198fe569010c3df6219142f530c4f5e56
Validity
Not Before: Apr 27 07:52:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8c2d05cad1ce428f27b0e4abfd3c491bd841a4fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:71:ef:e4:1a:14:9d:91:20:7f:e0:1a:c3:af:
87:ec:4b:d9:71:86:72:6c:52:c4:c0:e1:13:03:32:
bb:4f:9e:3d:cc:e7:2d:e5:86:9c:98:00:31:02:0f:
bb:ba:12:3e:b8:f8:59:3e:84:d5:35:6d:d9:28:36:
48:aa:eb:5b:e6:34:4d:de:4d:9c:d4:57:ff:1b:9f:
a2:48:0d:96:c5:39:22:4e:75:3e:df:5d:2a:75:a3:
e2:e9:5f:1b:cb:8f:6a:2f:37:61:48:29:6b:f4:4a:
97:d0:6d:aa:3e:b3:5e:61:fe:99:8a:7a:94:ae:ac:
a4:b2:bd:a7:b9:ed:56:f5:a5:e5:05:11:de:f0:6e:
c3:e2:a7:8a:61:61:2d:e0:c5:a5:6f:43:35:b1:e3:
04:a3:0e:11:9c:6c:a4:7c:57:74:fd:71:62:32:92:
1c:10:b0:8c:f2:7f:d7:9a:96:34:02:f5:94:6e:7a:
c8:1c:9e:96:86:f7:79:70:ae:c0:8a:79:d3:1b:c4:
93:7b:9e:3e:7a:83:be:2f:1e:7d:77:71:e8:4f:d2:
70:73:63:2d:85:35:cc:74:b0:2f:87:15:87:03:fa:
c5:d3:ae:22:c3:7d:8b:c2:4f:06:bf:1e:a6:77:6c:
ea:d6:ff:46:0b:5d:fc:eb:72:cc:fc:6b:fb:3e:42:
4d:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:2D:05:CA:D1:CE:42:8F:27:B0:E4:AB:FD:3C:49:1B:D8:41:A4:FA
X509v3 Authority Key Identifier:
keyid:61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/jC0FytHOQo8nsOSr_TxJG9hBpPo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.231.187.0/24
92.63.181.0/24
93.92.115.0/24
109.196.105.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:95:29:ae:3a:b4:9d:d8:3f:4b:55:e8:78:8d:23:69:00:38:
a5:86:1c:11:92:39:a2:7a:73:50:b5:b6:ae:7a:f4:cd:37:cc:
5a:65:9a:52:d5:11:fa:32:f8:78:1f:a3:c0:16:40:35:eb:d1:
0a:bf:8c:8d:02:52:8c:d7:d2:c9:71:3d:67:fc:41:67:ed:b1:
53:7a:61:f0:17:1e:3b:57:63:00:1d:33:82:d3:af:60:f9:80:
b5:78:30:90:d7:56:d1:14:7e:19:70:6d:e9:5d:10:23:bb:d0:
57:c6:c1:a7:5d:79:c6:c3:0e:76:27:aa:e8:17:9e:10:fd:a9:
0b:97:d0:85:9e:17:0f:8c:2e:63:ca:9f:1b:68:67:14:af:e3:
68:a8:ce:fa:2a:bc:d1:85:94:d0:56:48:d1:8c:7b:46:c1:27:
1f:dc:96:3b:cb:09:f8:4c:1b:aa:6c:8c:85:8c:d0:83:4d:c3:
70:61:28:5f:4f:04:5d:14:51:fe:e7:f0:06:f7:6d:e4:a6:15:
fc:da:8d:1d:d0:87:11:33:2d:62:f6:9e:a4:99:15:42:d3:2d:
6e:c6:50:7e:a4:ea:f7:a6:f8:a8:d7:93:41:b2:bd:0b:03:98:
b0:26:4a:da:3c:9c:10:ad:5a:3b:06:99:4d:2a:36:76:85:a4:
2d:c3:db:6e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ3N7OLHt0MCRS5tBXDp8UcmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxODQ3OGYxOThmZTU2OTAxMGMzZGY2MjE5MTQyZjUzMGM0
ZjVlNTYwHhcNMjYwNDI3MDc1MjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzJkMDVjYWQxY2U0MjhmMjdiMGU0YWJmZDNjNDkxYmQ4NDFhNGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvXHv5BoUnZEgf+Aaw6+H7EvZcYZy
bFLEwOETAzK7T549zOct5YacmAAxAg+7uhI+uPhZPoTVNW3ZKDZIqutb5jRN3k2c
1Ff/G5+iSA2WxTkiTnU+310qdaPi6V8by49qLzdhSClr9EqX0G2qPrNeYf6ZinqU
rqyksr2nue1W9aXlBRHe8G7D4qeKYWEt4MWlb0M1seMEow4RnGykfFd0/XFiMpIc
ELCM8n/XmpY0AvWUbnrIHJ6Whvd5cK7AinnTG8STe54+eoO+Lx59d3HoT9Jwc2Mt
hTXMdLAvhxWHA/rF064iw32Lwk8Gvx6md2zq1v9GC13863LM/Gv7PkJNcQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIwtBcrRzkKPJ7Dkq/08SRvYQaT6MB8GA1UdIwQY
MBaAFGGEePGY/laQEMPfYhkUL1MMT15WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEt
YmE5OGYxMTIyMTIxLzEvakMwRnl0SE9Rbzhuc09Tcl9UeEpHOWhCcFBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEtYmE5OGYxMTIyMTIx
LzEvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW+e7AwQA
XD+1AwQAXVxzAwQAbcRpMA0GCSqGSIb3DQEBCwUAA4IBAQCglSmuOrSd2D9LVeh4
jSNpADilhhwRkjmienNQtbauevTNN8xaZZpS1RH6Mvh4H6PAFkA169EKv4yNAlKM
19LJcT1n/EFn7bFTemHwFx47V2MAHTOC069g+YC1eDCQ11bRFH4ZcG3pXRAju9BX
xsGnXXnGww52J6roF54Q/akLl9CFnhcPjC5jyp8baGcUr+NoqM76KrzRhZTQVkjR
jHtGwScf3JY7ywn4TBuqbIyFjNCDTcNwYShfTwRdFFH+5/AG923kphX82o0d0IcR
My1i9p6kmRVC0y1uxlB+pOr3pvio15NBsr0LA5iwJkraPJwQrVo7BplNKjZ2haQt
w9tu
-----END CERTIFICATE-----
Generated at Tue May 12 21:38:25 2026 by rpki-client