Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/TMsha0GRszbL5uv24xLt-ZfZgKc.roa
File: TMsha0GRszbL5uv24xLt-ZfZgKc.roa (raw, json)
Hash identifier: j5QxVvGBFLOVC7/0gok3R4odJR1SrmBkpeCDz/Tn8is=
Subject key identifier: 4C:CB:21:6B:41:91:B3:36:CB:E6:EB:F6:E3:12:ED:F9:97:D9:80:A7
Certificate issuer: /CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Certificate serial: 019E1B0339747723BCC43A18F604777E80F4
Authority key identifier: 49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/TMsha0GRszbL5uv24xLt-ZfZgKc.roa
Signing time: Tue 12 May 2026 07:07:36 +0000
ROA not before: Tue 12 May 2026 07:07:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 200307
IP address blocks: 152.89.29.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.mft
rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1b:03:39:74:77:23:bc:c4:3a:18:f6:04:77:7e:80:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Validity
Not Before: May 12 07:07:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4ccb216b4191b336cbe6ebf6e312edf997d980a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:a6:d7:6b:e5:a3:fc:06:ee:1a:0f:04:f1:b3:
57:5f:07:99:4f:75:09:0c:4d:ee:21:ac:45:7f:5d:
1d:ec:f9:9b:1b:d0:51:17:c1:e0:9f:f6:52:69:e4:
62:2d:8a:c4:63:8e:1a:71:00:e1:72:b8:8b:10:cc:
80:d5:3e:d3:ef:5c:4c:f8:0f:ce:78:09:ac:06:67:
3a:4e:96:e6:ca:a3:e3:25:29:f9:0d:c6:f4:32:fc:
a2:7c:d8:00:00:db:a8:9d:96:57:27:da:c0:84:51:
c7:43:8a:2b:5c:f4:ba:02:5c:87:ef:35:36:8f:ec:
30:e5:76:ec:e4:50:0a:54:61:c8:47:39:6f:6b:c2:
35:d1:2a:e4:91:9c:27:8e:7f:27:3f:bf:06:dc:1a:
74:5d:c1:d4:8b:eb:d1:8d:ca:2b:3a:c1:55:64:87:
bd:9f:06:66:e0:bc:3b:d6:58:d1:29:5e:bb:86:cc:
5e:5d:d2:e1:3b:c5:c4:80:56:cf:5e:ab:b5:58:46:
4e:2e:8e:a1:80:e5:27:7c:85:b5:60:ee:2b:20:68:
b2:40:8a:d4:2a:c2:ae:68:e9:4d:17:44:57:ea:44:
87:a1:79:38:ae:85:9d:c5:6e:b2:1a:51:05:49:10:
f5:11:0d:f1:16:c2:d3:89:a3:31:ce:1b:a0:c3:8d:
32:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:CB:21:6B:41:91:B3:36:CB:E6:EB:F6:E3:12:ED:F9:97:D9:80:A7
X509v3 Authority Key Identifier:
keyid:49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/TMsha0GRszbL5uv24xLt-ZfZgKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.29.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:cf:2c:fe:6d:f1:f3:0c:db:9a:8a:19:d1:44:81:d4:e2:8f:
e8:b0:7e:0c:42:84:88:a0:1c:6f:37:b0:6e:9d:f1:b2:c1:27:
56:db:dc:b9:c3:49:3c:bd:2f:3c:29:05:ec:17:65:a7:ab:1c:
ca:6b:10:01:e4:87:da:93:01:0f:bd:8d:48:81:6d:1f:e7:fe:
cd:90:69:8d:94:d4:64:cb:cb:33:f4:69:49:e7:8c:c2:95:e3:
23:d8:8b:6a:1d:f7:9f:d6:f0:fc:39:ee:70:61:77:0a:e2:4f:
3c:6f:11:61:bc:74:29:ef:e2:d8:1a:92:a1:39:04:71:8e:e5:
8c:51:a5:32:70:de:1d:3b:62:e1:10:67:e4:16:f1:7f:0b:ed:
b3:af:32:10:f1:de:00:d4:c7:ca:7f:af:bd:1e:5f:6c:05:50:
b2:42:92:f5:ef:38:e5:f5:ed:e9:ea:0d:d4:34:bf:a2:84:9b:
2b:8a:c4:17:e5:8e:c3:8b:e8:a3:62:b7:ea:6e:8e:dc:c7:a2:
c5:04:00:16:c3:ba:80:2a:88:02:8b:7a:e4:14:19:ac:71:6f:
2b:fa:49:2a:e6:f2:e0:a8:01:6d:12:1f:c8:12:b9:d9:1e:e5:
bb:51:9b:6a:b4:84:37:1d:f4:4c:39:c0:59:84:6e:0c:a9:42:
dd:27:9f:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ4bAzl0dyO8xDoY9gR3foD0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ODZjNzM5OTRkMDJkOTFmYzk3ZDkxNmU5ODA5YTZkOTgx
ZTZiMTcwHhcNMjYwNTEyMDcwNzM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2NiMjE2YjQxOTFiMzM2Y2JlNmViZjZlMzEyZWRmOTk3ZDk4MGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKbXa+Wj/AbuGg8E8bNXXweZT3UJ
DE3uIaxFf10d7PmbG9BRF8Hgn/ZSaeRiLYrEY44acQDhcriLEMyA1T7T71xM+A/O
eAmsBmc6TpbmyqPjJSn5Dcb0MvyifNgAANuonZZXJ9rAhFHHQ4orXPS6AlyH7zU2
j+ww5Xbs5FAKVGHIRzlva8I10SrkkZwnjn8nP78G3Bp0XcHUi+vRjcorOsFVZIe9
nwZm4Lw71ljRKV67hsxeXdLhO8XEgFbPXqu1WEZOLo6hgOUnfIW1YO4rIGiyQIrU
KsKuaOlNF0RX6kSHoXk4roWdxW6yGlEFSRD1EQ3xFsLTiaMxzhugw40yFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEzLIWtBkbM2y+br9uMS7fmX2YCnMB8GA1UdIwQY
MBaAFEmGxzmU0C2R/JfZFumAmm2YHmsXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzIt
OWU4OTVkMGVmOGQyLzEvVE1zaGEwR1JzemJMNXV2MjR4THQtWmZaZ0tjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzItOWU4OTVkMGVmOGQy
LzEvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmFkdMA0G
CSqGSIb3DQEBCwUAA4IBAQB9zyz+bfHzDNuaihnRRIHU4o/osH4MQoSIoBxvN7Bu
nfGywSdW29y5w0k8vS88KQXsF2WnqxzKaxAB5IfakwEPvY1IgW0f5/7NkGmNlNRk
y8sz9GlJ54zCleMj2ItqHfef1vD8Oe5wYXcK4k88bxFhvHQp7+LYGpKhOQRxjuWM
UaUycN4dO2LhEGfkFvF/C+2zrzIQ8d4A1MfKf6+9Hl9sBVCyQpL17zjl9e3p6g3U
NL+ihJsrisQX5Y7Di+ijYrfqbo7cx6LFBAAWw7qAKogCi3rkFBmscW8r+kkq5vLg
qAFtEh/IErnZHuW7UZtqtIQ3HfRMOcBZhG4MqULdJ5/J
-----END CERTIFICATE-----
Generated at Wed May 13 01:14:48 2026 by rpki-client