Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/0df9f9-0904-437f-98eb-0d99de7970bf/1/1-yp1lR1t9CHfuX3rrZ9tBUSW6YU.roa
File: 1-yp1lR1t9CHfuX3rrZ9tBUSW6YU.roa (raw, json)
Hash identifier: ysaq9zqofJGOE0NIkNp0CsTNypyLgdEzk9CWYMwusP4=
Subject key identifier: FB:2A:75:95:1D:6D:F4:21:DF:B9:7D:EB:AD:9F:6D:05:44:96:E9:85
Certificate issuer: /CN=d1690d75b46faee626a79a3b0e7df6b6a723f329
Certificate serial: 019D0386A7746A9B70F71C571236E655BF92
Authority key identifier: D1:69:0D:75:B4:6F:AE:E6:26:A7:9A:3B:0E:7D:F6:B6:A7:23:F3:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0WkNdbRvruYmp5o7Dn32tqcj8yk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/0df9f9-0904-437f-98eb-0d99de7970bf/1/1-yp1lR1t9CHfuX3rrZ9tBUSW6YU.roa
Signing time: Thu 19 Mar 2026 00:37:29 +0000
ROA not before: Thu 19 Mar 2026 00:37:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 6364
IP address blocks: 89.107.56.0/21 maxlen: 24
185.73.36.0/22 maxlen: 24
2a03:41a0::/32 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/0df9f9-0904-437f-98eb-0d99de7970bf/1/0WkNdbRvruYmp5o7Dn32tqcj8yk.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/0df9f9-0904-437f-98eb-0d99de7970bf/1/0WkNdbRvruYmp5o7Dn32tqcj8yk.mft
rsync://rpki.ripe.net/repository/DEFAULT/0WkNdbRvruYmp5o7Dn32tqcj8yk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:03:86:a7:74:6a:9b:70:f7:1c:57:12:36:e6:55:bf:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1690d75b46faee626a79a3b0e7df6b6a723f329
Validity
Not Before: Mar 19 00:37:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=fb2a75951d6df421dfb97debad9f6d054496e985
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:52:80:ea:87:43:a0:53:85:f7:eb:c2:eb:b1:
ea:60:da:de:60:d8:d8:14:df:95:8a:e8:cb:b7:a9:
3f:07:1f:5c:21:53:94:71:6f:0e:14:21:8c:2d:a3:
f2:72:0f:c5:20:e7:a7:c7:e1:a1:b6:6c:39:bf:ff:
43:74:2b:5d:d1:bd:93:9b:6d:fc:b8:83:f8:ca:99:
7e:c2:f2:6f:30:72:d1:e1:7b:b2:f8:cd:49:ea:13:
85:2d:ae:3f:59:a5:32:55:16:6a:25:7d:40:73:c3:
33:de:d6:6b:39:02:0e:19:1e:00:69:00:c8:14:63:
52:f1:43:22:4f:ff:1a:77:3c:8c:74:66:5f:e8:ca:
06:1e:6e:75:12:06:a3:46:0c:db:81:e3:0a:32:e2:
03:92:79:23:41:93:e1:e4:70:d1:b3:75:92:fc:e3:
96:41:37:60:04:de:a6:36:20:d9:06:cf:cb:63:8b:
d2:f9:93:0e:ab:57:d2:20:2d:44:69:af:9c:2c:76:
fc:d8:6f:02:c8:8e:cb:19:43:9c:4e:3d:c9:f4:d2:
19:c5:6d:15:54:8e:7d:e2:fa:d6:0a:7d:e2:4b:e7:
f6:20:83:c1:1b:14:27:a1:74:5b:66:f9:6d:9d:07:
fe:05:88:9f:5a:2e:44:44:43:1a:11:31:6e:9d:f5:
87:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:2A:75:95:1D:6D:F4:21:DF:B9:7D:EB:AD:9F:6D:05:44:96:E9:85
X509v3 Authority Key Identifier:
keyid:D1:69:0D:75:B4:6F:AE:E6:26:A7:9A:3B:0E:7D:F6:B6:A7:23:F3:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0WkNdbRvruYmp5o7Dn32tqcj8yk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0df9f9-0904-437f-98eb-0d99de7970bf/1/1-yp1lR1t9CHfuX3rrZ9tBUSW6YU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0df9f9-0904-437f-98eb-0d99de7970bf/1/0WkNdbRvruYmp5o7Dn32tqcj8yk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.107.56.0/21
185.73.36.0/22
IPv6:
2a03:41a0::/32
Signature Algorithm: sha256WithRSAEncryption
4f:4f:04:64:60:e0:1d:4a:60:4f:cf:39:e2:b1:92:79:99:f6:
3a:4c:a4:ab:9f:ca:89:02:39:51:27:85:2a:fa:4f:74:d3:c0:
bf:90:31:7b:d6:d9:0f:40:45:a5:a4:70:41:6a:bd:9b:3f:e9:
35:62:40:23:53:fa:c9:d8:9b:0d:42:09:94:0b:55:dc:ac:1b:
e6:33:e3:42:cf:e5:4e:ff:8c:93:52:9f:51:3f:6d:ac:5f:1a:
03:85:ee:fc:93:4d:87:79:65:c8:ce:53:54:38:c4:b7:47:63:
df:51:ef:a3:22:26:60:45:2f:99:4d:b0:fa:f4:f0:a0:3d:2b:
8b:09:4b:e4:90:0a:d8:7f:2f:6d:16:e7:27:26:7d:01:8c:e2:
a3:6f:8e:a0:d6:e7:60:36:4d:89:aa:e8:d4:89:45:d3:e3:5b:
a8:b2:2f:a5:56:92:c5:2e:8a:3d:95:a2:fe:ca:4a:9c:b2:55:
8f:32:46:66:b8:89:6b:1b:47:54:8d:a4:19:17:da:ba:fc:dd:
83:de:a4:aa:4f:ee:94:2a:bf:ce:ca:ad:ac:05:62:7b:a9:0a:
4a:a2:38:d8:be:4c:35:92:ad:02:e6:d0:69:0e:f3:b6:c5:62:
59:58:81:e7:b4:df:36:c5:a3:45:15:b8:90:04:4c:53:0f:b2:
b8:89:9c:b3
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZ0Dhqd0aptw9xxXEjbmVb+SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxNjkwZDc1YjQ2ZmFlZTYyNmE3OWEzYjBlN2RmNmI2YTcy
M2YzMjkwHhcNMjYwMzE5MDAzNzI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjJhNzU5NTFkNmRmNDIxZGZiOTdkZWJhZDlmNmQwNTQ0OTZlOTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4FKA6odDoFOF9+vC67HqYNreYNjY
FN+ViujLt6k/Bx9cIVOUcW8OFCGMLaPycg/FIOenx+Ghtmw5v/9DdCtd0b2Tm238
uIP4ypl+wvJvMHLR4Xuy+M1J6hOFLa4/WaUyVRZqJX1Ac8Mz3tZrOQIOGR4AaQDI
FGNS8UMiT/8adzyMdGZf6MoGHm51EgajRgzbgeMKMuIDknkjQZPh5HDRs3WS/OOW
QTdgBN6mNiDZBs/LY4vS+ZMOq1fSIC1Eaa+cLHb82G8CyI7LGUOcTj3J9NIZxW0V
VI594vrWCn3iS+f2IIPBGxQnoXRbZvltnQf+BYifWi5EREMaETFunfWH3QIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFPsqdZUdbfQh37l9662fbQVElumFMB8GA1UdIwQY
MBaAFNFpDXW0b67mJqeaOw599ranI/MpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFdrTmRiUnZydVltcDVvN0RuMzJ0cWNqOHlrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8wZGY5ZjktMDkwNC00MzdmLTk4ZWIt
MGQ5OWRlNzk3MGJmLzEvMS15cDFsUjF0OUNIZnVYM3JyWjl0QlVTVzZZVS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjgvMGRmOWY5LTA5MDQtNDM3Zi05OGViLTBkOTlkZTc5NzBi
Zi8xLzBXa05kYlJ2cnVZbXA1bzdEbjMydHFjajh5ay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA0BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEA1lrOAME
ArlJJDANBAIAAjAHAwUAKgNBoDANBgkqhkiG9w0BAQsFAAOCAQEAT08EZGDgHUpg
T8854rGSeZn2Okykq5/KiQI5USeFKvpPdNPAv5Axe9bZD0BFpaRwQWq9mz/pNWJA
I1P6ydibDUIJlAtV3Kwb5jPjQs/lTv+Mk1KfUT9trF8aA4Xu/JNNh3llyM5TVDjE
t0dj31HvoyImYEUvmU2w+vTwoD0riwlL5JAK2H8vbRbnJyZ9AYzio2+OoNbnYDZN
iaro1IlF0+NbqLIvpVaSxS6KPZWi/spKnLJVjzJGZriJaxtHVI2kGRfauvzdg96k
qk/ulCq/zsqtrAVie6kKSqI42L5MNZKtAubQaQ7ztsViWViB57TfNsWjRRW4kARM
Uw+yuImcsw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 15:09:13 2026 by rpki-client