Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/91iIhOdYfqRtRqyWmAtUJvCdG8k.roa
File: 91iIhOdYfqRtRqyWmAtUJvCdG8k.roa (raw, json)
Hash identifier: P6iuf+zzdN/Rf5MUMtkhwBjZM5hMCWELXCg4YFnkmek=
Subject key identifier: F7:58:88:84:E7:58:7E:A4:6D:46:AC:96:98:0B:54:26:F0:9D:1B:C9
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 019D09A08D05BAE12EA31B709B7FFBBC574C
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/91iIhOdYfqRtRqyWmAtUJvCdG8k.roa
Signing time: Fri 20 Mar 2026 05:03:29 +0000
ROA not before: Fri 20 Mar 2026 05:03:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 58061
IP address blocks: 192.124.191.0/24 maxlen: 24
193.124.5.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.22.0/24 maxlen: 24
194.87.40.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
194.87.142.0/24 maxlen: 24
194.87.150.0/24 maxlen: 24
194.87.185.0/24 maxlen: 24
195.133.6.0/24 maxlen: 24
195.133.42.0/24 maxlen: 24
195.133.72.0/24 maxlen: 24
195.133.85.0/24 maxlen: 24
212.193.14.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:09:a0:8d:05:ba:e1:2e:a3:1b:70:9b:7f:fb:bc:57:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 20 05:03:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f7588884e7587ea46d46ac96980b5426f09d1bc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:40:d4:f0:41:a6:d7:48:94:f7:f9:f6:f0:a3:
cd:00:7e:ac:9c:d7:4c:c3:06:47:47:c9:8f:45:a6:
8a:5c:79:67:16:4a:a0:1e:37:1a:32:48:aa:d6:58:
ba:0b:9f:00:2f:2a:09:23:72:c0:9d:f0:64:a8:90:
41:bf:65:0c:64:2b:6e:8f:11:9a:86:4a:07:a0:2e:
38:dc:04:8c:ae:eb:96:f8:14:47:a9:92:b5:0d:3a:
ed:93:ea:27:19:b4:1d:42:24:85:c9:49:87:fb:de:
21:d6:29:c3:81:01:01:85:f1:0d:d1:d1:35:90:6e:
8c:c2:a7:88:78:03:a6:cc:f6:d9:e0:f1:af:00:06:
d3:3c:f3:3e:4e:3f:33:39:5a:b1:2f:9d:43:58:c7:
49:82:f6:75:4f:3d:ac:a2:e1:74:20:05:51:67:d9:
6c:fc:83:a4:46:40:bd:50:a1:b2:0d:62:7c:8b:a5:
35:dd:89:fc:cc:da:1e:ca:44:ec:d8:11:53:3d:f1:
ea:46:96:67:87:62:47:f2:6b:72:e9:ce:a0:5c:a0:
ac:9b:7e:40:d3:bb:10:ee:fb:8f:a8:68:c0:f9:15:
95:18:d7:8d:92:20:af:3b:fa:ab:a4:65:12:2a:79:
f2:49:19:5e:aa:e2:0d:eb:23:03:57:d0:7b:8a:4b:
67:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:58:88:84:E7:58:7E:A4:6D:46:AC:96:98:0B:54:26:F0:9D:1B:C9
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/91iIhOdYfqRtRqyWmAtUJvCdG8k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.191.0/24
193.124.5.0/24
194.87.12.0/24
194.87.22.0/24
194.87.40.0/24
194.87.124.0/24
194.87.142.0/24
194.87.150.0/24
194.87.185.0/24
195.133.6.0/24
195.133.42.0/24
195.133.72.0/24
195.133.85.0/24
212.193.14.0/24
Signature Algorithm: sha256WithRSAEncryption
62:3c:0a:b9:11:b9:3b:10:70:64:e5:27:46:a9:cf:1a:cd:29:
f5:2b:5e:45:3a:eb:d1:f9:f6:d0:25:00:4c:08:4b:64:c3:93:
6c:da:5c:08:74:88:8e:dc:52:bd:60:c6:47:82:a3:2e:0e:ff:
df:27:fe:03:6d:a1:82:7b:60:0e:db:cc:d7:c4:b5:fc:f6:90:
4a:9a:22:36:d7:b0:0e:18:07:c7:f1:00:c6:db:30:84:2e:78:
1a:62:71:af:77:e0:26:f2:ad:cb:7b:e2:ca:9c:01:00:13:3f:
a0:fb:b9:a9:22:d5:f0:11:71:af:41:fc:6a:84:67:5f:2f:e1:
3a:78:1f:0d:f8:7a:8e:4c:41:44:15:68:1b:5b:57:14:7b:38:
3e:4f:fe:7b:56:97:ee:c5:55:82:ab:09:06:c9:0d:d6:61:3c:
e4:88:43:c1:f0:2f:f1:91:25:02:fb:91:fd:ec:23:26:d0:5b:
fa:f0:e9:98:6b:43:e1:ae:e7:54:ff:d4:d3:3c:1d:3e:79:fa:
ee:ae:80:69:8d:2d:67:c2:e8:90:2a:a5:f7:90:17:d4:c2:6e:
29:a4:bf:f3:ba:ee:69:c1:e7:4b:73:91:35:90:19:dc:1b:24:
b2:5a:6e:6f:ca:a5:44:97:4d:dd:0e:b1:12:0e:d4:8d:c2:81:
62:19:59:56
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZ0JoI0FuuEuoxtwm3/7vFdMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjYwMzIwMDUwMzI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzU4ODg4NGU3NTg3ZWE0NmQ0NmFjOTY5ODBiNTQyNmYwOWQxYmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsEDU8EGm10iU9/n28KPNAH6snNdM
wwZHR8mPRaaKXHlnFkqgHjcaMkiq1li6C58ALyoJI3LAnfBkqJBBv2UMZCtujxGa
hkoHoC443ASMruuW+BRHqZK1DTrtk+onGbQdQiSFyUmH+94h1inDgQEBhfEN0dE1
kG6MwqeIeAOmzPbZ4PGvAAbTPPM+Tj8zOVqxL51DWMdJgvZ1Tz2souF0IAVRZ9ls
/IOkRkC9UKGyDWJ8i6U13Yn8zNoeykTs2BFTPfHqRpZnh2JH8mty6c6gXKCsm35A
07sQ7vuPqGjA+RWVGNeNkiCvO/qrpGUSKnnySRlequIN6yMDV9B7iktnMQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFPdYiITnWH6kbUaslpgLVCbwnRvJMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvOTFpSWhPZFlmcVJ0UnF5V21BdFVKdkNkRzhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQAwHy/AwQA
wXwFAwQAwlcMAwQAwlcWAwQAwlcoAwQAwld8AwQAwleOAwQAwleWAwQAwle5AwQA
w4UGAwQAw4UqAwQAw4VIAwQAw4VVAwQA1MEOMA0GCSqGSIb3DQEBCwUAA4IBAQBi
PAq5Ebk7EHBk5SdGqc8azSn1K15FOuvR+fbQJQBMCEtkw5Ns2lwIdIiO3FK9YMZH
gqMuDv/fJ/4DbaGCe2AO28zXxLX89pBKmiI217AOGAfH8QDG2zCELngaYnGvd+Am
8q3Le+LKnAEAEz+g+7mpItXwEXGvQfxqhGdfL+E6eB8N+HqOTEFEFWgbW1cUezg+
T/57VpfuxVWCqwkGyQ3WYTzkiEPB8C/xkSUC+5H97CMm0Fv68OmYa0PhrudU/9TT
PB0+efruroBpjS1nwuiQKqX3kBfUwm4ppL/zuu5pwedLc5E1kBncGySyWm5vyqVE
l03dDrESDtSNwoFiGVlW
-----END CERTIFICATE-----
Generated at Thu Mar 26 02:30:54 2026 by rpki-client