Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/4320e2-55cc-4e5d-98cb-0912d9a5d947/1/1eP5CXO1PBIl9QsPThVXxpFKkiI.roa
File: 1eP5CXO1PBIl9QsPThVXxpFKkiI.roa (raw, json)
Hash identifier: KZ7tVteP3lGVX8UW1l2BZ5G++9dxomswpEwb1weu7Qg=
Subject key identifier: D5:E3:F9:09:73:B5:3C:12:25:F5:0B:0F:4E:15:57:C6:91:4A:92:22
Certificate issuer: /CN=0947bf06ffd6aa837371666ac4fb485c3322af30
Certificate serial: 019E1C42BE848F73E44E457CDEFD3769F49C
Authority key identifier: 09:47:BF:06:FF:D6:AA:83:73:71:66:6A:C4:FB:48:5C:33:22:AF:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CUe_Bv_WqoNzcWZqxPtIXDMirzA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/4320e2-55cc-4e5d-98cb-0912d9a5d947/1/1eP5CXO1PBIl9QsPThVXxpFKkiI.roa
Signing time: Tue 12 May 2026 12:56:36 +0000
ROA not before: Tue 12 May 2026 12:56:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 35671
IP address blocks: 91.239.75.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/4320e2-55cc-4e5d-98cb-0912d9a5d947/1/CUe_Bv_WqoNzcWZqxPtIXDMirzA.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/4320e2-55cc-4e5d-98cb-0912d9a5d947/1/CUe_Bv_WqoNzcWZqxPtIXDMirzA.mft
rsync://rpki.ripe.net/repository/DEFAULT/CUe_Bv_WqoNzcWZqxPtIXDMirzA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 12:56:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1c:42:be:84:8f:73:e4:4e:45:7c:de:fd:37:69:f4:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0947bf06ffd6aa837371666ac4fb485c3322af30
Validity
Not Before: May 12 12:56:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d5e3f90973b53c1225f50b0f4e1557c6914a9222
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:8c:2c:e4:a4:48:73:16:7d:22:e5:d9:a6:cb:
d6:07:a2:21:36:fd:bd:a6:05:41:02:67:9a:4a:42:
d3:c6:88:2e:63:51:87:1b:dc:21:0a:86:5f:7c:33:
da:74:e1:86:72:24:21:7b:b0:d7:f7:94:aa:14:1f:
95:39:45:9c:55:9a:9c:34:e6:08:45:93:d9:f4:b3:
93:0c:b4:d2:0e:cd:a1:94:b1:7c:f5:81:61:81:e2:
10:e7:71:c0:9b:70:fd:49:f7:ae:a0:44:38:37:a1:
a8:40:13:cb:07:80:c5:dd:ad:25:74:37:0b:e3:0a:
ca:3d:62:f2:c3:5f:49:ad:81:18:04:1a:c7:ca:e9:
b2:41:62:4c:85:33:c8:89:df:de:18:a9:d0:d8:58:
02:a3:4b:88:7e:a7:5b:08:69:5a:8d:db:6e:7c:6e:
bc:7b:7f:51:f4:9c:6e:4e:c1:b0:23:67:b6:ee:c2:
78:3a:e3:87:8e:b1:16:ce:82:a0:ff:8a:49:c0:1a:
9a:8d:86:be:58:bb:5d:29:23:c4:83:3c:96:7e:bf:
61:df:8a:2f:a9:5f:4a:06:d6:2e:a8:40:1d:08:f4:
36:09:3d:03:bc:4a:ff:7a:a3:ff:11:ec:bf:85:9e:
16:ca:7c:a4:0c:f5:cb:69:1b:83:35:dd:a5:98:e8:
7b:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:E3:F9:09:73:B5:3C:12:25:F5:0B:0F:4E:15:57:C6:91:4A:92:22
X509v3 Authority Key Identifier:
keyid:09:47:BF:06:FF:D6:AA:83:73:71:66:6A:C4:FB:48:5C:33:22:AF:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CUe_Bv_WqoNzcWZqxPtIXDMirzA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/4320e2-55cc-4e5d-98cb-0912d9a5d947/1/1eP5CXO1PBIl9QsPThVXxpFKkiI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/4320e2-55cc-4e5d-98cb-0912d9a5d947/1/CUe_Bv_WqoNzcWZqxPtIXDMirzA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.75.0/24
Signature Algorithm: sha256WithRSAEncryption
13:12:88:8e:ff:c9:56:6c:d1:eb:1a:b9:0a:fa:15:9e:59:1a:
33:b5:e3:e5:0a:05:63:c5:a1:fb:fb:38:0c:13:84:72:7b:69:
80:1f:33:ad:e7:cc:31:65:22:ac:ca:ea:af:6e:3c:c4:d0:e2:
6c:f5:22:c2:51:0d:92:46:f1:be:44:f8:e7:2f:f7:52:b7:9c:
bc:53:a2:95:fd:eb:5a:47:e6:03:f0:50:e9:de:98:fb:09:b2:
fc:79:25:8e:20:d5:c2:d9:53:41:81:e9:25:7c:c3:45:8d:29:
b1:c7:40:27:d3:cc:81:be:27:bd:ac:4b:56:a0:80:d3:99:6f:
f6:88:d2:95:f6:be:61:c9:1e:05:fd:7b:0b:e8:8d:66:e6:15:
f0:c8:48:05:5d:7a:e6:a0:c3:b2:88:ad:aa:5e:09:a5:7b:09:
d4:00:af:ef:56:99:e7:38:53:83:84:2c:21:4b:ef:d3:c6:60:
bf:86:2b:83:fa:ff:69:dd:05:2b:a1:30:5c:fc:b2:1f:21:fb:
69:88:3a:53:4f:7a:cb:05:9a:34:c6:3d:8d:69:b3:60:95:ac:
cb:29:c7:2c:8c:ae:a5:a1:08:ab:00:1c:0c:0c:d2:12:de:66:
18:de:85:d7:69:d9:a0:08:b9:35:de:be:35:07:78:d6:13:7c:
bf:3b:1c:90
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ4cQr6Ej3PkTkV83v03afScMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5NDdiZjA2ZmZkNmFhODM3MzcxNjY2YWM0ZmI0ODVjMzMy
MmFmMzAwHhcNMjYwNTEyMTI1NjM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWUzZjkwOTczYjUzYzEyMjVmNTBiMGY0ZTE1NTdjNjkxNGE5MjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Yws5KRIcxZ9IuXZpsvWB6IhNv29
pgVBAmeaSkLTxoguY1GHG9whCoZffDPadOGGciQhe7DX95SqFB+VOUWcVZqcNOYI
RZPZ9LOTDLTSDs2hlLF89YFhgeIQ53HAm3D9SfeuoEQ4N6GoQBPLB4DF3a0ldDcL
4wrKPWLyw19JrYEYBBrHyumyQWJMhTPIid/eGKnQ2FgCo0uIfqdbCGlajdtufG68
e39R9JxuTsGwI2e27sJ4OuOHjrEWzoKg/4pJwBqajYa+WLtdKSPEgzyWfr9h34ov
qV9KBtYuqEAdCPQ2CT0DvEr/eqP/Eey/hZ4WynykDPXLaRuDNd2lmOh72QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNXj+QlztTwSJfULD04VV8aRSpIiMB8GA1UdIwQY
MBaAFAlHvwb/1qqDc3FmasT7SFwzIq8wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1VlX0J2X1dxb056Y1dacXhQdElYRE1pcnpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC80MzIwZTItNTVjYy00ZTVkLTk4Y2It
MDkxMmQ5YTVkOTQ3LzEvMWVQNUNYTzFQQklsOVFzUFRoVlh4cEZLa2lJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC80MzIwZTItNTVjYy00ZTVkLTk4Y2ItMDkxMmQ5YTVkOTQ3
LzEvQ1VlX0J2X1dxb056Y1dacXhQdElYRE1pcnpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+9LMA0G
CSqGSIb3DQEBCwUAA4IBAQATEoiO/8lWbNHrGrkK+hWeWRoztePlCgVjxaH7+zgM
E4Rye2mAHzOt58wxZSKsyuqvbjzE0OJs9SLCUQ2SRvG+RPjnL/dSt5y8U6KV/eta
R+YD8FDp3pj7CbL8eSWOINXC2VNBgeklfMNFjSmxx0An08yBvie9rEtWoIDTmW/2
iNKV9r5hyR4F/XsL6I1m5hXwyEgFXXrmoMOyiK2qXgmlewnUAK/vVpnnOFODhCwh
S+/TxmC/hiuD+v9p3QUroTBc/LIfIftpiDpTT3rLBZo0xj2NabNglazLKccsjK6l
oQirABwMDNIS3mYY3oXXadmgCLk13r41B3jWE3y/OxyQ
-----END CERTIFICATE-----
Generated at Tue May 12 21:24:45 2026 by rpki-client