Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/9d958d-fe88-4bef-8c42-b514d65557c4/1/o78Yz-Nk6dc1kHrE7Ktx27BYHw8.roa
File: o78Yz-Nk6dc1kHrE7Ktx27BYHw8.roa (raw, json)
Hash identifier: FxOZqpXBIrVYUuEwZWUjex8BT8GRXefDXhHzG3+iF7E=
Subject key identifier: A3:BF:18:CF:E3:64:E9:D7:35:90:7A:C4:EC:AB:71:DB:B0:58:1F:0F
Certificate issuer: /CN=4ed0d7ec446de52b70ba55958ce29fff45512dd5
Certificate serial: 019B79ECE7497DF1666664C23911B3DA735A
Authority key identifier: 4E:D0:D7:EC:44:6D:E5:2B:70:BA:55:95:8C:E2:9F:FF:45:51:2D:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TtDX7ERt5StwulWVjOKf_0VRLdU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/9d958d-fe88-4bef-8c42-b514d65557c4/1/o78Yz-Nk6dc1kHrE7Ktx27BYHw8.roa
Signing time: Thu 01 Jan 2026 14:18:47 +0000
ROA not before: Thu 01 Jan 2026 14:18:47 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 35459
IP address blocks: 193.110.86.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/9d958d-fe88-4bef-8c42-b514d65557c4/1/TtDX7ERt5StwulWVjOKf_0VRLdU.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/9d958d-fe88-4bef-8c42-b514d65557c4/1/TtDX7ERt5StwulWVjOKf_0VRLdU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TtDX7ERt5StwulWVjOKf_0VRLdU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 04:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:79:ec:e7:49:7d:f1:66:66:64:c2:39:11:b3:da:73:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ed0d7ec446de52b70ba55958ce29fff45512dd5
Validity
Not Before: Jan 1 14:18:47 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a3bf18cfe364e9d735907ac4ecab71dbb0581f0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:6b:b3:2b:f7:78:93:9a:8e:d4:d1:0c:f2:1f:
79:97:80:d5:4c:88:4e:90:9c:92:fc:11:fe:c9:3f:
b7:d3:66:f3:a6:ed:73:a0:2f:a8:00:91:f0:bd:ee:
ef:06:5c:1c:f5:18:0e:a4:8c:7e:db:d9:8e:56:bc:
a4:61:cd:70:8b:11:01:c8:5b:f5:4c:9f:fc:5e:75:
31:a2:0f:d6:47:8a:d1:03:0a:ad:07:3f:3d:e8:ca:
46:ac:f2:3c:a1:1e:0c:0d:bb:0a:23:61:89:c7:43:
86:53:03:79:fc:64:47:47:d6:23:4b:89:43:4f:9c:
5a:47:25:a1:40:38:f8:ce:b2:fc:df:5a:7b:74:00:
5b:59:c3:eb:31:5d:bb:53:06:34:e8:2b:7c:43:12:
c1:57:9f:ed:77:16:06:e0:90:03:8d:de:40:44:0f:
97:d1:92:bc:95:f4:29:49:32:d0:5b:9c:6b:1e:3d:
6e:8c:29:a1:ad:2e:1c:31:10:d3:5b:d4:c8:69:71:
14:b7:60:cd:ba:72:be:bc:9e:03:d2:32:ee:09:c2:
df:7d:2c:39:9c:76:2a:9b:a0:e6:35:d2:a3:c9:24:
98:db:60:64:18:cd:f7:21:5a:76:13:bf:e2:dc:71:
27:37:aa:22:2d:67:3e:ac:c8:9f:38:5d:6d:08:36:
d5:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:BF:18:CF:E3:64:E9:D7:35:90:7A:C4:EC:AB:71:DB:B0:58:1F:0F
X509v3 Authority Key Identifier:
keyid:4E:D0:D7:EC:44:6D:E5:2B:70:BA:55:95:8C:E2:9F:FF:45:51:2D:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TtDX7ERt5StwulWVjOKf_0VRLdU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/9d958d-fe88-4bef-8c42-b514d65557c4/1/o78Yz-Nk6dc1kHrE7Ktx27BYHw8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/9d958d-fe88-4bef-8c42-b514d65557c4/1/TtDX7ERt5StwulWVjOKf_0VRLdU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.110.86.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:ba:e3:4d:96:44:8f:41:62:50:1c:f9:66:d8:ab:2e:42:92:
ca:c3:0b:78:98:87:2f:a7:d4:a2:76:37:02:6c:1c:a0:5e:5b:
6b:12:2e:76:fa:d7:4a:c9:66:19:9d:99:74:32:cc:eb:0a:d7:
a2:bf:ee:c4:29:cd:b7:bf:e4:df:78:6d:1a:6c:d5:4c:d8:d8:
98:24:31:41:cc:0c:a9:05:15:f0:44:06:5b:dc:0a:58:4c:42:
91:e1:76:2d:8d:2a:00:2e:a8:28:e0:68:46:f5:ea:53:31:1d:
f2:e0:7d:0d:76:a3:9c:72:ce:28:4b:ac:9a:af:fa:8f:aa:48:
9b:66:34:5f:fc:99:83:45:0b:b1:4a:5d:cc:37:22:78:0b:59:
8d:e7:2a:ae:ad:85:fc:11:53:ae:29:c4:bf:dd:0d:25:4e:e7:
4f:e0:8a:8d:0d:10:f9:bc:77:d7:52:18:d5:c7:6f:a1:a2:c8:
23:d8:6a:ee:7e:4d:4a:19:43:28:4d:5b:18:1b:38:13:05:00:
fe:d5:be:18:6a:00:b9:d2:d0:5e:aa:3e:34:d0:aa:62:9b:e4:
a6:c3:a1:05:82:0b:bf:28:ce:7b:89:14:79:3b:ef:25:db:19:
85:5a:69:53:f9:40:75:56:66:12:48:70:67:4d:ee:7b:4f:d1:
74:37:1c:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt57OdJffFmZmTCORGz2nNaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlZDBkN2VjNDQ2ZGU1MmI3MGJhNTU5NThjZTI5ZmZmNDU1
MTJkZDUwHhcNMjYwMTAxMTQxODQ3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2JmMThjZmUzNjRlOWQ3MzU5MDdhYzRlY2FiNzFkYmIwNTgxZjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiWuzK/d4k5qO1NEM8h95l4DVTIhO
kJyS/BH+yT+302bzpu1zoC+oAJHwve7vBlwc9RgOpIx+29mOVrykYc1wixEByFv1
TJ/8XnUxog/WR4rRAwqtBz896MpGrPI8oR4MDbsKI2GJx0OGUwN5/GRHR9YjS4lD
T5xaRyWhQDj4zrL831p7dABbWcPrMV27UwY06Ct8QxLBV5/tdxYG4JADjd5ARA+X
0ZK8lfQpSTLQW5xrHj1ujCmhrS4cMRDTW9TIaXEUt2DNunK+vJ4D0jLuCcLffSw5
nHYqm6DmNdKjySSY22BkGM33IVp2E7/i3HEnN6oiLWc+rMifOF1tCDbVgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKO/GM/jZOnXNZB6xOyrcduwWB8PMB8GA1UdIwQY
MBaAFE7Q1+xEbeUrcLpVlYzin/9FUS3VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHREWDdFUnQ1U3R3dWxXVmpPS2ZfMFZSTGRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS85ZDk1OGQtZmU4OC00YmVmLThjNDIt
YjUxNGQ2NTU1N2M0LzEvbzc4WXotTms2ZGMxa0hyRTdLdHgyN0JZSHc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS85ZDk1OGQtZmU4OC00YmVmLThjNDItYjUxNGQ2NTU1N2M0
LzEvVHREWDdFUnQ1U3R3dWxXVmpPS2ZfMFZSTGRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwW5WMA0G
CSqGSIb3DQEBCwUAA4IBAQBruuNNlkSPQWJQHPlm2KsuQpLKwwt4mIcvp9SidjcC
bBygXltrEi52+tdKyWYZnZl0MszrCteiv+7EKc23v+TfeG0abNVM2NiYJDFBzAyp
BRXwRAZb3ApYTEKR4XYtjSoALqgo4GhG9epTMR3y4H0NdqOccs4oS6yar/qPqkib
ZjRf/JmDRQuxSl3MNyJ4C1mN5yqurYX8EVOuKcS/3Q0lTudP4IqNDRD5vHfXUhjV
x2+hosgj2Grufk1KGUMoTVsYGzgTBQD+1b4YagC50tBeqj400Kpim+Smw6EFggu/
KM57iRR5O+8l2xmFWmlT+UB1VmYSSHBnTe57T9F0Nxzl
-----END CERTIFICATE-----
Generated at Sat Mar 28 13:08:02 2026 by rpki-client