Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/d39416-f46a-4f82-b1e1-e0d1f7cacff1/1/9feyUilfSjEo_XLo1dzvl57a9bQ.roa
File: 9feyUilfSjEo_XLo1dzvl57a9bQ.roa (raw, json)
Hash identifier: S8Z16IP2LZ4zVyGQzJuEBOFlT55zoNQXMTP+yqUtyb0=
Subject key identifier: F5:F7:B2:52:29:5F:4A:31:28:FD:72:E8:D5:DC:EF:97:9E:DA:F5:B4
Certificate issuer: /CN=27873afe6330b7ae9ee562e0c988e9fd5ea8f567
Certificate serial: 019DFC0769EBC3BCBBB5A2CAD758E75A7E82
Authority key identifier: 27:87:3A:FE:63:30:B7:AE:9E:E5:62:E0:C9:88:E9:FD:5E:A8:F5:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J4c6_mMwt66e5WLgyYjp_V6o9Wc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/d39416-f46a-4f82-b1e1-e0d1f7cacff1/1/9feyUilfSjEo_XLo1dzvl57a9bQ.roa
Signing time: Wed 06 May 2026 06:43:57 +0000
ROA not before: Wed 06 May 2026 06:43:57 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 57087
IP address blocks: 141.8.232.0/21 maxlen: 24
2a13:8cc0:1f00::/48 maxlen: 48
2a13:8cc0:1f01::/48 maxlen: 48
2a13:8cc0:1f02::/48 maxlen: 48
2a13:8cc0:1f03::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/d39416-f46a-4f82-b1e1-e0d1f7cacff1/1/J4c6_mMwt66e5WLgyYjp_V6o9Wc.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/d39416-f46a-4f82-b1e1-e0d1f7cacff1/1/J4c6_mMwt66e5WLgyYjp_V6o9Wc.mft
rsync://rpki.ripe.net/repository/DEFAULT/J4c6_mMwt66e5WLgyYjp_V6o9Wc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 20:10:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:fc:07:69:eb:c3:bc:bb:b5:a2:ca:d7:58:e7:5a:7e:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27873afe6330b7ae9ee562e0c988e9fd5ea8f567
Validity
Not Before: May 6 06:43:57 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f5f7b252295f4a3128fd72e8d5dcef979edaf5b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:69:49:50:00:d7:15:86:f3:8c:98:46:83:a0:
c2:a3:d6:03:a5:a7:2d:cb:ef:cc:a9:79:96:94:89:
8b:49:a8:5c:0d:c1:67:a9:b2:78:35:24:6e:3d:84:
57:02:1a:28:4d:d1:38:44:f4:ff:d3:51:87:65:f4:
f7:5f:3f:9d:42:4b:e8:52:e8:74:62:9d:7e:9b:61:
11:37:04:9c:d0:05:67:d4:88:b7:b8:d7:0b:29:ef:
7d:b7:0a:4f:ca:2b:38:7f:f3:6f:45:38:76:7b:0b:
a1:42:fc:30:4d:1b:70:82:c5:cd:ff:ac:a2:2c:52:
00:77:85:70:c4:0e:af:c3:e0:ae:11:9c:7b:ad:8c:
ee:b0:04:db:2b:76:b9:84:2d:20:50:d9:27:7d:c0:
27:53:0a:43:98:07:8c:98:3b:64:20:ec:1a:f6:14:
42:a7:19:0a:9a:21:66:39:f5:26:b7:a1:3a:8c:5f:
01:b8:b9:15:04:85:e8:70:4f:f1:db:ce:94:ae:3c:
67:79:ae:58:d8:a3:cf:f5:24:84:69:0d:33:7a:b9:
78:4f:ab:e5:ae:8c:a0:1c:7d:0a:81:d9:ae:88:9e:
50:f3:11:b5:9f:b0:13:56:b9:dc:29:72:3f:13:8f:
b9:52:38:2a:fd:8f:6d:48:3d:a6:d9:49:8c:53:32:
c0:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:F7:B2:52:29:5F:4A:31:28:FD:72:E8:D5:DC:EF:97:9E:DA:F5:B4
X509v3 Authority Key Identifier:
keyid:27:87:3A:FE:63:30:B7:AE:9E:E5:62:E0:C9:88:E9:FD:5E:A8:F5:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J4c6_mMwt66e5WLgyYjp_V6o9Wc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/d39416-f46a-4f82-b1e1-e0d1f7cacff1/1/9feyUilfSjEo_XLo1dzvl57a9bQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/d39416-f46a-4f82-b1e1-e0d1f7cacff1/1/J4c6_mMwt66e5WLgyYjp_V6o9Wc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.8.232.0/21
IPv6:
2a13:8cc0:1f00::/46
Signature Algorithm: sha256WithRSAEncryption
44:cd:17:f9:92:23:5a:5a:24:8b:00:57:a5:0a:da:48:53:17:
51:ba:fa:1f:73:79:51:e7:c1:7c:98:9b:03:f8:7e:94:15:92:
f2:af:ac:f2:47:e5:c2:7a:55:85:c4:d9:24:fc:a2:0e:ac:89:
d7:68:f8:b3:e8:b6:c7:87:a8:4d:49:4b:03:04:45:36:67:99:
7f:c5:7f:bb:46:33:d3:f0:c5:1a:bb:13:d9:ff:b4:16:46:ec:
25:c1:c1:40:8b:75:90:c9:48:75:31:a8:15:4f:79:0f:a8:f9:
c3:e5:58:94:a5:c4:e9:92:20:c3:69:ac:0d:53:aa:bd:cd:60:
27:4f:3b:32:f5:96:4a:8f:e7:46:13:5b:04:85:6b:bc:53:a8:
98:0a:d6:3a:7c:b1:9c:f7:f4:8e:5e:fb:3d:4c:46:3f:ca:fb:
af:35:c6:8d:1d:0c:4c:3a:59:5c:68:d0:fb:27:fa:e0:26:93:
90:47:c2:50:c6:17:cb:9a:86:cd:f5:e9:cd:f2:eb:ce:4c:7c:
fc:5e:71:77:b3:b7:3a:d9:67:af:a0:e8:c6:e8:87:b9:83:3f:
d5:1f:c0:2c:32:64:71:a9:b3:37:c1:c5:20:9f:97:77:84:3f:
50:1d:82:5d:cc:7c:f8:52:ab:0d:7d:91:a1:66:31:4c:2d:22:
04:fc:29:23
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZ38B2nrw7y7taLK11jnWn6CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3ODczYWZlNjMzMGI3YWU5ZWU1NjJlMGM5ODhlOWZkNWVh
OGY1NjcwHhcNMjYwNTA2MDY0MzU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWY3YjI1MjI5NWY0YTMxMjhmZDcyZThkNWRjZWY5NzllZGFmNWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmlJUADXFYbzjJhGg6DCo9YDpact
y+/MqXmWlImLSahcDcFnqbJ4NSRuPYRXAhooTdE4RPT/01GHZfT3Xz+dQkvoUuh0
Yp1+m2ERNwSc0AVn1Ii3uNcLKe99twpPyis4f/NvRTh2ewuhQvwwTRtwgsXN/6yi
LFIAd4VwxA6vw+CuEZx7rYzusATbK3a5hC0gUNknfcAnUwpDmAeMmDtkIOwa9hRC
pxkKmiFmOfUmt6E6jF8BuLkVBIXocE/x286Urjxnea5Y2KPP9SSEaQ0zerl4T6vl
roygHH0KgdmuiJ5Q8xG1n7ATVrncKXI/E4+5Ujgq/Y9tSD2m2UmMUzLAUwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPX3slIpX0oxKP1y6NXc75ee2vW0MB8GA1UdIwQY
MBaAFCeHOv5jMLeunuVi4MmI6f1eqPVnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjRjNl9tTXd0NjZlNVdMZ3lZanBfVjZvOVdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS9kMzk0MTYtZjQ2YS00ZjgyLWIxZTEt
ZTBkMWY3Y2FjZmYxLzEvOWZleVVpbGZTakVvX1hMbzFkenZsNTdhOWJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS9kMzk0MTYtZjQ2YS00ZjgyLWIxZTEtZTBkMWY3Y2FjZmYx
LzEvSjRjNl9tTXd0NjZlNVdMZ3lZanBfVjZvOVdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDjQjoMA8E
AgACMAkDBwIqE4zAHwAwDQYJKoZIhvcNAQELBQADggEBAETNF/mSI1paJIsAV6UK
2khTF1G6+h9zeVHnwXyYmwP4fpQVkvKvrPJH5cJ6VYXE2ST8og6siddo+LPotseH
qE1JSwMERTZnmX/Ff7tGM9PwxRq7E9n/tBZG7CXBwUCLdZDJSHUxqBVPeQ+o+cPl
WJSlxOmSIMNprA1Tqr3NYCdPOzL1lkqP50YTWwSFa7xTqJgK1jp8sZz39I5e+z1M
Rj/K+681xo0dDEw6WVxo0Psn+uAmk5BHwlDGF8uahs316c3y685MfPxecXeztzrZ
Z6+g6Mboh7mDP9UfwCwyZHGpszfBxSCfl3eEP1Adgl3MfPhSqw19kaFmMUwtIgT8
KSM=
-----END CERTIFICATE-----
Generated at Wed May 13 03:47:58 2026 by rpki-client