Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0Uc3BxU_hXHpSu7kErsjHH6v97E.roa
File: 0Uc3BxU_hXHpSu7kErsjHH6v97E.roa (raw, json)
Hash identifier: WMKCnIPbNmoxZ3upeXUrLDZyCXrsFGG09LEi5Qnl5mI=
Subject key identifier: D1:47:37:07:15:3F:85:71:E9:4A:EE:E4:12:BB:23:1C:7E:AF:F7:B1
Certificate issuer: /CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Certificate serial: 019CEBE6AF0C077CF7F8DE6DB620FA6F49D5
Authority key identifier: D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0Uc3BxU_hXHpSu7kErsjHH6v97E.roa
Signing time: Sat 14 Mar 2026 10:31:29 +0000
ROA not before: Sat 14 Mar 2026 10:31:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213250
IP address blocks: 147.185.197.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.mft
rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:eb:e6:af:0c:07:7c:f7:f8:de:6d:b6:20:fa:6f:49:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Validity
Not Before: Mar 14 10:31:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d1473707153f8571e94aeee412bb231c7eaff7b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:43:3a:6a:e3:d8:3a:e5:35:de:c1:f4:0a:69:
ec:56:0f:4c:80:6d:85:74:60:0b:5f:4c:bb:59:fd:
89:b7:84:2f:19:11:41:3e:ef:01:1b:a3:fc:db:3c:
64:7e:dc:50:8d:4f:0e:77:75:1a:3b:d0:2a:32:e3:
3a:90:cc:86:0f:f1:c9:24:a0:da:aa:2a:83:d8:d9:
30:cc:bc:ec:86:9e:2f:06:80:62:e9:f0:72:fb:52:
43:03:f3:95:4f:80:88:60:db:0f:a3:e3:4b:d4:25:
24:e0:50:c8:c3:6b:e6:3a:fa:7b:68:99:78:b4:ff:
7a:80:52:09:68:14:b5:30:98:d9:52:b0:50:e5:5f:
74:ad:6c:49:a6:fd:68:da:af:1a:03:4d:bb:a3:d3:
ce:75:09:54:b0:84:7b:85:79:c3:99:64:e0:43:9d:
1d:1a:c5:15:44:c0:6e:a8:8a:56:dc:04:dd:fd:06:
ae:36:fb:5b:ae:0d:ef:7c:18:4b:f8:47:d3:45:55:
10:40:c1:18:22:99:1f:b4:aa:4e:be:4b:87:3f:f4:
58:0e:a3:6d:9e:9e:70:68:95:43:4a:2b:e1:a5:25:
7b:8a:e5:8d:a6:10:0e:75:eb:af:d6:dd:c9:30:65:
4c:e3:47:4a:d4:d0:f9:11:df:51:ca:c2:6f:4a:e8:
20:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:47:37:07:15:3F:85:71:E9:4A:EE:E4:12:BB:23:1C:7E:AF:F7:B1
X509v3 Authority Key Identifier:
keyid:D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0Uc3BxU_hXHpSu7kErsjHH6v97E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.185.197.0/24
Signature Algorithm: sha256WithRSAEncryption
58:8b:fc:4a:70:f5:c7:5d:81:3f:7c:46:d8:31:f8:19:95:d6:
e0:d6:d2:c8:82:b0:c0:10:d7:84:81:cc:e1:f3:c0:c7:b7:6f:
40:8f:02:b1:26:68:50:27:b7:33:84:5f:76:61:c5:07:ea:5b:
81:53:d7:50:27:22:94:c3:90:e1:eb:53:01:c5:f9:73:2d:56:
a4:e6:72:de:d6:c4:2d:6f:8d:98:e4:df:5b:77:8e:5e:57:e8:
74:f0:4b:bf:88:c1:fc:47:cb:f4:34:45:1a:cb:2f:c8:13:95:
28:e9:88:43:c2:58:3b:4f:61:a1:24:2d:0c:b0:77:52:32:b4:
dd:61:c2:3e:23:e4:e7:1f:57:78:8a:bb:5a:1b:fc:74:aa:b1:
6c:5f:bf:e7:4f:72:17:91:28:a7:77:09:66:44:39:66:91:5a:
a8:3d:73:ab:82:9e:f4:27:f8:b6:c8:70:56:e9:72:fd:63:64:
c8:56:88:ac:d0:fa:a7:96:ab:b8:d7:ad:a5:fe:54:0e:5d:92:
a9:be:76:96:86:9f:9f:d1:22:59:25:55:02:70:fe:26:a0:08:
fb:ad:4d:69:61:fb:a1:38:6d:40:4d:1f:e3:d6:07:ef:95:b8:
d2:b9:ba:99:e2:0a:70:3e:b1:7a:45:76:81:00:ca:31:e8:9e:
d8:6e:37:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZzr5q8MB3z3+N5ttiD6b0nVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwOGRhOWNmMDBkNGQ1OGI4NTRmZmM2MjAxMGYyMzViMDZk
ZjM1NGEwHhcNMjYwMzE0MTAzMTI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTQ3MzcwNzE1M2Y4NTcxZTk0YWVlZTQxMmJiMjMxYzdlYWZmN2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvEM6auPYOuU13sH0CmnsVg9MgG2F
dGALX0y7Wf2Jt4QvGRFBPu8BG6P82zxkftxQjU8Od3UaO9AqMuM6kMyGD/HJJKDa
qiqD2NkwzLzshp4vBoBi6fBy+1JDA/OVT4CIYNsPo+NL1CUk4FDIw2vmOvp7aJl4
tP96gFIJaBS1MJjZUrBQ5V90rWxJpv1o2q8aA027o9POdQlUsIR7hXnDmWTgQ50d
GsUVRMBuqIpW3ATd/QauNvtbrg3vfBhL+EfTRVUQQMEYIpkftKpOvkuHP/RYDqNt
np5waJVDSivhpSV7iuWNphAOdeuv1t3JMGVM40dK1ND5Ed9RysJvSugg2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNFHNwcVP4Vx6Uru5BK7Ixx+r/exMB8GA1UdIwQY
MBaAFNCNqc8A1NWLhU/8YgEPI1sG3zVKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYt
MjBlMTk3ODBjYjJlLzEvMFVjM0J4VV9oWEhwU3U3a0Vyc2pISDZ2OTdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYtMjBlMTk3ODBjYjJl
LzEvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAk7nFMA0G
CSqGSIb3DQEBCwUAA4IBAQBYi/xKcPXHXYE/fEbYMfgZldbg1tLIgrDAENeEgczh
88DHt29AjwKxJmhQJ7czhF92YcUH6luBU9dQJyKUw5Dh61MBxflzLVak5nLe1sQt
b42Y5N9bd45eV+h08Eu/iMH8R8v0NEUayy/IE5Uo6YhDwlg7T2GhJC0MsHdSMrTd
YcI+I+TnH1d4irtaG/x0qrFsX7/nT3IXkSindwlmRDlmkVqoPXOrgp70J/i2yHBW
6XL9Y2TIVois0Pqnlqu4162l/lQOXZKpvnaWhp+f0SJZJVUCcP4moAj7rU1pYfuh
OG1ATR/j1gfvlbjSubqZ4gpwPrF6RXaBAMox6J7Ybjdw
-----END CERTIFICATE-----
Generated at Thu Mar 26 01:48:22 2026 by rpki-client