Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/b73add-ea0f-4c22-980e-059bab015cc3/1/u8aA0qjA-O7UgztUL0LUEuUa-vg.roa
File: u8aA0qjA-O7UgztUL0LUEuUa-vg.roa (raw, json)
Hash identifier: e32kTp0iMfkL2cHwmrb+4GT9jPTGLB332KvvWqfkeko=
Subject key identifier: BB:C6:80:D2:A8:C0:F8:EE:D4:83:3B:54:2F:42:D4:12:E5:1A:FA:F8
Certificate issuer: /CN=bbe026ef26920909d931ea4dac9d9390486b4153
Certificate serial: 019D18EFED6EA9D439155AA0103321C5F6F5
Authority key identifier: BB:E0:26:EF:26:92:09:09:D9:31:EA:4D:AC:9D:93:90:48:6B:41:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u-Am7yaSCQnZMepNrJ2TkEhrQVM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/b73add-ea0f-4c22-980e-059bab015cc3/1/u8aA0qjA-O7UgztUL0LUEuUa-vg.roa
Signing time: Mon 23 Mar 2026 04:24:30 +0000
ROA not before: Mon 23 Mar 2026 04:24:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 12400
IP address blocks: 185.117.96.0/24 maxlen: 24
2a10:642::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/b73add-ea0f-4c22-980e-059bab015cc3/1/u-Am7yaSCQnZMepNrJ2TkEhrQVM.crl
rsync://rpki.ripe.net/repository/DEFAULT/1d/b73add-ea0f-4c22-980e-059bab015cc3/1/u-Am7yaSCQnZMepNrJ2TkEhrQVM.mft
rsync://rpki.ripe.net/repository/DEFAULT/u-Am7yaSCQnZMepNrJ2TkEhrQVM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:18:ef:ed:6e:a9:d4:39:15:5a:a0:10:33:21:c5:f6:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bbe026ef26920909d931ea4dac9d9390486b4153
Validity
Not Before: Mar 23 04:24:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=bbc680d2a8c0f8eed4833b542f42d412e51afaf8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:cb:bc:d6:f0:5c:bb:8e:93:e1:15:cb:b3:a4:
2a:92:a0:99:97:69:59:a8:c6:a0:e8:c9:17:a2:d1:
22:9d:33:1d:be:9a:a2:2f:d0:05:a4:74:57:a4:57:
1c:06:b7:87:7e:c0:eb:5e:5e:71:9f:09:1e:91:ae:
13:9b:57:75:d3:c5:ba:24:2b:9f:bc:f3:61:5d:2b:
00:9d:bc:dd:24:3e:b9:6b:77:35:d8:0d:6b:6f:a6:
1d:56:7a:27:bc:7d:37:ed:90:46:55:65:e6:c1:18:
29:ea:30:78:80:d0:69:ee:f1:4f:dc:19:2b:9b:c1:
6f:b3:52:18:3d:7f:e0:3b:2d:86:e7:5a:1b:11:8a:
dc:00:20:bd:1c:08:b0:03:29:bf:67:7a:aa:87:13:
22:c0:5a:c7:5b:72:f3:05:1c:f6:7f:d3:fd:ca:cd:
9a:e2:33:fb:d9:42:1d:94:24:6b:ac:5f:b7:b6:e4:
0d:0a:fe:f7:a3:6b:6d:82:e0:87:fa:c5:f5:ca:29:
c1:e4:c7:cf:92:1b:73:10:98:90:58:ba:2a:64:39:
a7:cb:f9:c0:e1:aa:75:bd:af:2d:c1:3a:80:4a:2a:
de:42:65:cd:3d:18:61:54:77:9c:97:bd:6f:d9:9b:
8a:d0:df:1b:8d:e0:b1:cb:fc:ee:f0:e9:a0:6f:38:
6c:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:C6:80:D2:A8:C0:F8:EE:D4:83:3B:54:2F:42:D4:12:E5:1A:FA:F8
X509v3 Authority Key Identifier:
keyid:BB:E0:26:EF:26:92:09:09:D9:31:EA:4D:AC:9D:93:90:48:6B:41:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u-Am7yaSCQnZMepNrJ2TkEhrQVM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/b73add-ea0f-4c22-980e-059bab015cc3/1/u8aA0qjA-O7UgztUL0LUEuUa-vg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/b73add-ea0f-4c22-980e-059bab015cc3/1/u-Am7yaSCQnZMepNrJ2TkEhrQVM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.117.96.0/24
IPv6:
2a10:642::/32
Signature Algorithm: sha256WithRSAEncryption
0d:ef:7e:0e:27:59:98:20:f3:7a:5a:2e:79:6a:04:54:a4:b7:
43:5e:c9:e1:28:9c:8e:c8:a7:e8:a8:8f:ad:4b:62:f8:d2:01:
62:90:00:6f:1c:dd:c8:77:96:29:b2:eb:83:79:f2:28:49:9a:
1e:ce:16:c0:11:19:e2:07:6c:f0:0a:0b:bc:b5:07:2a:c2:d2:
75:3f:14:59:0f:91:4e:80:2d:0a:62:15:38:dc:c3:e0:75:c8:
4f:9a:06:5f:dc:7d:a3:1a:6c:3b:81:8d:18:0b:8b:71:00:2a:
9f:39:d2:3d:70:59:8d:b9:f6:dd:82:fd:f7:bd:04:48:4f:35:
a3:fc:48:65:74:6d:15:3d:58:79:15:b8:4d:75:19:55:b0:89:
b0:3d:45:3e:e9:d3:95:19:a5:97:6f:7d:5d:4e:db:52:34:60:
47:82:07:54:b3:40:d7:b6:67:19:05:4c:57:d0:ba:ee:16:08:
7a:d5:86:cb:03:bb:e3:77:c5:09:ee:55:3c:c1:64:f3:cb:82:
94:d6:e3:83:4f:49:fc:e6:35:63:4c:d3:83:b9:3a:40:42:b2:
d5:b2:ba:cf:81:65:76:52:46:40:1b:be:44:6a:9b:29:88:2c:
b0:23:7b:2a:65:c4:1b:b0:48:4a:8c:81:74:52:04:87:82:24:
99:00:bd:a1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZ0Y7+1uqdQ5FVqgEDMhxfb1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiZTAyNmVmMjY5MjA5MDlkOTMxZWE0ZGFjOWQ5MzkwNDg2
YjQxNTMwHhcNMjYwMzIzMDQyNDMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmM2ODBkMmE4YzBmOGVlZDQ4MzNiNTQyZjQyZDQxMmU1MWFmYWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8u81vBcu46T4RXLs6QqkqCZl2lZ
qMag6MkXotEinTMdvpqiL9AFpHRXpFccBreHfsDrXl5xnwkeka4Tm1d108W6JCuf
vPNhXSsAnbzdJD65a3c12A1rb6YdVnonvH037ZBGVWXmwRgp6jB4gNBp7vFP3Bkr
m8Fvs1IYPX/gOy2G51obEYrcACC9HAiwAym/Z3qqhxMiwFrHW3LzBRz2f9P9ys2a
4jP72UIdlCRrrF+3tuQNCv73o2ttguCH+sX1yinB5MfPkhtzEJiQWLoqZDmny/nA
4ap1va8twTqASireQmXNPRhhVHecl71v2ZuK0N8bjeCxy/zu8Omgbzhs3wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLvGgNKowPju1IM7VC9C1BLlGvr4MB8GA1UdIwQY
MBaAFLvgJu8mkgkJ2THqTaydk5BIa0FTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdS1BbTd5YVNDUW5aTWVwTnJKMlRrRWhyUVZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC9iNzNhZGQtZWEwZi00YzIyLTk4MGUt
MDU5YmFiMDE1Y2MzLzEvdThhQTBxakEtTzdVZ3p0VUwwTFVFdVVhLXZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC9iNzNhZGQtZWEwZi00YzIyLTk4MGUtMDU5YmFiMDE1Y2Mz
LzEvdS1BbTd5YVNDUW5aTWVwTnJKMlRrRWhyUVZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuXVgMA0E
AgACMAcDBQAqEAZCMA0GCSqGSIb3DQEBCwUAA4IBAQAN734OJ1mYIPN6Wi55agRU
pLdDXsnhKJyOyKfoqI+tS2L40gFikABvHN3Id5YpsuuDefIoSZoezhbAERniB2zw
Cgu8tQcqwtJ1PxRZD5FOgC0KYhU43MPgdchPmgZf3H2jGmw7gY0YC4txACqfOdI9
cFmNufbdgv33vQRITzWj/EhldG0VPVh5FbhNdRlVsImwPUU+6dOVGaWXb31dTttS
NGBHggdUs0DXtmcZBUxX0LruFgh61YbLA7vjd8UJ7lU8wWTzy4KU1uODT0n85jVj
TNODuTpAQrLVsrrPgWV2UkZAG75EapspiCywI3sqZcQbsEhKjIF0UgSHgiSZAL2h
-----END CERTIFICATE-----
Generated at Thu Mar 26 17:45:10 2026 by rpki-client