Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/1Um9zAoKWKjpG5CWSpYj20EG4Ds.roa
File: 1Um9zAoKWKjpG5CWSpYj20EG4Ds.roa (raw, json)
Hash identifier: xf3GX9aUpJiglVQBqVGTd7FNq7qYdy4WLmcmBZNQV+Y=
Subject key identifier: D5:49:BD:CC:0A:0A:58:A8:E9:1B:90:96:4A:96:23:DB:41:06:E0:3B
Certificate issuer: /CN=da9c6729e1e8989984dd802d1a90e89ce2fe373c
Certificate serial: 019D2E6226FA8D57CDA9B4E811E1E5761967
Authority key identifier: DA:9C:67:29:E1:E8:98:99:84:DD:80:2D:1A:90:E8:9C:E2:FE:37:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2pxnKeHomJmE3YAtGpDonOL-Nzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/1Um9zAoKWKjpG5CWSpYj20EG4Ds.roa
Signing time: Fri 27 Mar 2026 08:21:17 +0000
ROA not before: Fri 27 Mar 2026 08:21:17 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 43767
IP address blocks: 193.16.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/2pxnKeHomJmE3YAtGpDonOL-Nzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/2pxnKeHomJmE3YAtGpDonOL-Nzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/2pxnKeHomJmE3YAtGpDonOL-Nzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Mar 2026 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2e:62:26:fa:8d:57:cd:a9:b4:e8:11:e1:e5:76:19:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da9c6729e1e8989984dd802d1a90e89ce2fe373c
Validity
Not Before: Mar 27 08:21:17 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d549bdcc0a0a58a8e91b90964a9623db4106e03b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:e8:fd:b0:70:1d:bb:14:49:65:ec:67:d7:c5:
0c:8b:f3:bc:a6:87:2f:b0:b5:f3:e9:bf:c6:55:c3:
01:0e:75:5a:1c:8a:a2:50:14:c9:43:6e:f0:6f:96:
00:cd:a2:08:ba:b0:a6:3c:7a:b5:2d:57:1e:7c:06:
8a:b4:5a:68:ff:ed:6f:39:fe:fc:4c:0c:c7:67:e6:
41:b6:0a:b7:bd:a0:b5:b3:76:b2:87:9d:5c:b0:39:
f3:c5:49:bd:ca:b1:b5:33:f4:06:c5:50:f2:fe:76:
9c:08:cb:75:1b:af:34:0d:bf:ad:a6:f8:47:9a:db:
47:03:ac:e9:11:b9:15:6d:5c:ab:2e:36:c4:ef:3c:
a3:ed:23:4e:52:8d:05:94:38:68:d7:67:30:4c:3a:
30:cc:76:1f:3d:51:95:6e:bb:4c:4b:18:15:d4:de:
0e:c7:c0:e4:cc:5f:ae:81:b1:e9:d0:b9:9d:e6:5b:
bc:49:ff:99:ac:a1:1c:2a:ab:25:3f:ef:42:80:c4:
60:06:80:26:b9:ab:4c:52:db:7f:7b:b9:5d:37:6a:
0c:bb:54:94:20:24:45:3c:4a:56:ab:8c:cf:ea:11:
4e:be:2b:5a:30:35:1b:12:db:b4:8c:25:e3:b2:1c:
f9:4d:1c:21:f8:90:2d:8d:32:ed:04:03:a0:8b:79:
cc:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:49:BD:CC:0A:0A:58:A8:E9:1B:90:96:4A:96:23:DB:41:06:E0:3B
X509v3 Authority Key Identifier:
keyid:DA:9C:67:29:E1:E8:98:99:84:DD:80:2D:1A:90:E8:9C:E2:FE:37:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2pxnKeHomJmE3YAtGpDonOL-Nzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/1Um9zAoKWKjpG5CWSpYj20EG4Ds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/2pxnKeHomJmE3YAtGpDonOL-Nzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.16.239.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:35:23:e7:5d:45:3a:20:46:70:9d:37:14:b7:b0:5f:0b:43:
63:26:52:63:1c:a5:78:82:00:8c:c3:a3:56:6f:54:26:36:1b:
e8:92:3d:87:b2:53:af:9f:c1:d6:bc:4c:ee:a1:b5:30:ff:f6:
f3:b0:e3:ff:81:ea:3a:66:1b:00:b7:74:65:a6:15:6d:bd:22:
36:59:42:66:98:6f:99:65:65:53:6e:ea:c3:a8:f9:5e:0e:41:
a3:d7:96:a1:b3:8c:7d:e4:88:8c:3d:5f:83:9c:d4:0d:24:9d:
87:a2:1f:9f:5d:fc:e9:60:2c:34:82:49:b0:24:a0:a3:40:32:
97:0e:05:e1:94:d1:14:5d:5f:c9:4b:70:26:9b:81:3d:0e:52:
e2:a8:c6:e3:83:ec:e1:f5:bf:93:aa:43:a5:6a:0d:b6:e4:c8:
d9:cf:12:28:87:88:01:eb:f5:f3:3c:b0:d4:d0:a2:0c:d7:53:
29:4d:7c:4e:69:2d:06:16:7e:72:12:ac:0b:cd:cb:5d:a5:26:
8e:b3:89:0b:20:b8:39:ee:a8:85:d2:64:00:bf:67:1e:4e:6d:
0f:be:5e:c9:b2:63:9b:23:8b:5f:8b:bf:05:8e:90:88:69:70:
f7:e5:0b:79:f5:53:bb:03:b6:1e:e8:e3:d8:3d:c2:16:cb:e3:
03:84:b0:90
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ0uYib6jVfNqbToEeHldhlnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhOWM2NzI5ZTFlODk4OTk4NGRkODAyZDFhOTBlODljZTJm
ZTM3M2MwHhcNMjYwMzI3MDgyMTE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTQ5YmRjYzBhMGE1OGE4ZTkxYjkwOTY0YTk2MjNkYjQxMDZlMDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl+j9sHAduxRJZexn18UMi/O8pocv
sLXz6b/GVcMBDnVaHIqiUBTJQ27wb5YAzaIIurCmPHq1LVcefAaKtFpo/+1vOf78
TAzHZ+ZBtgq3vaC1s3ayh51csDnzxUm9yrG1M/QGxVDy/nacCMt1G680Db+tpvhH
mttHA6zpEbkVbVyrLjbE7zyj7SNOUo0FlDho12cwTDowzHYfPVGVbrtMSxgV1N4O
x8DkzF+ugbHp0Lmd5lu8Sf+ZrKEcKqslP+9CgMRgBoAmuatMUtt/e7ldN2oMu1SU
ICRFPEpWq4zP6hFOvitaMDUbEtu0jCXjshz5TRwh+JAtjTLtBAOgi3nMXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNVJvcwKClio6RuQlkqWI9tBBuA7MB8GA1UdIwQY
MBaAFNqcZynh6JiZhN2ALRqQ6Jzi/jc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnB4bktlSG9tSm1FM1lBdEdwRG9uT0wtTnp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC83NTVjNTUtYzRmNS00Y2I3LTg3MWQt
NjljNjhlMmVmMjdkLzEvMVVtOXpBb0tXS2pwRzVDV1NwWWoyMEVHNERzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC83NTVjNTUtYzRmNS00Y2I3LTg3MWQtNjljNjhlMmVmMjdk
LzEvMnB4bktlSG9tSm1FM1lBdEdwRG9uT0wtTnp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwRDvMA0G
CSqGSIb3DQEBCwUAA4IBAQCtNSPnXUU6IEZwnTcUt7BfC0NjJlJjHKV4ggCMw6NW
b1QmNhvokj2HslOvn8HWvEzuobUw//bzsOP/geo6ZhsAt3RlphVtvSI2WUJmmG+Z
ZWVTburDqPleDkGj15ahs4x95IiMPV+DnNQNJJ2Hoh+fXfzpYCw0gkmwJKCjQDKX
DgXhlNEUXV/JS3Amm4E9DlLiqMbjg+zh9b+TqkOlag225MjZzxIoh4gB6/XzPLDU
0KIM11MpTXxOaS0GFn5yEqwLzctdpSaOs4kLILg57qiF0mQAv2ceTm0Pvl7JsmOb
I4tfi78FjpCIaXD35Qt59VO7A7Ye6OPYPcIWy+MDhLCQ
-----END CERTIFICATE-----
Generated at Fri Mar 27 11:32:56 2026 by rpki-client