Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/uId6-MNb0mMoX7iuWHIBp8tmsJ0.roa
File: uId6-MNb0mMoX7iuWHIBp8tmsJ0.roa (raw, json)
Hash identifier: LO5jptbss8vpyFa4h+5jZvJ1QwDQDjBHMLDPArIyTS8=
Subject key identifier: B8:87:7A:F8:C3:5B:D2:63:28:5F:B8:AE:58:72:01:A7:CB:66:B0:9D
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 019E1CD8E4EF9C11100C49C4F995C11140AB
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/uId6-MNb0mMoX7iuWHIBp8tmsJ0.roa
Signing time: Tue 12 May 2026 15:40:36 +0000
ROA not before: Tue 12 May 2026 15:40:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 214472
IP address blocks: 160.20.109.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.mft
rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 20:10:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1c:d8:e4:ef:9c:11:10:0c:49:c4:f9:95:c1:11:40:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: May 12 15:40:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b8877af8c35bd263285fb8ae587201a7cb66b09d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:4d:44:f7:b2:02:8c:a8:7d:2d:d1:96:c3:16:
75:38:70:fc:bc:43:22:8f:e4:e2:ff:98:6d:50:e2:
62:b9:1d:d4:97:bb:90:b4:a3:8e:92:ac:0c:0f:2d:
a3:2b:94:dd:23:1e:f7:b1:f9:6f:0e:35:75:d4:57:
fe:3f:a0:ab:48:f2:46:d3:97:f3:18:67:24:a3:44:
3b:1c:96:8f:7d:42:c5:40:26:00:5f:bb:29:f1:24:
2f:d0:64:b7:86:ec:7c:df:1a:97:40:b8:91:2f:c6:
53:d9:7f:fd:b2:25:d3:38:f5:90:86:09:84:ed:53:
6b:57:2c:86:db:85:87:1b:71:6a:b5:f5:03:53:74:
6d:63:59:9e:c8:f3:30:58:0c:fb:f3:a2:c5:36:ec:
3d:8a:00:bf:af:76:68:5d:9d:d8:5e:e9:03:95:a8:
ac:57:71:89:09:08:5b:30:7e:92:d5:25:c5:a0:c4:
59:05:75:2b:85:af:91:7e:06:2a:f8:65:1a:4c:cf:
22:ec:71:e9:61:6d:45:ff:04:3f:5a:98:19:9b:58:
a0:c1:0d:d7:c9:61:bd:f7:08:9e:7e:29:81:75:63:
3c:4a:a6:21:34:d8:20:ac:b0:3d:db:61:b8:28:70:
36:51:4d:c0:79:e0:9c:02:83:0c:f3:0e:9e:3b:30:
5a:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:87:7A:F8:C3:5B:D2:63:28:5F:B8:AE:58:72:01:A7:CB:66:B0:9D
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/uId6-MNb0mMoX7iuWHIBp8tmsJ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
160.20.109.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:24:0c:a8:53:52:27:c8:c1:43:13:b8:8a:78:40:87:80:ee:
7a:03:ce:63:ea:64:18:84:3e:58:cc:2e:d7:5e:91:a8:bc:d5:
1b:d3:26:29:8c:49:a2:2c:fa:ec:a9:20:2a:d3:78:8f:8b:5b:
a6:79:96:74:1a:18:81:5d:b7:de:2b:4e:5a:7f:58:1d:08:14:
f6:d9:e3:cb:81:cb:27:19:c0:02:dc:c4:ea:2c:d0:32:c2:9f:
2e:62:b1:65:72:90:f3:1e:f1:d5:5d:e2:8d:07:2c:25:c6:0e:
35:f4:66:62:79:1d:a0:3a:67:92:60:cb:a2:a1:8f:ba:d3:d8:
10:44:3e:d9:d9:69:54:16:00:6e:1d:a6:07:9e:e7:17:7a:9f:
1c:2d:c0:95:d6:11:a6:aa:d5:47:01:a4:14:f6:31:37:7c:b9:
a8:2d:1c:eb:c3:d0:70:c6:3c:05:32:de:95:61:2c:63:7c:85:
9a:c8:2c:b1:69:9e:e1:3f:23:b0:f3:67:17:16:d3:14:c8:b4:
62:93:c6:17:e7:a3:9f:8b:4f:7a:c1:46:bf:b2:ca:f6:9c:ba:
4c:19:49:57:49:92:7b:52:e7:bb:89:01:22:9c:db:84:6d:de:
1c:a9:42:58:5a:0b:6b:4e:bd:a1:4b:c1:fe:81:bf:4c:f5:6b:
8f:5e:eb:0e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ4c2OTvnBEQDEnE+ZXBEUCrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjYwNTEyMTU0MDM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODg3N2FmOGMzNWJkMjYzMjg1ZmI4YWU1ODcyMDFhN2NiNjZiMDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApU1E97ICjKh9LdGWwxZ1OHD8vEMi
j+Ti/5htUOJiuR3Ul7uQtKOOkqwMDy2jK5TdIx73sflvDjV11Ff+P6CrSPJG05fz
GGcko0Q7HJaPfULFQCYAX7sp8SQv0GS3hux83xqXQLiRL8ZT2X/9siXTOPWQhgmE
7VNrVyyG24WHG3FqtfUDU3RtY1meyPMwWAz786LFNuw9igC/r3ZoXZ3YXukDlais
V3GJCQhbMH6S1SXFoMRZBXUrha+RfgYq+GUaTM8i7HHpYW1F/wQ/WpgZm1igwQ3X
yWG99wiefimBdWM8SqYhNNggrLA922G4KHA2UU3AeeCcAoMM8w6eOzBazwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLiHevjDW9JjKF+4rlhyAafLZrCdMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvdUlkNi1NTmIwbU1vWDdpdVdISUJwOHRtc0owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAoBRtMA0G
CSqGSIb3DQEBCwUAA4IBAQAbJAyoU1InyMFDE7iKeECHgO56A85j6mQYhD5YzC7X
XpGovNUb0yYpjEmiLPrsqSAq03iPi1umeZZ0GhiBXbfeK05af1gdCBT22ePLgcsn
GcAC3MTqLNAywp8uYrFlcpDzHvHVXeKNBywlxg419GZieR2gOmeSYMuioY+609gQ
RD7Z2WlUFgBuHaYHnucXep8cLcCV1hGmqtVHAaQU9jE3fLmoLRzrw9BwxjwFMt6V
YSxjfIWayCyxaZ7hPyOw82cXFtMUyLRik8YX56Ofi096wUa/ssr2nLpMGUlXSZJ7
Uue7iQEinNuEbd4cqUJYWgtrTr2hS8H+gb9M9WuPXusO
-----END CERTIFICATE-----
Generated at Wed May 13 02:51:41 2026 by rpki-client