Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/9bc0bb-5dcc-47d7-941f-8aeb6bea3794/1/oU2txaS5vqeLhMtArzDrFt6Zm_k.roa
File: oU2txaS5vqeLhMtArzDrFt6Zm_k.roa (raw, json)
Hash identifier: NWY7UpTwbh9+lgAmjrOULjUiB2zheOSSs88r/gMtSuU=
Subject key identifier: A1:4D:AD:C5:A4:B9:BE:A7:8B:84:CB:40:AF:30:EB:16:DE:99:9B:F9
Certificate issuer: /CN=50419bf7e91a5284d9753ee6ec58f9245adc6c1a
Certificate serial: 019D0BB2A3B153FFB15350BEAD7036998813
Authority key identifier: 50:41:9B:F7:E9:1A:52:84:D9:75:3E:E6:EC:58:F9:24:5A:DC:6C:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UEGb9-kaUoTZdT7m7Fj5JFrcbBo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/9bc0bb-5dcc-47d7-941f-8aeb6bea3794/1/oU2txaS5vqeLhMtArzDrFt6Zm_k.roa
Signing time: Fri 20 Mar 2026 14:42:29 +0000
ROA not before: Fri 20 Mar 2026 14:42:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 199673
IP address blocks: 188.164.152.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6c/9bc0bb-5dcc-47d7-941f-8aeb6bea3794/1/UEGb9-kaUoTZdT7m7Fj5JFrcbBo.crl
rsync://rpki.ripe.net/repository/DEFAULT/6c/9bc0bb-5dcc-47d7-941f-8aeb6bea3794/1/UEGb9-kaUoTZdT7m7Fj5JFrcbBo.mft
rsync://rpki.ripe.net/repository/DEFAULT/UEGb9-kaUoTZdT7m7Fj5JFrcbBo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 09:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:0b:b2:a3:b1:53:ff:b1:53:50:be:ad:70:36:99:88:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50419bf7e91a5284d9753ee6ec58f9245adc6c1a
Validity
Not Before: Mar 20 14:42:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a14dadc5a4b9bea78b84cb40af30eb16de999bf9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:42:6a:c5:9d:b1:ce:03:7f:82:66:1a:5d:c9:
37:03:cd:eb:57:20:ab:70:1a:87:c9:b4:db:e9:25:
05:7c:13:62:51:0c:ef:b1:73:2f:74:c5:9c:79:2b:
0e:51:5f:e6:bb:fc:f3:a7:60:34:da:17:72:18:11:
ce:35:64:1b:03:b2:69:62:11:07:fb:95:c2:23:d0:
7f:97:ed:0b:3e:81:6c:2d:85:ef:3b:8b:92:01:f8:
8a:c4:58:6a:dc:57:c6:94:e4:bd:8c:09:8a:b5:18:
74:a9:2b:f6:90:19:95:06:28:db:1e:73:4b:7e:38:
96:fa:c2:55:a8:eb:11:64:11:5d:47:65:f1:c3:e7:
a2:d8:05:7d:6f:17:67:dc:d8:13:b1:80:99:56:7c:
11:fd:c9:7c:f0:06:f9:c6:52:e9:44:8d:85:92:e6:
af:90:fd:c9:a6:1f:89:91:49:ab:46:de:f1:7c:3d:
28:9b:51:eb:e3:a9:fd:57:d6:a9:da:a0:4d:a1:88:
39:78:a4:3c:c7:03:c5:80:4a:b5:12:b7:1c:15:2c:
47:ec:a8:9d:46:6c:93:95:71:99:ee:12:7f:7f:16:
11:cd:5b:14:ee:91:ae:de:81:35:b9:8f:d1:9c:67:
ff:74:7b:fa:c6:77:6a:a1:e4:22:46:14:1f:77:7f:
dd:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:4D:AD:C5:A4:B9:BE:A7:8B:84:CB:40:AF:30:EB:16:DE:99:9B:F9
X509v3 Authority Key Identifier:
keyid:50:41:9B:F7:E9:1A:52:84:D9:75:3E:E6:EC:58:F9:24:5A:DC:6C:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UEGb9-kaUoTZdT7m7Fj5JFrcbBo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/9bc0bb-5dcc-47d7-941f-8aeb6bea3794/1/oU2txaS5vqeLhMtArzDrFt6Zm_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/9bc0bb-5dcc-47d7-941f-8aeb6bea3794/1/UEGb9-kaUoTZdT7m7Fj5JFrcbBo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.164.152.0/22
Signature Algorithm: sha256WithRSAEncryption
85:17:b8:71:a9:53:4b:69:cd:7d:b7:e3:7e:49:91:21:ac:b7:
2e:c5:e4:ad:09:ba:b0:74:a7:65:5b:b4:53:89:1c:8c:7f:dd:
78:02:3a:7f:1e:99:47:d8:d1:d8:8d:1d:d5:22:7c:cd:53:5c:
a4:d0:e9:e0:35:8f:4f:9a:ef:29:30:30:82:00:a2:f0:82:c9:
6b:53:60:45:9b:9b:d6:aa:0e:34:44:af:d8:c9:b4:10:bc:b1:
ed:87:cb:de:8b:e3:00:b2:46:e3:50:b0:3a:b8:81:1c:fc:48:
80:3a:a2:ea:d8:ad:22:c5:5e:18:84:44:b0:22:ac:d4:f1:36:
e5:cf:d7:a6:0e:1c:53:4e:4e:37:71:b2:f7:c4:41:67:e8:58:
ee:59:49:1e:14:f0:d4:67:9b:71:27:ca:4c:d9:7c:33:fa:72:
2c:9f:08:86:1f:b0:87:f8:a1:60:de:0d:4a:d9:57:ae:d6:2a:
6a:92:97:df:2d:03:da:77:55:36:d9:31:e0:a9:ff:70:ee:f8:
ac:5e:ee:8b:9e:4e:ce:07:4e:ec:ce:85:a1:7f:8d:42:1a:30:
f4:da:f7:f4:e8:0c:bb:d0:6a:98:02:10:c7:90:60:97:63:7c:
99:58:83:4d:dc:bc:2d:6d:b1:19:7b:8f:70:70:29:e0:1c:9e:
da:b4:84:24
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ0LsqOxU/+xU1C+rXA2mYgTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNDE5YmY3ZTkxYTUyODRkOTc1M2VlNmVjNThmOTI0NWFk
YzZjMWEwHhcNMjYwMzIwMTQ0MjI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTRkYWRjNWE0YjliZWE3OGI4NGNiNDBhZjMwZWIxNmRlOTk5YmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApUJqxZ2xzgN/gmYaXck3A83rVyCr
cBqHybTb6SUFfBNiUQzvsXMvdMWceSsOUV/mu/zzp2A02hdyGBHONWQbA7JpYhEH
+5XCI9B/l+0LPoFsLYXvO4uSAfiKxFhq3FfGlOS9jAmKtRh0qSv2kBmVBijbHnNL
fjiW+sJVqOsRZBFdR2Xxw+ei2AV9bxdn3NgTsYCZVnwR/cl88Ab5xlLpRI2Fkuav
kP3Jph+JkUmrRt7xfD0om1Hr46n9V9ap2qBNoYg5eKQ8xwPFgEq1ErccFSxH7Kid
RmyTlXGZ7hJ/fxYRzVsU7pGu3oE1uY/RnGf/dHv6xndqoeQiRhQfd3/dawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKFNrcWkub6ni4TLQK8w6xbemZv5MB8GA1UdIwQY
MBaAFFBBm/fpGlKE2XU+5uxY+SRa3GwaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUVHYjkta2FVb1RaZFQ3bTdGajVKRnJjYkJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy85YmMwYmItNWRjYy00N2Q3LTk0MWYt
OGFlYjZiZWEzNzk0LzEvb1UydHhhUzV2cWVMaE10QXJ6RHJGdDZabV9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy85YmMwYmItNWRjYy00N2Q3LTk0MWYtOGFlYjZiZWEzNzk0
LzEvVUVHYjkta2FVb1RaZFQ3bTdGajVKRnJjYkJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCvKSYMA0G
CSqGSIb3DQEBCwUAA4IBAQCFF7hxqVNLac19t+N+SZEhrLcuxeStCbqwdKdlW7RT
iRyMf914Ajp/HplH2NHYjR3VInzNU1yk0OngNY9Pmu8pMDCCAKLwgslrU2BFm5vW
qg40RK/YybQQvLHth8vei+MAskbjULA6uIEc/EiAOqLq2K0ixV4YhESwIqzU8Tbl
z9emDhxTTk43cbL3xEFn6FjuWUkeFPDUZ5txJ8pM2Xwz+nIsnwiGH7CH+KFg3g1K
2Veu1ipqkpffLQPad1U22THgqf9w7visXu6Lnk7OB07szoWhf41CGjD02vf06Ay7
0GqYAhDHkGCXY3yZWINN3LwtbbEZe49wcCngHJ7atIQk
-----END CERTIFICATE-----
Generated at Sat Mar 28 15:55:01 2026 by rpki-client