Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/1-iUy43erH8fz1e_egvx2h_2NLww.roa
File: 1-iUy43erH8fz1e_egvx2h_2NLww.roa (raw, json)
Hash identifier: EW0+JJ6H9cZzZSIR2MciTTEv58I5nsy7rZWf8MvxFZA=
Subject key identifier: FA:25:32:E3:77:AB:1F:C7:F3:D5:EF:DE:82:FC:76:87:FD:8D:2F:0C
Certificate issuer: /CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Certificate serial: 019DD318BBB48B232B8E24CE2C37FFA15838
Authority key identifier: 74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/1-iUy43erH8fz1e_egvx2h_2NLww.roa
Signing time: Tue 28 Apr 2026 07:58:26 +0000
ROA not before: Tue 28 Apr 2026 07:58:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 2856
IP address blocks: 9.151.0.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.mft
rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 22:01:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d3:18:bb:b4:8b:23:2b:8e:24:ce:2c:37:ff:a1:58:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Validity
Not Before: Apr 28 07:58:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=fa2532e377ab1fc7f3d5efde82fc7687fd8d2f0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:3d:5d:b3:2c:f2:e5:c3:d0:0d:0b:12:0f:0e:
8a:d8:8a:7a:1e:3e:fb:d2:13:70:2a:53:61:60:85:
85:b1:78:a3:10:31:77:94:46:82:82:b9:39:b4:57:
73:87:66:e3:28:0b:b8:fb:25:9a:a2:3e:62:30:9f:
92:c2:87:db:64:75:cb:45:2a:18:7a:4f:a7:0d:66:
b1:5b:fe:7a:e4:0f:dd:da:e3:77:98:28:ea:70:28:
77:b5:02:27:98:cd:9b:e8:86:23:95:98:23:f6:21:
36:54:e0:1d:c2:40:0c:07:1a:3c:96:ae:3e:b2:56:
fb:a5:7c:22:1b:2c:da:f8:6b:eb:68:ff:56:48:2b:
c9:f0:a6:71:d0:37:34:87:bd:4e:fc:89:42:f8:1a:
b5:7f:83:c7:00:0b:5f:82:49:92:58:0b:48:cb:2d:
90:e5:0a:b8:df:eb:b2:7e:91:ad:7a:d4:96:6f:1d:
3a:42:8d:55:71:1a:29:9a:cf:70:e1:87:ad:34:9f:
df:00:6b:e5:55:9e:19:40:4b:fe:22:ee:87:52:79:
a1:6c:1b:3e:b0:1b:84:80:59:2e:a4:56:bd:6b:10:
8c:b0:42:e8:e5:77:17:59:5c:17:81:63:24:51:dd:
5f:55:7d:09:3b:43:dc:2b:1c:8f:7e:e5:28:22:4d:
7c:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:25:32:E3:77:AB:1F:C7:F3:D5:EF:DE:82:FC:76:87:FD:8D:2F:0C
X509v3 Authority Key Identifier:
keyid:74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/1-iUy43erH8fz1e_egvx2h_2NLww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
9.151.0.0/19
Signature Algorithm: sha256WithRSAEncryption
6d:52:87:98:aa:bb:b9:fc:b6:fc:3a:e9:59:b1:83:5c:3a:84:
ca:97:51:2f:5d:4b:33:ae:44:85:8a:6f:95:65:2c:11:c6:43:
56:8e:ae:41:64:78:a5:98:2d:f1:30:c4:09:f8:50:36:17:6f:
bc:ba:00:14:1c:7c:96:5c:71:37:e3:88:71:11:92:d0:23:8e:
68:54:f7:ff:96:91:fa:76:5e:16:ee:b2:a5:d5:cf:9e:07:6b:
57:88:00:79:d9:07:23:2c:60:8c:a7:c2:68:0c:3f:2f:bd:43:
b8:ad:64:93:f8:fe:08:71:0a:8b:66:72:c6:26:54:29:0b:68:
81:b0:17:ef:e3:07:a8:81:bb:33:75:7f:f6:22:b9:1b:68:72:
57:b5:37:63:38:9c:5a:a8:4e:ee:8c:fd:e7:f5:d5:0a:ea:69:
1c:17:0d:6d:12:a3:8c:28:37:da:89:4a:39:c9:5d:46:f8:9a:
02:f0:56:48:65:e9:a0:87:1c:2c:02:33:28:a8:ba:5a:22:f0:
6c:2f:4f:83:3e:f1:72:e1:42:23:18:76:34:f0:ea:8f:f2:75:
26:d0:e3:de:bf:9d:82:6b:74:28:d6:e2:92:06:ea:38:d0:2f:
a7:50:e2:87:7f:a5:e5:bb:f7:a3:0c:05:17:dc:ed:40:9a:ce:
a0:e7:0b:ac
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZ3TGLu0iyMrjiTOLDf/oVg4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0M2U0NDdlZGI4YTVlMGUxYjFkN2Y1Y2RjMjg3YzM2NGE1
ZmIwYjUwHhcNMjYwNDI4MDc1ODI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTI1MzJlMzc3YWIxZmM3ZjNkNWVmZGU4MmZjNzY4N2ZkOGQyZjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+z1dsyzy5cPQDQsSDw6K2Ip6Hj77
0hNwKlNhYIWFsXijEDF3lEaCgrk5tFdzh2bjKAu4+yWaoj5iMJ+SwofbZHXLRSoY
ek+nDWaxW/565A/d2uN3mCjqcCh3tQInmM2b6IYjlZgj9iE2VOAdwkAMBxo8lq4+
slb7pXwiGyza+GvraP9WSCvJ8KZx0Dc0h71O/IlC+Bq1f4PHAAtfgkmSWAtIyy2Q
5Qq43+uyfpGtetSWbx06Qo1VcRopms9w4YetNJ/fAGvlVZ4ZQEv+Iu6HUnmhbBs+
sBuEgFkupFa9axCMsELo5XcXWVwXgWMkUd1fVX0JO0PcKxyPfuUoIk18HwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPolMuN3qx/H89Xv3oL8dof9jS8MMB8GA1UdIwQY
MBaAFHQ+RH7bil4OGx1/XNwofDZKX7C1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDct
NWUwZjRhYjgwOWJiLzEvMS1pVXk0M2VySDhmejFlX2VndngyaF8yTkx3dy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzUvYTFhZTcwLTc5OTYtNDY4Ny1hMGQ3LTVlMGY0YWI4MDli
Yi8xL2RENUVmdHVLWGc0YkhYOWMzQ2g4TmtwZnNMVS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBQmXADAN
BgkqhkiG9w0BAQsFAAOCAQEAbVKHmKq7ufy2/DrpWbGDXDqEypdRL11LM65EhYpv
lWUsEcZDVo6uQWR4pZgt8TDECfhQNhdvvLoAFBx8llxxN+OIcRGS0COOaFT3/5aR
+nZeFu6ypdXPngdrV4gAedkHIyxgjKfCaAw/L71DuK1kk/j+CHEKi2ZyxiZUKQto
gbAX7+MHqIG7M3V/9iK5G2hyV7U3YzicWqhO7oz95/XVCuppHBcNbRKjjCg32olK
OcldRviaAvBWSGXpoIccLAIzKKi6WiLwbC9Pgz7xcuFCIxh2NPDqj/J1JtDj3r+d
gmt0KNbikgbqONAvp1Dih3+l5bv3owwFF9ztQJrOoOcLrA==
-----END CERTIFICATE-----
Generated at Wed May 13 05:35:59 2026 by rpki-client