Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/9IOFbs2QwzqNDwP9oPTIbbFR-dQ.roa
File: 9IOFbs2QwzqNDwP9oPTIbbFR-dQ.roa (raw, json)
Hash identifier: BUI0is+MoH9ERxw8Htxmxn+H1V8LcNa2SZILh2se5qQ=
Subject key identifier: F4:83:85:6E:CD:90:C3:3A:8D:0F:03:FD:A0:F4:C8:6D:B1:51:F9:D4
Certificate issuer: /CN=50c1e426f58e42ae30e56cdb7ff4d8f9ddd85b30
Certificate serial: 019DD7BF4329363E7C690DF8727989AE1EC7
Authority key identifier: 50:C1:E4:26:F5:8E:42:AE:30:E5:6C:DB:7F:F4:D8:F9:DD:D8:5B:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/9IOFbs2QwzqNDwP9oPTIbbFR-dQ.roa
Signing time: Wed 29 Apr 2026 05:38:49 +0000
ROA not before: Wed 29 Apr 2026 05:38:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 8391
IP address blocks: 195.138.32.0/22 maxlen: 22
195.138.38.0/24 maxlen: 24
195.138.54.0/24 maxlen: 24
195.138.58.0/24 maxlen: 24
195.138.61.0/24 maxlen: 24
195.138.62.0/24 maxlen: 24
195.253.0.0/17 maxlen: 24
195.253.6.0/24 maxlen: 24
195.253.96.0/19 maxlen: 24
195.253.128.0/18 maxlen: 24
2a01:5b0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.mft
rsync://rpki.ripe.net/repository/DEFAULT/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d7:bf:43:29:36:3e:7c:69:0d:f8:72:79:89:ae:1e:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50c1e426f58e42ae30e56cdb7ff4d8f9ddd85b30
Validity
Not Before: Apr 29 05:38:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f483856ecd90c33a8d0f03fda0f4c86db151f9d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:f8:62:77:99:d8:25:46:de:82:81:35:95:5e:
c7:5d:3e:58:5f:e5:80:b1:cd:c7:09:45:5a:b7:9e:
8e:ad:92:73:32:18:4f:cc:d9:cb:66:50:6d:2e:9a:
df:e0:86:04:31:a3:af:e6:58:4a:8a:d8:51:fc:f3:
cb:af:12:f6:22:eb:c7:d2:15:cb:18:ec:c1:14:52:
6d:5b:02:4b:26:a6:e9:8f:3a:26:a1:9a:a2:14:f2:
32:36:dc:77:87:a8:17:ca:36:0f:d6:ca:fd:d5:e9:
b1:61:29:f4:47:ff:a6:0b:d6:74:57:db:75:b6:72:
81:ba:a1:37:63:28:f8:5b:ee:c3:31:76:66:65:f7:
99:25:9b:07:85:5f:48:72:b0:9f:21:92:6f:12:42:
01:0a:d9:8b:85:06:20:db:ce:48:34:7b:16:42:5f:
3a:fa:0e:2d:70:d8:37:44:52:87:16:51:ce:76:21:
eb:5e:12:5e:df:52:c0:2d:47:a6:cf:ef:de:46:24:
3f:6f:ad:f8:4b:de:f3:f2:ca:39:3c:9c:cc:6f:38:
bc:0c:fa:1e:d9:c9:b3:ff:e8:58:e9:c2:0d:93:de:
14:ac:b4:31:18:a4:bc:0a:a9:93:96:1f:30:cb:90:
be:4e:6e:1a:f2:cf:34:e5:0d:21:c7:20:91:9a:0f:
3f:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:83:85:6E:CD:90:C3:3A:8D:0F:03:FD:A0:F4:C8:6D:B1:51:F9:D4
X509v3 Authority Key Identifier:
keyid:50:C1:E4:26:F5:8E:42:AE:30:E5:6C:DB:7F:F4:D8:F9:DD:D8:5B:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/9IOFbs2QwzqNDwP9oPTIbbFR-dQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.138.32.0/22
195.138.38.0/24
195.138.54.0/24
195.138.58.0/24
195.138.61.0-195.138.62.255
195.253.0.0-195.253.191.255
IPv6:
2a01:5b0::/32
Signature Algorithm: sha256WithRSAEncryption
16:fc:eb:bb:93:78:47:a5:53:09:2f:12:25:f2:86:fe:d8:7d:
2e:7b:91:6c:bf:77:7b:00:dd:f9:31:8a:02:7c:9c:c1:fe:f1:
59:c3:20:b9:46:f4:21:27:89:92:8f:d3:8a:d0:81:e8:3f:d9:
d7:03:ee:d2:66:ce:f9:02:b0:cf:43:28:14:e7:91:6d:9a:3b:
28:92:f3:4e:19:d4:d3:30:bb:60:d7:29:0f:29:5d:26:91:e8:
ec:10:20:a1:e7:e7:45:a7:c7:ae:c2:66:52:01:d2:16:6b:ab:
c7:0d:b4:15:ce:d1:82:18:2b:91:39:b8:41:12:3f:f4:34:69:
86:a9:2b:8d:12:de:85:48:72:69:6e:c1:59:09:5c:fc:a4:4b:
8c:2e:34:e5:ec:32:4c:26:c1:70:69:4f:f5:d1:b9:bb:a4:26:
79:51:c8:f3:60:08:ad:c2:3e:81:4a:2a:70:b6:3f:9f:d6:41:
31:7b:d0:ce:3d:71:51:60:bf:a9:fc:f2:37:3e:21:24:b0:94:
11:9c:a5:87:dc:76:05:de:97:0a:cf:fd:82:f0:c8:bc:53:a9:
af:fe:1e:9d:f1:91:97:8f:7a:54:ae:7f:b3:7d:22:39:6d:ff:
91:23:62:dd:03:ca:17:b0:c9:2f:7a:cf:03:c3:1b:ad:21:6d:
cb:f8:16:a9
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZ3Xv0MpNj58aQ34cnmJrh7HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwYzFlNDI2ZjU4ZTQyYWUzMGU1NmNkYjdmZjRkOGY5ZGRk
ODViMzAwHhcNMjYwNDI5MDUzODQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDgzODU2ZWNkOTBjMzNhOGQwZjAzZmRhMGY0Yzg2ZGIxNTFmOWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApPhid5nYJUbegoE1lV7HXT5YX+WA
sc3HCUVat56OrZJzMhhPzNnLZlBtLprf4IYEMaOv5lhKithR/PPLrxL2IuvH0hXL
GOzBFFJtWwJLJqbpjzomoZqiFPIyNtx3h6gXyjYP1sr91emxYSn0R/+mC9Z0V9t1
tnKBuqE3Yyj4W+7DMXZmZfeZJZsHhV9IcrCfIZJvEkIBCtmLhQYg285INHsWQl86
+g4tcNg3RFKHFlHOdiHrXhJe31LALUemz+/eRiQ/b634S97z8so5PJzMbzi8DPoe
2cmz/+hY6cINk94UrLQxGKS8CqmTlh8wy5C+Tm4a8s805Q0hxyCRmg8/ywIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFPSDhW7NkMM6jQ8D/aD0yG2xUfnUMB8GA1UdIwQY
MBaAFFDB5Cb1jkKuMOVs23/02Pnd2FswMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVU1Ia0p2V09RcTR3NVd6YmZfVFktZDNZV3pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi85YzZkYWQtMzc3YS00NDRlLWIwZGMt
MDYzY2U2Y2Y0NjBkLzEvOUlPRmJzMlF3enFORHdQOW9QVEliYkZSLWRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi85YzZkYWQtMzc3YS00NDRlLWIwZGMtMDYzY2U2Y2Y0NjBk
LzEvVU1Ia0p2V09RcTR3NVd6YmZfVFktZDNZV3pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjA5BAIAATAzAwQCw4ogAwQA
w4omAwQAw4o2AwQAw4o6MAwDBADDij0DBADDij4wCwMDAMP9AwQGw/2AMA0EAgAC
MAcDBQAqAQWwMA0GCSqGSIb3DQEBCwUAA4IBAQAW/Ou7k3hHpVMJLxIl8ob+2H0u
e5Fsv3d7AN35MYoCfJzB/vFZwyC5RvQhJ4mSj9OK0IHoP9nXA+7SZs75ArDPQygU
55FtmjsokvNOGdTTMLtg1ykPKV0mkejsECCh5+dFp8euwmZSAdIWa6vHDbQVztGC
GCuRObhBEj/0NGmGqSuNEt6FSHJpbsFZCVz8pEuMLjTl7DJMJsFwaU/10bm7pCZ5
UcjzYAitwj6BSipwtj+f1kExe9DOPXFRYL+p/PI3PiEksJQRnKWH3HYF3pcKz/2C
8Mi8U6mv/h6d8ZGXj3pUrn+zfSI5bf+RI2LdA8oXsMkves8DwxutIW3L+Bap
-----END CERTIFICATE-----
Generated at Wed May 13 04:20:29 2026 by rpki-client