Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/3dcc4b-9352-411d-925a-cc7d463c820b/1/IUXK5owGJRJBQqIOmgn7bKscCRQ.roa
File: IUXK5owGJRJBQqIOmgn7bKscCRQ.roa (raw, json)
Hash identifier: 3cmce/T6z+IA9rzyeoaTbVrr0D6UCYaIjKkeAxLWn1c=
Subject key identifier: 21:45:CA:E6:8C:06:25:12:41:42:A2:0E:9A:09:FB:6C:AB:1C:09:14
Certificate issuer: /CN=7728155856b8ce4d85f8da4f6d35b055b30dbd3c
Certificate serial: 019D04A44FD344A8F664F1909FA94759289C
Authority key identifier: 77:28:15:58:56:B8:CE:4D:85:F8:DA:4F:6D:35:B0:55:B3:0D:BD:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dygVWFa4zk2F-NpPbTWwVbMNvTw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/3dcc4b-9352-411d-925a-cc7d463c820b/1/IUXK5owGJRJBQqIOmgn7bKscCRQ.roa
Signing time: Thu 19 Mar 2026 05:49:30 +0000
ROA not before: Thu 19 Mar 2026 05:49:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213114
IP address blocks: 94.232.47.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/3dcc4b-9352-411d-925a-cc7d463c820b/1/dygVWFa4zk2F-NpPbTWwVbMNvTw.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/3dcc4b-9352-411d-925a-cc7d463c820b/1/dygVWFa4zk2F-NpPbTWwVbMNvTw.mft
rsync://rpki.ripe.net/repository/DEFAULT/dygVWFa4zk2F-NpPbTWwVbMNvTw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:04:a4:4f:d3:44:a8:f6:64:f1:90:9f:a9:47:59:28:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7728155856b8ce4d85f8da4f6d35b055b30dbd3c
Validity
Not Before: Mar 19 05:49:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2145cae68c0625124142a20e9a09fb6cab1c0914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:2b:70:06:6e:93:b9:da:8d:47:55:c4:86:24:
0d:d7:99:6b:4e:d3:18:d1:89:e0:5c:69:43:f2:d3:
cb:bc:60:e5:4b:8c:ca:93:46:18:eb:54:0c:b7:21:
09:07:1f:9c:b6:bb:51:18:16:46:44:1a:98:02:f0:
20:51:e6:9a:af:d0:dd:f4:85:10:70:66:e3:9e:b1:
cf:cc:e5:60:2b:0b:33:ac:93:e5:15:66:55:5b:f9:
ea:ca:95:f1:82:16:41:d1:67:bb:3d:44:09:28:23:
7a:ef:21:f5:74:1a:c3:62:0c:a9:06:15:df:a2:b4:
d9:cc:49:8c:d9:76:58:ee:76:7f:94:c8:3b:1c:17:
88:f1:48:11:32:46:b9:e2:76:59:ad:b3:7f:76:91:
0e:73:43:2e:4a:2e:d4:72:64:b4:21:51:59:ea:aa:
bd:b9:f1:95:eb:27:14:35:32:62:96:e5:93:99:bc:
8e:77:99:bd:58:f9:58:f2:31:c9:49:d1:fb:b2:ce:
33:e1:e1:bd:8d:98:e7:60:64:23:06:b6:3d:92:a5:
5f:37:75:dd:77:5d:aa:d4:ed:a2:59:3f:f4:b3:4b:
fa:f6:f3:fb:9e:1d:57:52:43:8e:31:2e:51:f4:f7:
b9:6a:01:27:77:9c:ef:04:57:e6:ab:2d:4e:f7:19:
84:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:45:CA:E6:8C:06:25:12:41:42:A2:0E:9A:09:FB:6C:AB:1C:09:14
X509v3 Authority Key Identifier:
keyid:77:28:15:58:56:B8:CE:4D:85:F8:DA:4F:6D:35:B0:55:B3:0D:BD:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dygVWFa4zk2F-NpPbTWwVbMNvTw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/3dcc4b-9352-411d-925a-cc7d463c820b/1/IUXK5owGJRJBQqIOmgn7bKscCRQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/3dcc4b-9352-411d-925a-cc7d463c820b/1/dygVWFa4zk2F-NpPbTWwVbMNvTw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.232.47.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:8e:04:97:ca:30:f7:a8:2a:9e:2e:69:33:4b:d5:fd:00:cc:
9a:93:3b:c6:52:08:3a:b5:5c:14:f8:d4:e1:87:0c:0a:e6:ff:
ce:fa:58:47:54:88:46:aa:49:26:a4:7a:fc:12:da:eb:e7:a8:
f5:91:af:4d:ce:00:25:ea:59:b5:2c:be:0f:91:b1:ca:8d:83:
bb:be:06:4a:4f:d8:b9:87:39:4f:fe:ac:03:a3:71:e8:7b:a2:
b9:cc:1e:2e:f3:29:4a:fb:6f:6f:73:1c:9c:ab:35:d5:d4:a8:
bd:b2:53:09:95:db:3d:c7:a0:5a:b9:a6:6d:a4:71:c7:7d:72:
66:97:0c:35:da:2c:a9:65:1a:5e:c4:8f:99:c5:0d:09:a8:42:
cc:25:ea:b3:09:b6:76:8e:1b:94:86:b3:6e:61:55:1b:5e:24:
1b:e1:e2:7c:4e:35:42:3e:d7:7c:1a:77:d1:71:a4:0a:89:2a:
84:1f:bd:8c:9d:e7:b2:cd:6d:49:ab:95:1f:67:74:87:89:30:
2a:10:02:73:50:8d:67:43:5c:bc:5d:b9:b8:c8:17:92:9f:55:
51:17:19:d5:f3:79:4c:ba:c2:21:a4:f0:85:39:fb:57:d4:26:
af:8d:d7:9d:c1:e8:47:8a:29:b7:c5:cc:1c:a1:e7:31:78:1f:
a6:33:6b:cf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ0EpE/TRKj2ZPGQn6lHWSicMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3MjgxNTU4NTZiOGNlNGQ4NWY4ZGE0ZjZkMzViMDU1YjMw
ZGJkM2MwHhcNMjYwMzE5MDU0OTMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTQ1Y2FlNjhjMDYyNTEyNDE0MmEyMGU5YTA5ZmI2Y2FiMWMwOTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzCtwBm6TudqNR1XEhiQN15lrTtMY
0YngXGlD8tPLvGDlS4zKk0YY61QMtyEJBx+ctrtRGBZGRBqYAvAgUeaar9Dd9IUQ
cGbjnrHPzOVgKwszrJPlFWZVW/nqypXxghZB0We7PUQJKCN67yH1dBrDYgypBhXf
orTZzEmM2XZY7nZ/lMg7HBeI8UgRMka54nZZrbN/dpEOc0MuSi7UcmS0IVFZ6qq9
ufGV6ycUNTJiluWTmbyOd5m9WPlY8jHJSdH7ss4z4eG9jZjnYGQjBrY9kqVfN3Xd
d12q1O2iWT/0s0v69vP7nh1XUkOOMS5R9Pe5agEnd5zvBFfmqy1O9xmEcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCFFyuaMBiUSQUKiDpoJ+2yrHAkUMB8GA1UdIwQY
MBaAFHcoFVhWuM5NhfjaT201sFWzDb08MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHlnVldGYTR6azJGLU5wUGJUV3dWYk1OdlR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8zZGNjNGItOTM1Mi00MTFkLTkyNWEt
Y2M3ZDQ2M2M4MjBiLzEvSVVYSzVvd0dKUkpCUXFJT21nbjdiS3NjQ1JRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8zZGNjNGItOTM1Mi00MTFkLTkyNWEtY2M3ZDQ2M2M4MjBi
LzEvZHlnVldGYTR6azJGLU5wUGJUV3dWYk1OdlR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXugvMA0G
CSqGSIb3DQEBCwUAA4IBAQBdjgSXyjD3qCqeLmkzS9X9AMyakzvGUgg6tVwU+NTh
hwwK5v/O+lhHVIhGqkkmpHr8Etrr56j1ka9NzgAl6lm1LL4PkbHKjYO7vgZKT9i5
hzlP/qwDo3Hoe6K5zB4u8ylK+29vcxycqzXV1Ki9slMJlds9x6BauaZtpHHHfXJm
lww12iypZRpexI+ZxQ0JqELMJeqzCbZ2jhuUhrNuYVUbXiQb4eJ8TjVCPtd8GnfR
caQKiSqEH72MneeyzW1Jq5UfZ3SHiTAqEAJzUI1nQ1y8Xbm4yBeSn1VRFxnV83lM
usIhpPCFOftX1CavjdedwehHiim3xcwcoecxeB+mM2vP
-----END CERTIFICATE-----
Generated at Thu Mar 26 11:01:48 2026 by rpki-client