Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/fcb729-c288-4e15-9384-a20d2d751eb5/1/cpsQ77OzLwJn-kkqI49ptf6eVZA.roa
File: cpsQ77OzLwJn-kkqI49ptf6eVZA.roa (raw, json)
Hash identifier: +pkHzBiaRBE1eKUvWfMlmAeFAbIT6EkYeML4Nh3pCm0=
Subject key identifier: 72:9B:10:EF:B3:B3:2F:02:67:FA:49:2A:23:8F:69:B5:FE:9E:55:90
Certificate issuer: /CN=0d2087b0f6716d23c8d23eb3d0392b6bf642ad4b
Certificate serial: 019DF4C3DA052E7E03357025D177DEB3D821
Authority key identifier: 0D:20:87:B0:F6:71:6D:23:C8:D2:3E:B3:D0:39:2B:6B:F6:42:AD:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSCHsPZxbSPI0j6z0Dkra_ZCrUs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/fcb729-c288-4e15-9384-a20d2d751eb5/1/cpsQ77OzLwJn-kkqI49ptf6eVZA.roa
Signing time: Mon 04 May 2026 20:52:49 +0000
ROA not before: Mon 04 May 2026 20:52:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 12796
IP address blocks: 94.190.128.0/20 maxlen: 24
94.190.160.0/19 maxlen: 24
94.190.192.0/23 maxlen: 24
94.190.194.0/24 maxlen: 24
94.190.252.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/fcb729-c288-4e15-9384-a20d2d751eb5/1/DSCHsPZxbSPI0j6z0Dkra_ZCrUs.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/fcb729-c288-4e15-9384-a20d2d751eb5/1/DSCHsPZxbSPI0j6z0Dkra_ZCrUs.mft
rsync://rpki.ripe.net/repository/DEFAULT/DSCHsPZxbSPI0j6z0Dkra_ZCrUs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 17:01:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:f4:c3:da:05:2e:7e:03:35:70:25:d1:77:de:b3:d8:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2087b0f6716d23c8d23eb3d0392b6bf642ad4b
Validity
Not Before: May 4 20:52:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=729b10efb3b32f0267fa492a238f69b5fe9e5590
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:6b:17:e3:92:ac:db:c0:44:eb:ce:f0:cd:20:
2b:a0:05:ff:b9:72:c7:7e:49:19:02:de:fe:ae:83:
16:52:02:8d:a9:9b:3c:94:be:1e:00:50:89:b9:a4:
96:e2:68:52:4d:c9:e0:3c:92:11:ab:25:b9:4f:fb:
f6:bb:97:e9:6a:9d:6f:0f:2a:83:7f:1b:cf:61:55:
1a:87:04:08:f8:db:96:1c:a3:42:38:c9:48:aa:96:
dd:d5:7f:29:ba:90:2f:de:76:01:88:7d:ae:53:0b:
d7:8b:5b:72:63:38:33:8e:1f:31:fd:1d:ee:1e:e4:
df:f4:3d:b1:5c:9f:7a:01:6b:03:8d:98:40:04:dc:
cd:4d:59:71:49:53:b3:15:f7:3f:ed:37:a9:45:ee:
2b:8a:ee:dc:82:35:66:37:46:cf:bb:36:3f:5b:4e:
9a:d7:93:77:de:a1:90:98:b8:95:8d:e0:94:f0:b4:
97:ba:45:23:d1:9f:97:e9:f2:19:a4:8e:c7:be:aa:
9e:70:83:a8:52:70:c7:0d:27:9c:4c:5a:09:83:59:
2e:a1:25:45:99:85:48:a6:b2:42:54:10:51:bf:8b:
97:70:a9:a2:43:d5:51:bd:f7:4f:af:15:89:ab:f1:
70:98:ac:bc:61:4b:f7:0d:45:8a:ca:84:f5:e8:17:
2c:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:9B:10:EF:B3:B3:2F:02:67:FA:49:2A:23:8F:69:B5:FE:9E:55:90
X509v3 Authority Key Identifier:
keyid:0D:20:87:B0:F6:71:6D:23:C8:D2:3E:B3:D0:39:2B:6B:F6:42:AD:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSCHsPZxbSPI0j6z0Dkra_ZCrUs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/fcb729-c288-4e15-9384-a20d2d751eb5/1/cpsQ77OzLwJn-kkqI49ptf6eVZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/fcb729-c288-4e15-9384-a20d2d751eb5/1/DSCHsPZxbSPI0j6z0Dkra_ZCrUs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.190.128.0/20
94.190.160.0-94.190.194.255
94.190.252.0/22
Signature Algorithm: sha256WithRSAEncryption
88:a1:fa:82:8e:d8:b1:28:d1:8e:79:40:74:5e:c4:17:d0:0e:
75:9f:e0:3a:1c:bf:7c:69:99:83:7b:cc:bb:ae:19:8b:0c:4e:
bc:33:14:a2:1d:a4:c9:d9:21:84:5a:7e:39:c3:ea:1b:58:8c:
b4:67:e1:c7:02:d8:25:8a:dc:c0:8b:77:8e:1b:16:72:45:b4:
ce:1b:f5:2c:52:9d:db:f8:82:f2:31:b4:ad:1f:bc:7c:3b:26:
c6:7e:e1:0e:e8:77:3e:f9:1c:26:84:4f:7a:66:03:2f:7a:7a:
32:6c:e9:b6:b9:3d:54:5d:81:c3:d6:41:60:0e:84:05:93:24:
e7:fa:16:b6:57:67:3b:fe:60:dc:d2:23:73:38:79:4d:3f:97:
32:c6:1c:43:cf:e3:24:8c:b7:93:b4:24:8d:d3:85:db:1c:40:
5d:4f:e9:5b:10:6a:c0:73:88:4e:53:b6:ea:a8:17:2e:3a:97:
bf:c5:18:d7:2a:4e:5d:ab:79:9b:e4:41:ad:a6:df:ea:7c:03:
dd:17:d1:8d:3b:1b:44:ed:6a:c8:6e:d3:3b:20:a9:24:f2:cc:
da:df:58:08:79:36:3b:3f:72:91:9c:a4:be:db:98:3a:0c:63:
6a:c8:c7:2a:95:2c:87:49:91:f6:27:a1:92:df:bb:36:21:f4:
f8:2b:78:0b
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZ30w9oFLn4DNXAl0Xfes9ghMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjA4N2IwZjY3MTZkMjNjOGQyM2ViM2QwMzkyYjZiZjY0
MmFkNGIwHhcNMjYwNTA0MjA1MjQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjliMTBlZmIzYjMyZjAyNjdmYTQ5MmEyMzhmNjliNWZlOWU1NTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwWsX45Ks28BE687wzSAroAX/uXLH
fkkZAt7+roMWUgKNqZs8lL4eAFCJuaSW4mhSTcngPJIRqyW5T/v2u5fpap1vDyqD
fxvPYVUahwQI+NuWHKNCOMlIqpbd1X8pupAv3nYBiH2uUwvXi1tyYzgzjh8x/R3u
HuTf9D2xXJ96AWsDjZhABNzNTVlxSVOzFfc/7TepRe4riu7cgjVmN0bPuzY/W06a
15N33qGQmLiVjeCU8LSXukUj0Z+X6fIZpI7HvqqecIOoUnDHDSecTFoJg1kuoSVF
mYVIprJCVBBRv4uXcKmiQ9VRvfdPrxWJq/FwmKy8YUv3DUWKyoT16BcsKwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFHKbEO+zsy8CZ/pJKiOPabX+nlWQMB8GA1UdIwQY
MBaAFA0gh7D2cW0jyNI+s9A5K2v2Qq1LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNDSHNQWnhiU1BJMGo2ejBEa3JhX1pDclVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9mY2I3MjktYzI4OC00ZTE1LTkzODQt
YTIwZDJkNzUxZWI1LzEvY3BzUTc3T3pMd0puLWtrcUk0OXB0ZjZlVlpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy9mY2I3MjktYzI4OC00ZTE1LTkzODQtYTIwZDJkNzUxZWI1
LzEvRFNDSHNQWnhiU1BJMGo2ejBEa3JhX1pDclVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQEXr6AMAwD
BAVevqADBABevsIDBAJevvwwDQYJKoZIhvcNAQELBQADggEBAIih+oKO2LEo0Y55
QHRexBfQDnWf4Docv3xpmYN7zLuuGYsMTrwzFKIdpMnZIYRafjnD6htYjLRn4ccC
2CWK3MCLd44bFnJFtM4b9SxSndv4gvIxtK0fvHw7JsZ+4Q7odz75HCaET3pmAy96
ejJs6ba5PVRdgcPWQWAOhAWTJOf6FrZXZzv+YNzSI3M4eU0/lzLGHEPP4ySMt5O0
JI3ThdscQF1P6VsQasBziE5TtuqoFy46l7/FGNcqTl2reZvkQa2m3+p8A90X0Y07
G0Ttashu0zsgqSTyzNrfWAh5Njs/cpGcpL7bmDoMY2rIxyqVLIdJkfYnoZLfuzYh
9PgreAs=
-----END CERTIFICATE-----
Generated at Wed May 13 02:11:55 2026 by rpki-client