Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/a3b3be-957d-4777-9b64-d706bd0a6bed/1/nJP4E1BCewAFvyQ9khu6K5PbIao.roa
File: nJP4E1BCewAFvyQ9khu6K5PbIao.roa (raw, json)
Hash identifier: ECxIOroPlkk1P7RKbeML7Eha9aF0iyIC+Cc+BENCAT8=
Subject key identifier: 9C:93:F8:13:50:42:7B:00:05:BF:24:3D:92:1B:BA:2B:93:DB:21:AA
Certificate issuer: /CN=ddcd70d3041b6e04b9c63c866681060879f33c33
Certificate serial: 019CDD4E6E86A206568BAE58ED6E4D3A8E9C
Authority key identifier: DD:CD:70:D3:04:1B:6E:04:B9:C6:3C:86:66:81:06:08:79:F3:3C:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3c1w0wQbbgS5xjyGZoEGCHnzPDM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/a3b3be-957d-4777-9b64-d706bd0a6bed/1/nJP4E1BCewAFvyQ9khu6K5PbIao.roa
Signing time: Wed 11 Mar 2026 14:30:30 +0000
ROA not before: Wed 11 Mar 2026 14:30:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 41169
IP address blocks: 195.64.188.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/a3b3be-957d-4777-9b64-d706bd0a6bed/1/3c1w0wQbbgS5xjyGZoEGCHnzPDM.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/a3b3be-957d-4777-9b64-d706bd0a6bed/1/3c1w0wQbbgS5xjyGZoEGCHnzPDM.mft
rsync://rpki.ripe.net/repository/DEFAULT/3c1w0wQbbgS5xjyGZoEGCHnzPDM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:dd:4e:6e:86:a2:06:56:8b:ae:58:ed:6e:4d:3a:8e:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddcd70d3041b6e04b9c63c866681060879f33c33
Validity
Not Before: Mar 11 14:30:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9c93f81350427b0005bf243d921bba2b93db21aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:85:7c:2a:db:91:c7:41:1d:14:01:69:1d:41:
67:d6:b4:d8:f6:90:c9:fa:8e:6a:3c:6b:81:d2:b0:
96:d4:34:2a:26:54:8a:9f:01:76:a6:7a:ae:a6:ae:
9f:c5:ca:18:13:c3:4b:1a:94:c5:ca:68:57:cc:60:
ad:bf:48:31:96:a4:a3:e1:f5:2a:30:3b:9b:cb:93:
ce:12:dc:2f:4c:17:45:c1:04:87:8c:7b:a1:8f:9b:
8f:57:b1:34:ba:fa:d2:e4:73:e8:5d:ae:09:32:bf:
74:10:10:f6:9e:da:69:53:0b:97:8b:07:e7:ac:0d:
ec:cf:fd:52:44:35:33:f5:a9:f3:42:eb:cf:84:2c:
a9:8f:c0:2c:3e:1b:8d:27:c7:cc:24:70:26:25:b3:
61:89:2f:84:a2:03:27:e5:45:88:66:b0:55:f6:67:
48:c6:44:ff:d4:95:69:14:3e:69:d0:83:8a:53:62:
88:6a:8c:38:5b:9e:a2:7f:28:fe:63:5b:5d:de:5c:
21:54:d3:4d:16:17:f1:1e:0e:d3:b5:84:f9:7c:8a:
51:fc:a0:85:af:7c:ec:7b:95:13:b5:bc:ba:92:e3:
1a:dd:aa:8f:3f:a9:11:81:e3:6f:94:8c:0b:3c:06:
1e:5c:11:69:fc:11:a0:9c:ba:18:0b:7e:02:ce:b5:
c2:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:93:F8:13:50:42:7B:00:05:BF:24:3D:92:1B:BA:2B:93:DB:21:AA
X509v3 Authority Key Identifier:
keyid:DD:CD:70:D3:04:1B:6E:04:B9:C6:3C:86:66:81:06:08:79:F3:3C:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c1w0wQbbgS5xjyGZoEGCHnzPDM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a3b3be-957d-4777-9b64-d706bd0a6bed/1/nJP4E1BCewAFvyQ9khu6K5PbIao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a3b3be-957d-4777-9b64-d706bd0a6bed/1/3c1w0wQbbgS5xjyGZoEGCHnzPDM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.64.188.0/23
Signature Algorithm: sha256WithRSAEncryption
9d:4c:be:61:fb:c4:fa:b9:03:87:70:c0:10:0f:d6:81:ca:fc:
b2:a7:e9:2e:a6:e1:a4:ff:c9:09:81:cf:17:cd:3e:c2:f6:4d:
7d:ec:ad:52:35:be:42:ab:04:b8:2f:e8:04:c2:7c:68:75:f2:
f4:73:e1:3a:ea:4a:68:fd:24:90:4a:2c:d1:71:2d:1f:19:65:
0a:1a:be:1e:a2:ac:01:da:c1:bf:7f:48:8e:04:d0:d4:dc:58:
d2:b5:57:b2:0a:de:c9:77:aa:e0:ed:8b:8d:ac:47:7d:07:bc:
f1:09:cc:df:84:b7:a5:15:b4:97:c1:5b:87:45:ae:de:b4:8f:
bc:a9:61:ec:39:a9:0a:f0:af:3e:44:1b:e1:7a:11:3f:86:57:
7a:78:31:df:a3:49:e4:5a:94:f4:6d:04:57:dc:f2:04:2e:0b:
f2:12:f0:4e:0e:b2:b1:0f:3c:91:d9:44:93:8a:72:3b:62:e4:
4d:99:2c:44:6a:6f:30:4f:e7:86:56:fe:00:67:fb:14:87:58:
b3:e8:1e:76:4f:dd:e5:ea:d8:23:ab:31:15:b8:86:39:88:7e:
f6:b3:02:55:84:96:cd:9e:8a:d3:39:ba:54:ff:20:32:f7:a9:
b9:f1:68:e7:a6:70:5c:f9:25:14:c0:64:b8:a1:ab:bf:df:44:
18:78:88:43
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZzdTm6GogZWi65Y7W5NOo6cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkY2Q3MGQzMDQxYjZlMDRiOWM2M2M4NjY2ODEwNjA4Nzlm
MzNjMzMwHhcNMjYwMzExMTQzMDMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzkzZjgxMzUwNDI3YjAwMDViZjI0M2Q5MjFiYmEyYjkzZGIyMWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0YV8KtuRx0EdFAFpHUFn1rTY9pDJ
+o5qPGuB0rCW1DQqJlSKnwF2pnqupq6fxcoYE8NLGpTFymhXzGCtv0gxlqSj4fUq
MDuby5POEtwvTBdFwQSHjHuhj5uPV7E0uvrS5HPoXa4JMr90EBD2ntppUwuXiwfn
rA3sz/1SRDUz9anzQuvPhCypj8AsPhuNJ8fMJHAmJbNhiS+EogMn5UWIZrBV9mdI
xkT/1JVpFD5p0IOKU2KIaow4W56ifyj+Y1td3lwhVNNNFhfxHg7TtYT5fIpR/KCF
r3zse5UTtby6kuMa3aqPP6kRgeNvlIwLPAYeXBFp/BGgnLoYC34CzrXCPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJyT+BNQQnsABb8kPZIbuiuT2yGqMB8GA1UdIwQY
MBaAFN3NcNMEG24EucY8hmaBBgh58zwzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2MxdzB3UWJiZ1M1eGp5R1pvRUdDSG56UERNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9hM2IzYmUtOTU3ZC00Nzc3LTliNjQt
ZDcwNmJkMGE2YmVkLzEvbkpQNEUxQkNld0FGdnlROWtodTZLNVBiSWFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9hM2IzYmUtOTU3ZC00Nzc3LTliNjQtZDcwNmJkMGE2YmVk
LzEvM2MxdzB3UWJiZ1M1eGp5R1pvRUdDSG56UERNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw0C8MA0G
CSqGSIb3DQEBCwUAA4IBAQCdTL5h+8T6uQOHcMAQD9aByvyyp+kupuGk/8kJgc8X
zT7C9k197K1SNb5CqwS4L+gEwnxodfL0c+E66kpo/SSQSizRcS0fGWUKGr4eoqwB
2sG/f0iOBNDU3FjStVeyCt7Jd6rg7YuNrEd9B7zxCczfhLelFbSXwVuHRa7etI+8
qWHsOakK8K8+RBvhehE/hld6eDHfo0nkWpT0bQRX3PIELgvyEvBODrKxDzyR2UST
inI7YuRNmSxEam8wT+eGVv4AZ/sUh1iz6B52T93l6tgjqzEVuIY5iH72swJVhJbN
norTObpU/yAy96m58WjnpnBc+SUUwGS4oau/30QYeIhD
-----END CERTIFICATE-----
Generated at Thu Mar 26 03:23:24 2026 by rpki-client