Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/a4b48b-462e-45a6-860d-82f89cba26d8/1/0QQAvh0exmMpHPDAs7CMxVMVnMI.roa
File: 0QQAvh0exmMpHPDAs7CMxVMVnMI.roa (raw, json)
Hash identifier: 93g3niuIRwIzAYWdelbmRnbYmNDd25Jgu86ahLHoBFE=
Subject key identifier: D1:04:00:BE:1D:1E:C6:63:29:1C:F0:C0:B3:B0:8C:C5:53:15:9C:C2
Certificate issuer: /CN=78f29e87382159ca5e81387d7ee77e512fad1636
Certificate serial: 019CE1D186ADBDA866E2D4B8908EAF6DF0F2
Authority key identifier: 78:F2:9E:87:38:21:59:CA:5E:81:38:7D:7E:E7:7E:51:2F:AD:16:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ePKehzghWcpegTh9fud-US-tFjY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/a4b48b-462e-45a6-860d-82f89cba26d8/1/0QQAvh0exmMpHPDAs7CMxVMVnMI.roa
Signing time: Thu 12 Mar 2026 11:32:10 +0000
ROA not before: Thu 12 Mar 2026 11:32:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 51505
IP address blocks: 95.133.192.0/20 maxlen: 24
193.28.156.0/24 maxlen: 24
194.46.62.0/23 maxlen: 24
194.154.32.0/19 maxlen: 24
2a14:6700::/29 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/a4b48b-462e-45a6-860d-82f89cba26d8/1/ePKehzghWcpegTh9fud-US-tFjY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/a4b48b-462e-45a6-860d-82f89cba26d8/1/ePKehzghWcpegTh9fud-US-tFjY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ePKehzghWcpegTh9fud-US-tFjY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 08:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e1:d1:86:ad:bd:a8:66:e2:d4:b8:90:8e:af:6d:f0:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=78f29e87382159ca5e81387d7ee77e512fad1636
Validity
Not Before: Mar 12 11:32:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d10400be1d1ec663291cf0c0b3b08cc553159cc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:81:e7:0d:3f:df:a3:8b:44:0b:e8:91:81:e6:
96:2d:a9:5f:c6:13:3b:52:6a:21:f4:34:0c:92:45:
d2:19:31:43:ff:26:83:5d:d1:04:51:67:da:71:96:
7f:47:46:86:86:33:76:29:81:db:22:61:8e:d6:7b:
44:ef:ec:7b:40:17:7b:9d:4e:b1:4f:85:35:b2:49:
78:ff:73:f2:4b:fd:03:17:5e:a1:95:77:08:de:08:
71:e8:59:59:1d:0a:ca:46:de:07:23:55:83:10:0a:
85:24:9f:58:8c:73:65:23:34:e1:f3:43:d1:9e:52:
f2:7a:9c:56:88:0f:40:ff:0c:6e:67:29:5f:35:d5:
46:d7:16:14:5e:dd:33:23:f1:a8:09:3c:6a:b2:f2:
10:a0:d0:b7:78:e7:0c:8b:d1:ab:de:ef:1e:93:ef:
41:d5:95:75:71:6c:6b:7e:bf:c1:ea:05:22:8e:11:
b7:e1:ce:9c:f6:7c:1f:21:dd:14:b2:b2:0b:89:b1:
c9:d2:7c:42:3e:ef:0e:8a:e3:a6:e5:58:d3:5b:11:
77:89:ef:c9:8a:48:9b:99:d4:7c:d1:9e:da:e9:ca:
dc:38:e2:8f:e2:87:68:c4:e2:06:2e:32:86:7f:0e:
28:30:fd:22:02:26:cf:59:01:96:aa:94:ff:9a:2e:
5d:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:04:00:BE:1D:1E:C6:63:29:1C:F0:C0:B3:B0:8C:C5:53:15:9C:C2
X509v3 Authority Key Identifier:
keyid:78:F2:9E:87:38:21:59:CA:5E:81:38:7D:7E:E7:7E:51:2F:AD:16:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ePKehzghWcpegTh9fud-US-tFjY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/a4b48b-462e-45a6-860d-82f89cba26d8/1/0QQAvh0exmMpHPDAs7CMxVMVnMI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/a4b48b-462e-45a6-860d-82f89cba26d8/1/ePKehzghWcpegTh9fud-US-tFjY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.133.192.0/20
193.28.156.0/24
194.46.62.0/23
194.154.32.0/19
IPv6:
2a14:6700::/29
Signature Algorithm: sha256WithRSAEncryption
78:74:41:9a:4e:e6:ac:06:56:4b:f2:5e:8b:e0:c1:cf:9f:b6:
ba:65:0e:5b:e8:a7:b6:16:6b:0c:5b:ac:08:23:20:ea:8d:a2:
f1:6d:94:c7:ae:21:e2:46:04:03:d6:41:97:c4:cd:b6:05:2d:
44:50:c3:23:20:c2:1a:2e:1b:d0:78:b2:bf:de:b0:44:ec:04:
6c:9b:34:55:92:80:14:da:db:aa:b7:a9:67:d0:93:e1:2c:ea:
ae:c5:e5:36:f4:47:c6:7e:68:02:ea:8a:18:90:f6:c4:61:46:
68:f9:35:b0:02:e3:c4:03:27:8e:2c:e3:12:57:bf:ee:5e:bb:
ae:ac:b2:d2:85:ba:60:f0:bf:28:c2:8a:84:38:08:23:53:90:
b8:54:a4:85:f6:58:25:78:8f:ed:f7:de:8e:21:3c:fe:57:8d:
75:4a:65:ec:18:55:b5:0b:29:28:70:7d:61:2a:b9:92:6b:dc:
db:a7:38:4c:fc:5b:d4:0f:09:3c:99:f5:d7:90:11:9b:88:61:
5e:a7:0b:f7:ad:cb:4a:d8:4f:7b:4b:f4:6f:b2:0a:05:1f:8e:
d0:33:7a:b6:4d:41:0d:03:8a:19:22:d2:a1:d7:0c:51:78:71:
78:1b:c4:50:df:c6:9d:ec:16:91:98:51:ae:28:fe:cb:05:79:
34:25:a4:40
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZzh0Yatvahm4tS4kI6vbfDyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4ZjI5ZTg3MzgyMTU5Y2E1ZTgxMzg3ZDdlZTc3ZTUxMmZh
ZDE2MzYwHhcNMjYwMzEyMTEzMjEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTA0MDBiZTFkMWVjNjYzMjkxY2YwYzBiM2IwOGNjNTUzMTU5Y2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4HnDT/fo4tEC+iRgeaWLalfxhM7
Umoh9DQMkkXSGTFD/yaDXdEEUWfacZZ/R0aGhjN2KYHbImGO1ntE7+x7QBd7nU6x
T4U1skl4/3PyS/0DF16hlXcI3ghx6FlZHQrKRt4HI1WDEAqFJJ9YjHNlIzTh80PR
nlLyepxWiA9A/wxuZylfNdVG1xYUXt0zI/GoCTxqsvIQoNC3eOcMi9Gr3u8ek+9B
1ZV1cWxrfr/B6gUijhG34c6c9nwfId0UsrILibHJ0nxCPu8OiuOm5VjTWxF3ie/J
ikibmdR80Z7a6crcOOKP4odoxOIGLjKGfw4oMP0iAibPWQGWqpT/mi5d/QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFNEEAL4dHsZjKRzwwLOwjMVTFZzCMB8GA1UdIwQY
MBaAFHjynoc4IVnKXoE4fX7nflEvrRY2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVBLZWh6Z2hXY3BlZ1RoOWZ1ZC1VUy10RmpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9hNGI0OGItNDYyZS00NWE2LTg2MGQt
ODJmODljYmEyNmQ4LzEvMFFRQXZoMGV4bU1wSFBEQXM3Q014Vk1Wbk1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9hNGI0OGItNDYyZS00NWE2LTg2MGQtODJmODljYmEyNmQ4
LzEvZVBLZWh6Z2hXY3BlZ1RoOWZ1ZC1VUy10RmpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEX4XAAwQA
wRycAwQBwi4+AwQFwpogMA0EAgACMAcDBQMqFGcAMA0GCSqGSIb3DQEBCwUAA4IB
AQB4dEGaTuasBlZL8l6L4MHPn7a6ZQ5b6Ke2FmsMW6wIIyDqjaLxbZTHriHiRgQD
1kGXxM22BS1EUMMjIMIaLhvQeLK/3rBE7ARsmzRVkoAU2tuqt6ln0JPhLOquxeU2
9EfGfmgC6ooYkPbEYUZo+TWwAuPEAyeOLOMSV7/uXruurLLShbpg8L8owoqEOAgj
U5C4VKSF9lgleI/t996OITz+V411SmXsGFW1CykocH1hKrmSa9zbpzhM/FvUDwk8
mfXXkBGbiGFepwv3rctK2E97S/RvsgoFH47QM3q2TUENA4oZItKh1wxReHF4G8RQ
38ad7BaRmFGuKP7LBXk0JaRA
-----END CERTIFICATE-----
Generated at Thu Mar 26 15:32:33 2026 by rpki-client