Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/1-ksA5pXdygQAxXsgmB_uAFBmveU.roa
File: 1-ksA5pXdygQAxXsgmB_uAFBmveU.roa (raw, json)
Hash identifier: l8Te7HdDg5DgxZgDySWY7ZKnuIMXS6Pq0XSCR95cpTs=
Subject key identifier: FA:4B:00:E6:95:DD:CA:04:00:C5:7B:20:98:1F:EE:00:50:66:BD:E5
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 019E06D7A9B614F2933DA79DA42638BF6241
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/1-ksA5pXdygQAxXsgmB_uAFBmveU.roa
Signing time: Fri 08 May 2026 09:07:37 +0000
ROA not before: Fri 08 May 2026 09:07:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 47957
IP address blocks: 193.183.113.0/24 maxlen: 24
193.183.114.0/24 maxlen: 24
194.71.146.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 06:01:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:06:d7:a9:b6:14:f2:93:3d:a7:9d:a4:26:38:bf:62:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: May 8 09:07:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=fa4b00e695ddca0400c57b20981fee005066bde5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:d7:45:64:28:06:29:bc:9a:7f:bd:18:ed:9d:
cf:2c:fc:04:ea:8b:7d:f6:34:36:88:fd:e1:03:59:
90:2d:2c:78:42:9f:6f:c5:7d:92:6c:dc:76:3c:5f:
10:bb:19:92:c0:81:8e:07:ce:ca:e3:9b:94:2d:46:
c6:9e:29:e8:0d:27:55:93:68:ae:75:3d:88:83:20:
5d:54:d3:e7:8a:93:34:23:fa:3d:c5:e9:eb:94:de:
02:a8:0c:f3:de:76:4e:e8:6d:9a:81:24:c2:e8:7c:
2c:33:b9:e1:06:55:a1:76:eb:ea:59:a9:14:85:a1:
8f:02:69:00:26:6b:5f:4a:c1:37:d3:a3:ce:20:5e:
a5:4a:83:93:91:eb:09:1c:65:39:cc:5b:aa:7e:3c:
26:97:4e:62:4d:38:0a:71:94:74:39:a9:73:7a:24:
e8:d0:d3:2e:a2:e5:f4:46:5c:a5:ec:bb:29:20:6c:
d1:0f:79:ac:2d:e9:8b:10:8b:1a:22:4b:14:6c:7c:
b9:6e:48:8e:64:42:4b:02:bd:79:7e:d6:66:b8:89:
65:b9:64:58:49:3e:6b:09:81:93:81:23:7b:03:e6:
f8:9a:77:2f:bc:14:11:f3:87:16:e9:64:81:19:fe:
e6:a3:a5:95:c3:e0:ea:f5:d0:8e:40:70:8e:20:62:
86:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:4B:00:E6:95:DD:CA:04:00:C5:7B:20:98:1F:EE:00:50:66:BD:E5
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/1-ksA5pXdygQAxXsgmB_uAFBmveU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.183.113.0-193.183.114.255
194.71.146.0/23
Signature Algorithm: sha256WithRSAEncryption
5d:69:58:04:85:be:60:01:20:86:fe:e0:ee:4a:40:a9:97:b8:
b9:c1:b7:b9:1e:d9:56:26:98:59:ec:74:e9:9e:a4:8b:9b:84:
2b:cf:f6:c8:46:f8:7b:fb:3e:f1:69:e1:20:83:9a:b5:14:c1:
c8:58:39:de:0c:47:d3:80:64:04:6e:51:e1:61:d5:2a:4c:91:
cb:91:88:8d:27:69:4a:4d:bd:90:41:05:aa:d4:1f:b3:2d:58:
ed:34:53:98:66:31:47:09:96:bd:cc:b0:d1:8d:95:c3:00:3a:
99:d0:27:8d:8b:23:93:f4:21:5b:8c:e4:70:d0:08:43:9d:c0:
ae:4a:93:4d:bd:30:42:33:86:aa:fa:12:ae:84:18:04:77:5a:
87:ec:20:5f:4e:ba:ab:cd:8f:e2:a3:60:8d:43:7f:b9:31:22:
41:2b:c6:d6:5a:c0:db:dc:b5:16:38:11:2a:61:b4:28:a5:74:
2c:71:a5:28:e0:77:15:da:c7:55:41:68:77:cb:ea:0c:83:14:
d6:c8:26:45:3f:85:e7:f8:72:20:8f:11:e2:38:48:19:05:b2:
59:a5:c7:50:35:de:f5:89:6d:0a:36:d1:99:c7:df:56:95:0c:
2d:7d:5f:8d:49:e2:aa:27:4e:42:28:ea:c1:dc:6a:de:1e:55:
7f:55:42:bd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZ4G16m2FPKTPaedpCY4v2JBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjYwNTA4MDkwNzM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTRiMDBlNjk1ZGRjYTA0MDBjNTdiMjA5ODFmZWUwMDUwNjZiZGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz9dFZCgGKbyaf70Y7Z3PLPwE6ot9
9jQ2iP3hA1mQLSx4Qp9vxX2SbNx2PF8QuxmSwIGOB87K45uULUbGninoDSdVk2iu
dT2IgyBdVNPnipM0I/o9xenrlN4CqAzz3nZO6G2agSTC6HwsM7nhBlWhduvqWakU
haGPAmkAJmtfSsE306POIF6lSoOTkesJHGU5zFuqfjwml05iTTgKcZR0OalzeiTo
0NMuouX0Rlyl7LspIGzRD3msLemLEIsaIksUbHy5bkiOZEJLAr15ftZmuIlluWRY
ST5rCYGTgSN7A+b4mncvvBQR84cW6WSBGf7mo6WVw+Dq9dCOQHCOIGKGWwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPpLAOaV3coEAMV7IJgf7gBQZr3lMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvMS1rc0E1cFhkeWdRQXhYc2dtQl91QUZCbXZlVS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZDkvNjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMy
Ni8xL0lUWEg5WEh1X3JaMEJLdHNSZjFIVlZHdHJ4cy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAtBggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFDAMAwQAwbdx
AwQAwbdyAwQBwkeSMA0GCSqGSIb3DQEBCwUAA4IBAQBdaVgEhb5gASCG/uDuSkCp
l7i5wbe5HtlWJphZ7HTpnqSLm4Qrz/bIRvh7+z7xaeEgg5q1FMHIWDneDEfTgGQE
blHhYdUqTJHLkYiNJ2lKTb2QQQWq1B+zLVjtNFOYZjFHCZa9zLDRjZXDADqZ0CeN
iyOT9CFbjORw0AhDncCuSpNNvTBCM4aq+hKuhBgEd1qH7CBfTrqrzY/io2CNQ3+5
MSJBK8bWWsDb3LUWOBEqYbQopXQscaUo4HcV2sdVQWh3y+oMgxTWyCZFP4Xn+HIg
jxHiOEgZBbJZpcdQNd71iW0KNtGZx99WlQwtfV+NSeKqJ05CKOrB3GreHlV/VUK9
-----END CERTIFICATE-----
Generated at Wed May 13 13:31:31 2026 by rpki-client