Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/kM4n6lYmjr1OWGN2Y4r3VWyHgK0.roa
File: kM4n6lYmjr1OWGN2Y4r3VWyHgK0.roa (raw, json)
Hash identifier: 5odM2I9CKkOyWEShHblcUcKVEPCxYTtdGSW4oJsRpe4=
Subject key identifier: 90:CE:27:EA:56:26:8E:BD:4E:58:63:76:63:8A:F7:55:6C:87:80:AD
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 019D19BD02EA135664389C86D1073DEDCEF7
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/kM4n6lYmjr1OWGN2Y4r3VWyHgK0.roa
Signing time: Mon 23 Mar 2026 08:08:30 +0000
ROA not before: Mon 23 Mar 2026 08:08:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 60345
IP address blocks: 193.182.129.0/24 maxlen: 24
193.182.130.0/24 maxlen: 24
193.182.131.0/24 maxlen: 24
193.182.132.0/24 maxlen: 24
193.182.133.0/24 maxlen: 24
193.182.134.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:01:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:19:bd:02:ea:13:56:64:38:9c:86:d1:07:3d:ed:ce:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Mar 23 08:08:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=90ce27ea56268ebd4e586376638af7556c8780ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:53:04:cb:34:99:e8:72:8e:5e:9e:c6:67:6c:
29:26:4d:99:91:61:fe:52:90:db:17:38:e9:cd:89:
25:31:09:30:fe:e7:48:d0:2b:4a:2f:57:4b:c3:4e:
29:b7:f5:9f:16:a8:38:ce:22:82:c7:7d:cb:ad:ae:
08:80:3b:59:9f:92:dd:af:79:f6:58:57:6b:7c:c9:
6c:16:d4:bd:b1:d3:e1:8f:54:07:7e:91:f3:7b:a3:
b2:b1:8c:e8:6f:67:a9:a3:34:20:3f:0c:00:b3:0e:
50:3e:1f:a6:e9:a7:33:b9:2e:3f:c9:85:a7:ac:83:
aa:c6:f0:21:1d:5f:b0:6a:ce:9d:18:e0:64:a4:39:
7c:b0:43:38:a7:ed:8a:77:68:76:c9:3a:4f:e0:70:
81:ea:9f:d2:f3:16:48:ae:f1:37:b6:6a:e0:f9:eb:
9b:e8:8d:30:9e:ae:de:14:82:92:1f:20:e1:ae:10:
4f:52:93:4a:7e:f4:36:88:7c:fb:67:3d:47:96:50:
62:3d:e5:28:b1:77:02:a5:c7:0c:a6:47:6c:22:b8:
ed:b5:ec:97:41:e5:21:2e:79:65:4b:5a:ab:5c:6c:
cb:84:88:ef:70:4d:39:3f:68:37:d3:df:6d:5c:6f:
da:81:1b:68:1f:ad:46:1c:86:6c:41:f8:dc:0e:a4:
ae:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:CE:27:EA:56:26:8E:BD:4E:58:63:76:63:8A:F7:55:6C:87:80:AD
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/kM4n6lYmjr1OWGN2Y4r3VWyHgK0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.182.129.0-193.182.134.255
Signature Algorithm: sha256WithRSAEncryption
5b:15:7a:df:30:f8:57:5a:03:26:7e:4b:8e:33:56:fd:4c:7b:
57:da:3c:7f:e1:b5:25:c3:90:4e:1c:6d:6e:4b:a0:56:d7:ea:
18:97:4c:8b:ce:0f:3a:22:f8:68:3e:59:7f:77:7e:40:aa:f0:
20:40:2b:ec:37:b2:86:a6:9e:22:1b:f0:64:bf:2d:56:4d:bc:
e8:4f:0a:17:43:be:4d:89:fa:81:75:67:2d:22:97:13:57:64:
29:3d:e6:b6:36:8e:b0:b9:ce:e3:f0:61:69:47:09:61:e5:48:
2c:13:ae:32:44:61:de:b3:8b:d1:58:ce:fc:0a:7a:f2:86:7e:
6a:bd:45:65:47:b6:fd:79:0d:d6:8d:4f:6a:86:03:3a:34:4a:
3b:b9:a3:7e:71:68:99:29:c8:9a:17:f6:3b:78:34:80:93:cb:
4f:99:29:0c:dc:dc:65:9f:a1:39:74:46:80:2b:b6:b8:1b:1d:
0d:79:fb:29:bb:dd:88:95:38:ec:83:9b:fd:c2:99:9e:40:e4:
91:cb:5e:2d:6c:fa:8e:73:95:e8:44:e0:3f:bd:73:d7:6a:50:
9c:5b:90:72:ba:81:af:da:f6:2f:ed:2a:51:bc:e9:0d:2f:91:
b5:7c:47:2d:17:50:ef:16:27:7a:82:fe:ac:10:10:4c:22:91:
67:a9:65:d4
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZ0ZvQLqE1ZkOJyG0Qc97c73MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjYwMzIzMDgwODMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGNlMjdlYTU2MjY4ZWJkNGU1ODYzNzY2MzhhZjc1NTZjODc4MGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsVMEyzSZ6HKOXp7GZ2wpJk2ZkWH+
UpDbFzjpzYklMQkw/udI0CtKL1dLw04pt/WfFqg4ziKCx33Lra4IgDtZn5Ldr3n2
WFdrfMlsFtS9sdPhj1QHfpHze6OysYzob2epozQgPwwAsw5QPh+m6aczuS4/yYWn
rIOqxvAhHV+was6dGOBkpDl8sEM4p+2Kd2h2yTpP4HCB6p/S8xZIrvE3tmrg+eub
6I0wnq7eFIKSHyDhrhBPUpNKfvQ2iHz7Zz1HllBiPeUosXcCpccMpkdsIrjtteyX
QeUhLnllS1qrXGzLhIjvcE05P2g3099tXG/agRtoH61GHIZsQfjcDqSu0QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJDOJ+pWJo69TlhjdmOK91Vsh4CtMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEva000bjZsWW1qcjFPV0dOMlk0cjNWV3lIZ0swLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBADBtoED
BADBtoYwDQYJKoZIhvcNAQELBQADggEBAFsVet8w+FdaAyZ+S44zVv1Me1faPH/h
tSXDkE4cbW5LoFbX6hiXTIvODzoi+Gg+WX93fkCq8CBAK+w3soamniIb8GS/LVZN
vOhPChdDvk2J+oF1Zy0ilxNXZCk95rY2jrC5zuPwYWlHCWHlSCwTrjJEYd6zi9FY
zvwKevKGfmq9RWVHtv15DdaNT2qGAzo0Sju5o35xaJkpyJoX9jt4NICTy0+ZKQzc
3GWfoTl0RoArtrgbHQ15+ym73YiVOOyDm/3CmZ5A5JHLXi1s+o5zlehE4D+9c9dq
UJxbkHK6ga/a9i/tKlG86Q0vkbV8Ry0XUO8WJ3qC/qwQEEwikWepZdQ=
-----END CERTIFICATE-----
Generated at Wed Mar 25 23:09:46 2026 by rpki-client