Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/sOAHEwHAdLeu9VbBLFulbxnuaFQ.roa
File: sOAHEwHAdLeu9VbBLFulbxnuaFQ.roa (raw, json)
Hash identifier: wCWBnkAIjkXHx8lWW7JaYD/i+EqFVMfiy/fbWTxJFIE=
Subject key identifier: B0:E0:07:13:01:C0:74:B7:AE:F5:56:C1:2C:5B:A5:6F:19:EE:68:54
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 019E01743BD7CEAB6C015C6C31EC43A9C99D
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/sOAHEwHAdLeu9VbBLFulbxnuaFQ.roa
Signing time: Thu 07 May 2026 08:00:55 +0000
ROA not before: Thu 07 May 2026 08:00:55 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 199150
IP address blocks: 193.180.225.0/24 maxlen: 24
193.180.242.0/24 maxlen: 24
2a01:280:108::/48 maxlen: 48
2a01:280:109::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 06:01:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:01:74:3b:d7:ce:ab:6c:01:5c:6c:31:ec:43:a9:c9:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: May 7 08:00:55 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b0e0071301c074b7aef556c12c5ba56f19ee6854
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:ee:f4:69:af:ef:d0:0b:f8:67:61:21:6d:e6:
5c:79:ee:04:49:53:42:d2:84:e5:6f:e4:f2:1b:e3:
18:9c:da:e3:52:d1:b2:f7:63:3f:09:70:5d:07:93:
4f:76:f3:a2:ea:a1:4c:4e:f6:d3:0b:8b:cc:46:47:
9e:85:ee:b6:10:7c:f5:e3:4b:f1:fc:e0:d1:6d:93:
c7:29:54:64:8c:27:65:26:ca:58:72:7e:11:1b:11:
60:2c:c1:7c:43:2e:a8:ba:cd:55:f7:3c:bf:45:a9:
a5:ba:57:5d:d1:9a:48:b6:4f:34:21:66:7b:a2:e2:
fe:ac:7d:35:33:0b:95:5d:f2:bf:7b:42:de:f5:d5:
af:d7:71:7a:69:3d:0c:83:3b:7a:99:8b:e3:3d:5c:
2b:cf:d6:2a:d0:2b:97:74:45:2a:9e:ef:00:13:70:
5b:5b:73:25:3f:2e:a4:a5:2c:1e:78:09:59:db:de:
e3:30:5c:11:cd:3a:34:7a:65:6b:58:c5:f6:8a:d0:
bc:92:56:a9:bd:32:1e:a0:df:99:97:a8:58:21:98:
cb:5b:16:83:15:9a:f7:2a:97:26:0c:e5:36:44:c9:
0a:9b:2a:c1:02:88:21:43:b5:be:2e:d8:d9:fa:2e:
a8:d7:de:11:fb:55:5f:19:82:86:6c:64:fe:85:34:
d1:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:E0:07:13:01:C0:74:B7:AE:F5:56:C1:2C:5B:A5:6F:19:EE:68:54
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/sOAHEwHAdLeu9VbBLFulbxnuaFQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.180.225.0/24
193.180.242.0/24
IPv6:
2a01:280:108::/47
Signature Algorithm: sha256WithRSAEncryption
a0:f7:83:4c:89:e3:6c:2f:99:3a:67:e1:62:10:c0:23:dc:7e:
a3:90:1c:9b:47:ad:fd:21:06:e5:0f:6a:0a:0e:10:46:0a:29:
bd:ea:a3:2a:a9:e8:67:cc:a0:55:0c:42:01:43:37:80:e8:0d:
82:03:74:5b:db:2b:22:34:e4:2c:72:ee:e7:f1:15:6e:ac:ef:
29:e7:98:4e:50:5c:60:a8:be:a4:4c:56:19:38:6e:c1:22:5b:
32:40:82:ce:6f:ed:dd:7d:9f:31:8f:47:b6:d2:ec:d9:33:1c:
16:7c:25:c8:24:ef:d1:e6:93:5c:3e:74:6c:34:29:d2:bb:19:
ff:cd:21:5d:1a:64:cc:f1:5f:b7:15:ab:c9:72:03:7c:bf:5e:
25:c6:d9:d7:7b:cb:a1:0d:20:51:4b:64:d6:e4:a2:44:2b:5f:
76:ad:b3:04:21:f8:5c:82:8c:84:4a:54:ef:6b:97:2d:b5:93:
b1:a6:fa:ae:ca:89:c5:ed:78:26:87:98:73:0c:c2:d3:00:d2:
ec:62:a0:5d:af:32:a9:6b:2b:4b:c3:7f:48:d9:ef:a4:a6:05:
2a:d8:fe:85:6e:03:b9:4d:21:43:04:df:46:af:7e:da:4b:80:
57:53:67:f2:80:0b:63:4e:60:03:07:24:e3:19:c4:c0:9f:a8:
29:1a:dd:c6
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZ4BdDvXzqtsAVxsMexDqcmdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjYwNTA3MDgwMDU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGUwMDcxMzAxYzA3NGI3YWVmNTU2YzEyYzViYTU2ZjE5ZWU2ODU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAne70aa/v0Av4Z2EhbeZcee4ESVNC
0oTlb+TyG+MYnNrjUtGy92M/CXBdB5NPdvOi6qFMTvbTC4vMRkeehe62EHz140vx
/ODRbZPHKVRkjCdlJspYcn4RGxFgLMF8Qy6ous1V9zy/Ramluldd0ZpItk80IWZ7
ouL+rH01MwuVXfK/e0Le9dWv13F6aT0Mgzt6mYvjPVwrz9Yq0CuXdEUqnu8AE3Bb
W3MlPy6kpSweeAlZ297jMFwRzTo0emVrWMX2itC8klapvTIeoN+Zl6hYIZjLWxaD
FZr3KpcmDOU2RMkKmyrBAoghQ7W+LtjZ+i6o194R+1VfGYKGbGT+hTTREwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFLDgBxMBwHS3rvVWwSxbpW8Z7mhUMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvc09BSEV3SEFkTGV1OVZiQkxGdWxieG51YUZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAwbThAwQA
wbTyMA8EAgACMAkDBwEqAQKAAQgwDQYJKoZIhvcNAQELBQADggEBAKD3g0yJ42wv
mTpn4WIQwCPcfqOQHJtHrf0hBuUPagoOEEYKKb3qoyqp6GfMoFUMQgFDN4DoDYID
dFvbKyI05Cxy7ufxFW6s7ynnmE5QXGCovqRMVhk4bsEiWzJAgs5v7d19nzGPR7bS
7NkzHBZ8Jcgk79Hmk1w+dGw0KdK7Gf/NIV0aZMzxX7cVq8lyA3y/XiXG2dd7y6EN
IFFLZNbkokQrX3atswQh+FyCjIRKVO9rly21k7Gm+q7KicXteCaHmHMMwtMA0uxi
oF2vMqlrK0vDf0jZ76SmBSrY/oVuA7lNIUME30avftpLgFdTZ/KAC2NOYAMHJOMZ
xMCfqCka3cY=
-----END CERTIFICATE-----
Generated at Wed May 13 13:31:34 2026 by rpki-client