Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/u412IeKhi7fqYAEds20oy16R8qM.roa
File: u412IeKhi7fqYAEds20oy16R8qM.roa (raw, json)
Hash identifier: gh+yk1i0TLpKblCwvSti9qm1kBQVF6Uh09rSWRrSFPk=
Subject key identifier: BB:8D:76:21:E2:A1:8B:B7:EA:60:01:1D:B3:6D:28:CB:5E:91:F2:A3
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 019CE666538D59F9C3D409653938AC2771B5
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/u412IeKhi7fqYAEds20oy16R8qM.roa
Signing time: Fri 13 Mar 2026 08:53:11 +0000
ROA not before: Fri 13 Mar 2026 08:53:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 200137
IP address blocks: 192.121.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 04:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e6:66:53:8d:59:f9:c3:d4:09:65:39:38:ac:27:71:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Mar 13 08:53:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=bb8d7621e2a18bb7ea60011db36d28cb5e91f2a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:51:29:d8:f7:c3:43:1f:e2:58:bb:30:b7:7d:
ac:96:97:13:99:13:bb:8f:80:cd:1a:bb:c4:24:f4:
d1:c1:e9:4a:d0:8c:69:70:eb:bf:73:7d:9f:1b:4c:
7e:3d:dd:4f:03:7c:d9:db:a7:92:a0:9d:ad:1f:42:
d4:e9:9d:34:fd:59:54:70:7b:d4:f2:69:d1:05:58:
08:81:22:69:af:7a:1a:a6:42:fe:42:79:5f:c8:0e:
de:6e:bb:26:5c:73:2a:fd:db:33:77:8a:b3:a8:cd:
a5:1f:d4:85:ca:50:ca:58:35:2f:e8:8e:00:c5:35:
15:ac:41:14:37:83:2a:d8:d0:ec:16:0b:1c:c7:f7:
e8:b2:46:65:14:be:d5:0a:73:f0:43:eb:be:81:4b:
b5:63:80:78:3e:21:ad:ae:5a:a2:8f:47:19:56:7b:
b2:d0:9d:51:fb:28:e9:06:88:c5:97:59:11:ee:1a:
33:e3:02:8e:42:a4:fd:5e:38:46:4d:d1:d8:0d:c1:
83:2c:56:04:e2:1a:6d:54:2e:3f:be:0a:45:a2:ea:
5b:48:98:8d:71:4d:a4:cf:64:b0:04:6c:22:54:48:
10:99:ac:4c:f6:04:98:70:37:60:55:89:bd:7a:36:
8d:1e:d2:69:2b:d5:c1:9c:2a:c9:9a:d4:06:8e:ce:
dc:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:8D:76:21:E2:A1:8B:B7:EA:60:01:1D:B3:6D:28:CB:5E:91:F2:A3
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/u412IeKhi7fqYAEds20oy16R8qM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.121.243.0/24
Signature Algorithm: sha256WithRSAEncryption
c2:c7:eb:d8:dd:c3:97:a8:88:79:2f:2a:e0:c7:65:09:32:fe:
d8:f9:2b:9f:aa:46:a1:61:c7:71:e3:69:bb:0f:33:d8:31:da:
d4:a4:16:73:3a:62:42:c7:64:b0:10:69:97:d9:ad:b2:13:0c:
1d:e4:bc:bd:55:3b:6d:73:5a:e6:98:12:bb:44:19:73:01:f5:
76:f0:d5:cf:dd:12:77:63:d3:5c:ab:d0:1e:32:8c:96:ec:75:
2d:15:df:b4:d9:83:2c:17:cd:af:0b:d0:10:b3:e9:c9:3a:92:
e8:45:75:4d:3f:1b:5c:7f:a7:33:8b:f2:10:cb:da:21:d4:48:
06:e9:89:fc:f9:fe:25:7b:4e:18:42:c3:45:89:2e:b4:69:61:
11:3a:c8:7e:f0:bd:46:57:e5:59:a9:1d:27:59:02:07:ea:e1:
38:86:9a:ad:33:86:dc:38:5f:88:04:4a:71:59:91:c1:ce:1f:
ae:c6:63:0e:44:02:35:28:e6:1d:68:6b:e2:b6:fd:83:0b:8a:
1e:9f:e2:a7:84:0f:fa:9f:34:52:55:b2:02:3c:ed:5c:6a:a2:
98:b9:03:51:e4:f1:ae:5f:7f:42:42:bb:eb:7d:6f:b7:be:63:
7c:e9:15:d7:07:3c:9b:7a:c6:fd:14:a3:66:77:60:f9:67:f1:
fa:66:50:ea
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZzmZlONWfnD1AllOTisJ3G1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjYwMzEzMDg1MzExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjhkNzYyMWUyYTE4YmI3ZWE2MDAxMWRiMzZkMjhjYjVlOTFmMmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1Ep2PfDQx/iWLswt32slpcTmRO7
j4DNGrvEJPTRwelK0IxpcOu/c32fG0x+Pd1PA3zZ26eSoJ2tH0LU6Z00/VlUcHvU
8mnRBVgIgSJpr3oapkL+QnlfyA7ebrsmXHMq/dszd4qzqM2lH9SFylDKWDUv6I4A
xTUVrEEUN4Mq2NDsFgscx/foskZlFL7VCnPwQ+u+gUu1Y4B4PiGtrlqij0cZVnuy
0J1R+yjpBojFl1kR7hoz4wKOQqT9XjhGTdHYDcGDLFYE4hptVC4/vgpFoupbSJiN
cU2kz2SwBGwiVEgQmaxM9gSYcDdgVYm9ejaNHtJpK9XBnCrJmtQGjs7cmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLuNdiHioYu36mABHbNtKMtekfKjMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvdTQxMkllS2hpN2ZxWUFFZHMyMG95MTZSOHFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwHnzMA0G
CSqGSIb3DQEBCwUAA4IBAQDCx+vY3cOXqIh5Lyrgx2UJMv7Y+SufqkahYcdx42m7
DzPYMdrUpBZzOmJCx2SwEGmX2a2yEwwd5Ly9VTttc1rmmBK7RBlzAfV28NXP3RJ3
Y9Ncq9AeMoyW7HUtFd+02YMsF82vC9AQs+nJOpLoRXVNPxtcf6czi/IQy9oh1EgG
6Yn8+f4le04YQsNFiS60aWEROsh+8L1GV+VZqR0nWQIH6uE4hpqtM4bcOF+IBEpx
WZHBzh+uxmMORAI1KOYdaGvitv2DC4oen+KnhA/6nzRSVbICPO1caqKYuQNR5PGu
X39CQrvrfW+3vmN86RXXBzybesb9FKNmd2D5Z/H6ZlDq
-----END CERTIFICATE-----
Generated at Sat Mar 28 12:18:44 2026 by rpki-client