Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/27TAzNHTsDDgDvy1DWRFa9KtpOA.roa
File: 27TAzNHTsDDgDvy1DWRFa9KtpOA.roa (raw, json)
Hash identifier: 03B6diiG8VWq3AqkcUsboVkHGhFPe3ztNp+fTz5k0PI=
Subject key identifier: DB:B4:C0:CC:D1:D3:B0:30:E0:0E:FC:B5:0D:64:45:6B:D2:AD:A4:E0
Certificate issuer: /CN=1e5b334965788794d6f147a2f004d13be3257dc4
Certificate serial: 019D01AA94FBB9F5552A15A78814FE206970
Authority key identifier: 1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/27TAzNHTsDDgDvy1DWRFa9KtpOA.roa
Signing time: Wed 18 Mar 2026 15:57:29 +0000
ROA not before: Wed 18 Mar 2026 15:57:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 210320
IP address blocks: 152.89.195.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/HlszSWV4h5TW8Uei8ATRO-MlfcQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/HlszSWV4h5TW8Uei8ATRO-MlfcQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:01:aa:94:fb:b9:f5:55:2a:15:a7:88:14:fe:20:69:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e5b334965788794d6f147a2f004d13be3257dc4
Validity
Not Before: Mar 18 15:57:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=dbb4c0ccd1d3b030e00efcb50d64456bd2ada4e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:4d:8b:d5:25:74:8f:12:c0:c6:c4:6b:1f:ae:
96:c4:d9:f0:01:81:cc:7c:0a:89:3c:9a:7b:5a:2c:
74:99:f1:bc:35:52:4c:85:c5:ae:c4:32:7b:88:d4:
b3:11:5b:ec:40:20:9c:bc:70:7c:0d:35:90:67:97:
dc:ae:62:b1:ed:22:78:aa:c4:f6:42:6e:e2:b5:87:
fe:5c:60:ee:25:6b:19:58:78:60:7f:a0:75:5c:50:
67:2c:78:f7:77:1b:02:75:95:89:a0:3d:d7:47:ea:
de:16:ae:61:b1:55:4f:60:c3:65:b3:5e:9f:d4:33:
ba:76:95:ec:39:31:e9:28:f2:03:f9:c3:33:55:f6:
f5:90:68:2d:db:5d:e0:0f:1c:aa:7e:1a:45:8d:4a:
44:af:49:74:f5:90:40:30:a8:6f:7c:46:bb:c1:32:
9d:df:23:1a:42:24:4c:85:e4:58:e2:bf:cc:9e:c1:
c2:92:0c:5a:9d:c4:9c:ad:47:1c:de:3e:49:04:f2:
11:55:98:1e:ee:e3:b5:b4:ef:20:55:66:f5:ec:65:
fa:d3:f8:cb:9b:c4:17:5e:7f:1c:ff:ec:f9:e6:4a:
00:37:dd:f7:eb:42:be:f5:74:ce:2b:d9:2b:dd:a2:
d3:79:a1:b4:cf:e6:31:79:db:60:ec:54:b0:0d:21:
0b:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:B4:C0:CC:D1:D3:B0:30:E0:0E:FC:B5:0D:64:45:6B:D2:AD:A4:E0
X509v3 Authority Key Identifier:
keyid:1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/27TAzNHTsDDgDvy1DWRFa9KtpOA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/HlszSWV4h5TW8Uei8ATRO-MlfcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.195.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:2d:6d:b1:7d:7b:19:d4:b5:a4:4a:ea:02:85:4a:39:03:57:
73:89:d5:80:3f:34:6f:d0:4a:0e:9e:e2:2b:3e:99:df:99:70:
2c:cc:2a:21:6e:fd:92:02:a4:2a:c9:83:57:6b:d9:ac:8f:a2:
d8:eb:46:84:6f:41:f9:ff:06:92:c6:5a:d8:2b:b8:d0:26:d3:
cf:f3:b2:96:d1:91:e2:03:73:b5:36:1a:0d:eb:12:5a:30:50:
c2:54:cd:56:6a:0b:c0:84:e1:da:96:d5:36:5c:02:64:5a:79:
fd:b9:c5:27:24:bd:9c:f7:c6:63:16:ff:e8:42:c7:ae:34:50:
74:bd:39:5a:e0:9a:2c:30:6d:6d:7b:e9:51:cc:c6:a0:5e:1c:
33:47:84:f3:b5:36:9b:18:a5:25:03:cd:06:2c:d8:98:05:20:
a2:be:b4:66:56:eb:0e:37:ca:fb:b5:4a:d0:52:8b:da:7b:7c:
44:9f:30:b6:4f:07:db:0a:8b:e6:37:69:c7:cb:73:55:b9:99:
d2:e7:bf:45:74:86:bc:0b:0d:f8:2f:d1:73:d2:3a:39:7e:42:
3a:53:67:95:e8:fb:78:e8:4d:e5:b8:e9:98:4b:a3:ac:a1:87:
02:95:9e:e7:6d:ea:36:c0:92:81:30:a1:d0:67:cb:eb:77:65:
2c:1f:b1:47
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ0BqpT7ufVVKhWniBT+IGlwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNWIzMzQ5NjU3ODg3OTRkNmYxNDdhMmYwMDRkMTNiZTMy
NTdkYzQwHhcNMjYwMzE4MTU1NzI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmI0YzBjY2QxZDNiMDMwZTAwZWZjYjUwZDY0NDU2YmQyYWRhNGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1U2L1SV0jxLAxsRrH66WxNnwAYHM
fAqJPJp7Wix0mfG8NVJMhcWuxDJ7iNSzEVvsQCCcvHB8DTWQZ5fcrmKx7SJ4qsT2
Qm7itYf+XGDuJWsZWHhgf6B1XFBnLHj3dxsCdZWJoD3XR+reFq5hsVVPYMNls16f
1DO6dpXsOTHpKPID+cMzVfb1kGgt213gDxyqfhpFjUpEr0l09ZBAMKhvfEa7wTKd
3yMaQiRMheRY4r/MnsHCkgxancScrUcc3j5JBPIRVZge7uO1tO8gVWb17GX60/jL
m8QXXn8c/+z55koAN93360K+9XTOK9kr3aLTeaG0z+Yxedtg7FSwDSELYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNu0wMzR07Aw4A78tQ1kRWvSraTgMB8GA1UdIwQY
MBaAFB5bM0lleIeU1vFHovAE0TvjJX3EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDIt
OTk5MGUyZDllYWZlLzEvMjdUQXpOSFRzRERnRHZ5MURXUkZhOUt0cE9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDItOTk5MGUyZDllYWZl
LzEvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmFnDMA0G
CSqGSIb3DQEBCwUAA4IBAQCxLW2xfXsZ1LWkSuoChUo5A1dzidWAPzRv0EoOnuIr
PpnfmXAszCohbv2SAqQqyYNXa9msj6LY60aEb0H5/waSxlrYK7jQJtPP87KW0ZHi
A3O1NhoN6xJaMFDCVM1WagvAhOHaltU2XAJkWnn9ucUnJL2c98ZjFv/oQseuNFB0
vTla4JosMG1te+lRzMagXhwzR4TztTabGKUlA80GLNiYBSCivrRmVusON8r7tUrQ
Uovae3xEnzC2TwfbCovmN2nHy3NVuZnS579FdIa8Cw34L9Fz0jo5fkI6U2eV6Pt4
6E3luOmYS6OsoYcClZ7nbeo2wJKBMKHQZ8vrd2UsH7FH
-----END CERTIFICATE-----
Generated at Wed Mar 25 22:55:04 2026 by rpki-client