Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/32876b-a82b-4704-ba67-98477a8653c7/1/I4H-h-0IvTFBhVPDqjS4bNj_Ebs.roa
File: I4H-h-0IvTFBhVPDqjS4bNj_Ebs.roa (raw, json)
Hash identifier: sH+OJNMuVDP+q4KSVOmVWCp6qFy7xvvRbWmFSeE0ZQA=
Subject key identifier: 23:81:FE:87:ED:08:BD:31:41:85:53:C3:AA:34:B8:6C:D8:FF:11:BB
Certificate issuer: /CN=5e936bea1b0c3a208aba27d8b10b275e474dde2c
Certificate serial: 019CE61EE7B9B7148AC341EFFBB18E95D09B
Authority key identifier: 5E:93:6B:EA:1B:0C:3A:20:8A:BA:27:D8:B1:0B:27:5E:47:4D:DE:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XpNr6hsMOiCKuifYsQsnXkdN3iw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/32876b-a82b-4704-ba67-98477a8653c7/1/I4H-h-0IvTFBhVPDqjS4bNj_Ebs.roa
Signing time: Fri 13 Mar 2026 07:35:10 +0000
ROA not before: Fri 13 Mar 2026 07:35:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 200544
IP address blocks: 159.22.0.0/16 maxlen: 16
159.22.0.0/17 maxlen: 17
159.22.128.0/17 maxlen: 23
2a07:ad00::/29 maxlen: 29
2a07:ad00::/30 maxlen: 30
2a07:ad00::/31 maxlen: 31
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/de/32876b-a82b-4704-ba67-98477a8653c7/1/XpNr6hsMOiCKuifYsQsnXkdN3iw.crl
rsync://rpki.ripe.net/repository/DEFAULT/de/32876b-a82b-4704-ba67-98477a8653c7/1/XpNr6hsMOiCKuifYsQsnXkdN3iw.mft
rsync://rpki.ripe.net/repository/DEFAULT/XpNr6hsMOiCKuifYsQsnXkdN3iw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 16:32:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e6:1e:e7:b9:b7:14:8a:c3:41:ef:fb:b1:8e:95:d0:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e936bea1b0c3a208aba27d8b10b275e474dde2c
Validity
Not Before: Mar 13 07:35:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2381fe87ed08bd31418553c3aa34b86cd8ff11bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:33:1d:7d:ad:f7:cd:44:a2:5b:da:98:6f:16:
21:d9:1d:84:90:0d:1e:f2:d2:66:a1:be:c8:cb:be:
f1:dd:9e:51:2d:90:5b:7a:49:14:0b:f8:7c:f2:07:
81:7c:0e:a8:76:fd:c9:24:25:6b:4c:ad:16:69:f0:
b4:ea:05:02:e3:96:d1:61:7f:79:e0:7b:c1:f2:e1:
e2:1a:aa:a9:9f:ba:d7:f2:2a:64:4d:04:26:0d:4b:
8a:36:c2:bf:eb:f9:e0:fa:f3:f2:7a:1b:e2:ba:37:
21:83:3e:16:92:80:b0:45:64:50:77:08:9f:4f:48:
7f:41:3c:e7:37:00:67:b6:78:77:13:2e:17:ef:bb:
54:a1:2f:f7:13:28:8d:51:bd:0b:ea:bf:ad:24:4b:
e5:b3:42:b2:26:12:72:a6:61:01:6c:fc:83:49:fb:
26:6a:ea:58:17:4b:d1:90:5c:95:50:66:af:78:76:
0a:3e:4f:16:0d:95:a4:95:9b:61:ef:60:bc:21:a6:
64:bb:d3:c5:27:ff:8a:92:4c:44:55:28:96:7c:4a:
ba:49:4e:fe:53:76:ce:8f:2d:be:45:20:3f:64:3d:
3e:52:13:d0:01:e3:fd:ab:16:c7:c4:89:28:47:b6:
33:da:25:7d:57:37:c5:13:12:a0:cc:fa:b8:b9:51:
7e:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:81:FE:87:ED:08:BD:31:41:85:53:C3:AA:34:B8:6C:D8:FF:11:BB
X509v3 Authority Key Identifier:
keyid:5E:93:6B:EA:1B:0C:3A:20:8A:BA:27:D8:B1:0B:27:5E:47:4D:DE:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XpNr6hsMOiCKuifYsQsnXkdN3iw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/32876b-a82b-4704-ba67-98477a8653c7/1/I4H-h-0IvTFBhVPDqjS4bNj_Ebs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/32876b-a82b-4704-ba67-98477a8653c7/1/XpNr6hsMOiCKuifYsQsnXkdN3iw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.22.0.0/16
IPv6:
2a07:ad00::/29
Signature Algorithm: sha256WithRSAEncryption
1a:6c:f6:e7:6f:a8:4e:6a:9d:68:fa:56:ac:f0:c9:8d:4b:97:
8b:91:3f:5f:f4:8b:2b:dd:47:0c:37:59:cf:6e:2b:5f:5c:6a:
da:b4:40:80:ba:f6:b3:78:70:3c:dc:c3:d2:61:e2:9d:ca:9f:
bd:6a:30:ad:53:05:cd:a7:12:f1:5c:15:46:84:78:57:6f:f6:
71:6e:3a:78:f4:92:da:56:d6:9d:9a:f1:de:11:98:97:e3:2f:
59:2b:f2:7b:29:a6:e6:e5:46:06:52:62:74:7d:da:31:a1:77:
fb:f2:bb:2d:cd:ac:32:f7:c1:9b:80:92:58:ba:a0:3d:44:6a:
11:67:30:0f:6b:19:e3:a4:1c:11:3b:55:31:0f:31:45:9b:7b:
6f:72:34:e6:9d:5f:20:f9:f1:2d:76:27:06:4f:f1:d1:ef:f9:
55:c9:12:29:52:1a:50:24:a9:3d:18:f8:38:51:77:ce:3f:46:
b3:9f:35:9f:46:6f:65:12:93:fc:c2:09:85:8e:c1:19:39:83:
8b:f1:32:4a:5f:ec:71:5a:9d:27:1b:75:a3:a8:1e:9f:ef:17:
7c:5b:d7:5f:a3:a6:26:f0:ba:03:ae:0a:8f:96:a1:d4:fc:b7:
3b:e7:3b:28:3c:1a:4c:bf:4b:99:4e:f5:b5:ad:eb:30:73:c0:
87:6f:54:f7
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZzmHue5txSKw0Hv+7GOldCbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlOTM2YmVhMWIwYzNhMjA4YWJhMjdkOGIxMGIyNzVlNDc0
ZGRlMmMwHhcNMjYwMzEzMDczNTEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzgxZmU4N2VkMDhiZDMxNDE4NTUzYzNhYTM0Yjg2Y2Q4ZmYxMWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyzMdfa33zUSiW9qYbxYh2R2EkA0e
8tJmob7Iy77x3Z5RLZBbekkUC/h88geBfA6odv3JJCVrTK0WafC06gUC45bRYX95
4HvB8uHiGqqpn7rX8ipkTQQmDUuKNsK/6/ng+vPyehviujchgz4WkoCwRWRQdwif
T0h/QTznNwBntnh3Ey4X77tUoS/3EyiNUb0L6r+tJEvls0KyJhJypmEBbPyDSfsm
aupYF0vRkFyVUGaveHYKPk8WDZWklZth72C8IaZku9PFJ/+KkkxEVSiWfEq6SU7+
U3bOjy2+RSA/ZD0+UhPQAeP9qxbHxIkoR7Yz2iV9VzfFExKgzPq4uVF+bQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFCOB/oftCL0xQYVTw6o0uGzY/xG7MB8GA1UdIwQY
MBaAFF6Ta+obDDogiron2LELJ15HTd4sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHBOcjZoc01PaUNLdWlmWXNRc25Ya2ROM2l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS8zMjg3NmItYTgyYi00NzA0LWJhNjct
OTg0NzdhODY1M2M3LzEvSTRILWgtMEl2VEZCaFZQRHFqUzRiTmpfRWJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS8zMjg3NmItYTgyYi00NzA0LWJhNjctOTg0NzdhODY1M2M3
LzEvWHBOcjZoc01PaUNLdWlmWXNRc25Ya2ROM2l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDALBAIAATAFAwMAnxYwDQQC
AAIwBwMFAyoHrQAwDQYJKoZIhvcNAQELBQADggEBABps9udvqE5qnWj6VqzwyY1L
l4uRP1/0iyvdRww3Wc9uK19catq0QIC69rN4cDzcw9Jh4p3Kn71qMK1TBc2nEvFc
FUaEeFdv9nFuOnj0ktpW1p2a8d4RmJfjL1kr8nsppublRgZSYnR92jGhd/vyuy3N
rDL3wZuAkli6oD1EahFnMA9rGeOkHBE7VTEPMUWbe29yNOadXyD58S12JwZP8dHv
+VXJEilSGlAkqT0Y+DhRd84/RrOfNZ9Gb2USk/zCCYWOwRk5g4vxMkpf7HFanScb
daOoHp/vF3xb11+jpibwugOuCo+WodT8tzvnOyg8Gky/S5lO9bWt6zBzwIdvVPc=
-----END CERTIFICATE-----
Generated at Fri Mar 27 00:07:58 2026 by rpki-client