Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/AT7FQLG2UUjyo3d4e6IRvENj5-w.roa
File: AT7FQLG2UUjyo3d4e6IRvENj5-w.roa (raw, json)
Hash identifier: gZF293cO6fOokcvSru3HZunk3gWSY7f3PELfdlKOb8E=
Subject key identifier: 01:3E:C5:40:B1:B6:51:48:F2:A3:77:78:7B:A2:11:BC:43:63:E7:EC
Certificate issuer: /CN=c6a249a0eacd8abcbea0d82ef71016d386e8ef94
Certificate serial: 019D1B432841599E7188A99C69BA3489CA90
Authority key identifier: C6:A2:49:A0:EA:CD:8A:BC:BE:A0:D8:2E:F7:10:16:D3:86:E8:EF:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xqJJoOrNiry-oNgu9xAW04bo75Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/AT7FQLG2UUjyo3d4e6IRvENj5-w.roa
Signing time: Mon 23 Mar 2026 15:14:39 +0000
ROA not before: Mon 23 Mar 2026 15:14:39 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 393942
IP address blocks: 95.155.134.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/xqJJoOrNiry-oNgu9xAW04bo75Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/xqJJoOrNiry-oNgu9xAW04bo75Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/xqJJoOrNiry-oNgu9xAW04bo75Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 16:14:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:1b:43:28:41:59:9e:71:88:a9:9c:69:ba:34:89:ca:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6a249a0eacd8abcbea0d82ef71016d386e8ef94
Validity
Not Before: Mar 23 15:14:39 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=013ec540b1b65148f2a377787ba211bc4363e7ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:e1:c5:4c:5d:6a:f0:d4:da:85:79:75:af:27:
c2:7a:3d:4e:ef:85:50:f1:19:bd:bb:86:38:bf:06:
34:af:78:91:78:ff:b2:12:b1:79:b5:bc:1f:61:aa:
69:50:0a:a4:05:7a:ce:79:46:8f:b0:3e:7d:c5:f0:
be:b8:2a:82:82:bc:24:e6:7f:2f:7a:1b:b2:cf:ce:
1e:36:d7:7a:cd:9f:45:6e:c3:0d:a4:ec:0c:39:c8:
96:eb:6e:1d:55:1f:76:a5:1a:02:d9:60:38:8e:36:
a6:9a:41:e6:64:5e:0b:25:22:34:0b:04:d8:70:a8:
4c:4d:b9:0d:8d:15:cd:0c:ff:b7:d3:ea:3c:4b:45:
b1:9a:c8:50:2e:2d:f9:3c:de:04:13:f8:4d:1d:98:
0c:93:e0:e8:82:39:ce:ce:98:80:55:19:67:21:8c:
64:fd:a9:cf:b4:e5:4e:ec:ae:8a:9d:3b:57:8c:56:
e0:7a:ca:f6:2a:c2:2e:64:00:69:62:cf:56:c7:ae:
fe:28:30:fd:76:91:fe:a0:29:01:d6:03:52:a7:ed:
42:5b:7f:12:5b:f7:1e:6e:0e:a0:d9:8a:a7:72:fb:
27:36:75:c1:ff:da:af:4d:28:8f:2a:6a:95:2d:d2:
3d:23:23:a0:4f:ee:83:cc:b0:f9:1c:01:f4:dc:3f:
35:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:3E:C5:40:B1:B6:51:48:F2:A3:77:78:7B:A2:11:BC:43:63:E7:EC
X509v3 Authority Key Identifier:
keyid:C6:A2:49:A0:EA:CD:8A:BC:BE:A0:D8:2E:F7:10:16:D3:86:E8:EF:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xqJJoOrNiry-oNgu9xAW04bo75Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/AT7FQLG2UUjyo3d4e6IRvENj5-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/xqJJoOrNiry-oNgu9xAW04bo75Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.155.134.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:fd:57:a9:66:1b:a2:2c:a6:c9:f5:c3:a2:df:46:7e:77:18:
6b:c8:2c:00:57:90:44:3e:31:74:3f:5c:47:c0:a8:b8:83:e5:
6b:4e:f1:ae:39:ad:c3:f6:a3:ff:78:87:88:3a:6e:fa:c8:da:
2b:ff:cd:96:ec:30:13:79:dd:fc:2f:f2:14:b6:45:d8:65:e2:
68:23:3a:55:c6:44:9a:cd:44:f1:0f:c8:8f:c1:f7:b0:bf:fa:
f7:32:4e:80:57:73:f3:e4:46:e4:54:89:05:f5:74:28:2d:5d:
8d:22:36:a1:fb:47:27:c7:60:50:8c:02:ca:a9:53:5a:76:1e:
0d:50:b5:8d:ca:56:aa:30:a2:ca:27:f2:b8:b7:6b:75:ca:c7:
01:e7:b5:97:ed:c1:f7:6a:a7:a0:aa:bf:c1:80:f5:d8:71:f0:
9f:5d:10:e1:67:cb:c9:b7:db:f3:a7:88:d0:45:3d:a3:ae:dd:
3e:50:21:84:09:27:5c:e6:03:5f:ae:00:04:68:27:ca:bd:50:
8a:ce:a1:53:84:c4:0e:a8:7b:48:45:3f:1d:43:04:56:f3:6f:
1c:bb:98:1b:bf:52:70:44:b0:9c:3c:fb:fb:e3:5e:26:77:5a:
56:e7:75:09:fa:ac:bb:6e:19:23:bf:6b:c1:d1:2e:35:cb:b8:
eb:3c:25:f2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ0bQyhBWZ5xiKmcabo0icqQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YTI0OWEwZWFjZDhhYmNiZWEwZDgyZWY3MTAxNmQzODZl
OGVmOTQwHhcNMjYwMzIzMTUxNDM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTNlYzU0MGIxYjY1MTQ4ZjJhMzc3Nzg3YmEyMTFiYzQzNjNlN2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+HFTF1q8NTahXl1ryfCej1O74VQ
8Rm9u4Y4vwY0r3iReP+yErF5tbwfYappUAqkBXrOeUaPsD59xfC+uCqCgrwk5n8v
ehuyz84eNtd6zZ9FbsMNpOwMOciW624dVR92pRoC2WA4jjammkHmZF4LJSI0CwTY
cKhMTbkNjRXNDP+30+o8S0WxmshQLi35PN4EE/hNHZgMk+DogjnOzpiAVRlnIYxk
/anPtOVO7K6KnTtXjFbgesr2KsIuZABpYs9Wx67+KDD9dpH+oCkB1gNSp+1CW38S
W/cebg6g2YqncvsnNnXB/9qvTSiPKmqVLdI9IyOgT+6DzLD5HAH03D81fQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAE+xUCxtlFI8qN3eHuiEbxDY+fsMB8GA1UdIwQY
MBaAFMaiSaDqzYq8vqDYLvcQFtOG6O+UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHFKSm9Pck5pcnktb05ndTl4QVcwNGJvNzVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8zMGYxODYtOTBlMi00Y2E2LTkxN2Ut
MjEwNTdkMjI4ZDA1LzEvQVQ3RlFMRzJVVWp5bzNkNGU2SVJ2RU5qNS13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8zMGYxODYtOTBlMi00Y2E2LTkxN2UtMjEwNTdkMjI4ZDA1
LzEveHFKSm9Pck5pcnktb05ndTl4QVcwNGJvNzVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX5uGMA0G
CSqGSIb3DQEBCwUAA4IBAQA+/VepZhuiLKbJ9cOi30Z+dxhryCwAV5BEPjF0P1xH
wKi4g+VrTvGuOa3D9qP/eIeIOm76yNor/82W7DATed38L/IUtkXYZeJoIzpVxkSa
zUTxD8iPwfewv/r3Mk6AV3Pz5EbkVIkF9XQoLV2NIjah+0cnx2BQjALKqVNadh4N
ULWNylaqMKLKJ/K4t2t1yscB57WX7cH3aqegqr/BgPXYcfCfXRDhZ8vJt9vzp4jQ
RT2jrt0+UCGECSdc5gNfrgAEaCfKvVCKzqFThMQOqHtIRT8dQwRW828cu5gbv1Jw
RLCcPPv7414md1pW53UJ+qy7bhkjv2vB0S41y7jrPCXy
-----END CERTIFICATE-----
Generated at Fri Mar 27 00:06:07 2026 by rpki-client