Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/iE31HcpgdKKrdPMldO0jIS93Go4.roa
File: iE31HcpgdKKrdPMldO0jIS93Go4.roa (raw, json)
Hash identifier: q2vi84j7Hjeqqy/+pd9xsj/QdQIOk9oRPO1utxPcNqU=
Subject key identifier: 88:4D:F5:1D:CA:60:74:A2:AB:74:F3:25:74:ED:23:21:2F:77:1A:8E
Certificate issuer: /CN=c6a249a0eacd8abcbea0d82ef71016d386e8ef94
Certificate serial: 019CE16000E4112F6A1CA0FD1491E1E6A225
Authority key identifier: C6:A2:49:A0:EA:CD:8A:BC:BE:A0:D8:2E:F7:10:16:D3:86:E8:EF:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xqJJoOrNiry-oNgu9xAW04bo75Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/iE31HcpgdKKrdPMldO0jIS93Go4.roa
Signing time: Thu 12 Mar 2026 09:28:11 +0000
ROA not before: Thu 12 Mar 2026 09:28:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 134135
IP address blocks: 95.155.160.0/24 maxlen: 24
95.155.161.0/24 maxlen: 24
95.155.162.0/24 maxlen: 24
95.155.163.0/24 maxlen: 24
95.155.164.0/24 maxlen: 24
95.155.165.0/24 maxlen: 24
95.155.166.0/24 maxlen: 24
95.155.167.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/xqJJoOrNiry-oNgu9xAW04bo75Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/xqJJoOrNiry-oNgu9xAW04bo75Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/xqJJoOrNiry-oNgu9xAW04bo75Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 23:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e1:60:00:e4:11:2f:6a:1c:a0:fd:14:91:e1:e6:a2:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6a249a0eacd8abcbea0d82ef71016d386e8ef94
Validity
Not Before: Mar 12 09:28:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=884df51dca6074a2ab74f32574ed23212f771a8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:e4:5b:2e:64:79:b0:58:c8:7d:44:99:4c:d0:
32:7a:aa:99:53:70:b8:f1:8b:48:20:68:f5:a8:49:
b0:35:3f:bf:18:04:b8:40:d1:60:24:01:d4:ca:53:
61:fa:4f:8b:9e:b9:40:af:5e:51:6f:2b:80:73:4d:
b4:0d:50:ae:e8:65:69:2e:c4:53:50:2e:14:ca:ed:
9d:0a:de:93:4d:3e:f4:9f:28:93:7d:03:2b:f9:4f:
16:81:fe:3e:2a:fd:51:7f:a6:b2:35:11:13:c3:ab:
90:83:f8:a4:20:dc:d2:b9:0f:c9:06:17:ae:31:38:
df:05:04:aa:ca:be:44:83:33:2e:b5:1f:33:65:ff:
bf:29:c9:45:fc:09:27:62:02:8d:b3:7e:a6:f5:07:
15:a8:f2:dc:d2:b6:c4:e2:6f:e1:26:b4:19:48:c0:
b2:e8:09:71:5d:d4:c7:d0:e7:87:ff:4d:9e:df:e1:
f4:c8:05:bc:95:b4:12:9c:16:72:ea:6f:28:f4:39:
b7:a6:eb:c7:c4:48:5b:ae:29:e6:a4:fd:13:4d:c1:
79:38:59:83:34:1e:67:3a:8e:e7:0c:f2:02:08:c0:
10:22:69:86:19:93:a4:a6:6b:ad:71:b7:b7:b6:de:
77:f3:b2:2a:1b:b1:1e:25:ac:43:f6:70:c9:e1:ee:
6a:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:4D:F5:1D:CA:60:74:A2:AB:74:F3:25:74:ED:23:21:2F:77:1A:8E
X509v3 Authority Key Identifier:
keyid:C6:A2:49:A0:EA:CD:8A:BC:BE:A0:D8:2E:F7:10:16:D3:86:E8:EF:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xqJJoOrNiry-oNgu9xAW04bo75Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/iE31HcpgdKKrdPMldO0jIS93Go4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/xqJJoOrNiry-oNgu9xAW04bo75Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.155.160.0/21
Signature Algorithm: sha256WithRSAEncryption
20:1e:50:89:38:ef:99:10:d1:59:9a:9d:92:24:83:81:f9:aa:
01:5a:4d:d5:a5:39:7a:54:4a:ec:af:b7:02:2c:f1:28:23:73:
04:6d:2f:3f:8d:41:a3:70:56:ac:7c:ea:9e:bc:2c:e7:9a:8c:
72:73:a9:6c:dd:6f:b6:de:96:3a:1a:72:59:2b:5b:94:7c:6c:
e6:6c:0c:6f:f3:0f:9e:94:75:4d:aa:96:10:4a:ea:a4:5b:e3:
d8:bb:ac:f3:25:e5:8e:f2:0b:0b:2b:f2:f7:02:26:75:60:ad:
9a:4a:ba:a4:da:3d:c3:08:8f:77:5f:4f:0c:4d:c8:ba:13:bd:
23:ca:db:92:0e:e2:3c:7e:26:d0:08:9a:9a:40:72:bb:29:9e:
74:00:04:72:f6:c3:bb:d8:59:d4:7e:57:bc:2a:03:a3:f5:08:
b3:13:72:2e:ce:0b:1e:22:21:99:0b:0d:52:89:7a:be:7e:a2:
a0:69:95:02:20:b3:0e:22:1e:9c:4f:8c:f9:12:f6:cc:ea:2c:
08:24:e9:4c:22:33:e9:c3:07:b0:bd:04:1d:b7:c0:f6:9a:40:
fb:e9:59:f5:b5:14:c6:d8:aa:ba:14:b9:01:86:5a:11:6a:3d:
00:8d:93:44:a6:53:45:98:9e:2c:d7:88:96:95:0c:de:1b:92:
c1:4a:6e:0c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZzhYADkES9qHKD9FJHh5qIlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YTI0OWEwZWFjZDhhYmNiZWEwZDgyZWY3MTAxNmQzODZl
OGVmOTQwHhcNMjYwMzEyMDkyODExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODRkZjUxZGNhNjA3NGEyYWI3NGYzMjU3NGVkMjMyMTJmNzcxYThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuORbLmR5sFjIfUSZTNAyeqqZU3C4
8YtIIGj1qEmwNT+/GAS4QNFgJAHUylNh+k+LnrlAr15RbyuAc020DVCu6GVpLsRT
UC4Uyu2dCt6TTT70nyiTfQMr+U8Wgf4+Kv1Rf6ayNRETw6uQg/ikINzSuQ/JBheu
MTjfBQSqyr5EgzMutR8zZf+/KclF/AknYgKNs36m9QcVqPLc0rbE4m/hJrQZSMCy
6AlxXdTH0OeH/02e3+H0yAW8lbQSnBZy6m8o9Dm3puvHxEhbrinmpP0TTcF5OFmD
NB5nOo7nDPICCMAQImmGGZOkpmutcbe3tt5387IqG7EeJaxD9nDJ4e5qvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIhN9R3KYHSiq3TzJXTtIyEvdxqOMB8GA1UdIwQY
MBaAFMaiSaDqzYq8vqDYLvcQFtOG6O+UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHFKSm9Pck5pcnktb05ndTl4QVcwNGJvNzVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8zMGYxODYtOTBlMi00Y2E2LTkxN2Ut
MjEwNTdkMjI4ZDA1LzEvaUUzMUhjcGdkS0tyZFBNbGRPMGpJUzkzR280LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8zMGYxODYtOTBlMi00Y2E2LTkxN2UtMjEwNTdkMjI4ZDA1
LzEveHFKSm9Pck5pcnktb05ndTl4QVcwNGJvNzVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDX5ugMA0G
CSqGSIb3DQEBCwUAA4IBAQAgHlCJOO+ZENFZmp2SJIOB+aoBWk3VpTl6VErsr7cC
LPEoI3MEbS8/jUGjcFasfOqevCznmoxyc6ls3W+23pY6GnJZK1uUfGzmbAxv8w+e
lHVNqpYQSuqkW+PYu6zzJeWO8gsLK/L3AiZ1YK2aSrqk2j3DCI93X08MTci6E70j
ytuSDuI8fibQCJqaQHK7KZ50AARy9sO72FnUfle8KgOj9QizE3IuzgseIiGZCw1S
iXq+fqKgaZUCILMOIh6cT4z5EvbM6iwIJOlMIjPpwwewvQQdt8D2mkD76Vn1tRTG
2Kq6FLkBhloRaj0AjZNEplNFmJ4s14iWlQzeG5LBSm4M
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:07:29 2026 by rpki-client