Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/5b4426-a266-43ce-a9e6-b0e6058d4dd7/1/COArWkWp4H7Fpsqqvu-1UmRg6mU.roa
File: COArWkWp4H7Fpsqqvu-1UmRg6mU.roa (raw, json)
Hash identifier: mQQnglVyiRMK/Nrf0tRpl8G0nODZ3VkTzaOu82uT2J8=
Subject key identifier: 08:E0:2B:5A:45:A9:E0:7E:C5:A6:CA:AA:BE:EF:B5:52:64:60:EA:65
Certificate issuer: /CN=96d66966ffda0a5d0e131d134a79d93205c8c550
Certificate serial: 019CA9D27283C59E0D9F84100237355BD221
Authority key identifier: 96:D6:69:66:FF:DA:0A:5D:0E:13:1D:13:4A:79:D9:32:05:C8:C5:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ltZpZv_aCl0OEx0TSnnZMgXIxVA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/5b4426-a266-43ce-a9e6-b0e6058d4dd7/1/COArWkWp4H7Fpsqqvu-1UmRg6mU.roa
Signing time: Sun 01 Mar 2026 14:34:27 +0000
ROA not before: Sun 01 Mar 2026 14:34:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 16276
IP address blocks: 91.233.11.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/5b4426-a266-43ce-a9e6-b0e6058d4dd7/1/ltZpZv_aCl0OEx0TSnnZMgXIxVA.crl
rsync://rpki.ripe.net/repository/DEFAULT/06/5b4426-a266-43ce-a9e6-b0e6058d4dd7/1/ltZpZv_aCl0OEx0TSnnZMgXIxVA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ltZpZv_aCl0OEx0TSnnZMgXIxVA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 14:55:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:a9:d2:72:83:c5:9e:0d:9f:84:10:02:37:35:5b:d2:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96d66966ffda0a5d0e131d134a79d93205c8c550
Validity
Not Before: Mar 1 14:34:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=08e02b5a45a9e07ec5a6caaabeefb5526460ea65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:7b:66:5c:1a:f2:c7:f1:f9:56:44:59:09:de:
57:c3:25:2b:87:3b:f8:45:7b:41:31:36:22:53:79:
92:d3:21:b7:9a:b3:ea:e9:eb:ec:ee:74:f4:8e:72:
5e:db:29:d5:47:9a:1f:4c:ac:ec:91:86:e1:f4:f2:
a3:ad:11:44:86:51:7e:3a:ee:75:4a:0c:82:90:79:
c8:3b:c0:8a:e2:1c:3c:e5:02:cf:c4:c3:74:aa:9f:
bd:31:bc:bf:8f:57:6a:ce:a3:aa:ed:82:6c:06:3f:
ce:fb:5d:9a:17:e2:3f:a0:20:47:7b:59:62:48:fa:
0f:d6:70:d7:df:10:d4:39:38:ce:bc:a9:ae:8c:9a:
de:c6:da:71:ed:c5:14:1a:fd:cb:f6:87:34:a9:79:
54:f6:ee:f5:c3:f6:7c:c7:1d:f6:76:0a:24:e1:ea:
46:25:f3:31:dd:66:05:45:99:1e:45:04:98:06:85:
5a:a0:26:d3:51:98:b7:27:46:a7:0e:a5:b3:6c:81:
b4:c4:ed:c7:c6:4f:f1:5e:e6:05:ac:7b:6b:21:31:
0f:26:bc:80:1c:02:60:b2:94:ae:cf:f6:76:6d:b5:
08:0e:99:af:09:07:8e:3c:ee:1b:39:1b:75:c3:63:
43:53:69:10:a8:34:df:02:1a:5e:89:85:53:73:72:
20:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:E0:2B:5A:45:A9:E0:7E:C5:A6:CA:AA:BE:EF:B5:52:64:60:EA:65
X509v3 Authority Key Identifier:
keyid:96:D6:69:66:FF:DA:0A:5D:0E:13:1D:13:4A:79:D9:32:05:C8:C5:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ltZpZv_aCl0OEx0TSnnZMgXIxVA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/5b4426-a266-43ce-a9e6-b0e6058d4dd7/1/COArWkWp4H7Fpsqqvu-1UmRg6mU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/5b4426-a266-43ce-a9e6-b0e6058d4dd7/1/ltZpZv_aCl0OEx0TSnnZMgXIxVA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.233.11.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:71:05:9b:d9:7d:7d:dd:6d:c0:42:7a:d9:da:9e:1b:59:53:
c9:68:23:87:7c:01:61:ab:67:99:99:31:b3:18:3a:72:1e:de:
43:44:cf:d4:1d:1c:34:9d:be:06:5f:2c:61:b0:78:4d:ae:71:
06:6f:73:ac:23:9b:be:dd:f1:34:d7:05:2b:76:eb:d1:ac:ed:
54:e7:1d:e4:c3:60:22:9f:6e:66:c5:51:c9:d6:a2:3b:32:97:
4f:40:9a:9f:08:48:21:2f:15:71:29:8f:d5:e3:62:e9:da:4c:
6c:5b:36:61:3b:de:c5:44:13:5d:e9:3f:c6:33:5d:75:37:b2:
0b:54:47:5d:a5:59:f0:93:fe:c4:0e:c7:53:32:d4:cc:8b:b7:
c3:cf:1c:cf:a8:af:bf:a9:4b:e8:c1:e5:40:28:39:22:08:c0:
bd:28:bc:1f:3b:07:4c:4e:a8:da:f8:6f:aa:32:ee:37:d8:7d:
25:7a:a9:33:f5:35:48:e8:c1:74:21:f0:4c:eb:2d:6f:71:b3:
c5:c1:b8:92:a8:57:49:52:ed:98:2f:a5:ee:c8:a1:ea:aa:41:
8f:2f:a6:e0:8c:28:dc:3f:ac:9c:28:af:74:c4:68:ea:f6:dc:
8b:76:6e:3b:59:43:70:a2:31:87:8f:1d:fd:3f:48:ba:f3:63:
e4:e8:c4:0e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZyp0nKDxZ4Nn4QQAjc1W9IhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2ZDY2OTY2ZmZkYTBhNWQwZTEzMWQxMzRhNzlkOTMyMDVj
OGM1NTAwHhcNMjYwMzAxMTQzNDI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGUwMmI1YTQ1YTllMDdlYzVhNmNhYWFiZWVmYjU1MjY0NjBlYTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzntmXBryx/H5VkRZCd5XwyUrhzv4
RXtBMTYiU3mS0yG3mrPq6evs7nT0jnJe2ynVR5ofTKzskYbh9PKjrRFEhlF+Ou51
SgyCkHnIO8CK4hw85QLPxMN0qp+9Mby/j1dqzqOq7YJsBj/O+12aF+I/oCBHe1li
SPoP1nDX3xDUOTjOvKmujJrextpx7cUUGv3L9oc0qXlU9u71w/Z8xx32dgok4epG
JfMx3WYFRZkeRQSYBoVaoCbTUZi3J0anDqWzbIG0xO3Hxk/xXuYFrHtrITEPJryA
HAJgspSuz/Z2bbUIDpmvCQeOPO4bORt1w2NDU2kQqDTfAhpeiYVTc3IgGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAjgK1pFqeB+xabKqr7vtVJkYOplMB8GA1UdIwQY
MBaAFJbWaWb/2gpdDhMdE0p52TIFyMVQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHRacFp2X2FDbDBPRXgwVFNublpNZ1hJeFZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi81YjQ0MjYtYTI2Ni00M2NlLWE5ZTYt
YjBlNjA1OGQ0ZGQ3LzEvQ09BcldrV3A0SDdGcHNxcXZ1LTFVbVJnNm1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi81YjQ0MjYtYTI2Ni00M2NlLWE5ZTYtYjBlNjA1OGQ0ZGQ3
LzEvbHRacFp2X2FDbDBPRXgwVFNublpNZ1hJeFZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+kLMA0G
CSqGSIb3DQEBCwUAA4IBAQCzcQWb2X193W3AQnrZ2p4bWVPJaCOHfAFhq2eZmTGz
GDpyHt5DRM/UHRw0nb4GXyxhsHhNrnEGb3OsI5u+3fE01wUrduvRrO1U5x3kw2Ai
n25mxVHJ1qI7MpdPQJqfCEghLxVxKY/V42Lp2kxsWzZhO97FRBNd6T/GM111N7IL
VEddpVnwk/7EDsdTMtTMi7fDzxzPqK+/qUvoweVAKDkiCMC9KLwfOwdMTqja+G+q
Mu432H0leqkz9TVI6MF0IfBM6y1vcbPFwbiSqFdJUu2YL6XuyKHqqkGPL6bgjCjc
P6ycKK90xGjq9tyLdm47WUNwojGHjx39P0i682Pk6MQO
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:05:27 2026 by rpki-client