Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/516d35-5711-49a6-8ca0-55ff65f6bc12/1/KAS5oJnMRBLN3CMFfME2h-Rh7mU.roa
File: KAS5oJnMRBLN3CMFfME2h-Rh7mU.roa (raw, json)
Hash identifier: LS/iW/nevmUgfZkUxmuVR5hiIsYE32zEMVLICjYAf/4=
Subject key identifier: 28:04:B9:A0:99:CC:44:12:CD:DC:23:05:7C:C1:36:87:E4:61:EE:65
Certificate issuer: /CN=69375d8a73f65ee321eb7c08db8380b25864b912
Certificate serial: 019C7A78DD4B712F12B2455C012CDBD7B829
Authority key identifier: 69:37:5D:8A:73:F6:5E:E3:21:EB:7C:08:DB:83:80:B2:58:64:B9:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aTddinP2XuMh63wI24OAslhkuRI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/516d35-5711-49a6-8ca0-55ff65f6bc12/1/KAS5oJnMRBLN3CMFfME2h-Rh7mU.roa
Signing time: Fri 20 Feb 2026 09:54:27 +0000
ROA not before: Fri 20 Feb 2026 09:54:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 41312
IP address blocks: 91.223.78.0/24 maxlen: 24
195.74.79.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1f/516d35-5711-49a6-8ca0-55ff65f6bc12/1/aTddinP2XuMh63wI24OAslhkuRI.crl
rsync://rpki.ripe.net/repository/DEFAULT/1f/516d35-5711-49a6-8ca0-55ff65f6bc12/1/aTddinP2XuMh63wI24OAslhkuRI.mft
rsync://rpki.ripe.net/repository/DEFAULT/aTddinP2XuMh63wI24OAslhkuRI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:7a:78:dd:4b:71:2f:12:b2:45:5c:01:2c:db:d7:b8:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69375d8a73f65ee321eb7c08db8380b25864b912
Validity
Not Before: Feb 20 09:54:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2804b9a099cc4412cddc23057cc13687e461ee65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:cb:7f:25:0f:ae:05:68:15:93:63:6f:30:52:
03:c2:70:7c:68:a8:d8:94:75:47:74:f6:94:f8:71:
77:96:80:41:17:cd:98:51:c8:67:84:26:b1:54:49:
4d:25:32:04:f3:22:d4:17:f9:fc:6f:02:b7:c7:ab:
05:1b:e5:dc:fa:66:6e:de:f6:1c:88:0b:73:14:d7:
02:b9:25:55:dc:0e:8a:96:56:fa:54:77:87:6a:2e:
3f:19:00:7b:b8:08:58:fa:b2:ce:a4:7f:fb:42:bc:
84:e7:1c:c8:86:f7:c9:9e:bd:c4:71:45:c9:d9:f9:
54:ea:df:ec:dd:b0:52:47:65:af:b0:59:b4:8e:fe:
80:0d:20:f6:ea:a2:ac:2f:cb:0f:75:b6:11:ca:b7:
1b:b7:59:09:f2:c7:0f:6c:47:1b:1c:59:83:01:c9:
6c:75:96:1e:bf:17:36:7c:b6:ec:eb:e8:bf:14:f0:
92:1b:69:6b:02:6a:b5:65:0f:88:a4:a5:c7:fe:59:
4d:fb:b0:66:5b:74:88:8c:e5:39:25:21:80:d7:64:
08:4b:de:df:16:f1:d3:44:e2:2c:5f:c2:97:15:c9:
cc:31:2a:0a:06:d5:0d:98:ed:07:22:f5:4d:8d:3b:
71:5d:ad:0e:3c:4d:b6:51:1f:bf:56:76:11:9b:a3:
5e:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:04:B9:A0:99:CC:44:12:CD:DC:23:05:7C:C1:36:87:E4:61:EE:65
X509v3 Authority Key Identifier:
keyid:69:37:5D:8A:73:F6:5E:E3:21:EB:7C:08:DB:83:80:B2:58:64:B9:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aTddinP2XuMh63wI24OAslhkuRI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/516d35-5711-49a6-8ca0-55ff65f6bc12/1/KAS5oJnMRBLN3CMFfME2h-Rh7mU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/516d35-5711-49a6-8ca0-55ff65f6bc12/1/aTddinP2XuMh63wI24OAslhkuRI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.78.0/24
195.74.79.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:bc:18:e1:a1:eb:12:4a:fc:22:38:42:33:bb:2f:23:51:c8:
f4:6d:75:15:6c:82:59:5f:60:3f:88:59:40:ee:ca:14:c1:70:
02:8e:96:50:bd:c2:1c:46:29:b6:72:3d:5c:d4:19:41:46:db:
47:50:f1:42:5a:ac:cc:f9:dd:69:f0:49:ad:2e:f4:9f:d1:23:
1d:b4:8b:a7:5d:05:a1:68:c1:b0:b0:e8:15:ef:82:09:0e:e9:
f7:8c:43:bc:c7:72:e1:ff:8c:76:38:7c:98:30:cb:6e:39:e6:
93:0f:29:c2:98:d3:a7:6e:c6:35:db:d1:bd:9f:ee:57:b8:f1:
8c:7f:d6:ba:a1:d9:95:d2:8e:6d:66:c8:18:7d:f2:63:3d:91:
80:00:9d:5d:38:18:c0:ed:6b:19:fb:51:76:27:df:75:7f:87:
0a:e5:f7:14:be:eb:cb:83:59:de:50:f3:4c:46:cd:64:ce:74:
10:01:13:22:7b:ef:32:fb:a5:4f:4e:67:ef:de:93:37:2c:8e:
69:88:7d:c6:58:54:fe:c5:3b:df:1b:9e:a3:5b:13:5b:46:e0:
bd:27:c6:7f:c3:dd:6d:96:0c:ee:17:42:27:d1:9a:b9:e1:23:
0e:f8:b4:30:0d:a9:6f:a7:38:b1:3e:92:8f:0f:9e:33:54:bd:
b6:a5:61:c2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZx6eN1LcS8SskVcASzb17gpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5Mzc1ZDhhNzNmNjVlZTMyMWViN2MwOGRiODM4MGIyNTg2
NGI5MTIwHhcNMjYwMjIwMDk1NDI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODA0YjlhMDk5Y2M0NDEyY2RkYzIzMDU3Y2MxMzY4N2U0NjFlZTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjct/JQ+uBWgVk2NvMFIDwnB8aKjY
lHVHdPaU+HF3loBBF82YUchnhCaxVElNJTIE8yLUF/n8bwK3x6sFG+Xc+mZu3vYc
iAtzFNcCuSVV3A6Kllb6VHeHai4/GQB7uAhY+rLOpH/7QryE5xzIhvfJnr3EcUXJ
2flU6t/s3bBSR2WvsFm0jv6ADSD26qKsL8sPdbYRyrcbt1kJ8scPbEcbHFmDAcls
dZYevxc2fLbs6+i/FPCSG2lrAmq1ZQ+IpKXH/llN+7BmW3SIjOU5JSGA12QIS97f
FvHTROIsX8KXFcnMMSoKBtUNmO0HIvVNjTtxXa0OPE22UR+/VnYRm6NeeQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCgEuaCZzEQSzdwjBXzBNofkYe5lMB8GA1UdIwQY
MBaAFGk3XYpz9l7jIet8CNuDgLJYZLkSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVRkZGluUDJYdU1oNjN3STI0T0FzbGhrdVJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi81MTZkMzUtNTcxMS00OWE2LThjYTAt
NTVmZjY1ZjZiYzEyLzEvS0FTNW9Kbk1SQkxOM0NNRmZNRTJoLVJoN21VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi81MTZkMzUtNTcxMS00OWE2LThjYTAtNTVmZjY1ZjZiYzEy
LzEvYVRkZGluUDJYdU1oNjN3STI0T0FzbGhrdVJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW99OAwQA
w0pPMA0GCSqGSIb3DQEBCwUAA4IBAQC5vBjhoesSSvwiOEIzuy8jUcj0bXUVbIJZ
X2A/iFlA7soUwXACjpZQvcIcRim2cj1c1BlBRttHUPFCWqzM+d1p8EmtLvSf0SMd
tIunXQWhaMGwsOgV74IJDun3jEO8x3Lh/4x2OHyYMMtuOeaTDynCmNOnbsY129G9
n+5XuPGMf9a6odmV0o5tZsgYffJjPZGAAJ1dOBjA7WsZ+1F2J991f4cK5fcUvuvL
g1neUPNMRs1kznQQARMie+8y+6VPTmfv3pM3LI5piH3GWFT+xTvfG56jWxNbRuC9
J8Z/w91tlgzuF0In0Zq54SMO+LQwDalvpzixPpKPD54zVL22pWHC
-----END CERTIFICATE-----
Generated at Mon Mar 2 00:03:10 2026 by rpki-client