Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/506db9-12aa-463c-a7ea-d3cdd5c3392c/1/nRT4uPgwT417V9baArl5danbAXs.roa
File: nRT4uPgwT417V9baArl5danbAXs.roa (raw, json)
Hash identifier: UtWiWHKN1zx/FcfGBAr5SXtChOSfn+roky2GoxL/E5k=
Subject key identifier: 9D:14:F8:B8:F8:30:4F:8D:7B:57:D6:DA:02:B9:79:75:A9:DB:01:7B
Certificate issuer: /CN=53a8b7bca8b11d27850e918ca599669880162929
Certificate serial: 019B7EA703DB7C1F48842A2026E235ED3C58
Authority key identifier: 53:A8:B7:BC:A8:B1:1D:27:85:0E:91:8C:A5:99:66:98:80:16:29:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U6i3vKixHSeFDpGMpZlmmIAWKSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/506db9-12aa-463c-a7ea-d3cdd5c3392c/1/nRT4uPgwT417V9baArl5danbAXs.roa
Signing time: Fri 02 Jan 2026 12:20:33 +0000
ROA not before: Fri 02 Jan 2026 12:20:33 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 13147
IP address blocks: 194.153.145.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/506db9-12aa-463c-a7ea-d3cdd5c3392c/1/U6i3vKixHSeFDpGMpZlmmIAWKSk.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/506db9-12aa-463c-a7ea-d3cdd5c3392c/1/U6i3vKixHSeFDpGMpZlmmIAWKSk.mft
rsync://rpki.ripe.net/repository/DEFAULT/U6i3vKixHSeFDpGMpZlmmIAWKSk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7e:a7:03:db:7c:1f:48:84:2a:20:26:e2:35:ed:3c:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53a8b7bca8b11d27850e918ca599669880162929
Validity
Not Before: Jan 2 12:20:33 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9d14f8b8f8304f8d7b57d6da02b97975a9db017b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:43:50:af:2c:27:aa:e6:50:bd:bd:77:45:0c:
94:19:17:a5:bd:aa:de:48:08:2e:77:49:99:7f:be:
b2:05:62:52:e7:e1:ef:21:6b:be:cd:58:37:db:a2:
80:9f:bf:c7:16:89:01:d0:6a:87:76:e9:23:1c:c6:
80:e1:6c:68:44:9d:23:14:78:f8:f3:c2:04:8c:91:
72:d3:82:34:eb:01:8a:7a:c0:c5:ab:b1:fc:ed:ff:
f2:5f:27:bc:71:e9:58:f7:93:84:42:46:29:a1:e7:
c8:4e:f4:7c:9d:3e:39:10:33:89:aa:0d:bd:5e:d7:
be:cf:f4:e3:82:62:df:50:be:18:c1:a5:fb:bc:a2:
a0:81:ec:a8:e9:cd:4c:25:73:5f:ac:64:5e:8c:2f:
50:15:a5:2a:de:69:44:aa:dc:ec:af:05:36:fb:7d:
6e:46:23:16:c9:42:71:fd:d5:6d:05:cb:50:8e:4a:
dd:a1:1a:b1:9b:b7:16:2b:ae:a1:87:65:bc:1f:d7:
8a:9c:d6:73:8e:53:d9:52:85:4f:c6:f5:d4:b9:e1:
f6:2d:be:33:ce:a7:09:da:a6:fb:f6:c4:af:5b:47:
05:bc:38:96:f2:0e:e2:40:af:32:c0:31:b0:b2:65:
95:2a:6e:e0:13:5f:d4:20:dd:41:9c:c1:60:da:54:
9e:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:14:F8:B8:F8:30:4F:8D:7B:57:D6:DA:02:B9:79:75:A9:DB:01:7B
X509v3 Authority Key Identifier:
keyid:53:A8:B7:BC:A8:B1:1D:27:85:0E:91:8C:A5:99:66:98:80:16:29:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U6i3vKixHSeFDpGMpZlmmIAWKSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/506db9-12aa-463c-a7ea-d3cdd5c3392c/1/nRT4uPgwT417V9baArl5danbAXs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/506db9-12aa-463c-a7ea-d3cdd5c3392c/1/U6i3vKixHSeFDpGMpZlmmIAWKSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.153.145.0/24
Signature Algorithm: sha256WithRSAEncryption
ca:7a:b3:d2:03:68:95:cd:73:b6:12:23:62:5b:72:5d:0e:bb:
27:e5:53:5b:8e:4f:ce:b2:17:80:55:09:8f:5f:f4:c6:d5:7d:
be:22:11:f9:f9:57:77:b4:f1:02:22:2b:2a:53:47:e7:51:58:
1e:7d:c1:2c:b7:57:bb:95:ad:52:2b:aa:a9:cb:2e:71:db:dd:
cd:1c:c4:f1:ac:2b:07:90:ac:34:2d:c2:9b:de:75:c3:85:7e:
18:43:df:da:fa:55:60:ce:21:42:40:44:02:e1:30:4c:ef:71:
ff:98:85:01:34:db:5e:ac:b2:ac:4f:20:52:d5:f5:d0:3c:26:
f7:34:58:94:6c:ca:bd:87:f0:96:70:ec:21:28:8e:2d:47:46:
e5:95:84:95:33:ef:6c:0e:ab:57:da:bf:85:f8:19:5a:b1:ff:
14:3c:08:ae:95:55:c9:de:b7:33:88:e1:4c:ae:24:2a:9d:48:
53:ce:98:0b:30:c5:fe:d5:1f:e6:b2:61:56:f1:1a:6d:dd:20:
dd:84:25:a2:fa:33:23:2e:d3:3b:60:60:5b:b5:30:dc:b4:83:
11:6e:b2:fa:ae:5d:0a:ad:bf:96:48:c6:82:82:e5:bc:04:1d:
a2:ac:c0:4c:a4:2a:26:c7:75:38:90:1f:af:17:71:b2:42:2b:
78:db:7e:a4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt+pwPbfB9IhCogJuI17TxYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzYThiN2JjYThiMTFkMjc4NTBlOTE4Y2E1OTk2Njk4ODAx
NjI5MjkwHhcNMjYwMTAyMTIyMDMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDE0ZjhiOGY4MzA0ZjhkN2I1N2Q2ZGEwMmI5Nzk3NWE5ZGIwMTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArENQrywnquZQvb13RQyUGRelvare
SAgud0mZf76yBWJS5+HvIWu+zVg326KAn7/HFokB0GqHdukjHMaA4WxoRJ0jFHj4
88IEjJFy04I06wGKesDFq7H87f/yXye8celY95OEQkYpoefITvR8nT45EDOJqg29
Xte+z/TjgmLfUL4YwaX7vKKggeyo6c1MJXNfrGRejC9QFaUq3mlEqtzsrwU2+31u
RiMWyUJx/dVtBctQjkrdoRqxm7cWK66hh2W8H9eKnNZzjlPZUoVPxvXUueH2Lb4z
zqcJ2qb79sSvW0cFvDiW8g7iQK8ywDGwsmWVKm7gE1/UIN1BnMFg2lSexwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ0U+Lj4ME+Ne1fW2gK5eXWp2wF7MB8GA1UdIwQY
MBaAFFOot7yosR0nhQ6RjKWZZpiAFikpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTZpM3ZLaXhIU2VGRHBHTXBabG1tSUFXS1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81MDZkYjktMTJhYS00NjNjLWE3ZWEt
ZDNjZGQ1YzMzOTJjLzEvblJUNHVQZ3dUNDE3VjliYUFybDVkYW5iQVhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81MDZkYjktMTJhYS00NjNjLWE3ZWEtZDNjZGQ1YzMzOTJj
LzEvVTZpM3ZLaXhIU2VGRHBHTXBabG1tSUFXS1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwpmRMA0G
CSqGSIb3DQEBCwUAA4IBAQDKerPSA2iVzXO2EiNiW3JdDrsn5VNbjk/OsheAVQmP
X/TG1X2+IhH5+Vd3tPECIisqU0fnUVgefcEst1e7la1SK6qpyy5x293NHMTxrCsH
kKw0LcKb3nXDhX4YQ9/a+lVgziFCQEQC4TBM73H/mIUBNNterLKsTyBS1fXQPCb3
NFiUbMq9h/CWcOwhKI4tR0bllYSVM+9sDqtX2r+F+Blasf8UPAiulVXJ3rcziOFM
riQqnUhTzpgLMMX+1R/msmFW8Rpt3SDdhCWi+jMjLtM7YGBbtTDctIMRbrL6rl0K
rb+WSMaCguW8BB2irMBMpComx3U4kB+vF3GyQit4236k
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:04:24 2026 by rpki-client