Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/054867-14d4-4922-bf5f-6ddcfac970f7/1/pF7pebP5WMSvtBYNfmuQ-t6W4H0.roa
File: pF7pebP5WMSvtBYNfmuQ-t6W4H0.roa (raw, json)
Hash identifier: KSKboszkMU1v+1PwaR+IaRN7TiY93lV/NYdwGIx2O1Y=
Subject key identifier: A4:5E:E9:79:B3:F9:58:C4:AF:B4:16:0D:7E:6B:90:FA:DE:96:E0:7D
Certificate issuer: /CN=1e1c2357e70b97d03ed70c3d688ce507c6758d54
Certificate serial: 019C47BECF0DDA6E7F4F5D961AA8F4C2E4D7
Authority key identifier: 1E:1C:23:57:E7:0B:97:D0:3E:D7:0C:3D:68:8C:E5:07:C6:75:8D:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HhwjV-cLl9A-1ww9aIzlB8Z1jVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/054867-14d4-4922-bf5f-6ddcfac970f7/1/pF7pebP5WMSvtBYNfmuQ-t6W4H0.roa
Signing time: Tue 10 Feb 2026 13:30:12 +0000
ROA not before: Tue 10 Feb 2026 13:30:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 8998
IP address blocks: 5.1.53.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/054867-14d4-4922-bf5f-6ddcfac970f7/1/HhwjV-cLl9A-1ww9aIzlB8Z1jVQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/054867-14d4-4922-bf5f-6ddcfac970f7/1/HhwjV-cLl9A-1ww9aIzlB8Z1jVQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/HhwjV-cLl9A-1ww9aIzlB8Z1jVQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 21:01:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:47:be:cf:0d:da:6e:7f:4f:5d:96:1a:a8:f4:c2:e4:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e1c2357e70b97d03ed70c3d688ce507c6758d54
Validity
Not Before: Feb 10 13:30:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a45ee979b3f958c4afb4160d7e6b90fade96e07d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:25:76:07:92:f8:47:f8:6a:2a:ac:65:7b:fe:
e6:3a:e1:d9:3e:14:f5:ca:d8:cc:e4:cf:63:d7:18:
4b:a6:3c:8c:51:94:ba:ed:ed:64:05:72:0e:52:e7:
da:ea:d6:04:66:4c:dc:69:ce:7a:ed:e9:01:bd:2a:
03:6e:0f:12:f2:b1:3f:f4:7a:85:de:10:9c:e7:f8:
24:67:88:ec:91:3b:c2:3d:49:6c:ad:09:b5:06:db:
48:7a:fd:2f:95:e0:4a:cc:f1:7a:0d:cb:31:b6:95:
eb:9e:c4:8a:37:80:02:51:fa:a6:68:a3:91:39:3a:
21:1b:36:31:07:10:b5:b4:a1:40:e3:2a:66:5b:eb:
5e:d1:2b:b0:c8:ff:a6:dc:d3:9f:80:2f:30:0f:40:
1f:c8:27:f7:fc:ae:00:87:25:8b:ad:fe:28:16:c3:
79:66:5d:d7:a2:45:a7:4a:2e:35:34:8b:fb:cf:1f:
4b:b1:48:77:d9:45:17:24:06:78:2d:df:61:ef:00:
1a:95:b8:ec:cd:34:94:2d:1a:76:8e:9d:49:fc:68:
2e:46:7a:cb:ef:d8:2b:06:99:dd:02:61:67:77:ca:
1e:69:8f:f2:af:a9:af:16:e5:b4:fe:f4:09:f2:c1:
13:56:8c:3e:bd:02:97:f4:d4:a4:08:a5:74:82:a0:
e9:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:5E:E9:79:B3:F9:58:C4:AF:B4:16:0D:7E:6B:90:FA:DE:96:E0:7D
X509v3 Authority Key Identifier:
keyid:1E:1C:23:57:E7:0B:97:D0:3E:D7:0C:3D:68:8C:E5:07:C6:75:8D:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HhwjV-cLl9A-1ww9aIzlB8Z1jVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/054867-14d4-4922-bf5f-6ddcfac970f7/1/pF7pebP5WMSvtBYNfmuQ-t6W4H0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/054867-14d4-4922-bf5f-6ddcfac970f7/1/HhwjV-cLl9A-1ww9aIzlB8Z1jVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.1.53.0/24
Signature Algorithm: sha256WithRSAEncryption
58:85:8a:1c:5f:1d:64:66:13:94:45:fe:d4:aa:12:2f:05:4d:
15:36:f0:e0:f5:9c:db:f4:c9:c7:a8:b5:18:ed:9e:f6:de:8a:
5c:7b:59:bb:1f:3b:19:9b:54:33:ac:1a:dc:b2:50:29:c6:5a:
ab:91:0a:97:73:6c:86:0a:54:b7:5d:b0:8f:71:d5:ae:e3:ac:
69:7f:11:78:29:dc:e4:32:e5:8c:de:36:84:c4:72:f2:28:0c:
e6:ff:a7:8e:ab:1c:4e:9a:35:35:7d:2b:29:41:71:99:b8:82:
87:30:86:7f:c1:d1:bf:f2:47:1f:2e:79:e0:da:f9:28:62:ee:
78:6b:fa:cf:04:60:25:ee:ee:8e:c0:04:b7:8d:30:39:ef:42:
7f:fd:43:12:30:4a:9a:ed:9a:d1:33:b3:37:fe:ac:f8:37:14:
85:fe:ac:70:9b:59:7a:47:cc:67:22:e2:94:57:ec:ec:4f:4f:
c5:e9:0b:7b:3f:fc:18:46:55:f1:f0:69:7e:17:04:fb:9c:3f:
71:b0:24:76:99:a2:5a:6b:b2:b4:ed:a9:8b:54:b2:6c:51:0c:
53:95:9f:48:21:de:08:1e:ec:ff:c3:1b:f8:f1:a7:c0:33:84:
df:58:ee:f3:e3:a4:fb:22:fa:82:e5:bc:29:e6:b6:2d:7c:39:
e2:06:2c:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZxHvs8N2m5/T12WGqj0wuTXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMWMyMzU3ZTcwYjk3ZDAzZWQ3MGMzZDY4OGNlNTA3YzY3
NThkNTQwHhcNMjYwMjEwMTMzMDEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDVlZTk3OWIzZjk1OGM0YWZiNDE2MGQ3ZTZiOTBmYWRlOTZlMDdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0SV2B5L4R/hqKqxle/7mOuHZPhT1
ytjM5M9j1xhLpjyMUZS67e1kBXIOUufa6tYEZkzcac567ekBvSoDbg8S8rE/9HqF
3hCc5/gkZ4jskTvCPUlsrQm1BttIev0vleBKzPF6DcsxtpXrnsSKN4ACUfqmaKOR
OTohGzYxBxC1tKFA4ypmW+te0SuwyP+m3NOfgC8wD0AfyCf3/K4AhyWLrf4oFsN5
Zl3XokWnSi41NIv7zx9LsUh32UUXJAZ4Ld9h7wAalbjszTSULRp2jp1J/GguRnrL
79grBpndAmFnd8oeaY/yr6mvFuW0/vQJ8sETVow+vQKX9NSkCKV0gqDp8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKRe6Xmz+VjEr7QWDX5rkPreluB9MB8GA1UdIwQY
MBaAFB4cI1fnC5fQPtcMPWiM5QfGdY1UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGh3alYtY0xsOUEtMXd3OWFJemxCOFoxalZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8wNTQ4NjctMTRkNC00OTIyLWJmNWYt
NmRkY2ZhYzk3MGY3LzEvcEY3cGViUDVXTVN2dEJZTmZtdVEtdDZXNEgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8wNTQ4NjctMTRkNC00OTIyLWJmNWYtNmRkY2ZhYzk3MGY3
LzEvSGh3alYtY0xsOUEtMXd3OWFJemxCOFoxalZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABQE1MA0G
CSqGSIb3DQEBCwUAA4IBAQBYhYocXx1kZhOURf7UqhIvBU0VNvDg9Zzb9MnHqLUY
7Z723opce1m7HzsZm1QzrBrcslApxlqrkQqXc2yGClS3XbCPcdWu46xpfxF4Kdzk
MuWM3jaExHLyKAzm/6eOqxxOmjU1fSspQXGZuIKHMIZ/wdG/8kcfLnng2vkoYu54
a/rPBGAl7u6OwAS3jTA570J//UMSMEqa7ZrRM7M3/qz4NxSF/qxwm1l6R8xnIuKU
V+zsT0/F6Qt7P/wYRlXx8Gl+FwT7nD9xsCR2maJaa7K07amLVLJsUQxTlZ9IId4I
Huz/wxv48afAM4TfWO7z46T7IvqC5bwp5rYtfDniBiym
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:15:14 2026 by rpki-client