Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/098772-dbb6-4dbb-b595-b26f70e03d76/1/essmluPsIrvtkSAXTqAoE5_3hTI.roa
File: essmluPsIrvtkSAXTqAoE5_3hTI.roa (raw, json)
Hash identifier: tODCkpAkT35OyrRtWTOWreHd/1cQjGKH73sJfiXX3Qg=
Subject key identifier: 7A:CB:26:96:E3:EC:22:BB:ED:91:20:17:4E:A0:28:13:9F:F7:85:32
Certificate issuer: /CN=47684a7ebf9de294831a2c03e1b5a012420acd97
Certificate serial: 019E6A7EAC0720A3E50C16D883386EE508B0
Authority key identifier: 47:68:4A:7E:BF:9D:E2:94:83:1A:2C:03:E1:B5:A0:12:42:0A:CD:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R2hKfr-d4pSDGiwD4bWgEkIKzZc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/098772-dbb6-4dbb-b595-b26f70e03d76/1/essmluPsIrvtkSAXTqAoE5_3hTI.roa
Signing time: Wed 27 May 2026 17:32:26 +0000
ROA not before: Wed 27 May 2026 17:32:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 206658
IP address blocks: 91.217.195.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/098772-dbb6-4dbb-b595-b26f70e03d76/1/R2hKfr-d4pSDGiwD4bWgEkIKzZc.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/098772-dbb6-4dbb-b595-b26f70e03d76/1/R2hKfr-d4pSDGiwD4bWgEkIKzZc.mft
rsync://rpki.ripe.net/repository/DEFAULT/R2hKfr-d4pSDGiwD4bWgEkIKzZc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 14:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:6a:7e:ac:07:20:a3:e5:0c:16:d8:83:38:6e:e5:08:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=47684a7ebf9de294831a2c03e1b5a012420acd97
Validity
Not Before: May 27 17:32:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7acb2696e3ec22bbed9120174ea028139ff78532
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:e1:4e:da:98:d8:17:33:0e:a5:06:3e:86:a5:
65:bf:89:f1:f8:e7:1b:8e:a4:d5:79:bf:cd:b4:b3:
d9:a3:b4:65:3a:87:73:8b:1f:38:77:b1:39:f5:6b:
67:2e:bc:cd:06:d2:bd:b6:70:83:1f:5b:35:d4:e3:
40:a5:95:f9:d9:d2:07:54:1e:88:7f:7e:02:66:49:
54:7e:b4:3f:64:d1:4a:b2:44:cc:ce:47:48:4b:84:
cb:51:65:ac:d1:85:8c:d9:fd:6b:24:7e:b9:6a:ef:
14:27:79:93:82:e1:19:7d:9f:93:13:78:b8:71:9b:
dc:4a:bc:86:96:49:6b:29:db:99:92:2a:54:7c:f4:
3a:87:14:8a:60:14:90:e8:03:08:33:2b:07:4b:65:
73:2b:c4:b0:a4:17:7a:61:5f:be:c9:99:7f:dc:b3:
cd:2b:d6:c3:69:19:a2:1e:6f:b2:57:bc:65:cc:94:
67:6d:60:37:57:9e:85:67:f7:c3:34:77:72:40:30:
53:82:b2:52:53:27:a9:2a:75:8c:4a:fc:a4:d1:3f:
99:fa:15:97:26:ed:e1:cf:44:15:4e:8f:f0:d9:ed:
af:e0:1e:1a:d3:e6:77:1b:cd:a4:c6:04:b8:e9:83:
d8:0b:4e:85:eb:0b:be:de:a7:0e:0a:58:28:ca:34:
9b:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:CB:26:96:E3:EC:22:BB:ED:91:20:17:4E:A0:28:13:9F:F7:85:32
X509v3 Authority Key Identifier:
keyid:47:68:4A:7E:BF:9D:E2:94:83:1A:2C:03:E1:B5:A0:12:42:0A:CD:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R2hKfr-d4pSDGiwD4bWgEkIKzZc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/098772-dbb6-4dbb-b595-b26f70e03d76/1/essmluPsIrvtkSAXTqAoE5_3hTI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/098772-dbb6-4dbb-b595-b26f70e03d76/1/R2hKfr-d4pSDGiwD4bWgEkIKzZc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.195.0/24
Signature Algorithm: sha256WithRSAEncryption
20:4a:6f:ae:bf:61:c8:44:db:1b:4f:66:7c:80:42:f9:80:f3:
eb:0e:2d:1a:7b:1b:13:4c:0c:03:b6:1c:5c:03:b7:b8:6b:3b:
bd:b6:79:58:76:1a:90:4a:87:4b:e9:fc:a8:6b:e3:ac:dd:76:
31:d5:c0:ef:94:9d:da:99:8f:16:63:87:cf:ac:37:e1:33:66:
a8:9b:e3:f0:bf:ba:7f:48:ea:13:d6:a3:a8:7a:5f:a9:da:d3:
9d:07:4d:46:f2:40:2e:09:4c:d1:66:03:e0:e8:3a:86:28:f2:
88:e3:d7:97:5b:f1:b3:4a:6f:bf:aa:39:a6:8b:c2:c0:2c:59:
43:6c:69:2e:b1:87:52:bb:d3:34:6d:40:f5:f0:49:c5:0c:b4:
6b:a2:21:ac:47:3e:c7:9b:d3:3a:b5:ea:87:e2:a2:36:1d:72:
01:4e:1a:40:df:5a:98:9b:99:09:c1:30:34:3b:2c:75:4d:c1:
46:97:21:58:60:86:41:32:ad:ce:e8:69:01:a2:1b:f3:ec:8a:
14:b4:45:05:2b:63:bb:99:70:a2:ff:94:f9:2b:e8:22:84:b4:
eb:93:db:60:f8:46:3c:8c:9f:81:22:ee:5a:bb:dc:72:b7:d0:
24:ec:7a:a3:ee:44:71:bf:d2:22:44:bf:96:6c:2a:65:3a:fc:
18:96:2f:e6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ5qfqwHIKPlDBbYgzhu5QiwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3Njg0YTdlYmY5ZGUyOTQ4MzFhMmMwM2UxYjVhMDEyNDIw
YWNkOTcwHhcNMjYwNTI3MTczMjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWNiMjY5NmUzZWMyMmJiZWQ5MTIwMTc0ZWEwMjgxMzlmZjc4NTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4+FO2pjYFzMOpQY+hqVlv4nx+Ocb
jqTVeb/NtLPZo7RlOodzix84d7E59WtnLrzNBtK9tnCDH1s11ONApZX52dIHVB6I
f34CZklUfrQ/ZNFKskTMzkdIS4TLUWWs0YWM2f1rJH65au8UJ3mTguEZfZ+TE3i4
cZvcSryGlklrKduZkipUfPQ6hxSKYBSQ6AMIMysHS2VzK8SwpBd6YV++yZl/3LPN
K9bDaRmiHm+yV7xlzJRnbWA3V56FZ/fDNHdyQDBTgrJSUyepKnWMSvyk0T+Z+hWX
Ju3hz0QVTo/w2e2v4B4a0+Z3G82kxgS46YPYC06F6wu+3qcOClgoyjSb/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHrLJpbj7CK77ZEgF06gKBOf94UyMB8GA1UdIwQY
MBaAFEdoSn6/neKUgxosA+G1oBJCCs2XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjJoS2ZyLWQ0cFNER2l3RDRiV2dFa0lLelpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy8wOTg3NzItZGJiNi00ZGJiLWI1OTUt
YjI2ZjcwZTAzZDc2LzEvZXNzbWx1UHNJcnZ0a1NBWFRxQW9FNV8zaFRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy8wOTg3NzItZGJiNi00ZGJiLWI1OTUtYjI2ZjcwZTAzZDc2
LzEvUjJoS2ZyLWQ0cFNER2l3RDRiV2dFa0lLelpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9nDMA0G
CSqGSIb3DQEBCwUAA4IBAQAgSm+uv2HIRNsbT2Z8gEL5gPPrDi0aexsTTAwDthxc
A7e4azu9tnlYdhqQSodL6fyoa+Os3XYx1cDvlJ3amY8WY4fPrDfhM2aom+Pwv7p/
SOoT1qOoel+p2tOdB01G8kAuCUzRZgPg6DqGKPKI49eXW/GzSm+/qjmmi8LALFlD
bGkusYdSu9M0bUD18EnFDLRroiGsRz7Hm9M6teqH4qI2HXIBThpA31qYm5kJwTA0
Oyx1TcFGlyFYYIZBMq3O6GkBohvz7IoUtEUFK2O7mXCi/5T5K+gihLTrk9tg+EY8
jJ+BIu5au9xyt9Ak7Hqj7kRxv9IiRL+WbCplOvwYli/m
-----END CERTIFICATE-----
Generated at Sat Jun 13 23:12:37 2026 by rpki-client