Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/m4CMglLKx5afVc4xGa4MNQL45e0.roa
File: m4CMglLKx5afVc4xGa4MNQL45e0.roa (raw, json)
Hash identifier: aQupodLAGlRxTsd2+5VonhOCOKwRDtVmp6gxInX0RbM=
Subject key identifier: 9B:80:8C:82:52:CA:C7:96:9F:55:CE:31:19:AE:0C:35:02:F8:E5:ED
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 019D7634CF71097E08F11AA61E1D0C453B6C
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/m4CMglLKx5afVc4xGa4MNQL45e0.roa
Signing time: Fri 10 Apr 2026 07:04:25 +0000
ROA not before: Fri 10 Apr 2026 07:04:25 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 397563
IP address blocks: 89.44.209.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.mft
rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:76:34:cf:71:09:7e:08:f1:1a:a6:1e:1d:0c:45:3b:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: Apr 10 07:04:25 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9b808c8252cac7969f55ce3119ae0c3502f8e5ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:b8:44:17:97:34:1d:0f:e1:83:db:0f:7f:5e:
8e:2e:5f:b2:aa:5f:0d:3b:36:84:8d:ee:38:1d:e6:
52:a5:27:44:7b:07:9b:97:9f:23:33:73:09:5d:94:
9f:1b:56:f6:1a:d2:24:11:b5:1c:f3:0d:f4:b9:76:
27:4b:f3:ce:fc:23:3c:1d:7c:de:75:35:68:5b:ee:
d0:76:c1:f3:50:d2:0e:6a:35:bc:de:9c:2b:98:e8:
1f:81:f4:ea:ee:58:9b:49:4c:d0:b5:b0:71:e7:c1:
15:8f:55:1c:18:c8:6d:c1:8c:4b:db:d6:7d:a3:38:
ba:69:59:5f:98:51:b2:6b:af:89:79:66:d2:4c:48:
e9:3e:1e:c2:64:a2:a7:c6:c5:c7:99:58:95:9a:30:
ab:7b:51:fe:60:fa:7e:36:94:a4:72:0c:8e:6f:36:
d5:49:9e:2b:ce:7e:a0:05:c2:0b:69:36:5a:c7:dc:
70:a9:34:56:a7:52:3b:76:23:75:4c:fd:74:bc:75:
d9:a5:f7:b3:30:82:84:58:50:99:17:61:25:bb:ca:
bf:80:42:e3:69:c0:ad:48:74:28:b8:52:ef:7e:29:
5b:2a:64:13:1c:e8:95:da:40:ca:59:fe:8b:c3:7c:
c9:0e:a9:2b:70:e2:ec:ed:75:65:e5:23:2c:31:c1:
9e:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:80:8C:82:52:CA:C7:96:9F:55:CE:31:19:AE:0C:35:02:F8:E5:ED
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/m4CMglLKx5afVc4xGa4MNQL45e0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.44.209.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:7c:72:f2:94:98:b5:9d:45:de:05:e0:c6:5a:86:8e:7c:73:
77:29:1c:64:42:30:37:bf:14:17:b3:83:3f:41:21:0c:2e:81:
8c:7f:68:a4:ba:a0:d8:19:ea:9b:1f:47:5f:ed:04:8c:f8:c5:
c5:4c:97:cd:3e:1d:77:ac:10:56:f0:c1:72:30:4a:44:3b:c3:
d4:8b:9b:2a:53:b1:3c:78:be:90:7c:64:fa:fa:30:1f:5a:ec:
a4:86:2f:3d:61:ba:66:0d:fb:26:c7:08:39:b2:77:14:00:a2:
e0:f1:69:3b:96:a9:9b:1e:dd:8b:3f:b5:49:cb:55:f8:2f:ad:
8c:6d:0a:a1:a6:24:19:c6:6a:3e:fe:d1:e8:4f:88:54:88:d1:
76:12:29:a2:b3:38:16:ab:35:66:55:d6:af:d7:ff:1f:5a:bf:
47:1f:a9:39:29:c9:0a:95:21:17:af:fd:de:a3:19:18:3f:a3:
b9:b7:47:0a:a0:ef:4c:c8:91:1c:6b:b6:75:b5:47:3a:b8:29:
45:de:d3:0a:1d:3c:a5:c6:e4:26:ab:2e:e0:33:e8:ec:08:9b:
f8:ff:f5:d6:f1:8b:10:99:7f:57:0c:47:2c:75:91:ff:8a:90:
a9:c3:1f:36:f4:98:b3:5d:26:63:d8:fd:06:c8:1f:66:e4:d7:
0e:2b:39:ee
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ12NM9xCX4I8RqmHh0MRTtsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjYwNDEwMDcwNDI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjgwOGM4MjUyY2FjNzk2OWY1NWNlMzExOWFlMGMzNTAyZjhlNWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAubhEF5c0HQ/hg9sPf16OLl+yql8N
OzaEje44HeZSpSdEewebl58jM3MJXZSfG1b2GtIkEbUc8w30uXYnS/PO/CM8HXze
dTVoW+7QdsHzUNIOajW83pwrmOgfgfTq7libSUzQtbBx58EVj1UcGMhtwYxL29Z9
ozi6aVlfmFGya6+JeWbSTEjpPh7CZKKnxsXHmViVmjCre1H+YPp+NpSkcgyObzbV
SZ4rzn6gBcILaTZax9xwqTRWp1I7diN1TP10vHXZpfezMIKEWFCZF2Elu8q/gELj
acCtSHQouFLvfilbKmQTHOiV2kDKWf6Lw3zJDqkrcOLs7XVl5SMsMcGepQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJuAjIJSyseWn1XOMRmuDDUC+OXtMB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvbTRDTWdsTEt4NWFmVmM0eEdhNE1OUUw0NWUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSzRMA0G
CSqGSIb3DQEBCwUAA4IBAQCnfHLylJi1nUXeBeDGWoaOfHN3KRxkQjA3vxQXs4M/
QSEMLoGMf2ikuqDYGeqbH0df7QSM+MXFTJfNPh13rBBW8MFyMEpEO8PUi5sqU7E8
eL6QfGT6+jAfWuykhi89YbpmDfsmxwg5sncUAKLg8Wk7lqmbHt2LP7VJy1X4L62M
bQqhpiQZxmo+/tHoT4hUiNF2EimiszgWqzVmVdav1/8fWr9HH6k5KckKlSEXr/3e
oxkYP6O5t0cKoO9MyJEca7Z1tUc6uClF3tMKHTylxuQmqy7gM+jsCJv4//XW8YsQ
mX9XDEcsdZH/ipCpwx829JizXSZj2P0GyB9m5NcOKznu
-----END CERTIFICATE-----
Generated at Fri Apr 17 17:12:17 2026 by rpki-client