Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/d7ab0c-3c22-4c61-a201-dd6cc97c9bdd/1/9OWULVFRO3suW9wLpik4CaX5-7c.roa
File: 9OWULVFRO3suW9wLpik4CaX5-7c.roa (raw, json)
Hash identifier: 2VwI/F5stTR8nTTfsI9P8neYvYrYXtBqiHyyypRqrAY=
Subject key identifier: F4:E5:94:2D:51:51:3B:7B:2E:5B:DC:0B:A6:29:38:09:A5:F9:FB:B7
Certificate issuer: /CN=55b296d6b534fe3a32cc1c3a4e81358f216c93c7
Certificate serial: 019D440BE2E0BBC2344F967BE84416B85F8D
Authority key identifier: 55:B2:96:D6:B5:34:FE:3A:32:CC:1C:3A:4E:81:35:8F:21:6C:93:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VbKW1rU0_joyzBw6ToE1jyFsk8c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/d7ab0c-3c22-4c61-a201-dd6cc97c9bdd/1/9OWULVFRO3suW9wLpik4CaX5-7c.roa
Signing time: Tue 31 Mar 2026 13:18:42 +0000
ROA not before: Tue 31 Mar 2026 13:18:42 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 31529
IP address blocks: 81.91.164.0/24 maxlen: 24
185.151.141.0/24 maxlen: 24
185.151.142.0/24 maxlen: 24
185.151.143.0/24 maxlen: 24
194.0.0.0/24 maxlen: 24
194.0.11.0/24 maxlen: 24
194.246.96.0/24 maxlen: 24
2001:678:2::/48 maxlen: 48
2001:678:e::/48 maxlen: 48
2a02:568::/48 maxlen: 48
2a02:568:fe00::/48 maxlen: 48
2a02:568:fe01::/48 maxlen: 48
2a02:568:fe02::/48 maxlen: 48
2a02:56f::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/d7ab0c-3c22-4c61-a201-dd6cc97c9bdd/1/VbKW1rU0_joyzBw6ToE1jyFsk8c.crl
rsync://rpki.ripe.net/repository/DEFAULT/32/d7ab0c-3c22-4c61-a201-dd6cc97c9bdd/1/VbKW1rU0_joyzBw6ToE1jyFsk8c.mft
rsync://rpki.ripe.net/repository/DEFAULT/VbKW1rU0_joyzBw6ToE1jyFsk8c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:44:0b:e2:e0:bb:c2:34:4f:96:7b:e8:44:16:b8:5f:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=55b296d6b534fe3a32cc1c3a4e81358f216c93c7
Validity
Not Before: Mar 31 13:18:42 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f4e5942d51513b7b2e5bdc0ba6293809a5f9fbb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:4b:72:0b:c5:79:e5:63:0f:19:be:6a:c2:78:
ca:eb:85:0e:72:60:06:11:6f:12:54:fb:16:b8:72:
46:f7:2e:2e:a9:82:c2:cf:6c:3f:67:74:1e:91:69:
46:37:08:f9:9a:a0:b7:78:d1:c4:d9:a9:a8:36:bc:
01:a9:cc:1d:33:9d:02:90:c6:5a:7f:09:b6:2f:09:
82:fb:62:eb:e3:e8:1f:e8:da:c5:0d:e9:f0:c7:14:
ce:57:cc:1d:da:03:a7:4f:30:69:8d:ce:1b:f4:aa:
fb:44:b4:69:0d:ed:24:8b:6f:1e:06:3b:73:7c:2b:
af:90:72:b5:75:9c:c7:b9:eb:00:3b:4e:00:d3:a6:
3b:4b:02:21:20:62:fb:77:9a:d9:7d:6f:2b:c2:61:
8c:86:e0:17:1c:f4:44:73:46:69:bc:10:0b:d8:57:
7c:77:fe:19:03:b9:3d:96:8a:31:ad:c5:54:b0:f6:
c9:fc:d0:9d:ea:77:ad:aa:f0:e0:89:9a:1e:ab:0b:
fd:65:4c:7d:32:3b:e6:6e:90:5e:bb:4e:7c:68:59:
8b:cf:c6:bb:6e:90:fb:58:f3:3f:71:2c:60:d5:7a:
f7:5a:6a:eb:24:97:40:14:03:9c:0b:59:10:50:e7:
57:5e:33:dd:5d:4f:69:de:b4:d1:c0:16:83:0f:be:
60:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:E5:94:2D:51:51:3B:7B:2E:5B:DC:0B:A6:29:38:09:A5:F9:FB:B7
X509v3 Authority Key Identifier:
keyid:55:B2:96:D6:B5:34:FE:3A:32:CC:1C:3A:4E:81:35:8F:21:6C:93:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VbKW1rU0_joyzBw6ToE1jyFsk8c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/d7ab0c-3c22-4c61-a201-dd6cc97c9bdd/1/9OWULVFRO3suW9wLpik4CaX5-7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/d7ab0c-3c22-4c61-a201-dd6cc97c9bdd/1/VbKW1rU0_joyzBw6ToE1jyFsk8c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.91.164.0/24
185.151.141.0-185.151.143.255
194.0.0.0/24
194.0.11.0/24
194.246.96.0/24
IPv6:
2001:678:2::/48
2001:678:e::/48
2a02:568::/48
2a02:568:fe00::-2a02:568:fe02:ffff:ffff:ffff:ffff:ffff
2a02:56f::/32
Signature Algorithm: sha256WithRSAEncryption
cb:1d:09:de:80:df:f7:c7:fe:18:7c:bb:2a:10:90:f1:52:2d:
96:e6:57:6f:bb:34:ca:3a:88:e5:2a:b6:aa:3b:32:9a:f1:5f:
7c:a9:74:84:d6:d4:d2:50:33:d1:70:4b:fd:e6:a9:df:e2:2f:
76:03:5b:01:ee:92:3b:9d:85:e2:6e:80:11:a4:99:2d:45:a3:
88:5b:2e:98:81:1a:77:9a:28:55:15:aa:e2:91:12:dc:7d:db:
1c:aa:56:31:a2:02:23:7c:b2:00:4d:3f:f9:8c:e9:ff:44:5b:
6a:40:ba:d2:ee:2f:6e:1e:3c:e8:e7:ca:43:51:1c:0d:a5:a9:
a6:d0:7b:b6:74:62:da:c0:24:f2:69:3e:f7:15:e4:d0:22:b2:
10:89:9b:6f:15:bb:1e:03:65:a4:e5:86:a6:06:55:81:fc:56:
66:56:50:a7:94:fa:ee:fc:d8:5f:7e:e8:7d:f6:93:7b:6d:9a:
45:19:67:5e:5d:f3:ac:4c:a5:55:12:1b:01:0f:0f:99:c7:eb:
4c:1d:33:18:3c:8c:cd:5b:bc:2f:43:97:90:18:aa:44:20:3e:
8b:9d:f8:72:89:31:87:4b:8e:ee:98:0a:ae:58:e0:90:41:69:
d4:81:b5:a4:e5:88:59:6d:4e:9c:9e:9d:5d:7a:9c:93:00:92:
9e:fa:d4:4e
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgISAZ1EC+Lgu8I0T5Z76EQWuF+NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1YjI5NmQ2YjUzNGZlM2EzMmNjMWMzYTRlODEzNThmMjE2
YzkzYzcwHhcNMjYwMzMxMTMxODQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGU1OTQyZDUxNTEzYjdiMmU1YmRjMGJhNjI5MzgwOWE1ZjlmYmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA10tyC8V55WMPGb5qwnjK64UOcmAG
EW8SVPsWuHJG9y4uqYLCz2w/Z3QekWlGNwj5mqC3eNHE2amoNrwBqcwdM50CkMZa
fwm2LwmC+2Lr4+gf6NrFDenwxxTOV8wd2gOnTzBpjc4b9Kr7RLRpDe0ki28eBjtz
fCuvkHK1dZzHuesAO04A06Y7SwIhIGL7d5rZfW8rwmGMhuAXHPREc0ZpvBAL2Fd8
d/4ZA7k9looxrcVUsPbJ/NCd6netqvDgiZoeqwv9ZUx9MjvmbpBeu058aFmLz8a7
bpD7WPM/cSxg1Xr3WmrrJJdAFAOcC1kQUOdXXjPdXU9p3rTRwBaDD75gawIDAQAB
o4ICZjCCAmIwHQYDVR0OBBYEFPTllC1RUTt7LlvcC6YpOAml+fu3MB8GA1UdIwQY
MBaAFFWylta1NP46MswcOk6BNY8hbJPHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVmJLVzFyVTBfam95ekJ3NlRvRTFqeUZzazhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9kN2FiMGMtM2MyMi00YzYxLWEyMDEt
ZGQ2Y2M5N2M5YmRkLzEvOU9XVUxWRlJPM3N1Vzl3THBpazRDYVg1LTdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi9kN2FiMGMtM2MyMi00YzYxLWEyMDEtZGQ2Y2M5N2M5YmRk
LzEvVmJLVzFyVTBfam95ekJ3NlRvRTFqeUZzazhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazAsBAIAATAmAwQAUVukMAwD
BAC5l40DBAS5l4ADBADCAAADBADCAAsDBADC9mAwOwQCAAIwNQMHACABBngAAgMH
ACABBngADgMHACoCBWgAADARAwYBKgIFaP4DBwAqAgVo/gIDBQAqAgVvMA0GCSqG
SIb3DQEBCwUAA4IBAQDLHQnegN/3x/4YfLsqEJDxUi2W5ldvuzTKOojlKraqOzKa
8V98qXSE1tTSUDPRcEv95qnf4i92A1sB7pI7nYXiboARpJktRaOIWy6YgRp3mihV
FarikRLcfdscqlYxogIjfLIATT/5jOn/RFtqQLrS7i9uHjzo58pDURwNpamm0Hu2
dGLawCTyaT73FeTQIrIQiZtvFbseA2Wk5YamBlWB/FZmVlCnlPru/Nhffuh99pN7
bZpFGWdeXfOsTKVVEhsBDw+Zx+tMHTMYPIzNW7wvQ5eQGKpEID6LnfhyiTGHS47u
mAquWOCQQWnUgbWk5YhZbU6cnp1depyTAJKe+tRO
-----END CERTIFICATE-----
Generated at Sun Apr 19 09:03:43 2026 by rpki-client