Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/CDdW7nCuQzH6NAMjfPJaFceRmv8.roa
File: CDdW7nCuQzH6NAMjfPJaFceRmv8.roa (raw, json)
Hash identifier: 3y28X5gdOE3EjaGMFkwpZSr7meiX5mPuhbh7+VXJVdg=
Subject key identifier: 08:37:56:EE:70:AE:43:31:FA:34:03:23:7C:F2:5A:15:C7:91:9A:FF
Certificate issuer: /CN=505127723ea0cfd0724713b291734caa353e20ea
Certificate serial: 019D4F1407D723C7D89A9238ECECED80F481
Authority key identifier: 50:51:27:72:3E:A0:CF:D0:72:47:13:B2:91:73:4C:AA:35:3E:20:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UFEncj6gz9ByRxOykXNMqjU-IOo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/CDdW7nCuQzH6NAMjfPJaFceRmv8.roa
Signing time: Thu 02 Apr 2026 16:43:25 +0000
ROA not before: Thu 02 Apr 2026 16:43:25 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 214409
IP address blocks: 185.196.25.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/UFEncj6gz9ByRxOykXNMqjU-IOo.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/UFEncj6gz9ByRxOykXNMqjU-IOo.mft
rsync://rpki.ripe.net/repository/DEFAULT/UFEncj6gz9ByRxOykXNMqjU-IOo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 16:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:4f:14:07:d7:23:c7:d8:9a:92:38:ec:ec:ed:80:f4:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=505127723ea0cfd0724713b291734caa353e20ea
Validity
Not Before: Apr 2 16:43:25 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=083756ee70ae4331fa3403237cf25a15c7919aff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:6f:c1:7a:77:d7:8b:ca:d5:87:92:6a:75:3d:
bb:0e:2b:f2:3a:34:88:af:ef:0f:35:ef:3a:5c:e3:
89:c7:52:97:7f:4a:19:e4:85:38:60:32:c9:69:b5:
e2:b4:12:83:2b:76:02:e1:c5:f5:84:60:22:4a:b5:
f2:22:a9:e9:28:c3:ad:d6:d6:1e:8b:c5:64:7f:16:
62:52:93:7a:b7:3e:35:d9:ea:92:43:d7:ac:da:79:
51:d5:41:59:10:b6:ee:d7:4b:2a:e7:45:72:e7:e7:
31:c4:27:41:e7:d5:c4:72:a6:65:c4:e6:11:93:9f:
4b:9c:8d:5c:57:96:39:6a:2e:c6:3d:a4:98:c0:6c:
99:a0:62:de:e8:8f:32:8e:f4:87:15:61:28:95:c8:
46:4f:fa:6f:49:0d:4d:a7:dd:0f:3a:4c:a1:3d:08:
48:81:17:c7:79:88:e7:f2:2e:19:2f:94:04:3d:71:
96:a6:9e:95:75:92:3c:33:44:88:e7:0d:ed:d1:7a:
69:ad:5a:f6:17:fc:47:80:cb:bd:6e:89:7f:25:89:
be:b5:ed:1a:f8:fa:46:58:75:0d:b0:ca:98:33:5e:
20:73:c1:8b:49:c4:ba:7a:91:53:15:c1:7d:93:76:
b2:d5:78:c7:ae:54:14:51:04:45:01:4c:a8:ff:d8:
e1:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:37:56:EE:70:AE:43:31:FA:34:03:23:7C:F2:5A:15:C7:91:9A:FF
X509v3 Authority Key Identifier:
keyid:50:51:27:72:3E:A0:CF:D0:72:47:13:B2:91:73:4C:AA:35:3E:20:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UFEncj6gz9ByRxOykXNMqjU-IOo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/CDdW7nCuQzH6NAMjfPJaFceRmv8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/UFEncj6gz9ByRxOykXNMqjU-IOo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.196.25.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:b9:ce:6d:3c:c6:d7:e6:93:85:00:19:01:7b:fe:94:6c:ca:
8e:15:fd:1f:3d:6b:f6:f0:47:40:00:43:c5:e0:55:32:58:78:
31:74:d2:8f:da:1e:eb:b2:72:83:5d:b6:92:bb:90:cc:88:ba:
08:9b:30:16:b4:26:6d:e0:31:d7:a7:ee:c5:b5:1d:ae:e8:b7:
9e:a7:87:f6:e1:37:6f:a7:08:9f:b4:de:02:7b:b1:9a:c9:f3:
87:73:c5:3f:a6:22:fd:2c:b3:8d:5b:08:c5:a2:3b:fa:e5:bc:
89:cd:f7:ac:50:dd:55:c3:6e:0e:b9:5d:96:65:0f:07:f4:5d:
5b:e2:f7:7c:d7:cf:b5:fe:fc:67:f4:a4:9f:42:39:d5:6c:08:
5c:be:a5:46:7c:8b:ad:ce:5f:0c:6e:49:86:b2:85:a7:14:50:
70:92:44:51:f9:b3:c5:43:1d:93:25:6e:c8:f9:54:3a:38:74:
ff:60:61:71:2a:a8:4c:4c:18:f0:1f:89:98:a8:9a:7a:8f:aa:
db:b5:6a:bc:8f:30:d9:5e:ce:84:3e:d7:e7:aa:db:da:59:3e:
e9:e1:cc:ef:a2:67:85:d9:5c:4a:73:86:12:79:86:cf:1c:67:
5e:7b:35:ee:3a:52:32:1e:33:22:26:aa:3a:cd:68:db:50:ec:
51:10:34:ed
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ1PFAfXI8fYmpI47OztgPSBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNTEyNzcyM2VhMGNmZDA3MjQ3MTNiMjkxNzM0Y2FhMzUz
ZTIwZWEwHhcNMjYwNDAyMTY0MzI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODM3NTZlZTcwYWU0MzMxZmEzNDAzMjM3Y2YyNWExNWM3OTE5YWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtW/BenfXi8rVh5JqdT27DivyOjSI
r+8PNe86XOOJx1KXf0oZ5IU4YDLJabXitBKDK3YC4cX1hGAiSrXyIqnpKMOt1tYe
i8VkfxZiUpN6tz412eqSQ9es2nlR1UFZELbu10sq50Vy5+cxxCdB59XEcqZlxOYR
k59LnI1cV5Y5ai7GPaSYwGyZoGLe6I8yjvSHFWEolchGT/pvSQ1Np90POkyhPQhI
gRfHeYjn8i4ZL5QEPXGWpp6VdZI8M0SI5w3t0XpprVr2F/xHgMu9bol/JYm+te0a
+PpGWHUNsMqYM14gc8GLScS6epFTFcF9k3ay1XjHrlQUUQRFAUyo/9jhjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAg3Vu5wrkMx+jQDI3zyWhXHkZr/MB8GA1UdIwQY
MBaAFFBRJ3I+oM/QckcTspFzTKo1PiDqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUZFbmNqNmd6OUJ5UnhPeWtYTk1xalUtSU9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC9hOTA0MjMtMGI0Yi00OTlmLWJlNjYt
NTU2MDhiNjk0NDU2LzEvQ0RkVzduQ3VRekg2TkFNamZQSmFGY2VSbXY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC9hOTA0MjMtMGI0Yi00OTlmLWJlNjYtNTU2MDhiNjk0NDU2
LzEvVUZFbmNqNmd6OUJ5UnhPeWtYTk1xalUtSU9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAucQZMA0G
CSqGSIb3DQEBCwUAA4IBAQAeuc5tPMbX5pOFABkBe/6UbMqOFf0fPWv28EdAAEPF
4FUyWHgxdNKP2h7rsnKDXbaSu5DMiLoImzAWtCZt4DHXp+7FtR2u6Leep4f24Tdv
pwiftN4Ce7GayfOHc8U/piL9LLONWwjFojv65byJzfesUN1Vw24OuV2WZQ8H9F1b
4vd818+1/vxn9KSfQjnVbAhcvqVGfIutzl8MbkmGsoWnFFBwkkRR+bPFQx2TJW7I
+VQ6OHT/YGFxKqhMTBjwH4mYqJp6j6rbtWq8jzDZXs6EPtfnqtvaWT7p4czvomeF
2VxKc4YSeYbPHGdeezXuOlIyHjMiJqo6zWjbUOxREDTt
-----END CERTIFICATE-----
Generated at Fri Apr 17 23:23:17 2026 by rpki-client