Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/1sHaL3X6xgEKSliYej4LF6snWbY.roa
File: 1sHaL3X6xgEKSliYej4LF6snWbY.roa (raw, json)
Hash identifier: sJ9RCOEO3SXWQx0Yz2+lvL9EmM9vshSIk9HBfBVdEZM=
Subject key identifier: D6:C1:DA:2F:75:FA:C6:01:0A:4A:58:98:7A:3E:0B:17:AB:27:59:B6
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 019C9C039B11DEF7B18E21277A9E929DC60D
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/1sHaL3X6xgEKSliYej4LF6snWbY.roa
Signing time: Thu 26 Feb 2026 22:13:27 +0000
ROA not before: Thu 26 Feb 2026 22:13:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 208946
IP address blocks: 93.171.158.0/23 maxlen: 24
95.47.144.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 09:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:9c:03:9b:11:de:f7:b1:8e:21:27:7a:9e:92:9d:c6:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Feb 26 22:13:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d6c1da2f75fac6010a4a58987a3e0b17ab2759b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:eb:36:15:b3:ff:a5:43:2a:7a:c1:5f:ad:38:
59:42:0d:c3:e2:ec:ee:94:eb:2f:ac:e9:8d:a7:9d:
9a:f1:cc:db:a6:13:9c:a3:23:61:0d:2d:c1:9f:86:
cc:57:1c:b9:fa:5d:58:d4:0d:5f:14:5f:42:17:24:
23:f4:99:9a:c2:f4:e0:16:67:d8:c4:cd:f5:ff:2e:
43:21:45:1f:6f:34:45:b8:95:ca:ee:47:d8:74:ec:
b5:e1:2c:a3:50:24:c6:be:87:72:ed:29:7e:c0:d7:
13:6f:3c:65:83:0e:6e:8a:f7:74:b5:56:79:6d:14:
f9:98:65:6f:b6:f7:51:20:4c:fc:0b:b2:97:e5:92:
d6:51:bc:dd:55:30:3e:aa:16:88:6e:00:06:4f:a9:
9e:c7:70:70:20:cf:4b:63:cd:c9:80:53:ed:22:ef:
1b:fe:37:4b:58:e4:7e:7a:d7:0b:a6:c9:5a:41:ea:
e3:ea:57:f7:42:29:8e:ee:9c:36:6d:07:31:ff:5d:
57:78:ea:4a:d5:ad:52:cd:19:04:ed:d1:da:b7:d8:
45:40:86:c3:91:81:5b:2b:f1:c5:3c:1a:ca:13:0f:
d4:41:29:f8:20:60:f8:d7:3f:80:c2:f0:84:08:4a:
d7:b5:b1:76:d3:a4:7c:e7:6c:0e:41:ef:c0:87:3f:
51:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:C1:DA:2F:75:FA:C6:01:0A:4A:58:98:7A:3E:0B:17:AB:27:59:B6
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/1sHaL3X6xgEKSliYej4LF6snWbY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.171.158.0/23
95.47.144.0/23
Signature Algorithm: sha256WithRSAEncryption
63:82:d8:7c:79:dc:be:09:a5:52:2a:c5:00:66:07:b4:31:df:
41:d5:02:01:04:3c:a1:bf:70:91:02:07:2f:2e:94:59:ed:30:
a8:00:78:59:db:c2:09:96:5f:d7:09:23:78:b2:57:9a:28:79:
b4:4d:18:a5:5a:e4:bf:99:e1:8e:e2:57:11:29:8a:ea:0b:da:
f0:85:6c:63:af:6e:a1:aa:ab:cd:a9:4d:29:81:76:3a:40:0a:
c1:67:7e:ab:d4:52:cf:06:7b:4c:bf:e4:da:ad:90:4f:b5:bc:
4a:3b:6a:b0:8c:8c:20:45:21:d3:ac:8b:d5:c2:f6:35:e8:64:
58:45:d6:2c:23:91:1c:25:bc:04:41:1a:20:61:33:13:dd:01:
8c:97:18:29:45:53:67:3b:f8:6b:e3:18:24:1d:a2:ce:55:a3:
6e:60:0e:00:4b:71:68:1e:06:09:02:5c:0c:2a:41:20:08:2a:
d1:da:28:1f:6a:01:23:e2:20:5e:4e:c2:2d:c0:e9:f9:0f:2f:
fe:6c:05:29:ce:61:02:9c:9f:a1:15:52:19:61:28:df:39:fe:
c7:9f:00:6a:67:28:b7:64:63:0e:70:fb:c5:06:ab:62:6f:97:
c0:7f:14:f0:73:17:a4:62:6f:e4:62:7e:fd:a1:83:ae:0b:52:
cd:6e:f1:c3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZycA5sR3vexjiEnep6SncYNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjYwMjI2MjIxMzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmMxZGEyZjc1ZmFjNjAxMGE0YTU4OTg3YTNlMGIxN2FiMjc1OWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwOs2FbP/pUMqesFfrThZQg3D4uzu
lOsvrOmNp52a8czbphOcoyNhDS3Bn4bMVxy5+l1Y1A1fFF9CFyQj9JmawvTgFmfY
xM31/y5DIUUfbzRFuJXK7kfYdOy14SyjUCTGvody7Sl+wNcTbzxlgw5uivd0tVZ5
bRT5mGVvtvdRIEz8C7KX5ZLWUbzdVTA+qhaIbgAGT6mex3BwIM9LY83JgFPtIu8b
/jdLWOR+etcLpslaQerj6lf3QimO7pw2bQcx/11XeOpK1a1SzRkE7dHat9hFQIbD
kYFbK/HFPBrKEw/UQSn4IGD41z+AwvCECErXtbF206R852wOQe/Ahz9RGQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNbB2i91+sYBCkpYmHo+CxerJ1m2MB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvMXNIYUwzWDZ4Z0VLU2xpWWVqNExGNnNuV2JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBXaueAwQB
Xy+QMA0GCSqGSIb3DQEBCwUAA4IBAQBjgth8edy+CaVSKsUAZge0Md9B1QIBBDyh
v3CRAgcvLpRZ7TCoAHhZ28IJll/XCSN4sleaKHm0TRilWuS/meGO4lcRKYrqC9rw
hWxjr26hqqvNqU0pgXY6QArBZ36r1FLPBntMv+TarZBPtbxKO2qwjIwgRSHTrIvV
wvY16GRYRdYsI5EcJbwEQRogYTMT3QGMlxgpRVNnO/hr4xgkHaLOVaNuYA4AS3Fo
HgYJAlwMKkEgCCrR2igfagEj4iBeTsItwOn5Dy/+bAUpzmECnJ+hFVIZYSjfOf7H
nwBqZyi3ZGMOcPvFBqtib5fAfxTwcxekYm/kYn79oYOuC1LNbvHD
-----END CERTIFICATE-----
Generated at Sun Mar 1 20:06:59 2026 by rpki-client