Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/1cbc1e-4d46-4b5b-b249-3208de39c09d/1/k7h4yqZemUb5b2bIFBvdTSgfzyw.roa
File: k7h4yqZemUb5b2bIFBvdTSgfzyw.roa (raw, json)
Hash identifier: Bx4UTl3NXqDp9MQ/LTWLZEsPj6vB0/E0amtRDWqvTIc=
Subject key identifier: 93:B8:78:CA:A6:5E:99:46:F9:6F:66:C8:14:1B:DD:4D:28:1F:CF:2C
Certificate issuer: /CN=96e6f77cbda101987d9dfc84be90b6fba66adc9f
Certificate serial: 019D6DBBD73E8FA87075D32845D17E5E1DEC
Authority key identifier: 96:E6:F7:7C:BD:A1:01:98:7D:9D:FC:84:BE:90:B6:FB:A6:6A:DC:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lub3fL2hAZh9nfyEvpC2-6Zq3J8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/1cbc1e-4d46-4b5b-b249-3208de39c09d/1/k7h4yqZemUb5b2bIFBvdTSgfzyw.roa
Signing time: Wed 08 Apr 2026 15:35:19 +0000
ROA not before: Wed 08 Apr 2026 15:35:19 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 8801
IP address blocks: 83.167.160.0/20 maxlen: 20
83.167.176.0/21 maxlen: 21
83.167.181.0/24 maxlen: 24
83.167.182.0/24 maxlen: 24
83.167.183.0/24 maxlen: 24
83.167.184.0/22 maxlen: 22
83.167.185.0/24 maxlen: 24
83.167.186.0/24 maxlen: 24
83.167.187.0/24 maxlen: 24
185.222.21.0/24 maxlen: 24
193.56.176.0/22 maxlen: 22
2a10:f300::/29 maxlen: 29
2a10:f301::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/1cbc1e-4d46-4b5b-b249-3208de39c09d/1/lub3fL2hAZh9nfyEvpC2-6Zq3J8.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/1cbc1e-4d46-4b5b-b249-3208de39c09d/1/lub3fL2hAZh9nfyEvpC2-6Zq3J8.mft
rsync://rpki.ripe.net/repository/DEFAULT/lub3fL2hAZh9nfyEvpC2-6Zq3J8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 06:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:6d:bb:d7:3e:8f:a8:70:75:d3:28:45:d1:7e:5e:1d:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96e6f77cbda101987d9dfc84be90b6fba66adc9f
Validity
Not Before: Apr 8 15:35:19 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=93b878caa65e9946f96f66c8141bdd4d281fcf2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:eb:5e:f8:d9:61:20:bb:46:78:72:d1:ae:b5:
d4:d3:2f:fa:74:89:ef:14:1f:91:1f:76:7f:bf:ee:
74:c0:64:db:0f:99:5b:93:76:63:c2:ce:0d:12:af:
1c:16:4f:af:39:57:5e:8a:37:9c:0c:48:ec:98:20:
fc:e7:38:c3:56:5a:8f:50:37:28:cc:b4:54:dd:56:
b0:23:5b:99:2a:ff:b4:b8:a9:58:64:d8:30:2e:79:
9a:64:2a:d3:55:d7:40:b9:8b:a4:45:ce:36:e3:61:
a1:fe:f6:76:cf:23:90:45:26:ca:0b:2e:4c:5b:8d:
8a:dd:f6:cc:c8:e7:53:3e:dd:eb:2b:43:4d:f6:c6:
87:da:75:f0:e6:96:34:2f:68:99:31:32:cc:f9:5d:
08:d8:a0:ad:a5:48:2b:c9:c4:6c:b8:0b:54:aa:72:
9f:aa:56:89:de:d2:c9:77:c4:fb:35:30:65:57:c2:
93:84:f7:9e:6a:5a:b2:c6:85:5b:b7:dc:13:fd:cf:
6a:ed:b5:24:ac:0e:93:49:97:1c:bb:b9:24:6f:57:
14:00:67:20:c8:7c:2c:70:a9:ec:06:f6:aa:ac:16:
96:1e:17:ee:ef:56:71:dd:57:e6:a8:10:a7:3e:20:
29:94:28:ae:35:8d:5f:57:b7:f2:6d:2d:fb:3f:9e:
62:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:B8:78:CA:A6:5E:99:46:F9:6F:66:C8:14:1B:DD:4D:28:1F:CF:2C
X509v3 Authority Key Identifier:
keyid:96:E6:F7:7C:BD:A1:01:98:7D:9D:FC:84:BE:90:B6:FB:A6:6A:DC:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lub3fL2hAZh9nfyEvpC2-6Zq3J8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/1cbc1e-4d46-4b5b-b249-3208de39c09d/1/k7h4yqZemUb5b2bIFBvdTSgfzyw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/1cbc1e-4d46-4b5b-b249-3208de39c09d/1/lub3fL2hAZh9nfyEvpC2-6Zq3J8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.167.160.0-83.167.187.255
185.222.21.0/24
193.56.176.0/22
IPv6:
2a10:f300::/29
Signature Algorithm: sha256WithRSAEncryption
53:99:81:fb:42:f0:46:44:83:50:93:09:c4:d9:00:64:8f:21:
4d:fa:33:96:57:21:ce:72:fd:46:c0:ae:23:99:9a:07:38:3f:
5c:b5:42:61:91:bc:22:eb:29:8c:34:f9:de:9c:38:75:06:4e:
87:0c:27:99:c1:b1:d4:76:bf:18:33:d9:92:2c:c1:85:08:e7:
7c:60:20:db:46:de:71:48:dd:36:e7:30:db:a8:be:9e:83:96:
b8:23:21:d1:7a:9a:c5:b1:52:cd:44:6f:0e:90:0d:e8:15:23:
e1:62:91:53:12:98:ee:38:a0:37:e0:0e:b8:31:c3:23:cf:d8:
75:ce:ee:37:f2:25:14:8a:17:f0:1c:9a:15:70:45:16:ff:42:
57:b6:bf:ea:46:8b:b4:50:25:2e:26:b0:1b:ee:e1:06:17:7b:
2b:a7:4f:bf:9f:03:f5:d7:51:2f:78:ce:1a:fa:5f:73:20:9e:
23:20:05:88:4c:20:be:e5:15:27:1f:02:e4:b4:c7:7e:18:9e:
91:c0:11:20:03:86:50:45:fc:e3:e5:9c:de:af:a6:f0:1e:83:
62:fe:68:c0:8a:df:f8:9c:7f:9c:18:0b:c3:5e:c8:59:73:24:
cc:4d:12:23:04:dd:ee:f3:79:26:3f:fb:94:e7:93:ed:08:9e:
7b:6a:c3:c6
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZ1tu9c+j6hwddMoRdF+Xh3sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2ZTZmNzdjYmRhMTAxOTg3ZDlkZmM4NGJlOTBiNmZiYTY2
YWRjOWYwHhcNMjYwNDA4MTUzNTE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2I4NzhjYWE2NWU5OTQ2Zjk2ZjY2YzgxNDFiZGQ0ZDI4MWZjZjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtute+NlhILtGeHLRrrXU0y/6dInv
FB+RH3Z/v+50wGTbD5lbk3Zjws4NEq8cFk+vOVdeijecDEjsmCD85zjDVlqPUDco
zLRU3VawI1uZKv+0uKlYZNgwLnmaZCrTVddAuYukRc4242Gh/vZ2zyOQRSbKCy5M
W42K3fbMyOdTPt3rK0NN9saH2nXw5pY0L2iZMTLM+V0I2KCtpUgrycRsuAtUqnKf
qlaJ3tLJd8T7NTBlV8KThPeealqyxoVbt9wT/c9q7bUkrA6TSZccu7kkb1cUAGcg
yHwscKnsBvaqrBaWHhfu71Zx3VfmqBCnPiAplCiuNY1fV7fybS37P55ieQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFJO4eMqmXplG+W9myBQb3U0oH88sMB8GA1UdIwQY
MBaAFJbm93y9oQGYfZ38hL6QtvumatyfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHViM2ZMMmhBWmg5bmZ5RXZwQzItNlpxM0o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi8xY2JjMWUtNGQ0Ni00YjViLWIyNDkt
MzIwOGRlMzljMDlkLzEvazdoNHlxWmVtVWI1YjJiSUZCdmRUU2dmenl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi8xY2JjMWUtNGQ0Ni00YjViLWIyNDktMzIwOGRlMzljMDlk
LzEvbHViM2ZMMmhBWmg5bmZ5RXZwQzItNlpxM0o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaMAwDBAVTp6AD
BAJTp7gDBAC53hUDBALBOLAwDQQCAAIwBwMFAyoQ8wAwDQYJKoZIhvcNAQELBQAD
ggEBAFOZgftC8EZEg1CTCcTZAGSPIU36M5ZXIc5y/UbAriOZmgc4P1y1QmGRvCLr
KYw0+d6cOHUGTocMJ5nBsdR2vxgz2ZIswYUI53xgINtG3nFI3TbnMNuovp6Dlrgj
IdF6msWxUs1Ebw6QDegVI+FikVMSmO44oDfgDrgxwyPP2HXO7jfyJRSKF/AcmhVw
RRb/Qle2v+pGi7RQJS4msBvu4QYXeyunT7+fA/XXUS94zhr6X3MgniMgBYhMIL7l
FScfAuS0x34YnpHAESADhlBF/OPlnN6vpvAeg2L+aMCK3/icf5wYC8NeyFlzJMxN
EiME3e7zeSY/+5Tnk+0Inntqw8Y=
-----END CERTIFICATE-----
Generated at Fri Apr 17 13:28:44 2026 by rpki-client