Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/8d2e35-9fed-4fdf-9034-76ae812f076c/1/v0pDbKzhq-a7irW-w6RhtC00g1Q.roa
File: v0pDbKzhq-a7irW-w6RhtC00g1Q.roa (raw, json)
Hash identifier: x1xZ9sg57EBI+gwxCA22QGodwZW+ZcRHXW2YH5lWCDs=
Subject key identifier: BF:4A:43:6C:AC:E1:AB:E6:BB:8A:B5:BE:C3:A4:61:B4:2D:34:83:54
Certificate issuer: /CN=4a54821a91b1dbdc73bdda34bced7107067964ad
Certificate serial: 019B7EA727E15376A96DFF84C045EB1F1387
Authority key identifier: 4A:54:82:1A:91:B1:DB:DC:73:BD:DA:34:BC:ED:71:07:06:79:64:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SlSCGpGx29xzvdo0vO1xBwZ5ZK0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/8d2e35-9fed-4fdf-9034-76ae812f076c/1/v0pDbKzhq-a7irW-w6RhtC00g1Q.roa
Signing time: Fri 02 Jan 2026 12:20:42 +0000
ROA not before: Fri 02 Jan 2026 12:20:42 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 43183
IP address blocks: 91.194.146.0/23 maxlen: 24
193.246.170.0/23 maxlen: 32
2001:678:fbc::/48 maxlen: 128
2001:67c:8ac::/48 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/8d2e35-9fed-4fdf-9034-76ae812f076c/1/SlSCGpGx29xzvdo0vO1xBwZ5ZK0.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/8d2e35-9fed-4fdf-9034-76ae812f076c/1/SlSCGpGx29xzvdo0vO1xBwZ5ZK0.mft
rsync://rpki.ripe.net/repository/DEFAULT/SlSCGpGx29xzvdo0vO1xBwZ5ZK0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7e:a7:27:e1:53:76:a9:6d:ff:84:c0:45:eb:1f:13:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a54821a91b1dbdc73bdda34bced7107067964ad
Validity
Not Before: Jan 2 12:20:42 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=bf4a436cace1abe6bb8ab5bec3a461b42d348354
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:42:bc:5d:32:10:e8:e4:d3:fb:e1:b9:2a:e8:
25:9b:e0:23:46:e9:4f:d6:e5:e5:95:30:fe:5e:da:
43:8e:fc:69:14:e3:95:20:15:0b:8b:63:1c:bb:ac:
ae:c1:c4:ae:7c:16:52:7c:8a:9e:02:cf:5e:77:5b:
65:95:ad:3a:7d:4a:9f:4d:15:e0:7e:8d:f9:e5:89:
38:3c:99:e1:4a:8f:e6:57:87:56:b6:61:a2:c2:c5:
3a:3c:57:6b:fa:19:44:72:36:78:33:3e:f1:b6:e3:
f1:d7:0b:60:2f:af:80:e4:2d:8a:4a:6c:0e:f2:4d:
bc:a6:1e:3c:6b:c3:bf:26:11:df:67:ea:ee:90:4f:
c1:f4:23:2a:d2:c2:69:d4:51:75:11:07:b3:c1:a2:
8b:5e:4a:d7:86:9e:66:e9:0e:41:d6:06:15:75:90:
28:16:0c:60:19:2a:e9:a9:47:39:09:3a:55:f2:96:
84:77:26:b8:b7:8a:05:6b:04:24:90:55:20:1f:44:
ae:0d:4d:ea:bc:ba:da:25:67:18:45:93:b5:dc:19:
91:73:7c:fe:22:77:e7:cf:a4:e8:b8:d1:51:0c:8e:
2b:ab:9a:16:48:be:63:e3:79:b4:94:aa:a1:be:d0:
2a:ae:d3:19:a3:87:a5:26:a5:00:54:e1:66:77:d2:
24:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:4A:43:6C:AC:E1:AB:E6:BB:8A:B5:BE:C3:A4:61:B4:2D:34:83:54
X509v3 Authority Key Identifier:
keyid:4A:54:82:1A:91:B1:DB:DC:73:BD:DA:34:BC:ED:71:07:06:79:64:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SlSCGpGx29xzvdo0vO1xBwZ5ZK0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/8d2e35-9fed-4fdf-9034-76ae812f076c/1/v0pDbKzhq-a7irW-w6RhtC00g1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/8d2e35-9fed-4fdf-9034-76ae812f076c/1/SlSCGpGx29xzvdo0vO1xBwZ5ZK0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.146.0/23
193.246.170.0/23
IPv6:
2001:678:fbc::/48
2001:67c:8ac::/48
Signature Algorithm: sha256WithRSAEncryption
41:20:3f:df:96:f3:10:fc:b0:35:27:ab:5d:04:2d:79:fa:da:
f8:eb:e8:82:a2:e8:18:e3:48:3d:62:32:e0:24:a9:7a:71:c3:
b0:af:88:7e:aa:3e:dd:85:14:36:39:5f:87:3e:7a:2c:28:cf:
89:d7:53:53:4e:6b:cf:4d:f7:24:50:29:56:ac:cd:ca:b8:34:
48:d3:ab:d8:64:d7:d8:0c:3f:5e:d0:6d:54:73:ec:f1:41:e3:
3d:50:54:5f:f5:63:c5:3d:f1:af:24:e1:15:78:53:1a:fa:e8:
55:0e:d6:21:39:38:18:75:b8:71:67:86:db:bc:14:f2:9c:b6:
dd:fa:51:8f:6a:86:b1:57:be:d4:6d:1f:93:7f:39:45:2d:e9:
a3:f4:2e:4e:da:31:5c:68:f3:27:13:91:f0:d2:eb:3d:c4:a6:
a0:7b:15:4a:fa:db:06:a0:b9:1f:f2:6d:86:b0:d8:60:8c:4e:
51:70:e2:91:6a:a3:98:ee:39:33:63:35:4f:63:59:d3:f7:13:
7e:b1:11:04:13:8f:13:68:c4:fe:f9:79:dc:9a:a8:98:e5:76:
a4:0f:fc:5a:5e:13:7a:7a:53:09:01:68:0d:7f:a4:a9:b9:5b:
7d:f5:31:f8:29:3d:38:26:52:c3:69:e4:6c:53:24:ee:2e:ee:
df:34:37:81
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZt+pyfhU3apbf+EwEXrHxOHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNTQ4MjFhOTFiMWRiZGM3M2JkZGEzNGJjZWQ3MTA3MDY3
OTY0YWQwHhcNMjYwMTAyMTIyMDQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjRhNDM2Y2FjZTFhYmU2YmI4YWI1YmVjM2E0NjFiNDJkMzQ4MzU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA00K8XTIQ6OTT++G5Kuglm+AjRulP
1uXllTD+XtpDjvxpFOOVIBULi2Mcu6yuwcSufBZSfIqeAs9ed1tlla06fUqfTRXg
fo355Yk4PJnhSo/mV4dWtmGiwsU6PFdr+hlEcjZ4Mz7xtuPx1wtgL6+A5C2KSmwO
8k28ph48a8O/JhHfZ+rukE/B9CMq0sJp1FF1EQezwaKLXkrXhp5m6Q5B1gYVdZAo
FgxgGSrpqUc5CTpV8paEdya4t4oFawQkkFUgH0SuDU3qvLraJWcYRZO13BmRc3z+
Infnz6TouNFRDI4rq5oWSL5j43m0lKqhvtAqrtMZo4elJqUAVOFmd9IknQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFL9KQ2ys4avmu4q1vsOkYbQtNINUMB8GA1UdIwQY
MBaAFEpUghqRsdvcc73aNLztcQcGeWStMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2xTQ0dwR3gyOXh6dmRvMHZPMXhCd1o1WkswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi84ZDJlMzUtOWZlZC00ZmRmLTkwMzQt
NzZhZTgxMmYwNzZjLzEvdjBwRGJLemhxLWE3aXJXLXc2Umh0QzAwZzFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi84ZDJlMzUtOWZlZC00ZmRmLTkwMzQtNzZhZTgxMmYwNzZj
LzEvU2xTQ0dwR3gyOXh6dmRvMHZPMXhCd1o1WkswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQBW8KSAwQB
wfaqMBgEAgACMBIDBwAgAQZ4D7wDBwAgAQZ8CKwwDQYJKoZIhvcNAQELBQADggEB
AEEgP9+W8xD8sDUnq10ELXn62vjr6IKi6BjjSD1iMuAkqXpxw7CviH6qPt2FFDY5
X4c+eiwoz4nXU1NOa89N9yRQKVaszcq4NEjTq9hk19gMP17QbVRz7PFB4z1QVF/1
Y8U98a8k4RV4Uxr66FUO1iE5OBh1uHFnhtu8FPKctt36UY9qhrFXvtRtH5N/OUUt
6aP0Lk7aMVxo8ycTkfDS6z3EpqB7FUr62waguR/ybYaw2GCMTlFw4pFqo5juOTNj
NU9jWdP3E36xEQQTjxNoxP75edyaqJjldqQP/FpeE3p6UwkBaA1/pKm5W331Mfgp
PTgmUsNp5GxTJO4u7t80N4E=
-----END CERTIFICATE-----
Generated at Mon Mar 2 14:24:40 2026 by rpki-client