Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rPTkfN1rgRyIfayPkg0QiFD8BqY.roa
File: rPTkfN1rgRyIfayPkg0QiFD8BqY.roa (raw, json)
Hash identifier: z1iu4KCEExKtTbmnPgeoKnKyyRCZUHHcWmuMUjgjDto=
Subject key identifier: AC:F4:E4:7C:DD:6B:81:1C:88:7D:AC:8F:92:0D:10:88:50:FC:06:A6
Certificate issuer: /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial: 019C8948F93EAA667AFFD97F1AA93BF31282
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rPTkfN1rgRyIfayPkg0QiFD8BqY.roa
Signing time: Mon 23 Feb 2026 06:56:26 +0000
ROA not before: Mon 23 Feb 2026 06:56:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212939
IP address blocks: 94.182.14.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.mft
rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 02:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:89:48:f9:3e:aa:66:7a:ff:d9:7f:1a:a9:3b:f3:12:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
Validity
Not Before: Feb 23 06:56:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=acf4e47cdd6b811c887dac8f920d108850fc06a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:4f:1e:e7:5a:d2:cc:73:4b:af:63:91:a4:32:
bd:58:13:f6:d3:00:a1:8a:35:99:1e:76:bc:8f:86:
9f:93:d8:a4:fd:a9:0c:54:c5:a1:d8:fd:0c:e1:aa:
9d:82:fd:1b:f2:b3:8e:d2:12:bf:63:91:8d:9f:00:
fa:19:38:7f:de:41:a3:de:a2:9a:ae:49:4e:47:4c:
44:eb:05:03:89:31:e4:82:03:e3:da:4a:10:6f:da:
14:cb:61:2a:87:10:0d:da:a4:03:c2:da:f6:2f:c2:
dc:7d:60:62:a2:3e:af:fd:35:56:ff:5a:1f:76:c7:
68:4a:b3:91:70:2d:f4:82:4f:34:00:f0:e2:1c:e1:
96:d3:c0:ee:f2:f9:f3:16:fe:ad:a6:06:d9:2a:43:
ce:7c:c9:a4:60:eb:3a:4b:52:9c:23:f2:bc:cb:9d:
dc:d5:61:c0:94:e3:3d:5a:4e:f0:4a:68:f4:07:0c:
5f:14:d6:84:c6:f4:a9:3a:ee:6b:56:0b:0c:f9:12:
72:52:94:3f:5c:55:b5:06:b2:86:b2:26:a9:d9:24:
52:31:9e:4e:8d:07:5c:4f:a5:0a:b6:aa:1c:08:4f:
61:8b:32:d4:90:48:14:94:3b:42:fc:c3:b4:8b:c9:
44:90:81:61:92:d4:b3:7d:35:ee:78:3c:6b:80:dc:
c3:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:F4:E4:7C:DD:6B:81:1C:88:7D:AC:8F:92:0D:10:88:50:FC:06:A6
X509v3 Authority Key Identifier:
keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rPTkfN1rgRyIfayPkg0QiFD8BqY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.182.14.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:64:96:14:f7:cb:36:83:88:f8:ac:82:da:4b:14:44:ad:82:
9e:f9:af:d8:e5:a9:40:55:19:df:43:9f:a3:a7:19:46:21:6a:
13:03:42:6c:d2:0d:a3:f1:70:7a:32:a0:47:56:03:d5:6c:90:
df:e9:65:8f:d6:f4:ca:9f:c4:4a:45:a1:08:8c:40:f8:77:4e:
d2:e9:fe:c5:bf:d2:48:24:10:9e:34:97:b9:55:66:22:a7:53:
92:f1:f8:8a:25:95:2a:de:cc:64:f0:cd:55:f8:6d:4f:67:c0:
4b:91:db:d0:55:9c:17:c0:63:0e:44:81:70:6b:1e:53:76:d2:
6f:c1:06:d5:4d:c0:e7:8d:f0:5d:50:33:cc:c0:36:78:24:0b:
ca:8e:d5:6b:0a:29:99:e2:0c:4f:71:15:38:d0:75:4f:5a:aa:
03:41:2e:d0:27:d2:24:ee:04:46:39:d0:67:2c:d8:8d:59:50:
f8:a7:83:72:c3:0e:28:80:00:19:46:f8:70:10:d2:37:14:26:
34:3e:33:1a:0a:47:f6:cc:3e:2f:fa:87:42:66:45:8d:72:60:
d0:d6:3e:09:1f:ee:54:bd:6f:b8:c4:3f:25:16:22:fa:f2:70:
69:69:09:a1:22:81:d1:fa:2d:7c:21:1b:ab:5d:a5:61:55:d1:
0b:09:ce:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZyJSPk+qmZ6/9l/Gqk78xKCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjQ5MTQ4OGE3Y2Q4NDQ4YTQyMDk0NTg3MWMwYjk5Njcy
ZGM2NmUwHhcNMjYwMjIzMDY1NjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2Y0ZTQ3Y2RkNmI4MTFjODg3ZGFjOGY5MjBkMTA4ODUwZmMwNmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4k8e51rSzHNLr2ORpDK9WBP20wCh
ijWZHna8j4afk9ik/akMVMWh2P0M4aqdgv0b8rOO0hK/Y5GNnwD6GTh/3kGj3qKa
rklOR0xE6wUDiTHkggPj2koQb9oUy2EqhxAN2qQDwtr2L8LcfWBioj6v/TVW/1of
dsdoSrORcC30gk80APDiHOGW08Du8vnzFv6tpgbZKkPOfMmkYOs6S1KcI/K8y53c
1WHAlOM9Wk7wSmj0BwxfFNaExvSpOu5rVgsM+RJyUpQ/XFW1BrKGsiap2SRSMZ5O
jQdcT6UKtqocCE9hizLUkEgUlDtC/MO0i8lEkIFhktSzfTXueDxrgNzDOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKz05Hzda4EciH2sj5INEIhQ/AamMB8GA1UdIwQY
MBaAFK30kUiKfNhEikIJRYccC5lnLcZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQt
MGJlZTA2MTI2YjFhLzEvclBUa2ZOMXJnUnlJZmF5UGtnMFFpRkQ4QnFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQtMGJlZTA2MTI2YjFh
LzEvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXrYOMA0G
CSqGSIb3DQEBCwUAA4IBAQClZJYU98s2g4j4rILaSxRErYKe+a/Y5alAVRnfQ5+j
pxlGIWoTA0Js0g2j8XB6MqBHVgPVbJDf6WWP1vTKn8RKRaEIjED4d07S6f7Fv9JI
JBCeNJe5VWYip1OS8fiKJZUq3sxk8M1V+G1PZ8BLkdvQVZwXwGMORIFwax5TdtJv
wQbVTcDnjfBdUDPMwDZ4JAvKjtVrCimZ4gxPcRU40HVPWqoDQS7QJ9Ik7gRGOdBn
LNiNWVD4p4Nyww4ogAAZRvhwENI3FCY0PjMaCkf2zD4v+odCZkWNcmDQ1j4JH+5U
vW+4xD8lFiL68nBpaQmhIoHR+i18IRurXaVhVdELCc5U
-----END CERTIFICATE-----
Generated at Mon Mar 2 12:44:55 2026 by rpki-client