Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/157af6-cce2-4e6d-bc23-30d79f9aa877/1/dHpkVz1qG-AF-2ObL_WKlgFCa5A.roa
File: dHpkVz1qG-AF-2ObL_WKlgFCa5A.roa (raw, json)
Hash identifier: pDto/Hqi4osJfNZa1fOxjtdmxoHJy3MfMIgMhgvqHY8=
Subject key identifier: 74:7A:64:57:3D:6A:1B:E0:05:FB:63:9B:2F:F5:8A:96:01:42:6B:90
Certificate issuer: /CN=f0a9005423147453909366c6b4d09c31958acc1c
Certificate serial: 019C9DDA2BFBFC04EAC54667C3FE5F43B8A0
Authority key identifier: F0:A9:00:54:23:14:74:53:90:93:66:C6:B4:D0:9C:31:95:8A:CC:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8KkAVCMUdFOQk2bGtNCcMZWKzBw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/157af6-cce2-4e6d-bc23-30d79f9aa877/1/dHpkVz1qG-AF-2ObL_WKlgFCa5A.roa
Signing time: Fri 27 Feb 2026 06:47:26 +0000
ROA not before: Fri 27 Feb 2026 06:47:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 5430
IP address blocks: 89.58.120.0/21 maxlen: 21
194.97.0.0/19 maxlen: 19
195.4.92.0/23 maxlen: 23
2001:748::/32 maxlen: 32
2001:748:401::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/77/157af6-cce2-4e6d-bc23-30d79f9aa877/1/8KkAVCMUdFOQk2bGtNCcMZWKzBw.crl
rsync://rpki.ripe.net/repository/DEFAULT/77/157af6-cce2-4e6d-bc23-30d79f9aa877/1/8KkAVCMUdFOQk2bGtNCcMZWKzBw.mft
rsync://rpki.ripe.net/repository/DEFAULT/8KkAVCMUdFOQk2bGtNCcMZWKzBw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:9d:da:2b:fb:fc:04:ea:c5:46:67:c3:fe:5f:43:b8:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0a9005423147453909366c6b4d09c31958acc1c
Validity
Not Before: Feb 27 06:47:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=747a64573d6a1be005fb639b2ff58a9601426b90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:4f:8a:3b:f6:99:0d:47:9e:84:90:cc:44:a9:
d6:7f:ad:c1:39:13:6e:40:82:68:ad:42:0e:e9:75:
a9:56:ca:f9:64:84:32:f6:6f:bb:46:e0:49:e7:4e:
25:35:73:12:af:b2:c6:c7:cc:3b:69:68:e2:43:4e:
17:e6:42:9e:3a:d7:a8:27:42:4a:23:3c:22:0e:47:
ac:74:50:df:9a:60:17:a2:4e:d5:35:95:cf:b9:b9:
97:eb:7e:50:d7:53:50:fb:89:82:57:ea:d4:be:7e:
09:67:d4:93:c8:78:73:1e:ff:a1:f2:c7:41:14:ce:
36:56:99:64:cf:51:21:9d:57:3d:38:9d:e5:42:cd:
ef:e9:f6:3e:43:06:0f:d4:f2:6b:69:74:48:3e:d0:
14:22:27:fb:f8:55:8f:56:93:58:5f:a2:17:92:c6:
42:98:6a:5f:45:ef:49:af:41:cb:aa:d9:59:d9:d0:
68:57:23:7b:bd:7e:72:04:2e:1d:f3:aa:9d:2b:34:
0f:89:40:e7:f8:67:5d:ce:fc:9a:32:56:43:a9:07:
6e:7c:29:9c:dc:cc:2a:34:96:04:97:af:08:ed:1b:
67:fb:6a:80:f3:ca:c9:03:4e:ad:0f:a4:c6:97:ea:
a0:b4:82:f9:4a:c5:23:0e:da:fd:0e:6a:5a:7f:54:
7c:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:7A:64:57:3D:6A:1B:E0:05:FB:63:9B:2F:F5:8A:96:01:42:6B:90
X509v3 Authority Key Identifier:
keyid:F0:A9:00:54:23:14:74:53:90:93:66:C6:B4:D0:9C:31:95:8A:CC:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8KkAVCMUdFOQk2bGtNCcMZWKzBw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/157af6-cce2-4e6d-bc23-30d79f9aa877/1/dHpkVz1qG-AF-2ObL_WKlgFCa5A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/157af6-cce2-4e6d-bc23-30d79f9aa877/1/8KkAVCMUdFOQk2bGtNCcMZWKzBw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.58.120.0/21
194.97.0.0/19
195.4.92.0/23
IPv6:
2001:748::/32
Signature Algorithm: sha256WithRSAEncryption
b4:de:22:ad:7c:cb:9c:1e:21:db:2a:7d:30:21:1d:d5:b5:98:
98:25:54:21:e4:fb:80:52:27:3a:18:f5:9b:4d:09:66:65:7c:
8b:cd:0a:25:f7:60:0b:ac:07:fb:9f:0c:30:a3:37:33:0a:1d:
23:5f:7a:5a:8b:f5:7e:52:56:23:da:0a:48:03:78:53:7b:a5:
a6:f2:6b:93:2b:81:d1:8c:fa:74:fb:2c:20:1d:1c:86:7e:1a:
0e:40:5d:53:7d:79:73:ce:91:e0:08:06:da:0b:1c:6f:a4:e5:
b8:c6:16:93:47:78:5f:c3:b0:64:ba:db:71:32:e6:a6:74:de:
66:23:1f:d6:5e:05:cc:1c:30:0b:e8:c4:14:d9:da:c5:86:74:
34:2c:64:f3:d5:0c:a6:3f:12:14:38:f3:4f:c4:20:fa:df:30:
9d:28:ad:08:29:5c:7d:66:20:0e:19:0d:5e:6d:8e:cd:b5:c4:
84:f3:e2:84:e8:c9:6a:8b:cd:80:02:53:14:4d:c9:bb:e7:c6:
ab:35:9f:65:f5:86:89:d5:81:9e:cc:f9:32:f3:76:cd:fb:59:
ad:b4:66:f2:cb:c5:a7:0b:af:8f:52:a3:af:32:8d:6d:9e:8a:
98:d9:3a:1c:10:d8:e8:03:99:98:5d:84:ff:e4:52:71:28:bb:
36:c5:7f:16
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZyd2iv7/ATqxUZnw/5fQ7igMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwYTkwMDU0MjMxNDc0NTM5MDkzNjZjNmI0ZDA5YzMxOTU4
YWNjMWMwHhcNMjYwMjI3MDY0NzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDdhNjQ1NzNkNmExYmUwMDVmYjYzOWIyZmY1OGE5NjAxNDI2YjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9E+KO/aZDUeehJDMRKnWf63BORNu
QIJorUIO6XWpVsr5ZIQy9m+7RuBJ504lNXMSr7LGx8w7aWjiQ04X5kKeOteoJ0JK
IzwiDkesdFDfmmAXok7VNZXPubmX635Q11NQ+4mCV+rUvn4JZ9STyHhzHv+h8sdB
FM42Vplkz1EhnVc9OJ3lQs3v6fY+QwYP1PJraXRIPtAUIif7+FWPVpNYX6IXksZC
mGpfRe9Jr0HLqtlZ2dBoVyN7vX5yBC4d86qdKzQPiUDn+GddzvyaMlZDqQdufCmc
3MwqNJYEl68I7Rtn+2qA88rJA06tD6TGl+qgtIL5SsUjDtr9Dmpaf1R8xQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFHR6ZFc9ahvgBftjmy/1ipYBQmuQMB8GA1UdIwQY
MBaAFPCpAFQjFHRTkJNmxrTQnDGViswcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEtrQVZDTVVkRk9RazJiR3ROQ2NNWldLekJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny8xNTdhZjYtY2NlMi00ZTZkLWJjMjMt
MzBkNzlmOWFhODc3LzEvZEhwa1Z6MXFHLUFGLTJPYkxfV0tsZ0ZDYTVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny8xNTdhZjYtY2NlMi00ZTZkLWJjMjMtMzBkNzlmOWFhODc3
LzEvOEtrQVZDTVVkRk9RazJiR3ROQ2NNWldLekJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDWTp4AwQF
wmEAAwQBwwRcMA0EAgACMAcDBQAgAQdIMA0GCSqGSIb3DQEBCwUAA4IBAQC03iKt
fMucHiHbKn0wIR3VtZiYJVQh5PuAUic6GPWbTQlmZXyLzQol92ALrAf7nwwwozcz
Ch0jX3pai/V+UlYj2gpIA3hTe6Wm8muTK4HRjPp0+ywgHRyGfhoOQF1TfXlzzpHg
CAbaCxxvpOW4xhaTR3hfw7BkuttxMuamdN5mIx/WXgXMHDAL6MQU2drFhnQ0LGTz
1QymPxIUOPNPxCD63zCdKK0IKVx9ZiAOGQ1ebY7NtcSE8+KE6Mlqi82AAlMUTcm7
58arNZ9l9YaJ1YGezPky83bN+1mttGbyy8WnC6+PUqOvMo1tnoqY2TocENjoA5mY
XYT/5FJxKLs2xX8W
-----END CERTIFICATE-----
Generated at Mon Mar 2 05:18:19 2026 by rpki-client