Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/83e1fe-3d48-4cd6-a60b-6b27336d269e/1/a53km09fwIVYou-9vj4P50XpZXA.roa
File: a53km09fwIVYou-9vj4P50XpZXA.roa (raw, json)
Hash identifier: oWRPUPmTeJ7dz+rgJZMJ61kMU4M8HdOeLFVCZREo/xU=
Subject key identifier: 6B:9D:E4:9B:4F:5F:C0:85:58:A2:EF:BD:BE:3E:0F:E7:45:E9:65:70
Certificate issuer: /CN=9c7122f2f7fa530bf1a8ffcf96a930f69b30f786
Certificate serial: 019C9E9147A68898E2C4AF964A6EE362CF13
Authority key identifier: 9C:71:22:F2:F7:FA:53:0B:F1:A8:FF:CF:96:A9:30:F6:9B:30:F7:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nHEi8vf6UwvxqP_Plqkw9psw94Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/83e1fe-3d48-4cd6-a60b-6b27336d269e/1/a53km09fwIVYou-9vj4P50XpZXA.roa
Signing time: Fri 27 Feb 2026 10:07:27 +0000
ROA not before: Fri 27 Feb 2026 10:07:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213792
IP address blocks: 195.253.244.0/22 maxlen: 24
2a01:e0c0::/32 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7e/83e1fe-3d48-4cd6-a60b-6b27336d269e/1/nHEi8vf6UwvxqP_Plqkw9psw94Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/7e/83e1fe-3d48-4cd6-a60b-6b27336d269e/1/nHEi8vf6UwvxqP_Plqkw9psw94Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/nHEi8vf6UwvxqP_Plqkw9psw94Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:9e:91:47:a6:88:98:e2:c4:af:96:4a:6e:e3:62:cf:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c7122f2f7fa530bf1a8ffcf96a930f69b30f786
Validity
Not Before: Feb 27 10:07:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6b9de49b4f5fc08558a2efbdbe3e0fe745e96570
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:dd:eb:1e:cc:86:09:a8:b1:15:9a:93:cd:4b:
0e:4d:ba:65:b5:dd:36:4f:e0:6d:be:d0:a2:b7:b8:
0c:f4:71:54:98:ac:dd:ae:d1:54:1d:f1:07:99:ed:
70:e4:64:f9:2c:33:6d:7d:4a:bd:35:15:e4:75:2d:
66:06:08:8d:d6:0a:e4:3f:23:41:8f:e5:80:14:fc:
d3:e7:3d:1f:21:59:39:83:09:60:8e:ff:5f:b6:e6:
03:12:0b:0a:3b:fc:2a:cf:1a:29:bf:46:2f:83:c2:
2f:2a:8d:81:7b:57:53:7d:2a:da:0e:f5:d7:bb:40:
ed:4e:03:fd:36:52:93:ef:31:97:0c:13:0d:a8:e8:
dc:fe:0e:ac:85:46:ba:08:c2:85:eb:5b:c1:7e:dc:
26:77:b9:62:8c:e7:10:fe:45:5c:5c:be:4f:8c:74:
53:2f:e6:ee:aa:ba:cc:42:7e:b5:50:68:83:3f:98:
a9:f8:9f:73:86:f3:d3:47:ba:70:40:9a:90:53:a1:
f7:06:78:ed:a5:8b:c4:e3:4b:a3:64:ee:56:31:5b:
00:7d:d6:0b:a3:98:a8:72:61:42:91:3d:17:e3:a1:
62:7d:7d:3a:5f:9e:79:f0:9d:3f:cd:e5:df:1f:f6:
06:7a:c3:66:34:b8:38:d8:a2:1b:9e:95:cb:91:c2:
60:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:9D:E4:9B:4F:5F:C0:85:58:A2:EF:BD:BE:3E:0F:E7:45:E9:65:70
X509v3 Authority Key Identifier:
keyid:9C:71:22:F2:F7:FA:53:0B:F1:A8:FF:CF:96:A9:30:F6:9B:30:F7:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nHEi8vf6UwvxqP_Plqkw9psw94Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/83e1fe-3d48-4cd6-a60b-6b27336d269e/1/a53km09fwIVYou-9vj4P50XpZXA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/83e1fe-3d48-4cd6-a60b-6b27336d269e/1/nHEi8vf6UwvxqP_Plqkw9psw94Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.253.244.0/22
IPv6:
2a01:e0c0::/32
Signature Algorithm: sha256WithRSAEncryption
71:2f:9e:f6:5a:94:17:2e:0c:8b:24:14:4b:44:93:74:6d:a4:
35:7c:c8:67:d0:71:12:52:7c:d5:60:f9:00:45:a1:2b:67:81:
9a:52:2d:8e:0b:b3:b4:8d:b9:a3:66:95:00:eb:85:50:b0:63:
9d:7f:37:18:c6:09:c6:88:7e:1e:9b:6e:de:be:1b:24:95:3a:
e8:26:f1:46:2e:c4:e6:3b:63:cc:27:83:f9:f7:f2:bd:d1:41:
64:ff:d2:d5:0c:66:37:e8:46:03:13:c5:1e:d2:02:4a:24:1b:
cf:e1:ba:a3:d0:5a:e3:fb:b2:52:94:48:3c:93:b0:e2:06:7c:
8c:78:8e:8d:43:01:e6:11:c9:89:98:67:22:5e:2a:17:99:1c:
0f:31:27:bb:e0:db:25:3b:b4:d5:d0:c6:2f:f7:30:43:d2:b4:
71:91:c9:c2:2d:f1:73:f5:30:39:d5:c2:19:20:ba:96:24:50:
4b:09:7e:e2:00:64:00:50:e3:73:60:36:db:21:0f:ad:24:9e:
11:64:f1:bb:14:44:ad:39:6d:fd:a8:ae:1c:e7:a4:b5:ce:57:
b7:a1:56:d6:a0:44:cc:95:9d:f2:bb:bd:22:01:4a:c4:6d:4a:
9c:06:6b:ea:12:c9:cf:58:b9:e8:f0:57:1e:3d:48:59:cf:c3:
a9:cd:e0:58
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZyekUemiJjixK+WSm7jYs8TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNzEyMmYyZjdmYTUzMGJmMWE4ZmZjZjk2YTkzMGY2OWIz
MGY3ODYwHhcNMjYwMjI3MTAwNzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjlkZTQ5YjRmNWZjMDg1NThhMmVmYmRiZTNlMGZlNzQ1ZTk2NTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8d3rHsyGCaixFZqTzUsOTbpltd02
T+BtvtCit7gM9HFUmKzdrtFUHfEHme1w5GT5LDNtfUq9NRXkdS1mBgiN1grkPyNB
j+WAFPzT5z0fIVk5gwlgjv9ftuYDEgsKO/wqzxopv0Yvg8IvKo2Be1dTfSraDvXX
u0DtTgP9NlKT7zGXDBMNqOjc/g6shUa6CMKF61vBftwmd7lijOcQ/kVcXL5PjHRT
L+buqrrMQn61UGiDP5ip+J9zhvPTR7pwQJqQU6H3BnjtpYvE40ujZO5WMVsAfdYL
o5iocmFCkT0X46FifX06X5558J0/zeXfH/YGesNmNLg42KIbnpXLkcJghQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGud5JtPX8CFWKLvvb4+D+dF6WVwMB8GA1UdIwQY
MBaAFJxxIvL3+lML8aj/z5apMPabMPeGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkhFaTh2ZjZVd3Z4cVBfUGxxa3c5cHN3OTRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS84M2UxZmUtM2Q0OC00Y2Q2LWE2MGIt
NmIyNzMzNmQyNjllLzEvYTUza20wOWZ3SVZZb3UtOXZqNFA1MFhwWlhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS84M2UxZmUtM2Q0OC00Y2Q2LWE2MGItNmIyNzMzNmQyNjll
LzEvbkhFaTh2ZjZVd3Z4cVBfUGxxa3c5cHN3OTRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCw/30MA0E
AgACMAcDBQAqAeDAMA0GCSqGSIb3DQEBCwUAA4IBAQBxL572WpQXLgyLJBRLRJN0
baQ1fMhn0HESUnzVYPkARaErZ4GaUi2OC7O0jbmjZpUA64VQsGOdfzcYxgnGiH4e
m27evhsklTroJvFGLsTmO2PMJ4P59/K90UFk/9LVDGY36EYDE8Ue0gJKJBvP4bqj
0Frj+7JSlEg8k7DiBnyMeI6NQwHmEcmJmGciXioXmRwPMSe74NslO7TV0MYv9zBD
0rRxkcnCLfFz9TA51cIZILqWJFBLCX7iAGQAUONzYDbbIQ+tJJ4RZPG7FEStOW39
qK4c56S1zle3oVbWoETMlZ3yu70iAUrEbUqcBmvqEsnPWLno8FcePUhZz8OpzeBY
-----END CERTIFICATE-----
Generated at Mon Mar 2 12:53:45 2026 by rpki-client