Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/45cd13-1d67-4b8c-b096-bd945cd4dde8/1/k7OFfEjwlsPHRgABKjVHvSw98gk.roa
File: k7OFfEjwlsPHRgABKjVHvSw98gk.roa (raw, json)
Hash identifier: ULJA6Cgc4JM66V+ygxdfXgpMQOYr75XD8p/jyhM8eaE=
Subject key identifier: 93:B3:85:7C:48:F0:96:C3:C7:46:00:01:2A:35:47:BD:2C:3D:F2:09
Certificate issuer: /CN=9f5087ba41585c9c22c398fd5f556cc166adb3f7
Certificate serial: 019E643F6686969D885C4C5D19EF60DC7A45
Authority key identifier: 9F:50:87:BA:41:58:5C:9C:22:C3:98:FD:5F:55:6C:C1:66:AD:B3:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n1CHukFYXJwiw5j9X1VswWats_c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/45cd13-1d67-4b8c-b096-bd945cd4dde8/1/k7OFfEjwlsPHRgABKjVHvSw98gk.roa
Signing time: Tue 26 May 2026 12:25:36 +0000
ROA not before: Tue 26 May 2026 12:25:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 203172
IP address blocks: 193.110.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/45cd13-1d67-4b8c-b096-bd945cd4dde8/1/n1CHukFYXJwiw5j9X1VswWats_c.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/45cd13-1d67-4b8c-b096-bd945cd4dde8/1/n1CHukFYXJwiw5j9X1VswWats_c.mft
rsync://rpki.ripe.net/repository/DEFAULT/n1CHukFYXJwiw5j9X1VswWats_c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 17 Jun 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:64:3f:66:86:96:9d:88:5c:4c:5d:19:ef:60:dc:7a:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f5087ba41585c9c22c398fd5f556cc166adb3f7
Validity
Not Before: May 26 12:25:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=93b3857c48f096c3c74600012a3547bd2c3df209
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:c9:72:59:ae:c6:ad:16:5b:b6:06:0f:3c:68:
b3:1d:6c:b1:70:8d:8c:1a:5f:5a:90:88:b5:d4:33:
dc:81:7e:e8:9f:70:a6:11:23:e7:1c:7c:63:61:ad:
ef:06:d9:b8:f0:33:b1:f0:3d:5e:20:f8:3a:f5:52:
39:3a:91:45:3d:01:b3:a2:0b:fd:a6:f5:bb:70:f6:
46:6b:27:1e:19:44:80:c3:3f:0d:b3:22:25:d2:59:
5a:97:34:5a:69:3f:83:d9:ff:ba:8c:0d:97:aa:c6:
84:bd:c0:ea:0d:f8:66:d4:00:9d:e8:b5:74:a7:6e:
7a:d9:62:58:43:31:7f:87:49:4d:74:1c:cf:1d:b1:
b0:28:a9:55:09:9e:55:07:ee:96:dd:4f:41:e7:71:
9c:bb:28:1e:70:7b:aa:da:ed:62:da:ed:2d:d2:5f:
62:5d:12:0a:d5:b5:a8:29:68:68:89:c6:35:25:53:
4c:3a:60:28:d1:63:5f:c9:2e:70:c6:1b:0c:64:ce:
a1:cf:e2:0c:3b:f3:76:c5:f3:f7:d2:38:c7:d0:d3:
45:42:9c:62:f6:f3:03:71:a2:5b:d3:0a:60:89:dc:
17:ae:66:78:f4:4a:02:54:5c:48:f4:f3:bb:74:f5:
e1:ab:18:b4:cc:83:5a:8b:08:1f:e9:c7:0a:09:f3:
d9:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:B3:85:7C:48:F0:96:C3:C7:46:00:01:2A:35:47:BD:2C:3D:F2:09
X509v3 Authority Key Identifier:
keyid:9F:50:87:BA:41:58:5C:9C:22:C3:98:FD:5F:55:6C:C1:66:AD:B3:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n1CHukFYXJwiw5j9X1VswWats_c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/45cd13-1d67-4b8c-b096-bd945cd4dde8/1/k7OFfEjwlsPHRgABKjVHvSw98gk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/45cd13-1d67-4b8c-b096-bd945cd4dde8/1/n1CHukFYXJwiw5j9X1VswWats_c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.110.153.0/24
Signature Algorithm: sha256WithRSAEncryption
63:51:c1:b1:66:f7:78:c0:24:99:35:f6:4a:d6:35:92:6d:ba:
41:9f:c3:b3:49:d0:4a:4d:9e:52:50:39:d2:e6:e8:54:36:5d:
05:b9:98:e9:82:7b:06:1c:1e:77:b8:0a:35:83:f2:6c:76:d8:
34:c9:20:6f:bb:6b:54:0f:ed:50:df:ae:db:72:3f:f6:94:c2:
b9:83:1d:d2:97:c0:78:f7:d0:b6:f4:e8:66:a6:3a:ef:7e:60:
2f:23:15:dd:a1:11:28:bb:a3:ce:43:9d:dd:82:aa:31:7c:d2:
ef:2a:79:a8:b9:c7:16:fd:96:0f:6c:14:cc:cf:46:5b:74:45:
c7:24:0c:52:8e:67:f8:d2:fc:9e:eb:75:26:23:82:25:ec:d9:
55:cd:9a:b6:e9:19:2b:6c:21:84:ac:9a:40:60:e6:b3:9b:26:
77:4d:72:62:cd:2c:f3:ca:9b:76:de:7d:1e:1f:e5:09:bc:b2:
59:01:aa:bc:bd:f9:fe:81:71:d5:02:50:db:58:cd:6a:2e:0f:
3b:db:57:f8:e2:16:b8:f1:49:be:08:94:9f:7e:97:ef:0a:9d:
7f:f7:11:62:f4:f9:39:ab:e6:1a:38:b0:e3:8f:da:be:c4:e1:
df:40:58:23:21:9b:d5:6e:48:cc:94:21:5b:fc:2f:24:73:b5:
72:12:42:44
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ5kP2aGlp2IXExdGe9g3HpFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmNTA4N2JhNDE1ODVjOWMyMmMzOThmZDVmNTU2Y2MxNjZh
ZGIzZjcwHhcNMjYwNTI2MTIyNTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2IzODU3YzQ4ZjA5NmMzYzc0NjAwMDEyYTM1NDdiZDJjM2RmMjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtMlyWa7GrRZbtgYPPGizHWyxcI2M
Gl9akIi11DPcgX7on3CmESPnHHxjYa3vBtm48DOx8D1eIPg69VI5OpFFPQGzogv9
pvW7cPZGayceGUSAwz8NsyIl0llalzRaaT+D2f+6jA2XqsaEvcDqDfhm1ACd6LV0
p2562WJYQzF/h0lNdBzPHbGwKKlVCZ5VB+6W3U9B53GcuygecHuq2u1i2u0t0l9i
XRIK1bWoKWhoicY1JVNMOmAo0WNfyS5wxhsMZM6hz+IMO/N2xfP30jjH0NNFQpxi
9vMDcaJb0wpgidwXrmZ49EoCVFxI9PO7dPXhqxi0zINaiwgf6ccKCfPZ5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJOzhXxI8JbDx0YAASo1R70sPfIJMB8GA1UdIwQY
MBaAFJ9Qh7pBWFycIsOY/V9VbMFmrbP3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjFDSHVrRllYSndpdzVqOVgxVnN3V2F0c19jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi80NWNkMTMtMWQ2Ny00YjhjLWIwOTYt
YmQ5NDVjZDRkZGU4LzEvazdPRmZFandsc1BIUmdBQktqVkh2U3c5OGdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi80NWNkMTMtMWQ2Ny00YjhjLWIwOTYtYmQ5NDVjZDRkZGU4
LzEvbjFDSHVrRllYSndpdzVqOVgxVnN3V2F0c19jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwW6ZMA0G
CSqGSIb3DQEBCwUAA4IBAQBjUcGxZvd4wCSZNfZK1jWSbbpBn8OzSdBKTZ5SUDnS
5uhUNl0FuZjpgnsGHB53uAo1g/Jsdtg0ySBvu2tUD+1Q367bcj/2lMK5gx3Sl8B4
99C29OhmpjrvfmAvIxXdoREou6POQ53dgqoxfNLvKnmouccW/ZYPbBTMz0ZbdEXH
JAxSjmf40vye63UmI4Il7NlVzZq26RkrbCGErJpAYOazmyZ3TXJizSzzypt23n0e
H+UJvLJZAaq8vfn+gXHVAlDbWM1qLg8721f44ha48Um+CJSffpfvCp1/9xFi9Pk5
q+YaOLDjj9q+xOHfQFgjIZvVbkjMlCFb/C8kc7VyEkJE
-----END CERTIFICATE-----
Generated at Wed Jun 17 09:13:39 2026 by rpki-client