Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/177329-28cd-4864-9e16-946404ec1aa4/1/1-kcyVO0wBbIqiHoCanbi5B57LdE.roa
File: 1-kcyVO0wBbIqiHoCanbi5B57LdE.roa (raw, json)
Hash identifier: BGB2bnAjuAAmuuwOZBoZCyhnZHILmc5FvmErc7Y7ZxI=
Subject key identifier: FA:47:32:54:ED:30:05:B2:2A:88:7A:02:6A:76:E2:E4:1E:7B:2D:D1
Certificate issuer: /CN=e8b3eed1c7aca636d6245852b802e0e73754df63
Certificate serial: 019D821446A5E2422DF1C501C64953647FD3
Authority key identifier: E8:B3:EE:D1:C7:AC:A6:36:D6:24:58:52:B8:02:E0:E7:37:54:DF:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6LPu0cespjbWJFhSuALg5zdU32M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/177329-28cd-4864-9e16-946404ec1aa4/1/1-kcyVO0wBbIqiHoCanbi5B57LdE.roa
Signing time: Sun 12 Apr 2026 14:24:20 +0000
ROA not before: Sun 12 Apr 2026 14:24:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 37.148.218.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9f/177329-28cd-4864-9e16-946404ec1aa4/1/6LPu0cespjbWJFhSuALg5zdU32M.crl
rsync://rpki.ripe.net/repository/DEFAULT/9f/177329-28cd-4864-9e16-946404ec1aa4/1/6LPu0cespjbWJFhSuALg5zdU32M.mft
rsync://rpki.ripe.net/repository/DEFAULT/6LPu0cespjbWJFhSuALg5zdU32M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 Apr 2026 23:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:82:14:46:a5:e2:42:2d:f1:c5:01:c6:49:53:64:7f:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8b3eed1c7aca636d6245852b802e0e73754df63
Validity
Not Before: Apr 12 14:24:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=fa473254ed3005b22a887a026a76e2e41e7b2dd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:b4:e9:6d:f8:74:f0:6c:74:61:8e:fa:68:28:
38:69:79:00:f3:6c:a7:1a:dc:5c:7a:28:89:9a:9d:
9d:92:f1:24:21:1b:1a:9b:b3:ee:e4:bf:b9:ab:d8:
62:e1:2b:47:3a:fd:d1:1c:5b:a7:35:67:30:39:f7:
44:e1:15:7d:8c:47:97:cb:d6:d1:0c:ad:25:a1:e1:
56:78:ff:fb:cc:ec:dc:2c:e7:2f:0d:ce:33:fc:f3:
85:fd:20:55:62:46:ba:40:97:cd:b4:f4:3d:5a:a8:
da:84:44:3b:39:c3:ac:a3:14:b9:d1:cb:a7:de:5d:
24:44:66:b2:80:fc:04:12:63:99:63:1e:39:8d:24:
ac:9e:7b:ec:c1:e5:b7:93:34:a0:7f:eb:fe:14:6a:
33:d0:8b:24:7d:49:a9:fc:54:a8:5d:b2:d0:52:2b:
d7:56:4d:7b:1f:02:12:da:ad:80:40:1a:33:68:8c:
31:6c:1e:e5:6e:dd:bd:48:c2:55:4d:17:26:6a:52:
e8:90:23:5a:89:cb:6c:e3:bd:bf:bd:89:42:a0:10:
4b:66:e2:15:4e:83:9d:08:e4:14:76:d6:0a:6d:ca:
69:5d:0c:e4:85:4b:2a:e7:e7:d7:5c:89:d0:2e:ce:
b4:44:6c:67:e1:da:c8:c1:a2:ea:b9:b5:0a:2f:56:
db:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:47:32:54:ED:30:05:B2:2A:88:7A:02:6A:76:E2:E4:1E:7B:2D:D1
X509v3 Authority Key Identifier:
keyid:E8:B3:EE:D1:C7:AC:A6:36:D6:24:58:52:B8:02:E0:E7:37:54:DF:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6LPu0cespjbWJFhSuALg5zdU32M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/177329-28cd-4864-9e16-946404ec1aa4/1/1-kcyVO0wBbIqiHoCanbi5B57LdE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/177329-28cd-4864-9e16-946404ec1aa4/1/6LPu0cespjbWJFhSuALg5zdU32M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.148.218.0/23
Signature Algorithm: sha256WithRSAEncryption
92:76:1d:c1:14:71:fd:09:f1:ac:0c:04:36:f9:f7:91:b1:b3:
ef:32:58:7f:24:3c:98:1c:54:76:c9:2b:01:ed:f7:6b:ea:e8:
38:13:10:2d:41:bd:e5:2d:3f:6c:60:46:3d:b0:d9:fe:d5:a6:
7f:fb:d2:1f:48:56:13:41:db:25:09:5a:b0:91:f7:87:7f:41:
a0:ec:ff:3e:bc:ad:8f:f1:9b:8c:58:ad:77:9a:6b:9c:2d:26:
3a:db:82:ae:cb:a0:6c:d3:6b:c3:8e:fc:08:18:bf:8e:7d:19:
1b:e7:38:29:14:65:ee:83:3d:07:09:98:28:e7:dd:b1:83:6c:
a5:0b:67:73:4b:62:39:a8:2d:5a:d6:78:b1:a9:36:5a:00:4c:
f2:6c:48:89:19:74:aa:9d:79:2c:85:5d:fd:e0:fd:11:43:4d:
79:79:ba:36:4a:8f:3a:91:bf:ca:ba:03:2a:b3:42:59:8a:a5:
57:dd:a9:d4:5f:23:1d:20:95:0a:1f:38:1a:50:17:f1:77:da:
e7:d3:fa:b3:7b:9b:4b:2a:94:d8:d4:8f:44:ef:9e:92:3d:27:
4c:54:bb:48:c0:de:f7:7c:4d:41:3f:a4:b4:92:7d:4d:59:c5:
08:aa:71:a5:60:ac:5b:bd:39:d4:70:4f:0d:6f:1b:7c:ea:ca:
d8:95:8e:89
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZ2CFEal4kIt8cUBxklTZH/TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4YjNlZWQxYzdhY2E2MzZkNjI0NTg1MmI4MDJlMGU3Mzc1
NGRmNjMwHhcNMjYwNDEyMTQyNDIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTQ3MzI1NGVkMzAwNWIyMmE4ODdhMDI2YTc2ZTJlNDFlN2IyZGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAubTpbfh08Gx0YY76aCg4aXkA82yn
GtxceiiJmp2dkvEkIRsam7Pu5L+5q9hi4StHOv3RHFunNWcwOfdE4RV9jEeXy9bR
DK0loeFWeP/7zOzcLOcvDc4z/POF/SBVYka6QJfNtPQ9WqjahEQ7OcOsoxS50cun
3l0kRGaygPwEEmOZYx45jSSsnnvsweW3kzSgf+v+FGoz0IskfUmp/FSoXbLQUivX
Vk17HwIS2q2AQBozaIwxbB7lbt29SMJVTRcmalLokCNaicts472/vYlCoBBLZuIV
ToOdCOQUdtYKbcppXQzkhUsq5+fXXInQLs60RGxn4drIwaLqubUKL1bbqQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPpHMlTtMAWyKoh6Amp24uQeey3RMB8GA1UdIwQY
MBaAFOiz7tHHrKY21iRYUrgC4Oc3VN9jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkxQdTBjZXNwamJXSkZoU3VBTGc1emRVMzJNLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi8xNzczMjktMjhjZC00ODY0LTllMTYt
OTQ2NDA0ZWMxYWE0LzEvMS1rY3lWTzB3QmJJcWlIb0NhbmJpNUI1N0xkRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOWYvMTc3MzI5LTI4Y2QtNDg2NC05ZTE2LTk0NjQwNGVjMWFh
NC8xLzZMUHUwY2VzcGpiV0pGaFN1QUxnNXpkVTMyTS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEASWU2jAN
BgkqhkiG9w0BAQsFAAOCAQEAknYdwRRx/QnxrAwENvn3kbGz7zJYfyQ8mBxUdskr
Ae33a+roOBMQLUG95S0/bGBGPbDZ/tWmf/vSH0hWE0HbJQlasJH3h39BoOz/Pryt
j/GbjFitd5prnC0mOtuCrsugbNNrw478CBi/jn0ZG+c4KRRl7oM9BwmYKOfdsYNs
pQtnc0tiOagtWtZ4sak2WgBM8mxIiRl0qp15LIVd/eD9EUNNeXm6NkqPOpG/yroD
KrNCWYqlV92p1F8jHSCVCh84GlAX8Xfa59P6s3ubSyqU2NSPRO+ekj0nTFS7SMDe
93xNQT+ktJJ9TVnFCKpxpWCsW7051HBPDW8bfOrK2JWOiQ==
-----END CERTIFICATE-----
Generated at Sun Apr 19 09:04:43 2026 by rpki-client