Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/853b38-ee47-404c-a399-cc1a7ccab702/1/IGeQzavDepXPW2JRBodeIJKbJT0.roa
File: IGeQzavDepXPW2JRBodeIJKbJT0.roa (raw, json)
Hash identifier: R+Y0Kt5axtO1z9YPtGYoVxdWFhFirYa/xiVOmRUUMuY=
Subject key identifier: 20:67:90:CD:AB:C3:7A:95:CF:5B:62:51:06:87:5E:20:92:9B:25:3D
Certificate issuer: /CN=ae25eaaf91a1662c96fbef9de4c5fa1e1d087497
Certificate serial: 019C47DED9687E8878CA386C5DA3621044AE
Authority key identifier: AE:25:EA:AF:91:A1:66:2C:96:FB:EF:9D:E4:C5:FA:1E:1D:08:74:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/riXqr5GhZiyW---d5MX6Hh0IdJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/853b38-ee47-404c-a399-cc1a7ccab702/1/IGeQzavDepXPW2JRBodeIJKbJT0.roa
Signing time: Tue 10 Feb 2026 14:05:12 +0000
ROA not before: Tue 10 Feb 2026 14:05:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 31445
IP address blocks: 195.47.219.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/853b38-ee47-404c-a399-cc1a7ccab702/1/riXqr5GhZiyW---d5MX6Hh0IdJc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ad/853b38-ee47-404c-a399-cc1a7ccab702/1/riXqr5GhZiyW---d5MX6Hh0IdJc.mft
rsync://rpki.ripe.net/repository/DEFAULT/riXqr5GhZiyW---d5MX6Hh0IdJc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 20:01:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:47:de:d9:68:7e:88:78:ca:38:6c:5d:a3:62:10:44:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae25eaaf91a1662c96fbef9de4c5fa1e1d087497
Validity
Not Before: Feb 10 14:05:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=206790cdabc37a95cf5b625106875e20929b253d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:75:03:30:e9:d4:e3:fd:18:2f:59:a8:de:b8:
a6:e7:63:d6:e7:72:7d:fb:f1:81:12:d5:e5:59:42:
d2:e2:a7:58:e7:7a:f3:5f:bc:9a:64:cb:7b:72:fe:
e0:fe:65:20:a5:db:35:0a:df:d0:e1:d8:f1:d3:87:
fc:7a:f4:9a:96:1f:e0:44:42:8c:7f:aa:d8:24:22:
bc:6c:57:f9:d3:bf:be:4c:7a:61:10:03:71:20:30:
1f:25:48:60:d4:78:f7:26:92:5b:d2:1e:e7:95:64:
ec:aa:b7:9b:b2:48:f8:01:49:c2:6e:77:4a:33:d9:
4b:09:75:dd:d3:57:a2:c8:52:90:7e:aa:c6:08:22:
c4:92:73:1d:05:5b:cc:2a:fb:dc:36:60:58:b1:fa:
19:f9:be:88:23:ab:81:af:99:31:5d:42:40:8f:c7:
e5:8c:b4:f4:e0:a1:24:15:fb:79:ec:83:34:8a:9c:
2c:21:ed:cf:5d:26:6f:9f:0a:70:09:52:e0:33:72:
07:8a:14:c3:28:68:94:ff:ff:e5:64:1c:eb:42:65:
ef:32:7f:54:6b:7e:d8:10:88:9b:bf:a4:11:18:03:
e9:b9:20:74:71:6e:49:1b:2c:8f:f5:35:9c:5b:91:
d5:72:35:aa:19:d6:bd:82:91:2c:37:bb:a8:89:5a:
61:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:67:90:CD:AB:C3:7A:95:CF:5B:62:51:06:87:5E:20:92:9B:25:3D
X509v3 Authority Key Identifier:
keyid:AE:25:EA:AF:91:A1:66:2C:96:FB:EF:9D:E4:C5:FA:1E:1D:08:74:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/riXqr5GhZiyW---d5MX6Hh0IdJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/853b38-ee47-404c-a399-cc1a7ccab702/1/IGeQzavDepXPW2JRBodeIJKbJT0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/853b38-ee47-404c-a399-cc1a7ccab702/1/riXqr5GhZiyW---d5MX6Hh0IdJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.47.219.0/24
Signature Algorithm: sha256WithRSAEncryption
29:3c:c5:b1:44:38:6c:3b:08:47:7b:f8:5c:e9:20:d7:cc:ff:
02:a6:52:7e:02:10:bd:42:c4:a5:90:3a:ba:68:68:50:cf:89:
b0:da:79:62:95:80:23:86:c6:1a:0e:fc:3f:74:69:9b:a8:d6:
12:f4:0a:11:ad:42:6c:75:8e:74:4e:29:fc:01:46:23:91:0c:
e4:c5:78:03:fa:06:7f:dc:b1:fe:79:cd:20:7d:f0:2b:65:07:
06:de:f1:71:69:93:dc:23:29:7b:d0:d4:be:44:97:6b:c8:27:
06:4b:0b:38:fe:c6:ba:94:f0:cf:5d:b3:04:fa:d8:c7:03:cc:
e3:38:2f:80:78:3d:46:ae:e7:c4:e2:af:a3:54:36:07:3c:dc:
c1:38:fd:77:d5:74:a5:e6:c7:51:bc:38:77:3a:80:c6:9c:1a:
45:6f:91:7b:f8:26:99:ff:c4:1d:3c:88:d7:9e:4b:a0:15:26:
26:3e:79:07:89:f2:d6:ee:f3:18:6a:b4:f1:30:b6:84:4e:0b:
3d:0c:a6:f2:7b:d1:15:d2:a9:08:8d:ef:a4:42:89:73:5b:93:
4f:47:2d:47:20:27:fb:a8:b9:73:24:91:1f:fd:3f:b8:92:87:
b7:cc:07:60:b9:84:bc:06:a1:fe:b2:c8:33:8d:cb:d5:21:20:
81:8d:02:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZxH3tlofoh4yjhsXaNiEESuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlMjVlYWFmOTFhMTY2MmM5NmZiZWY5ZGU0YzVmYTFlMWQw
ODc0OTcwHhcNMjYwMjEwMTQwNTEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDY3OTBjZGFiYzM3YTk1Y2Y1YjYyNTEwNjg3NWUyMDkyOWIyNTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA33UDMOnU4/0YL1mo3rim52PW53J9
+/GBEtXlWULS4qdY53rzX7yaZMt7cv7g/mUgpds1Ct/Q4djx04f8evSalh/gREKM
f6rYJCK8bFf507++THphEANxIDAfJUhg1Hj3JpJb0h7nlWTsqrebskj4AUnCbndK
M9lLCXXd01eiyFKQfqrGCCLEknMdBVvMKvvcNmBYsfoZ+b6II6uBr5kxXUJAj8fl
jLT04KEkFft57IM0ipwsIe3PXSZvnwpwCVLgM3IHihTDKGiU///lZBzrQmXvMn9U
a37YEIibv6QRGAPpuSB0cW5JGyyP9TWcW5HVcjWqGda9gpEsN7uoiVph7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCBnkM2rw3qVz1tiUQaHXiCSmyU9MB8GA1UdIwQY
MBaAFK4l6q+RoWYslvvvneTF+h4dCHSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmlYcXI1R2haaXlXLS0tZDVNWDZIaDBJZEpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC84NTNiMzgtZWU0Ny00MDRjLWEzOTkt
Y2MxYTdjY2FiNzAyLzEvSUdlUXphdkRlcFhQVzJKUkJvZGVJSktiSlQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC84NTNiMzgtZWU0Ny00MDRjLWEzOTktY2MxYTdjY2FiNzAy
LzEvcmlYcXI1R2haaXlXLS0tZDVNWDZIaDBJZEpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwy/bMA0G
CSqGSIb3DQEBCwUAA4IBAQApPMWxRDhsOwhHe/hc6SDXzP8CplJ+AhC9QsSlkDq6
aGhQz4mw2nlilYAjhsYaDvw/dGmbqNYS9AoRrUJsdY50Tin8AUYjkQzkxXgD+gZ/
3LH+ec0gffArZQcG3vFxaZPcIyl70NS+RJdryCcGSws4/sa6lPDPXbME+tjHA8zj
OC+AeD1GrufE4q+jVDYHPNzBOP131XSl5sdRvDh3OoDGnBpFb5F7+CaZ/8QdPIjX
nkugFSYmPnkHifLW7vMYarTxMLaETgs9DKbye9EV0qkIje+kQolzW5NPRy1HICf7
qLlzJJEf/T+4koe3zAdguYS8BqH+ssgzjcvVISCBjQJi
-----END CERTIFICATE-----
Generated at Tue Mar 3 03:18:19 2026 by rpki-client