Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/5LduChVgDdyfCHVYl4QO7YMXvZs.roa
File: 5LduChVgDdyfCHVYl4QO7YMXvZs.roa (raw, json)
Hash identifier: 7TPUEM8dI13WYBgC8Y1wxlMkMAlXoxbpVP38cgVmA2A=
Subject key identifier: E4:B7:6E:0A:15:60:0D:DC:9F:08:75:58:97:84:0E:ED:83:17:BD:9B
Certificate issuer: /CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Certificate serial: 019D525D691BF4EF22DFE7299ECE5F3D7660
Authority key identifier: 93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/5LduChVgDdyfCHVYl4QO7YMXvZs.roa
Signing time: Fri 03 Apr 2026 08:02:26 +0000
ROA not before: Fri 03 Apr 2026 08:02:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 200367
IP address blocks: 217.147.14.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.mft
rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 19:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:52:5d:69:1b:f4:ef:22:df:e7:29:9e:ce:5f:3d:76:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Validity
Not Before: Apr 3 08:02:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e4b76e0a15600ddc9f08755897840eed8317bd9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:97:1b:57:74:41:57:4d:e7:78:06:d3:e7:2c:
c7:8c:6b:5d:39:59:10:0f:e3:ae:67:7d:4a:48:99:
2d:05:5c:9e:98:87:7b:fa:ed:b5:f7:4d:dc:82:51:
08:bd:b3:ec:aa:90:4b:d4:05:41:10:7b:16:da:4d:
37:fc:c1:19:c6:cf:0d:94:fe:fd:0e:b1:1e:5c:b4:
33:88:d2:96:6e:93:3e:d1:00:37:3c:7c:eb:08:77:
29:f5:3f:c5:da:3a:e0:98:a3:1c:ac:94:38:3a:af:
8a:30:68:86:bb:57:80:aa:ef:c9:8f:14:50:c9:f7:
08:6a:ba:89:d5:aa:95:b4:bd:f8:ce:46:cd:6e:cd:
1d:a1:41:86:6b:d9:8e:7c:fd:7a:ff:b7:15:73:5f:
e3:91:d8:07:4b:8a:d2:78:50:d2:fd:6b:e6:f5:b6:
c1:ce:68:b9:d0:57:1f:1f:7c:c3:ee:25:79:e1:03:
ee:cc:9d:2f:0d:44:c9:66:20:70:3e:dc:cf:52:93:
ad:dc:aa:0a:f8:47:ae:06:55:67:55:c7:23:27:b6:
a6:9c:14:3e:31:b2:cd:33:ed:54:29:4c:b4:a4:ce:
ff:44:ba:b6:a3:c3:b5:8b:6c:4b:41:a7:de:30:bf:
f2:f4:fd:08:a8:93:f9:3c:78:80:04:cb:5c:f9:7c:
3d:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:B7:6E:0A:15:60:0D:DC:9F:08:75:58:97:84:0E:ED:83:17:BD:9B
X509v3 Authority Key Identifier:
keyid:93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/5LduChVgDdyfCHVYl4QO7YMXvZs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.147.14.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:09:fc:01:80:90:17:42:17:6c:b8:97:35:9e:ef:ee:2e:e3:
f7:d6:30:c5:3f:a8:7e:00:04:c4:3e:a5:30:a1:78:80:2c:47:
69:af:86:b3:ea:99:94:b8:36:a2:d7:99:1f:a9:51:c8:53:cb:
39:11:3d:cf:2c:f1:b5:81:df:92:29:f2:f0:4d:59:dd:b3:fe:
c3:ab:2c:c2:18:e4:65:49:56:7d:2f:b5:1e:33:21:a4:3a:94:
45:e8:28:4e:83:ae:c3:66:02:c9:ff:e9:81:23:8a:49:fc:b8:
1d:bf:1e:a6:f2:12:3d:01:bf:0a:11:aa:31:12:f3:84:3d:cf:
18:e7:9b:58:74:22:f1:9e:bc:27:e2:3e:45:da:86:2d:54:6f:
f1:f8:c7:e4:59:41:82:0c:b5:c2:50:36:06:a0:38:5f:5e:0c:
f6:3f:e5:dd:98:47:cd:10:60:63:d2:41:3e:9a:cf:99:b8:e8:
cf:30:0a:95:24:1e:16:37:27:78:12:e9:d7:5e:4a:9a:72:da:
eb:36:47:14:61:e7:81:a7:8b:fe:ab:01:32:1e:f2:15:78:c6:
43:4c:fc:46:da:13:e4:f3:d2:a6:af:03:ad:f5:66:e3:90:7b:
cb:c3:a5:32:cf:27:ed:55:6a:70:fe:6c:01:d2:e6:64:6f:c1:
c7:2d:5d:be
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ1SXWkb9O8i3+cpns5fPXZgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjc3ZDdjYjkyNzFjZTM2MTI1NmU5ODMzY2M3YjE0ZmQw
MjNlYmUwHhcNMjYwNDAzMDgwMjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGI3NmUwYTE1NjAwZGRjOWYwODc1NTg5Nzg0MGVlZDgzMTdiZDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpcbV3RBV03neAbT5yzHjGtdOVkQ
D+OuZ31KSJktBVyemId7+u21903cglEIvbPsqpBL1AVBEHsW2k03/MEZxs8NlP79
DrEeXLQziNKWbpM+0QA3PHzrCHcp9T/F2jrgmKMcrJQ4Oq+KMGiGu1eAqu/JjxRQ
yfcIarqJ1aqVtL34zkbNbs0doUGGa9mOfP16/7cVc1/jkdgHS4rSeFDS/Wvm9bbB
zmi50FcfH3zD7iV54QPuzJ0vDUTJZiBwPtzPUpOt3KoK+EeuBlVnVccjJ7amnBQ+
MbLNM+1UKUy0pM7/RLq2o8O1i2xLQafeML/y9P0IqJP5PHiABMtc+Xw9tQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOS3bgoVYA3cnwh1WJeEDu2DF72bMB8GA1UdIwQY
MBaAFJNnfXy5JxzjYSVumDPMexT9Aj6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYt
OTlhY2I5OWNlNzU0LzEvNUxkdUNoVmdEZHlmQ0hWWWw0UU83WU1YdlpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYtOTlhY2I5OWNlNzU0
LzEvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2ZMOMA0G
CSqGSIb3DQEBCwUAA4IBAQA7CfwBgJAXQhdsuJc1nu/uLuP31jDFP6h+AATEPqUw
oXiALEdpr4az6pmUuDai15kfqVHIU8s5ET3PLPG1gd+SKfLwTVnds/7DqyzCGORl
SVZ9L7UeMyGkOpRF6ChOg67DZgLJ/+mBI4pJ/Lgdvx6m8hI9Ab8KEaoxEvOEPc8Y
55tYdCLxnrwn4j5F2oYtVG/x+MfkWUGCDLXCUDYGoDhfXgz2P+XdmEfNEGBj0kE+
ms+ZuOjPMAqVJB4WNyd4EunXXkqactrrNkcUYeeBp4v+qwEyHvIVeMZDTPxG2hPk
89KmrwOt9WbjkHvLw6UyzyftVWpw/mwB0uZkb8HHLV2+
-----END CERTIFICATE-----
Generated at Fri Apr 17 05:25:49 2026 by rpki-client