Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/50J8xvTiYpxoT6X5usI8sSXAWZ0.roa
File: 50J8xvTiYpxoT6X5usI8sSXAWZ0.roa (raw, json)
Hash identifier: yA1b6VA0exwZuz0IlvIe7HYwnFg5lqsNlzVDXDKLzBw=
Subject key identifier: E7:42:7C:C6:F4:E2:62:9C:68:4F:A5:F9:BA:C2:3C:B1:25:C0:59:9D
Certificate issuer: /CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Certificate serial: 019C8E619A0896B80792FF448703655E1159
Authority key identifier: 64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/50J8xvTiYpxoT6X5usI8sSXAWZ0.roa
Signing time: Tue 24 Feb 2026 06:41:26 +0000
ROA not before: Tue 24 Feb 2026 06:41:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 274275
IP address blocks: 91.190.189.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 21:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:8e:61:9a:08:96:b8:07:92:ff:44:87:03:65:5e:11:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Validity
Not Before: Feb 24 06:41:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e7427cc6f4e2629c684fa5f9bac23cb125c0599d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:ec:4d:41:ce:f3:78:d0:fa:b3:b4:8d:6a:ad:
f8:37:82:34:7d:d7:ca:a1:6c:70:e1:83:ce:4e:0f:
04:08:b1:be:ac:6f:d7:59:d0:82:12:2f:9f:fe:dd:
bf:23:35:0f:aa:e6:ed:db:09:c1:22:cb:45:a1:fe:
a5:bc:7a:e7:ce:39:ea:bc:7b:93:a6:e4:73:ff:7a:
22:7f:48:2f:89:7c:8b:2b:bb:7d:44:5e:be:c1:ec:
2b:50:50:61:21:4a:c1:66:50:d9:0a:33:ce:7e:6e:
b5:a6:ff:67:ad:60:b1:ff:20:14:61:78:59:a7:6b:
f8:ed:2a:fe:03:61:82:9d:c8:c8:e3:e2:b5:84:c6:
6a:a3:ae:b0:a3:40:50:1c:78:67:9f:5d:80:cf:e9:
20:f5:68:87:1d:ec:94:3d:53:3c:d4:33:f6:e8:d3:
c4:f9:85:ea:7a:e2:25:3d:9b:84:e4:26:a8:d9:57:
61:19:70:b4:46:fe:48:24:75:68:40:87:ba:93:a9:
1f:0c:0e:5b:9e:57:47:52:69:80:18:1c:96:a9:6a:
b6:b9:80:d3:93:0b:75:fb:75:72:46:56:53:8a:ac:
e7:ce:72:73:f2:10:86:54:f5:54:05:41:dc:82:06:
ce:9d:fa:f3:dd:d9:ff:99:37:7f:8d:86:ff:a9:d0:
3a:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:42:7C:C6:F4:E2:62:9C:68:4F:A5:F9:BA:C2:3C:B1:25:C0:59:9D
X509v3 Authority Key Identifier:
keyid:64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/50J8xvTiYpxoT6X5usI8sSXAWZ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.190.189.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:29:2c:74:0a:e1:ea:b0:4e:d6:b4:e9:f4:7e:8a:a5:bf:4a:
57:2e:91:56:5a:da:ef:29:86:b8:d3:e9:08:c2:fd:65:ab:1f:
bc:a4:ed:55:bc:22:b0:3a:64:4c:ee:cd:b4:c9:8b:1c:ca:4a:
80:e7:c5:25:24:16:41:5a:65:88:fb:de:08:17:5a:a5:44:a2:
1f:8c:ac:2d:b2:ef:9c:22:ad:31:eb:0c:58:0e:13:68:bd:5a:
58:5e:42:27:e0:95:14:55:2a:f3:07:91:ea:58:b5:d7:ba:c2:
a3:2e:7c:84:bb:58:bb:33:86:9e:34:f8:2a:a3:dd:2c:d9:e6:
1a:de:95:18:32:11:23:8e:4a:64:68:a8:51:38:9f:63:61:37:
f4:89:f3:b0:79:5d:01:87:b1:b9:f5:e6:95:cc:ec:90:43:b3:
56:2e:f7:d0:24:6b:1a:2c:e6:59:2e:eb:5e:63:19:70:4d:06:
92:13:c9:b4:56:cf:09:09:27:50:0e:97:c8:58:f0:96:48:e0:
97:31:c7:4c:a5:7a:72:30:2f:fc:9a:bb:2e:4e:04:45:24:f9:
56:42:fc:b3:19:00:0e:09:bf:37:31:b4:6b:18:2b:fb:c3:51:
35:77:44:d7:00:00:43:6d:97:40:ba:a6:cc:5d:4e:f9:66:74:
bb:01:b5:76
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZyOYZoIlrgHkv9EhwNlXhFZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MTk3NTU4M2IyNTAzNjJjODE1MGY2M2FkYjMwYTBmNmEw
YzZmYzMwHhcNMjYwMjI0MDY0MTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzQyN2NjNmY0ZTI2MjljNjg0ZmE1ZjliYWMyM2NiMTI1YzA1OTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0uxNQc7zeND6s7SNaq34N4I0fdfK
oWxw4YPOTg8ECLG+rG/XWdCCEi+f/t2/IzUPqubt2wnBIstFof6lvHrnzjnqvHuT
puRz/3oif0gviXyLK7t9RF6+wewrUFBhIUrBZlDZCjPOfm61pv9nrWCx/yAUYXhZ
p2v47Sr+A2GCncjI4+K1hMZqo66wo0BQHHhnn12Az+kg9WiHHeyUPVM81DP26NPE
+YXqeuIlPZuE5Cao2VdhGXC0Rv5IJHVoQIe6k6kfDA5bnldHUmmAGByWqWq2uYDT
kwt1+3VyRlZTiqznznJz8hCGVPVUBUHcggbOnfrz3dn/mTd/jYb/qdA6MQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOdCfMb04mKcaE+l+brCPLElwFmdMB8GA1UdIwQY
MBaAFGQZdVg7JQNiyBUPY62zCg9qDG/DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQt
ZjFjMzNhYTJmZDUwLzEvNTBKOHh2VGlZcHhvVDZYNXVzSThzU1hBV1owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQtZjFjMzNhYTJmZDUw
LzEvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW769MA0G
CSqGSIb3DQEBCwUAA4IBAQBdKSx0CuHqsE7WtOn0foqlv0pXLpFWWtrvKYa40+kI
wv1lqx+8pO1VvCKwOmRM7s20yYscykqA58UlJBZBWmWI+94IF1qlRKIfjKwtsu+c
Iq0x6wxYDhNovVpYXkIn4JUUVSrzB5HqWLXXusKjLnyEu1i7M4aeNPgqo90s2eYa
3pUYMhEjjkpkaKhROJ9jYTf0ifOweV0Bh7G59eaVzOyQQ7NWLvfQJGsaLOZZLute
YxlwTQaSE8m0Vs8JCSdQDpfIWPCWSOCXMcdMpXpyMC/8mrsuTgRFJPlWQvyzGQAO
Cb83MbRrGCv7w1E1d0TXAABDbZdAuqbMXU75ZnS7AbV2
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:15:10 2026 by rpki-client