Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/81dc62-b3cc-4f99-aa42-c10f782fb07f/1/nEF4BB849tQKJXG265qC5pWxdpk.roa
File: nEF4BB849tQKJXG265qC5pWxdpk.roa (raw, json)
Hash identifier: yETOGBWkUMl9tpxP9rE+RxXECvhBo+l5Q6Pfpie/3Qk=
Subject key identifier: 9C:41:78:04:1F:38:F6:D4:0A:25:71:B6:EB:9A:82:E6:95:B1:76:99
Certificate issuer: /CN=587d8b0e7546351176cc0c6e51ed4520abe04ef1
Certificate serial: 019D5583F975257A4B2B1CAA324D6F1D251E
Authority key identifier: 58:7D:8B:0E:75:46:35:11:76:CC:0C:6E:51:ED:45:20:AB:E0:4E:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WH2LDnVGNRF2zAxuUe1FIKvgTvE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/81dc62-b3cc-4f99-aa42-c10f782fb07f/1/nEF4BB849tQKJXG265qC5pWxdpk.roa
Signing time: Fri 03 Apr 2026 22:43:25 +0000
ROA not before: Fri 03 Apr 2026 22:43:25 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 201191
IP address blocks: 193.110.143.0/24 maxlen: 24
2a03:2020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/81dc62-b3cc-4f99-aa42-c10f782fb07f/1/WH2LDnVGNRF2zAxuUe1FIKvgTvE.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/81dc62-b3cc-4f99-aa42-c10f782fb07f/1/WH2LDnVGNRF2zAxuUe1FIKvgTvE.mft
rsync://rpki.ripe.net/repository/DEFAULT/WH2LDnVGNRF2zAxuUe1FIKvgTvE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:55:83:f9:75:25:7a:4b:2b:1c:aa:32:4d:6f:1d:25:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=587d8b0e7546351176cc0c6e51ed4520abe04ef1
Validity
Not Before: Apr 3 22:43:25 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9c4178041f38f6d40a2571b6eb9a82e695b17699
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:f5:81:9c:de:16:05:3f:cf:e6:1e:50:2c:8d:
87:5e:9d:6a:85:c9:ea:44:da:25:63:09:8d:3a:4d:
2a:c1:58:2e:f1:d7:25:f5:22:69:88:47:41:40:a0:
47:93:b2:cd:b5:00:98:9b:fb:40:a3:a4:39:05:4a:
3b:fd:ba:42:83:6d:2b:a7:da:1e:93:82:ac:39:4f:
d8:c8:5b:d3:9f:62:e6:da:b8:80:04:12:fe:ec:71:
fc:f1:a8:31:cd:4a:e5:dd:27:92:bd:c5:ba:12:5a:
86:6b:75:5c:ee:ae:ed:5e:89:16:4b:11:d8:0d:e8:
f6:b2:ae:51:bb:f8:fe:bf:a8:cb:77:3d:32:ef:c8:
13:d8:92:bc:7f:ca:d0:75:b9:40:bd:47:63:a6:bf:
f6:bc:d6:0d:85:73:8c:f9:9e:a4:24:ea:a6:98:84:
bf:a4:ab:4c:ca:24:ab:c8:ab:d7:71:ca:9f:84:45:
cf:c5:a0:12:f1:eb:33:8d:77:a6:ec:83:09:15:25:
5f:a6:87:88:18:7e:ab:f3:80:a2:de:63:7b:50:fd:
fc:e7:cd:d0:ea:d8:5f:ab:d2:4b:e5:e5:e8:56:c6:
e1:57:2e:e1:68:b4:66:97:e8:d5:87:98:5a:e3:3f:
08:85:c2:f7:c2:49:5f:e3:ac:77:3e:39:07:0c:c6:
2d:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:41:78:04:1F:38:F6:D4:0A:25:71:B6:EB:9A:82:E6:95:B1:76:99
X509v3 Authority Key Identifier:
keyid:58:7D:8B:0E:75:46:35:11:76:CC:0C:6E:51:ED:45:20:AB:E0:4E:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WH2LDnVGNRF2zAxuUe1FIKvgTvE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/81dc62-b3cc-4f99-aa42-c10f782fb07f/1/nEF4BB849tQKJXG265qC5pWxdpk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/81dc62-b3cc-4f99-aa42-c10f782fb07f/1/WH2LDnVGNRF2zAxuUe1FIKvgTvE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.110.143.0/24
IPv6:
2a03:2020::/48
Signature Algorithm: sha256WithRSAEncryption
5e:64:f7:8c:af:dc:e2:ca:73:5e:74:36:19:d6:f3:19:45:85:
fc:64:a4:fd:11:bf:af:60:16:3a:c7:35:3b:ee:db:48:18:41:
7a:4b:42:89:bd:13:f1:ed:5d:0e:2e:d2:d7:43:37:1d:64:e3:
dd:d2:43:f4:ba:58:6c:5b:2d:27:96:5a:65:e9:63:6c:bd:00:
4e:ae:c7:63:3a:60:b3:2f:b7:0d:c3:26:fe:10:19:5a:9f:47:
b0:ff:f3:03:13:7d:4f:e2:00:f3:59:9e:50:a4:df:c5:e8:91:
54:08:e1:81:22:9a:82:c7:f7:ee:5b:5a:bf:3f:17:48:84:00:
fe:81:e8:fc:11:d4:5c:7e:cb:79:c6:39:55:68:e1:b2:e5:ae:
8b:7d:42:8a:dc:3a:fb:b8:93:ca:74:18:d8:24:08:4a:fc:2f:
cd:2a:29:61:b0:c2:51:4f:81:6d:c8:ce:33:bf:a2:3c:48:e1:
94:f0:72:80:8a:ce:7d:3c:9a:ad:ff:3c:d6:d0:fd:4e:a6:2b:
da:1c:b6:65:48:ee:4a:dd:62:0c:3b:ee:0e:fa:f7:7b:cc:55:
ed:65:18:1a:4a:1c:5d:97:25:f3:76:21:77:96:0c:c8:4d:c5:
b9:92:b7:20:2d:15:a1:a7:f3:62:91:d6:ad:a1:1f:02:a8:9e:
85:81:3e:1a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZ1Vg/l1JXpLKxyqMk1vHSUeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4N2Q4YjBlNzU0NjM1MTE3NmNjMGM2ZTUxZWQ0NTIwYWJl
MDRlZjEwHhcNMjYwNDAzMjI0MzI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzQxNzgwNDFmMzhmNmQ0MGEyNTcxYjZlYjlhODJlNjk1YjE3Njk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPWBnN4WBT/P5h5QLI2HXp1qhcnq
RNolYwmNOk0qwVgu8dcl9SJpiEdBQKBHk7LNtQCYm/tAo6Q5BUo7/bpCg20rp9oe
k4KsOU/YyFvTn2Lm2riABBL+7HH88agxzUrl3SeSvcW6ElqGa3Vc7q7tXokWSxHY
Dej2sq5Ru/j+v6jLdz0y78gT2JK8f8rQdblAvUdjpr/2vNYNhXOM+Z6kJOqmmIS/
pKtMyiSryKvXccqfhEXPxaAS8eszjXem7IMJFSVfpoeIGH6r84Ci3mN7UP38583Q
6thfq9JL5eXoVsbhVy7haLRml+jVh5ha4z8IhcL3wklf46x3PjkHDMYtxQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJxBeAQfOPbUCiVxtuuaguaVsXaZMB8GA1UdIwQY
MBaAFFh9iw51RjURdswMblHtRSCr4E7xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0gyTERuVkdOUkYyekF4dVVlMUZJS3ZnVHZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC84MWRjNjItYjNjYy00Zjk5LWFhNDIt
YzEwZjc4MmZiMDdmLzEvbkVGNEJCODQ5dFFLSlhHMjY1cUM1cFd4ZHBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC84MWRjNjItYjNjYy00Zjk5LWFhNDItYzEwZjc4MmZiMDdm
LzEvV0gyTERuVkdOUkYyekF4dVVlMUZJS3ZnVHZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwW6PMA8E
AgACMAkDBwAqAyAgAAAwDQYJKoZIhvcNAQELBQADggEBAF5k94yv3OLKc150NhnW
8xlFhfxkpP0Rv69gFjrHNTvu20gYQXpLQom9E/HtXQ4u0tdDNx1k493SQ/S6WGxb
LSeWWmXpY2y9AE6ux2M6YLMvtw3DJv4QGVqfR7D/8wMTfU/iAPNZnlCk38XokVQI
4YEimoLH9+5bWr8/F0iEAP6B6PwR1Fx+y3nGOVVo4bLlrot9QorcOvu4k8p0GNgk
CEr8L80qKWGwwlFPgW3IzjO/ojxI4ZTwcoCKzn08mq3/PNbQ/U6mK9octmVI7krd
Ygw77g7693vMVe1lGBpKHF2XJfN2IXeWDMhNxbmStyAtFaGn82KR1q2hHwKonoWB
Pho=
-----END CERTIFICATE-----
Generated at Fri Apr 17 13:45:34 2026 by rpki-client