Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/fb090d-685e-4110-b171-c1c3c848912b/1/dm05ruUJUy3EB3fTlfRp28bRVHs.roa
File: dm05ruUJUy3EB3fTlfRp28bRVHs.roa (raw, json)
Hash identifier: HKoH3W2n4KC9D9ffQJl5txh8NMSU8l6yIctHVJM24eA=
Subject key identifier: 76:6D:39:AE:E5:09:53:2D:C4:07:77:D3:95:F4:69:DB:C6:D1:54:7B
Certificate issuer: /CN=c8387f035b09d2bc393f7f60d7621d300cc977d8
Certificate serial: 019B78A282BF38171DDA6F6D5B2162F2AD01
Authority key identifier: C8:38:7F:03:5B:09:D2:BC:39:3F:7F:60:D7:62:1D:30:0C:C9:77:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yDh_A1sJ0rw5P39g12IdMAzJd9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/fb090d-685e-4110-b171-c1c3c848912b/1/dm05ruUJUy3EB3fTlfRp28bRVHs.roa
Signing time: Thu 01 Jan 2026 08:17:54 +0000
ROA not before: Thu 01 Jan 2026 08:17:54 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 59835
IP address blocks: 193.41.200.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/fb090d-685e-4110-b171-c1c3c848912b/1/yDh_A1sJ0rw5P39g12IdMAzJd9g.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/fb090d-685e-4110-b171-c1c3c848912b/1/yDh_A1sJ0rw5P39g12IdMAzJd9g.mft
rsync://rpki.ripe.net/repository/DEFAULT/yDh_A1sJ0rw5P39g12IdMAzJd9g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 15:05:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:78:a2:82:bf:38:17:1d:da:6f:6d:5b:21:62:f2:ad:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8387f035b09d2bc393f7f60d7621d300cc977d8
Validity
Not Before: Jan 1 08:17:54 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=766d39aee509532dc40777d395f469dbc6d1547b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:ad:d1:ce:7a:31:be:e8:2f:d3:11:f9:82:88:
1a:f0:0b:bc:7c:fc:24:0c:69:74:a9:aa:65:45:ad:
41:87:0b:a9:7e:ac:1a:3d:2f:05:62:b2:33:56:11:
e5:f6:d4:31:88:43:20:be:fb:27:7a:52:e8:3f:6c:
89:04:6f:33:17:db:18:77:f3:80:f5:2e:be:c5:a4:
03:32:cf:a7:a3:9e:28:f6:d3:e8:b5:f8:6d:af:10:
36:24:54:57:8f:d5:bb:d8:d7:53:15:94:a5:b8:34:
cf:d4:5a:a6:1f:60:ad:6e:0d:14:ff:87:5b:96:80:
6b:5b:24:55:e1:a8:39:89:1f:5d:4d:2b:7c:d7:02:
2d:1d:b7:76:5e:c8:e2:93:d5:29:e8:b9:43:ae:8d:
ad:74:02:bc:44:7d:18:34:c6:54:ff:70:35:4c:cf:
a6:b5:50:ee:25:6a:88:d4:a3:1c:08:a7:2d:a6:c3:
b7:ec:6c:7c:66:1c:34:04:a7:01:0c:d7:62:42:b3:
50:33:45:ae:82:15:33:12:c8:68:ce:d2:78:00:11:
32:a1:cb:c9:64:c0:52:33:9a:55:25:60:8b:bb:4b:
77:ae:cf:d1:25:ce:4f:0f:83:41:12:21:85:95:b4:
f7:72:9f:0b:70:a3:3d:68:19:4a:31:9d:e1:ed:d9:
eb:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:6D:39:AE:E5:09:53:2D:C4:07:77:D3:95:F4:69:DB:C6:D1:54:7B
X509v3 Authority Key Identifier:
keyid:C8:38:7F:03:5B:09:D2:BC:39:3F:7F:60:D7:62:1D:30:0C:C9:77:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yDh_A1sJ0rw5P39g12IdMAzJd9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/fb090d-685e-4110-b171-c1c3c848912b/1/dm05ruUJUy3EB3fTlfRp28bRVHs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/fb090d-685e-4110-b171-c1c3c848912b/1/yDh_A1sJ0rw5P39g12IdMAzJd9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.41.200.0/24
Signature Algorithm: sha256WithRSAEncryption
92:f2:ea:28:82:cd:a2:78:67:90:42:3f:73:b6:a4:de:cb:b3:
c1:50:a5:03:c3:1f:90:ad:51:b0:14:78:37:4f:74:c4:43:4a:
cf:f7:a5:fc:4f:1f:68:ed:17:2e:8b:25:68:18:0d:43:dd:14:
15:fd:a7:89:a3:3b:b9:6b:e0:9f:63:75:d6:4d:21:ea:2e:ab:
4d:63:5e:08:2c:32:c5:16:75:e9:fc:d5:38:c5:c5:9a:7d:e1:
be:b6:c9:c3:9e:2e:16:fd:a6:b4:65:5c:aa:01:ad:e6:b0:86:
3d:37:60:4a:90:bd:83:b3:ea:85:8e:38:f8:ef:73:e7:a4:10:
43:11:b7:26:e4:86:46:1a:b4:07:bf:c6:45:2f:84:f5:bd:3d:
b0:46:46:68:0c:ed:5c:0d:f9:41:10:db:05:ad:70:3b:1d:18:
05:76:cf:2b:28:8c:41:d8:2a:6f:37:64:28:3c:1a:27:6d:05:
cb:b3:6f:e4:7f:39:77:eb:19:9e:d5:2e:74:d2:6c:ac:04:f7:
ad:95:35:c3:66:0a:aa:a1:3c:38:c6:97:33:24:7a:e1:29:ad:
4a:80:54:8f:93:ab:49:14:25:d0:bb:35:4c:44:f0:47:be:e4:
7a:5b:04:f2:bb:fb:c6:1f:30:03:d7:1b:2c:30:83:c3:9b:ee:
de:fd:65:bc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt4ooK/OBcd2m9tWyFi8q0BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4Mzg3ZjAzNWIwOWQyYmMzOTNmN2Y2MGQ3NjIxZDMwMGNj
OTc3ZDgwHhcNMjYwMTAxMDgxNzU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjZkMzlhZWU1MDk1MzJkYzQwNzc3ZDM5NWY0NjlkYmM2ZDE1NDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1K3Rznoxvugv0xH5goga8Au8fPwk
DGl0qaplRa1BhwupfqwaPS8FYrIzVhHl9tQxiEMgvvsnelLoP2yJBG8zF9sYd/OA
9S6+xaQDMs+no54o9tPotfhtrxA2JFRXj9W72NdTFZSluDTP1FqmH2Ctbg0U/4db
loBrWyRV4ag5iR9dTSt81wItHbd2Xsjik9Up6LlDro2tdAK8RH0YNMZU/3A1TM+m
tVDuJWqI1KMcCKctpsO37Gx8Zhw0BKcBDNdiQrNQM0WughUzEshoztJ4ABEyocvJ
ZMBSM5pVJWCLu0t3rs/RJc5PD4NBEiGFlbT3cp8LcKM9aBlKMZ3h7dnr4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHZtOa7lCVMtxAd305X0advG0VR7MB8GA1UdIwQY
MBaAFMg4fwNbCdK8OT9/YNdiHTAMyXfYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveURoX0Exc0owcnc1UDM5ZzEySWRNQXpKZDlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9mYjA5MGQtNjg1ZS00MTEwLWIxNzEt
YzFjM2M4NDg5MTJiLzEvZG0wNXJ1VUpVeTNFQjNmVGxmUnAyOGJSVkhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9mYjA5MGQtNjg1ZS00MTEwLWIxNzEtYzFjM2M4NDg5MTJi
LzEveURoX0Exc0owcnc1UDM5ZzEySWRNQXpKZDlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSnIMA0G
CSqGSIb3DQEBCwUAA4IBAQCS8uoogs2ieGeQQj9ztqTey7PBUKUDwx+QrVGwFHg3
T3TEQ0rP96X8Tx9o7RcuiyVoGA1D3RQV/aeJozu5a+CfY3XWTSHqLqtNY14ILDLF
FnXp/NU4xcWafeG+tsnDni4W/aa0ZVyqAa3msIY9N2BKkL2Ds+qFjjj473PnpBBD
Ebcm5IZGGrQHv8ZFL4T1vT2wRkZoDO1cDflBENsFrXA7HRgFds8rKIxB2CpvN2Qo
PBonbQXLs2/kfzl36xme1S500mysBPetlTXDZgqqoTw4xpczJHrhKa1KgFSPk6tJ
FCXQuzVMRPBHvuR6WwTyu/vGHzAD1xssMIPDm+7e/WW8
-----END CERTIFICATE-----
Generated at Mon Mar 2 21:19:56 2026 by rpki-client