Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/fed92a-2120-4326-a0c9-7168ae0b8278/1/nOreBNvB9sHvjaOwA-7mkOrWqLI.roa
File: nOreBNvB9sHvjaOwA-7mkOrWqLI.roa (raw, json)
Hash identifier: PolGTwJfcBCQ5ul8B/u+HLxsm0nGBzqvFUKDQhFP6Lk=
Subject key identifier: 9C:EA:DE:04:DB:C1:F6:C1:EF:8D:A3:B0:03:EE:E6:90:EA:D6:A8:B2
Certificate issuer: /CN=42f1a24c80fdca329644573ae6d61c9f2e374ed8
Certificate serial: 019D67484DB7D54415DACA6745D9F90A7BCA
Authority key identifier: 42:F1:A2:4C:80:FD:CA:32:96:44:57:3A:E6:D6:1C:9F:2E:37:4E:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QvGiTID9yjKWRFc65tYcny43Ttg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/fed92a-2120-4326-a0c9-7168ae0b8278/1/nOreBNvB9sHvjaOwA-7mkOrWqLI.roa
Signing time: Tue 07 Apr 2026 09:31:24 +0000
ROA not before: Tue 07 Apr 2026 09:31:24 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 6871
IP address blocks: 147.147.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/fed92a-2120-4326-a0c9-7168ae0b8278/1/QvGiTID9yjKWRFc65tYcny43Ttg.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/fed92a-2120-4326-a0c9-7168ae0b8278/1/QvGiTID9yjKWRFc65tYcny43Ttg.mft
rsync://rpki.ripe.net/repository/DEFAULT/QvGiTID9yjKWRFc65tYcny43Ttg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:67:48:4d:b7:d5:44:15:da:ca:67:45:d9:f9:0a:7b:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42f1a24c80fdca329644573ae6d61c9f2e374ed8
Validity
Not Before: Apr 7 09:31:24 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9ceade04dbc1f6c1ef8da3b003eee690ead6a8b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:89:21:af:fc:61:37:e2:f0:24:7d:fc:4c:bf:
85:d2:c6:ad:4b:af:9e:b4:45:ae:db:b3:42:f9:af:
69:e2:60:6b:2e:d1:75:e9:1b:69:1f:bd:38:90:c9:
49:0a:fc:7b:98:75:30:33:28:88:b7:c6:ac:cc:45:
6e:37:65:7d:d4:f3:82:87:4b:35:30:af:59:ba:a8:
53:06:28:26:1f:07:dc:03:77:c3:d2:02:b2:ff:18:
f8:65:80:47:28:34:47:eb:7e:89:82:2d:91:ea:47:
f4:4a:24:84:eb:35:93:00:f4:4a:68:e5:36:b2:d7:
97:8a:24:29:65:af:8f:43:e6:e2:8a:63:5d:2e:2c:
dd:1c:17:59:ae:0d:a8:a5:58:67:2e:16:f4:97:98:
00:93:20:ca:c5:30:35:fa:82:1d:90:54:f3:53:e5:
f5:82:66:fc:e5:b0:2c:36:9c:33:77:4f:77:af:cc:
c5:93:15:44:1f:af:80:04:a8:92:aa:23:82:16:5d:
81:f4:66:52:7a:05:5c:eb:1c:33:e3:43:ee:56:2b:
95:79:bc:e8:f5:0a:2d:d8:e3:59:fd:51:57:6f:18:
cf:ef:4b:f0:6e:23:e4:7a:43:14:9c:fc:f8:4b:bc:
4f:1e:4a:ce:02:01:65:46:46:8e:f0:14:c7:da:c1:
02:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:EA:DE:04:DB:C1:F6:C1:EF:8D:A3:B0:03:EE:E6:90:EA:D6:A8:B2
X509v3 Authority Key Identifier:
keyid:42:F1:A2:4C:80:FD:CA:32:96:44:57:3A:E6:D6:1C:9F:2E:37:4E:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QvGiTID9yjKWRFc65tYcny43Ttg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/fed92a-2120-4326-a0c9-7168ae0b8278/1/nOreBNvB9sHvjaOwA-7mkOrWqLI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/fed92a-2120-4326-a0c9-7168ae0b8278/1/QvGiTID9yjKWRFc65tYcny43Ttg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.147.0.0/16
Signature Algorithm: sha256WithRSAEncryption
d9:24:da:8a:5f:eb:15:00:20:51:5e:a4:0c:4a:6a:24:7e:a6:
f4:b1:a0:9f:c1:81:a0:3a:87:bb:f1:0c:e8:0c:3b:0d:0d:2b:
b3:07:36:85:63:ba:da:05:77:59:6c:9c:64:70:90:6f:24:2d:
96:63:ed:ad:11:fa:58:1b:b0:3d:7d:f8:61:98:71:e1:99:78:
01:97:2b:f0:1a:da:60:55:f2:1b:85:34:92:39:94:e2:ab:c7:
1c:6a:31:25:b7:76:3a:09:f5:0a:8b:be:06:39:2a:0a:7e:a5:
e8:41:97:09:3a:7d:a2:66:f8:e3:00:91:e3:d0:80:2a:96:25:
7a:4a:18:d7:bf:96:a6:9c:e7:6d:6f:f0:ca:ee:d1:e4:f2:03:
5b:28:55:bd:f3:d4:4d:0f:07:9a:a0:48:ff:2b:b5:7b:48:ec:
20:c5:dc:e5:b5:17:d3:7b:37:2c:c6:9a:23:b5:18:9b:b2:d2:
75:68:54:2e:86:09:94:75:05:c6:33:73:e2:f9:5d:1d:10:86:
cf:e5:c0:37:c5:10:5d:f3:75:4a:2b:38:00:16:28:a9:1b:96:
b1:2a:49:22:f2:93:8c:a6:99:11:c8:b7:cb:b1:9d:ea:c2:0d:
8e:aa:ca:e0:d1:d6:10:59:c7:3d:2d:2a:6a:4e:e4:13:de:50:
46:34:3e:bd
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZ1nSE231UQV2spnRdn5CnvKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyZjFhMjRjODBmZGNhMzI5NjQ0NTczYWU2ZDYxYzlmMmUz
NzRlZDgwHhcNMjYwNDA3MDkzMTI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2VhZGUwNGRiYzFmNmMxZWY4ZGEzYjAwM2VlZTY5MGVhZDZhOGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Ikhr/xhN+LwJH38TL+F0satS6+e
tEWu27NC+a9p4mBrLtF16RtpH704kMlJCvx7mHUwMyiIt8aszEVuN2V91POCh0s1
MK9ZuqhTBigmHwfcA3fD0gKy/xj4ZYBHKDRH636Jgi2R6kf0SiSE6zWTAPRKaOU2
steXiiQpZa+PQ+biimNdLizdHBdZrg2opVhnLhb0l5gAkyDKxTA1+oIdkFTzU+X1
gmb85bAsNpwzd093r8zFkxVEH6+ABKiSqiOCFl2B9GZSegVc6xwz40PuViuVebzo
9Qot2ONZ/VFXbxjP70vwbiPkekMUnPz4S7xPHkrOAgFlRkaO8BTH2sECiQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFJzq3gTbwfbB742jsAPu5pDq1qiyMB8GA1UdIwQY
MBaAFELxokyA/coylkRXOubWHJ8uN07YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXZHaVRJRDl5aktXUkZjNjV0WWNueTQzVHRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9mZWQ5MmEtMjEyMC00MzI2LWEwYzkt
NzE2OGFlMGI4Mjc4LzEvbk9yZUJOdkI5c0h2amFPd0EtN21rT3JXcUxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9mZWQ5MmEtMjEyMC00MzI2LWEwYzktNzE2OGFlMGI4Mjc4
LzEvUXZHaVRJRDl5aktXUkZjNjV0WWNueTQzVHRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAk5MwDQYJ
KoZIhvcNAQELBQADggEBANkk2opf6xUAIFFepAxKaiR+pvSxoJ/BgaA6h7vxDOgM
Ow0NK7MHNoVjutoFd1lsnGRwkG8kLZZj7a0R+lgbsD19+GGYceGZeAGXK/Aa2mBV
8huFNJI5lOKrxxxqMSW3djoJ9QqLvgY5Kgp+pehBlwk6faJm+OMAkePQgCqWJXpK
GNe/lqac521v8Mru0eTyA1soVb3z1E0PB5qgSP8rtXtI7CDF3OW1F9N7NyzGmiO1
GJuy0nVoVC6GCZR1BcYzc+L5XR0Qhs/lwDfFEF3zdUorOAAWKKkblrEqSSLyk4ym
mRHIt8uxnerCDY6qyuDR1hBZxz0tKmpO5BPeUEY0Pr0=
-----END CERTIFICATE-----
Generated at Fri Apr 17 17:19:26 2026 by rpki-client