Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/1a849e-861c-4c4d-bcf4-5695d89d7b36/1/xJ55egTi-SOwIls63DtlY0C_yhc.roa
File: xJ55egTi-SOwIls63DtlY0C_yhc.roa (raw, json)
Hash identifier: kC3zkfZ5rMjuoKk4EnSBPzpT5cCfNNDGdDzD8ejaa+g=
Subject key identifier: C4:9E:79:7A:04:E2:F9:23:B0:22:5B:3A:DC:3B:65:63:40:BF:CA:17
Certificate issuer: /CN=ae261a8df53292c730e2ae1dfcfc4fe3ff76b1d0
Certificate serial: 019D523433D2ACBBBD0DA0249845F32500DE
Authority key identifier: AE:26:1A:8D:F5:32:92:C7:30:E2:AE:1D:FC:FC:4F:E3:FF:76:B1:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/riYajfUykscw4q4d_PxP4_92sdA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/1a849e-861c-4c4d-bcf4-5695d89d7b36/1/xJ55egTi-SOwIls63DtlY0C_yhc.roa
Signing time: Fri 03 Apr 2026 07:17:26 +0000
ROA not before: Fri 03 Apr 2026 07:17:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 214632
IP address blocks: 195.26.146.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/1a849e-861c-4c4d-bcf4-5695d89d7b36/1/riYajfUykscw4q4d_PxP4_92sdA.crl
rsync://rpki.ripe.net/repository/DEFAULT/fc/1a849e-861c-4c4d-bcf4-5695d89d7b36/1/riYajfUykscw4q4d_PxP4_92sdA.mft
rsync://rpki.ripe.net/repository/DEFAULT/riYajfUykscw4q4d_PxP4_92sdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:52:34:33:d2:ac:bb:bd:0d:a0:24:98:45:f3:25:00:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae261a8df53292c730e2ae1dfcfc4fe3ff76b1d0
Validity
Not Before: Apr 3 07:17:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c49e797a04e2f923b0225b3adc3b656340bfca17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:31:30:8e:04:c8:bc:42:80:b0:6f:22:59:35:
ef:cf:2f:0a:55:d8:1d:28:25:4a:8a:9f:c0:49:33:
07:04:59:70:ca:7c:a7:46:f6:80:e7:bf:e6:eb:b9:
e3:82:1c:50:bf:25:11:f5:39:44:ba:b2:36:53:cf:
fa:cd:a2:11:9b:82:7e:cc:e9:94:fb:4a:18:79:87:
f0:a1:bf:a8:39:e7:a1:93:8d:ce:ea:90:41:e0:61:
b6:3f:be:51:25:5d:7b:b6:f4:3d:37:eb:f6:8c:9c:
b3:4e:14:0d:1a:0a:c3:48:97:af:be:1e:1d:38:0f:
93:a2:14:e0:9e:42:cd:25:93:b6:fc:ef:d0:ca:39:
f4:42:81:0e:3f:3b:21:e9:ac:63:56:a9:b5:dd:03:
18:87:4a:bd:06:cc:20:39:e6:d9:c4:6c:1f:b0:9c:
38:ff:ab:ad:35:d3:1c:59:d6:ed:4c:49:7a:dc:f0:
51:be:20:41:1d:b0:e8:9f:9d:b4:f0:06:6d:c0:3b:
bf:50:5a:8f:77:20:28:91:ac:ac:5c:92:a9:8e:fe:
32:e3:63:02:c7:ff:0b:62:1e:07:95:e8:e1:cd:9f:
18:9a:a7:b8:1b:c7:77:f4:c4:9a:b4:90:2f:88:04:
eb:00:94:3f:3e:c1:46:54:87:09:de:23:ee:f8:0d:
a2:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:9E:79:7A:04:E2:F9:23:B0:22:5B:3A:DC:3B:65:63:40:BF:CA:17
X509v3 Authority Key Identifier:
keyid:AE:26:1A:8D:F5:32:92:C7:30:E2:AE:1D:FC:FC:4F:E3:FF:76:B1:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/riYajfUykscw4q4d_PxP4_92sdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/1a849e-861c-4c4d-bcf4-5695d89d7b36/1/xJ55egTi-SOwIls63DtlY0C_yhc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/1a849e-861c-4c4d-bcf4-5695d89d7b36/1/riYajfUykscw4q4d_PxP4_92sdA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.26.146.0/24
Signature Algorithm: sha256WithRSAEncryption
56:4c:18:ce:10:44:17:8e:ac:27:9e:7c:3c:1f:16:94:18:be:
95:c3:0a:b8:49:76:94:10:90:19:31:3d:a8:5d:a8:08:8b:d5:
1a:de:f7:1e:a5:a2:72:6a:d5:30:83:8f:79:da:5b:31:bd:e6:
30:07:27:58:14:13:f6:09:bb:b0:7f:64:7f:f6:2a:3f:bb:1e:
b3:e2:f4:dd:f1:ee:ea:36:9a:b7:b0:8f:0f:d6:78:ff:c4:2c:
ce:bc:35:b1:b2:92:5b:e6:06:e9:ed:8a:5c:7c:73:79:7e:65:
98:90:98:30:ad:2d:85:4d:5e:7d:c5:de:d5:e0:1c:fb:f0:2b:
82:85:17:ee:f1:13:94:db:e5:7c:0e:b8:b8:f1:5d:47:d7:20:
21:dd:ab:be:0a:2c:26:60:cc:35:d3:3f:3d:62:06:72:93:48:
af:61:c7:d3:43:13:14:fd:33:c1:e2:9f:d9:15:47:04:8c:9a:
02:10:1a:c4:11:0c:ba:87:ce:f3:d2:62:26:60:07:0a:4d:a8:
c6:52:92:40:88:11:9c:e6:30:89:ce:37:7e:a4:85:12:90:35:
37:f8:2f:06:71:35:b4:87:2a:0d:ba:ce:c3:b3:94:dc:59:0c:
f2:a2:75:6e:bc:a7:5a:4b:ba:37:69:d8:7f:19:21:8a:1c:a9:
81:68:0c:3e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ1SNDPSrLu9DaAkmEXzJQDeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlMjYxYThkZjUzMjkyYzczMGUyYWUxZGZjZmM0ZmUzZmY3
NmIxZDAwHhcNMjYwNDAzMDcxNzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDllNzk3YTA0ZTJmOTIzYjAyMjViM2FkYzNiNjU2MzQwYmZjYTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwTEwjgTIvEKAsG8iWTXvzy8KVdgd
KCVKip/ASTMHBFlwynynRvaA57/m67njghxQvyUR9TlEurI2U8/6zaIRm4J+zOmU
+0oYeYfwob+oOeehk43O6pBB4GG2P75RJV17tvQ9N+v2jJyzThQNGgrDSJevvh4d
OA+TohTgnkLNJZO2/O/Qyjn0QoEOPzsh6axjVqm13QMYh0q9BswgOebZxGwfsJw4
/6utNdMcWdbtTEl63PBRviBBHbDon5208AZtwDu/UFqPdyAokaysXJKpjv4y42MC
x/8LYh4HlejhzZ8Ymqe4G8d39MSatJAviATrAJQ/PsFGVIcJ3iPu+A2ipwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMSeeXoE4vkjsCJbOtw7ZWNAv8oXMB8GA1UdIwQY
MBaAFK4mGo31MpLHMOKuHfz8T+P/drHQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmlZYWpmVXlrc2N3NHE0ZF9QeFA0Xzkyc2RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy8xYTg0OWUtODYxYy00YzRkLWJjZjQt
NTY5NWQ4OWQ3YjM2LzEveEo1NWVnVGktU093SWxzNjNEdGxZMENfeWhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy8xYTg0OWUtODYxYy00YzRkLWJjZjQtNTY5NWQ4OWQ3YjM2
LzEvcmlZYWpmVXlrc2N3NHE0ZF9QeFA0Xzkyc2RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwxqSMA0G
CSqGSIb3DQEBCwUAA4IBAQBWTBjOEEQXjqwnnnw8HxaUGL6Vwwq4SXaUEJAZMT2o
XagIi9Ua3vcepaJyatUwg4952lsxveYwBydYFBP2Cbuwf2R/9io/ux6z4vTd8e7q
Npq3sI8P1nj/xCzOvDWxspJb5gbp7YpcfHN5fmWYkJgwrS2FTV59xd7V4Bz78CuC
hRfu8ROU2+V8Dri48V1H1yAh3au+CiwmYMw10z89YgZyk0ivYcfTQxMU/TPB4p/Z
FUcEjJoCEBrEEQy6h87z0mImYAcKTajGUpJAiBGc5jCJzjd+pIUSkDU3+C8GcTW0
hyoNus7Ds5TcWQzyonVuvKdaS7o3adh/GSGKHKmBaAw+
-----END CERTIFICATE-----
Generated at Fri Apr 17 06:51:07 2026 by rpki-client