Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/18c8d5-089a-470e-906d-dc4e7988a28a/1/kpqcS9iGD3Rpk_iaEfzT0Q1dgkM.roa
File: kpqcS9iGD3Rpk_iaEfzT0Q1dgkM.roa (raw, json)
Hash identifier: tIu+noXL+FL6T6WamJRVDXq32TLBt1UuchPxTpkYd9s=
Subject key identifier: 92:9A:9C:4B:D8:86:0F:74:69:93:F8:9A:11:FC:D3:D1:0D:5D:82:43
Certificate issuer: /CN=b41bb1cdd5b86be77806889d2e1b202acc27b225
Certificate serial: 019E2644B12A8AA5351C841A2D06934F9D14
Authority key identifier: B4:1B:B1:CD:D5:B8:6B:E7:78:06:88:9D:2E:1B:20:2A:CC:27:B2:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tBuxzdW4a-d4BoidLhsgKswnsiU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/18c8d5-089a-470e-906d-dc4e7988a28a/1/kpqcS9iGD3Rpk_iaEfzT0Q1dgkM.roa
Signing time: Thu 14 May 2026 11:34:56 +0000
ROA not before: Thu 14 May 2026 11:34:56 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 51200
IP address blocks: 193.135.13.0/24 maxlen: 24
193.176.156.0/24 maxlen: 24
193.242.105.0/24 maxlen: 24
195.18.26.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/18c8d5-089a-470e-906d-dc4e7988a28a/1/tBuxzdW4a-d4BoidLhsgKswnsiU.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/18c8d5-089a-470e-906d-dc4e7988a28a/1/tBuxzdW4a-d4BoidLhsgKswnsiU.mft
rsync://rpki.ripe.net/repository/DEFAULT/tBuxzdW4a-d4BoidLhsgKswnsiU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Jun 2026 07:00:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:26:44:b1:2a:8a:a5:35:1c:84:1a:2d:06:93:4f:9d:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b41bb1cdd5b86be77806889d2e1b202acc27b225
Validity
Not Before: May 14 11:34:56 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=929a9c4bd8860f746993f89a11fcd3d10d5d8243
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:06:10:46:6b:7d:d9:c8:6c:95:d4:08:9e:84:
b5:06:f9:f9:35:e6:76:b9:e3:9e:8e:fc:a8:54:0e:
bc:31:c6:28:71:e5:d3:af:34:6a:48:33:1f:3f:99:
46:9a:9d:58:b5:f3:69:09:6f:57:2c:7d:f6:5b:04:
41:9c:95:90:7c:3f:60:ae:cc:7b:65:0b:d2:77:a2:
72:4d:11:51:fe:a2:55:48:b1:be:e6:b7:dc:f7:b0:
b4:69:b6:4e:6d:c7:94:1b:0a:5a:86:6b:50:72:32:
91:f4:45:8e:59:4a:73:20:b9:20:5d:14:d1:f6:c9:
13:19:3d:9c:c2:5a:52:59:64:3f:4f:48:4d:2e:6a:
2f:58:3d:fb:eb:14:61:d1:39:34:81:fc:17:82:c8:
2b:bb:09:52:07:d3:5e:75:af:75:2a:b9:89:dd:a6:
02:db:c8:eb:af:f4:c5:e0:54:b2:6f:4a:a8:36:12:
77:8f:72:4c:5b:35:f8:da:e1:82:01:ac:20:38:6d:
f2:fa:f9:05:f8:14:47:c8:fb:a7:69:e9:54:83:20:
d9:84:b8:8f:6c:c4:01:2b:e6:3c:21:87:3d:f4:98:
bb:34:06:4a:40:15:8e:6a:2f:51:b1:73:0c:28:59:
0d:32:33:8a:eb:81:43:da:67:06:84:60:a3:ab:20:
28:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:9A:9C:4B:D8:86:0F:74:69:93:F8:9A:11:FC:D3:D1:0D:5D:82:43
X509v3 Authority Key Identifier:
keyid:B4:1B:B1:CD:D5:B8:6B:E7:78:06:88:9D:2E:1B:20:2A:CC:27:B2:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tBuxzdW4a-d4BoidLhsgKswnsiU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/18c8d5-089a-470e-906d-dc4e7988a28a/1/kpqcS9iGD3Rpk_iaEfzT0Q1dgkM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/18c8d5-089a-470e-906d-dc4e7988a28a/1/tBuxzdW4a-d4BoidLhsgKswnsiU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.135.13.0/24
193.176.156.0/24
193.242.105.0/24
195.18.26.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:75:2f:0d:9b:e8:5f:20:a0:d0:36:e1:a3:c7:82:d1:1e:b6:
31:cc:1e:f3:eb:b7:45:e9:9f:24:fa:2a:9e:74:5a:25:9b:9f:
f1:d4:7a:ef:49:06:c1:66:52:94:80:e9:0d:8a:4b:c5:48:a2:
50:03:df:53:d9:7c:3a:60:45:b2:da:7c:88:2f:20:8d:f8:2f:
cc:5c:72:b8:36:91:4b:bb:b9:45:4e:fa:a2:5a:df:da:cd:4c:
f1:ee:aa:ce:c3:b1:10:90:07:58:5c:6d:2a:56:99:35:92:08:
41:44:35:83:3e:0a:97:ba:c0:7d:b1:54:02:87:e8:5b:a3:54:
1b:a7:f4:43:f4:9b:de:da:0c:f5:00:21:d0:e7:06:d3:7b:47:
85:29:e1:5c:86:88:f4:69:a9:1b:7a:33:66:a2:23:f1:ae:34:
48:ae:1a:15:dc:29:f0:21:23:e3:02:50:c4:04:a6:b2:f6:34:
07:e1:0f:f2:cc:c1:6d:fb:c7:55:66:ea:79:cc:af:51:74:af:
5e:2f:f9:a7:d9:8e:31:86:e5:62:45:af:96:38:59:5d:41:41:
eb:e0:98:66:b2:16:d5:26:0d:92:c6:1e:4e:1e:b1:c3:ec:b6:
ea:64:45:5f:b3:71:9b:b2:6a:38:fc:be:31:87:3a:69:7f:16:
70:ff:4f:ec
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ4mRLEqiqU1HIQaLQaTT50UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MWJiMWNkZDViODZiZTc3ODA2ODg5ZDJlMWIyMDJhY2My
N2IyMjUwHhcNMjYwNTE0MTEzNDU2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjlhOWM0YmQ4ODYwZjc0Njk5M2Y4OWExMWZjZDNkMTBkNWQ4MjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjgYQRmt92chsldQInoS1Bvn5NeZ2
ueOejvyoVA68McYoceXTrzRqSDMfP5lGmp1YtfNpCW9XLH32WwRBnJWQfD9grsx7
ZQvSd6JyTRFR/qJVSLG+5rfc97C0abZObceUGwpahmtQcjKR9EWOWUpzILkgXRTR
9skTGT2cwlpSWWQ/T0hNLmovWD376xRh0Tk0gfwXgsgruwlSB9Neda91KrmJ3aYC
28jrr/TF4FSyb0qoNhJ3j3JMWzX42uGCAawgOG3y+vkF+BRHyPunaelUgyDZhLiP
bMQBK+Y8IYc99Ji7NAZKQBWOai9RsXMMKFkNMjOK64FD2mcGhGCjqyAoIQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJKanEvYhg90aZP4mhH809ENXYJDMB8GA1UdIwQY
MBaAFLQbsc3VuGvneAaInS4bICrMJ7IlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEJ1eHpkVzRhLWQ0Qm9pZExoc2dLc3duc2lVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8xOGM4ZDUtMDg5YS00NzBlLTkwNmQt
ZGM0ZTc5ODhhMjhhLzEva3BxY1M5aUdEM1Jwa19pYUVmelQwUTFkZ2tNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8xOGM4ZDUtMDg5YS00NzBlLTkwNmQtZGM0ZTc5ODhhMjhh
LzEvdEJ1eHpkVzRhLWQ0Qm9pZExoc2dLc3duc2lVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwYcNAwQA
wbCcAwQAwfJpAwQAwxIaMA0GCSqGSIb3DQEBCwUAA4IBAQCedS8Nm+hfIKDQNuGj
x4LRHrYxzB7z67dF6Z8k+iqedFolm5/x1HrvSQbBZlKUgOkNikvFSKJQA99T2Xw6
YEWy2nyILyCN+C/MXHK4NpFLu7lFTvqiWt/azUzx7qrOw7EQkAdYXG0qVpk1kghB
RDWDPgqXusB9sVQCh+hbo1Qbp/RD9Jve2gz1ACHQ5wbTe0eFKeFchoj0aakbejNm
oiPxrjRIrhoV3CnwISPjAlDEBKay9jQH4Q/yzMFt+8dVZup5zK9RdK9eL/mn2Y4x
huViRa+WOFldQUHr4JhmshbVJg2Sxh5OHrHD7LbqZEVfs3Gbsmo4/L4xhzppfxZw
/0/s
-----END CERTIFICATE-----
Generated at Thu Jun 4 15:19:11 2026 by rpki-client