Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/5aa4dc-d184-4db4-9e10-49f981ee5981/1/1piXn-UVcVQSUGyNJ_Ny386p_3Q.roa
File: 1piXn-UVcVQSUGyNJ_Ny386p_3Q.roa (raw, json)
Hash identifier: zd/DqCJj3Pngd6eQD4uOV4zyA00rPe7DaGEvC4Rddbw=
Subject key identifier: D6:98:97:9F:E5:15:71:54:12:50:6C:8D:27:F3:72:DF:CE:A9:FF:74
Certificate issuer: /CN=55baf26967510b3c52e46d1dc593967cdf29f9c9
Certificate serial: 019D2C031484648F3A9830D6DD7E84FF65AD
Authority key identifier: 55:BA:F2:69:67:51:0B:3C:52:E4:6D:1D:C5:93:96:7C:DF:29:F9:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VbryaWdRCzxS5G0dxZOWfN8p-ck.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/5aa4dc-d184-4db4-9e10-49f981ee5981/1/1piXn-UVcVQSUGyNJ_Ny386p_3Q.roa
Signing time: Thu 26 Mar 2026 21:18:12 +0000
ROA not before: Thu 26 Mar 2026 21:18:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 83.147.194.0/24 maxlen: 24
83.147.222.0/24 maxlen: 24
83.147.240.0/23 maxlen: 24
83.147.242.0/23 maxlen: 24
91.186.210.0/23 maxlen: 24
178.253.16.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/5aa4dc-d184-4db4-9e10-49f981ee5981/1/VbryaWdRCzxS5G0dxZOWfN8p-ck.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/5aa4dc-d184-4db4-9e10-49f981ee5981/1/VbryaWdRCzxS5G0dxZOWfN8p-ck.mft
rsync://rpki.ripe.net/repository/DEFAULT/VbryaWdRCzxS5G0dxZOWfN8p-ck.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 31 Mar 2026 12:43:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2c:03:14:84:64:8f:3a:98:30:d6:dd:7e:84:ff:65:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=55baf26967510b3c52e46d1dc593967cdf29f9c9
Validity
Not Before: Mar 26 21:18:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d698979fe515715412506c8d27f372dfcea9ff74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:bb:73:28:23:09:11:9f:65:1e:3c:f7:6b:7a:
83:cc:49:6d:c1:7c:87:d1:45:25:c4:4c:1f:7e:85:
17:bc:24:d5:36:2e:52:d0:e0:ab:a6:df:83:bd:e4:
ff:ca:3a:70:62:21:5e:8c:78:13:e4:ba:18:76:04:
7b:d3:64:4d:26:35:fe:ad:7b:6f:94:a7:a2:d1:7a:
44:f3:f7:2d:5f:11:08:be:4b:c9:fb:23:5e:ee:01:
84:23:fc:6b:5d:2d:34:d6:74:23:f8:8d:c4:d4:4e:
95:9d:9c:6f:13:b2:0c:50:fb:bc:a3:c9:f5:0f:eb:
b5:f0:34:68:23:cb:3b:99:02:30:e4:ee:4b:8b:35:
25:a0:99:4e:58:c5:c2:53:80:b5:38:7b:47:dd:00:
42:56:08:10:54:e3:b3:40:c2:eb:8a:73:8e:ef:5d:
9c:62:71:98:0d:6c:33:3d:31:a0:eb:75:f2:a1:f4:
10:6f:c2:91:6f:e3:75:65:00:77:4c:14:05:be:09:
02:28:7a:6b:2a:2e:6b:ed:db:41:23:8b:1c:75:17:
33:b0:ff:8e:39:82:af:20:4a:39:a1:ee:3f:27:f8:
8c:c6:7b:49:f2:80:83:71:43:fa:92:f2:43:24:01:
01:d3:ad:5f:24:cc:35:9b:08:77:76:c5:33:74:0d:
42:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:98:97:9F:E5:15:71:54:12:50:6C:8D:27:F3:72:DF:CE:A9:FF:74
X509v3 Authority Key Identifier:
keyid:55:BA:F2:69:67:51:0B:3C:52:E4:6D:1D:C5:93:96:7C:DF:29:F9:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VbryaWdRCzxS5G0dxZOWfN8p-ck.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/5aa4dc-d184-4db4-9e10-49f981ee5981/1/1piXn-UVcVQSUGyNJ_Ny386p_3Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/5aa4dc-d184-4db4-9e10-49f981ee5981/1/VbryaWdRCzxS5G0dxZOWfN8p-ck.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.194.0/24
83.147.222.0/24
83.147.240.0/22
91.186.210.0/23
178.253.16.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:e6:76:96:b2:89:0c:ce:d0:27:44:dc:38:ba:2f:e5:93:24:
f4:00:63:f5:36:d8:3c:1e:76:19:43:77:bd:e8:1b:1b:ed:a6:
8f:ce:96:bd:dd:b7:5b:58:c6:08:00:a9:03:b8:c2:7c:7b:77:
c7:d2:9f:6f:5e:6f:50:d5:06:07:79:c6:fd:74:84:89:e7:a2:
79:f4:f7:44:7b:46:b1:ee:0b:94:d7:0a:2b:0d:63:96:15:5c:
c9:b7:6b:28:10:af:58:a0:85:a1:da:fc:37:33:b5:a1:c7:4e:
24:43:54:80:a4:75:70:64:f6:23:29:3b:ff:7c:9c:27:83:76:
8f:8b:f7:30:de:f5:34:9a:9d:6c:ff:28:0f:d6:8c:22:d1:63:
85:fc:2e:6d:eb:d8:33:bc:a3:a8:eb:9c:91:76:9b:02:2c:e6:
a0:d9:a4:15:8e:f3:e7:f5:60:07:c1:61:e6:e3:b5:f7:07:25:
87:88:f6:84:cc:13:25:60:95:cd:7f:60:9a:7c:b9:50:9c:a9:
36:50:dd:5d:e7:4c:cc:a2:01:10:f2:67:93:3a:a4:6c:34:71:
f4:bf:7b:fd:fb:35:f7:2e:6d:6b:ea:5e:27:92:f0:9a:f3:80:
7e:8c:fa:5b:c2:35:79:6a:b4:ce:d0:68:59:e7:bf:3c:90:bd:
2e:ea:54:99
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ0sAxSEZI86mDDW3X6E/2WtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1YmFmMjY5Njc1MTBiM2M1MmU0NmQxZGM1OTM5NjdjZGYy
OWY5YzkwHhcNMjYwMzI2MjExODEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjk4OTc5ZmU1MTU3MTU0MTI1MDZjOGQyN2YzNzJkZmNlYTlmZjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwrtzKCMJEZ9lHjz3a3qDzEltwXyH
0UUlxEwffoUXvCTVNi5S0OCrpt+DveT/yjpwYiFejHgT5LoYdgR702RNJjX+rXtv
lKei0XpE8/ctXxEIvkvJ+yNe7gGEI/xrXS001nQj+I3E1E6VnZxvE7IMUPu8o8n1
D+u18DRoI8s7mQIw5O5LizUloJlOWMXCU4C1OHtH3QBCVggQVOOzQMLrinOO712c
YnGYDWwzPTGg63XyofQQb8KRb+N1ZQB3TBQFvgkCKHprKi5r7dtBI4scdRczsP+O
OYKvIEo5oe4/J/iMxntJ8oCDcUP6kvJDJAEB061fJMw1mwh3dsUzdA1CQwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNaYl5/lFXFUElBsjSfzct/Oqf90MB8GA1UdIwQY
MBaAFFW68mlnUQs8UuRtHcWTlnzfKfnJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVmJyeWFXZFJDenhTNUcwZHhaT1dmTjhwLWNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS81YWE0ZGMtZDE4NC00ZGI0LTllMTAt
NDlmOTgxZWU1OTgxLzEvMXBpWG4tVVZjVlFTVUd5TkpfTnkzODZwXzNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS81YWE0ZGMtZDE4NC00ZGI0LTllMTAtNDlmOTgxZWU1OTgx
LzEvVmJyeWFXZFJDenhTNUcwZHhaT1dmTjhwLWNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAU5PCAwQA
U5PeAwQCU5PwAwQBW7rSAwQAsv0QMA0GCSqGSIb3DQEBCwUAA4IBAQCb5naWsokM
ztAnRNw4ui/lkyT0AGP1Ntg8HnYZQ3e96Bsb7aaPzpa93bdbWMYIAKkDuMJ8e3fH
0p9vXm9Q1QYHecb9dISJ56J59PdEe0ax7guU1worDWOWFVzJt2soEK9YoIWh2vw3
M7Whx04kQ1SApHVwZPYjKTv/fJwng3aPi/cw3vU0mp1s/ygP1owi0WOF/C5t69gz
vKOo65yRdpsCLOag2aQVjvPn9WAHwWHm47X3ByWHiPaEzBMlYJXNf2CafLlQnKk2
UN1d50zMogEQ8meTOqRsNHH0v3v9+zX3Lm1r6l4nkvCa84B+jPpbwjV5arTO0GhZ
5788kL0u6lSZ
-----END CERTIFICATE-----
Generated at Mon Mar 30 23:19:04 2026 by rpki-client