Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/p-SsSsnHBRcR2_y1OrczbR7FV28.roa
File: p-SsSsnHBRcR2_y1OrczbR7FV28.roa (raw, json)
Hash identifier: PFmWHqCvyfCZ6MkJpaa1r/azW6M5KYAv4mLpSrS6hAE=
Subject key identifier: A7:E4:AC:4A:C9:C7:05:17:11:DB:FC:B5:3A:B7:33:6D:1E:C5:57:6F
Certificate issuer: /CN=a87090c275c34c05c306f3b36063893a0d72782a
Certificate serial: 019CB41519A8053A3DA7D377B8C48630CF9B
Authority key identifier: A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/p-SsSsnHBRcR2_y1OrczbR7FV28.roa
Signing time: Tue 03 Mar 2026 14:23:27 +0000
ROA not before: Tue 03 Mar 2026 14:23:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 205983
IP address blocks: 193.34.233.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.mft
rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Mar 2026 20:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:b4:15:19:a8:05:3a:3d:a7:d3:77:b8:c4:86:30:cf:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a87090c275c34c05c306f3b36063893a0d72782a
Validity
Not Before: Mar 3 14:23:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a7e4ac4ac9c7051711dbfcb53ab7336d1ec5576f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:69:ba:c9:68:75:9f:4c:2a:ba:13:46:8f:fd:
d1:3a:0c:f8:9b:77:2b:2b:58:27:ed:39:7d:c6:8f:
f9:d9:46:84:4d:af:26:47:4b:f3:41:52:a1:3b:5d:
c5:ca:55:3e:e0:73:b8:9e:09:cd:e0:89:5c:ed:cc:
76:16:03:18:45:7a:67:d2:72:02:59:69:f9:b0:8a:
1f:ed:b9:8f:f3:eb:57:33:cd:bd:90:07:d2:f4:b4:
99:bd:ca:b3:26:98:88:5f:8c:25:8c:29:98:83:34:
25:2c:0a:9e:65:cd:3c:0b:3d:37:98:a0:7c:8e:dc:
26:be:8d:50:87:b2:41:ab:ce:b0:34:63:10:27:67:
3b:43:c6:59:6b:20:f1:04:fe:f6:c1:b0:bc:8f:e5:
e6:02:b9:2c:85:5b:69:98:42:70:d9:09:76:20:77:
2a:63:f4:81:6b:2a:1c:26:22:4e:98:68:64:40:ec:
6c:c7:02:9e:26:0d:1b:61:5f:7e:6e:93:c1:7c:61:
18:e0:57:85:80:12:66:53:5d:32:61:bc:a8:bd:45:
e4:2a:35:f8:8f:6d:62:36:9a:c2:13:fe:59:c6:80:
c4:40:a4:ea:2f:e2:8c:f8:30:31:86:a8:7b:80:b3:
91:6c:fa:67:73:ef:5f:09:4b:6c:6c:c4:74:e6:75:
92:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:E4:AC:4A:C9:C7:05:17:11:DB:FC:B5:3A:B7:33:6D:1E:C5:57:6F
X509v3 Authority Key Identifier:
keyid:A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/p-SsSsnHBRcR2_y1OrczbR7FV28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.34.233.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:f8:90:7e:48:57:93:16:7d:1e:a9:9f:0c:eb:5e:b6:9f:be:
3b:a7:54:a5:c0:e9:c6:b7:6a:ad:2a:39:a6:dd:1b:24:ad:85:
85:a3:38:0a:f6:12:99:ed:f6:fe:29:35:5a:67:bf:1b:26:1f:
cb:a7:51:cc:21:5a:d8:84:fa:d3:ed:7a:05:97:dc:62:5e:46:
ab:a7:79:ca:05:6d:96:70:e6:d6:79:f3:8b:dc:23:57:1b:5f:
9d:69:3e:9e:3f:c8:d1:9f:5c:03:06:ef:6f:bd:17:7c:94:c6:
c0:3b:3d:3d:5c:95:59:a5:03:bb:77:43:a3:c1:fb:bb:a6:29:
50:2d:b7:a7:17:bf:86:b7:f8:6b:85:84:9e:d8:02:4a:f4:6c:
e8:0d:b6:6b:2b:81:4b:ff:38:7f:71:1b:98:19:8b:37:ff:8a:
42:54:c0:fc:5c:cf:9f:84:34:74:bc:d5:67:fb:c7:24:ce:ac:
c9:0b:1e:d8:51:f0:f8:fd:81:1c:ee:c4:cc:6f:03:51:5b:00:
42:c4:82:98:76:89:57:5a:66:1f:db:26:d6:48:87:2e:83:c3:
aa:93:6b:8a:07:14:3a:9a:58:e1:66:6c:67:fa:92:1c:fe:36:
9a:8a:ed:46:79:68:ad:1c:5a:4f:25:b8:94:55:98:ed:f2:e2:
64:ee:e3:cc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZy0FRmoBTo9p9N3uMSGMM+bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NzA5MGMyNzVjMzRjMDVjMzA2ZjNiMzYwNjM4OTNhMGQ3
Mjc4MmEwHhcNMjYwMzAzMTQyMzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2U0YWM0YWM5YzcwNTE3MTFkYmZjYjUzYWI3MzM2ZDFlYzU1NzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA02m6yWh1n0wquhNGj/3ROgz4m3cr
K1gn7Tl9xo/52UaETa8mR0vzQVKhO13FylU+4HO4ngnN4Ilc7cx2FgMYRXpn0nIC
WWn5sIof7bmP8+tXM829kAfS9LSZvcqzJpiIX4wljCmYgzQlLAqeZc08Cz03mKB8
jtwmvo1Qh7JBq86wNGMQJ2c7Q8ZZayDxBP72wbC8j+XmArkshVtpmEJw2Ql2IHcq
Y/SBayocJiJOmGhkQOxsxwKeJg0bYV9+bpPBfGEY4FeFgBJmU10yYbyovUXkKjX4
j21iNprCE/5ZxoDEQKTqL+KM+DAxhqh7gLORbPpnc+9fCUtsbMR05nWSXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKfkrErJxwUXEdv8tTq3M20exVdvMB8GA1UdIwQY
MBaAFKhwkMJ1w0wFwwbzs2BjiToNcngqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEt
YjU3YTM2ZjJhZmNkLzEvcC1Tc1NzbkhCUmNSMl95MU9yY3piUjdGVjI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEtYjU3YTM2ZjJhZmNk
LzEvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSLpMA0G
CSqGSIb3DQEBCwUAA4IBAQAK+JB+SFeTFn0eqZ8M6162n747p1SlwOnGt2qtKjmm
3RskrYWFozgK9hKZ7fb+KTVaZ78bJh/Lp1HMIVrYhPrT7XoFl9xiXkarp3nKBW2W
cObWefOL3CNXG1+daT6eP8jRn1wDBu9vvRd8lMbAOz09XJVZpQO7d0Ojwfu7pilQ
LbenF7+Gt/hrhYSe2AJK9GzoDbZrK4FL/zh/cRuYGYs3/4pCVMD8XM+fhDR0vNVn
+8ckzqzJCx7YUfD4/YEc7sTMbwNRWwBCxIKYdolXWmYf2ybWSIcug8Oqk2uKBxQ6
mljhZmxn+pIc/jaaiu1GeWitHFpPJbiUVZjt8uJk7uPM
-----END CERTIFICATE-----
Generated at Fri Mar 6 06:32:40 2026 by rpki-client