Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/48d720-2652-4bb5-a5ab-28728234da3e/1/T8XiJAvviA196VGyRQq4x2ksk2A.roa
File: T8XiJAvviA196VGyRQq4x2ksk2A.roa (raw, json)
Hash identifier: cxywV9iQNkupyZ0UXDOYrG/3xBHBuzv33z5PtKKNXNY=
Subject key identifier: 4F:C5:E2:24:0B:EF:88:0D:7D:E9:51:B2:45:0A:B8:C7:69:2C:93:60
Certificate issuer: /CN=7e9da3d88efc12b6d46be2addf26afa7c7b7ddf5
Certificate serial: 019E3ADE0AB02A1B880EC6A9A7927359018E
Authority key identifier: 7E:9D:A3:D8:8E:FC:12:B6:D4:6B:E2:AD:DF:26:AF:A7:C7:B7:DD:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fp2j2I78ErbUa-Kt3yavp8e33fU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/48d720-2652-4bb5-a5ab-28728234da3e/1/T8XiJAvviA196VGyRQq4x2ksk2A.roa
Signing time: Mon 18 May 2026 11:34:50 +0000
ROA not before: Mon 18 May 2026 11:34:50 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 210930
IP address blocks: 195.253.197.0/24 maxlen: 24
195.253.198.0/24 maxlen: 24
2a05:c80:1000::/48 maxlen: 48
2a05:c80:1001::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/48d720-2652-4bb5-a5ab-28728234da3e/1/fp2j2I78ErbUa-Kt3yavp8e33fU.crl
rsync://rpki.ripe.net/repository/DEFAULT/5e/48d720-2652-4bb5-a5ab-28728234da3e/1/fp2j2I78ErbUa-Kt3yavp8e33fU.mft
rsync://rpki.ripe.net/repository/DEFAULT/fp2j2I78ErbUa-Kt3yavp8e33fU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Jun 2026 07:00:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:3a:de:0a:b0:2a:1b:88:0e:c6:a9:a7:92:73:59:01:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e9da3d88efc12b6d46be2addf26afa7c7b7ddf5
Validity
Not Before: May 18 11:34:50 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4fc5e2240bef880d7de951b2450ab8c7692c9360
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:26:f7:8e:93:32:d4:5f:6b:62:b8:08:34:74:
77:ef:67:c7:f6:f6:79:3a:5a:6b:e4:e1:31:61:b8:
3a:64:d8:62:ca:24:07:3c:c4:2b:b4:20:2f:15:69:
e7:53:25:e5:04:21:22:d7:1e:a0:13:be:6e:40:22:
71:58:52:5e:b4:87:83:d3:05:60:d3:47:e2:45:f5:
cc:2d:da:dd:dd:ff:38:38:46:49:7a:17:33:c8:3c:
37:7a:55:3b:d9:fa:5b:54:61:15:78:cc:05:6d:f4:
98:cf:3b:6c:fa:35:52:7e:04:50:ff:46:cb:9c:42:
fa:9c:55:a0:ab:ba:71:01:c2:87:79:d4:06:02:e8:
dc:57:3e:5a:04:0c:fa:89:65:67:48:28:55:1a:9a:
fa:34:69:d4:fd:ab:b4:7b:53:20:8d:ab:bf:6c:71:
c4:e0:f8:bf:24:42:6d:dc:1f:4b:96:22:88:30:7b:
bd:c7:b0:fe:24:fb:8a:a3:67:7f:72:b4:ac:db:7f:
51:25:4b:ea:b8:d3:21:56:e5:db:28:2c:79:bc:4b:
bb:ba:10:2c:3e:2e:c1:59:6a:57:52:2c:00:b9:01:
34:b3:c4:b4:36:34:fe:bd:e9:08:bd:82:75:8a:43:
58:be:02:17:6e:80:c8:d2:eb:76:0e:37:16:79:fe:
8f:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:C5:E2:24:0B:EF:88:0D:7D:E9:51:B2:45:0A:B8:C7:69:2C:93:60
X509v3 Authority Key Identifier:
keyid:7E:9D:A3:D8:8E:FC:12:B6:D4:6B:E2:AD:DF:26:AF:A7:C7:B7:DD:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fp2j2I78ErbUa-Kt3yavp8e33fU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/48d720-2652-4bb5-a5ab-28728234da3e/1/T8XiJAvviA196VGyRQq4x2ksk2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/48d720-2652-4bb5-a5ab-28728234da3e/1/fp2j2I78ErbUa-Kt3yavp8e33fU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.253.197.0-195.253.198.255
IPv6:
2a05:c80:1000::/47
Signature Algorithm: sha256WithRSAEncryption
0a:20:cc:a8:22:54:f6:59:35:84:94:44:1c:2d:e4:18:45:d3:
c6:2d:5f:6f:b3:e0:46:b4:e0:9b:46:92:61:e5:5f:92:b0:34:
f2:8e:86:80:40:83:6b:91:fd:54:a4:45:3f:df:9b:c0:da:cc:
2b:2b:9f:5e:55:1e:09:1c:ae:a9:10:f5:c9:8a:19:66:19:5e:
c6:f7:de:bf:13:26:92:ff:53:88:d4:49:81:48:37:12:4a:2d:
16:50:af:e9:73:b3:7a:e0:42:ea:67:55:28:b5:3e:8d:d7:37:
16:b0:c6:5e:db:be:80:1d:77:95:d1:e5:df:71:2c:23:84:7f:
28:54:68:e4:c1:ef:a1:03:ac:06:76:61:3d:8f:e4:9e:98:06:
fe:73:37:d7:33:96:25:58:5d:02:06:17:47:ad:b4:9f:64:45:
7a:b9:4e:80:93:b7:33:6e:ba:2f:40:07:d5:23:68:08:28:19:
f2:23:c9:cf:c3:ac:0f:ba:98:98:d8:82:c2:79:f3:9e:9a:d3:
44:ba:79:bc:ed:97:12:1a:33:7a:5c:f8:f9:dc:54:4d:3e:13:
86:7a:7d:21:08:24:8c:25:12:2f:e6:63:a3:1c:88:43:bb:64:
16:05:fd:10:e1:bb:3d:91:fc:ed:cd:f5:eb:6a:c7:9a:64:be:
af:59:06:ba
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ463gqwKhuIDsapp5JzWQGOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlOWRhM2Q4OGVmYzEyYjZkNDZiZTJhZGRmMjZhZmE3Yzdi
N2RkZjUwHhcNMjYwNTE4MTEzNDUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmM1ZTIyNDBiZWY4ODBkN2RlOTUxYjI0NTBhYjhjNzY5MmM5MzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6ib3jpMy1F9rYrgINHR372fH9vZ5
Olpr5OExYbg6ZNhiyiQHPMQrtCAvFWnnUyXlBCEi1x6gE75uQCJxWFJetIeD0wVg
00fiRfXMLdrd3f84OEZJehczyDw3elU72fpbVGEVeMwFbfSYzzts+jVSfgRQ/0bL
nEL6nFWgq7pxAcKHedQGAujcVz5aBAz6iWVnSChVGpr6NGnU/au0e1Mgjau/bHHE
4Pi/JEJt3B9LliKIMHu9x7D+JPuKo2d/crSs239RJUvquNMhVuXbKCx5vEu7uhAs
Pi7BWWpXUiwAuQE0s8S0NjT+vekIvYJ1ikNYvgIXboDI0ut2DjcWef6PpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE/F4iQL74gNfelRskUKuMdpLJNgMB8GA1UdIwQY
MBaAFH6do9iO/BK21Gvird8mr6fHt931MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZnAyajJJNzhFcmJVYS1LdDN5YXZwOGUzM2ZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS80OGQ3MjAtMjY1Mi00YmI1LWE1YWIt
Mjg3MjgyMzRkYTNlLzEvVDhYaUpBdnZpQTE5NlZHeVJRcTR4MmtzazJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS80OGQ3MjAtMjY1Mi00YmI1LWE1YWItMjg3MjgyMzRkYTNl
LzEvZnAyajJJNzhFcmJVYS1LdDN5YXZwOGUzM2ZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAUBAIAATAOMAwDBADD/cUD
BADD/cYwDwQCAAIwCQMHASoFDIAQADANBgkqhkiG9w0BAQsFAAOCAQEACiDMqCJU
9lk1hJREHC3kGEXTxi1fb7PgRrTgm0aSYeVfkrA08o6GgECDa5H9VKRFP9+bwNrM
KyufXlUeCRyuqRD1yYoZZhlexvfevxMmkv9TiNRJgUg3EkotFlCv6XOzeuBC6mdV
KLU+jdc3FrDGXtu+gB13ldHl33EsI4R/KFRo5MHvoQOsBnZhPY/knpgG/nM31zOW
JVhdAgYXR620n2RFerlOgJO3M266L0AH1SNoCCgZ8iPJz8OsD7qYmNiCwnnznprT
RLp5vO2XEhozelz4+dxUTT4Thnp9IQgkjCUSL+ZjoxyIQ7tkFgX9EOG7PZH87c31
62rHmmS+r1kGug==
-----END CERTIFICATE-----
Generated at Thu Jun 4 11:18:30 2026 by rpki-client