Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/e91627-843c-49bc-9bea-f72ab03177c1/1/A4Dh7ZjplGb-PN4SKQhst4MePwI.roa
File: A4Dh7ZjplGb-PN4SKQhst4MePwI.roa (raw, json)
Hash identifier: stPyk70c80f5gGOf1fecn++zbSc8YHTYr3VUl3oBgHQ=
Subject key identifier: 03:80:E1:ED:98:E9:94:66:FE:3C:DE:12:29:08:6C:B7:83:1E:3F:02
Certificate issuer: /CN=e3d1d7d43366a5b0063c37571319dfa432d1531b
Certificate serial: 019DD9FE3730BA166FE785D88DDCF21807E0
Authority key identifier: E3:D1:D7:D4:33:66:A5:B0:06:3C:37:57:13:19:DF:A4:32:D1:53:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/49HX1DNmpbAGPDdXExnfpDLRUxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/e91627-843c-49bc-9bea-f72ab03177c1/1/A4Dh7ZjplGb-PN4SKQhst4MePwI.roa
Signing time: Wed 29 Apr 2026 16:06:49 +0000
ROA not before: Wed 29 Apr 2026 16:06:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 198486
IP address blocks: 191.44.96.0/24 maxlen: 24
191.44.103.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6c/e91627-843c-49bc-9bea-f72ab03177c1/1/49HX1DNmpbAGPDdXExnfpDLRUxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/6c/e91627-843c-49bc-9bea-f72ab03177c1/1/49HX1DNmpbAGPDdXExnfpDLRUxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/49HX1DNmpbAGPDdXExnfpDLRUxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 May 2026 18:48:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d9:fe:37:30:ba:16:6f:e7:85:d8:8d:dc:f2:18:07:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3d1d7d43366a5b0063c37571319dfa432d1531b
Validity
Not Before: Apr 29 16:06:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0380e1ed98e99466fe3cde1229086cb7831e3f02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:cd:77:93:e2:bd:f0:aa:47:72:43:97:da:2e:
6d:a4:05:b5:53:36:28:31:64:1e:ad:03:80:e9:9c:
c9:c1:e0:97:42:cf:da:f4:ba:09:f1:db:60:c9:9f:
38:e5:7b:69:d3:09:ba:15:ed:f0:ea:eb:08:35:52:
3d:1a:f2:69:a6:ad:66:c0:d9:9c:9a:28:e7:d2:47:
09:4e:d6:6b:ef:6c:12:b2:d5:59:e0:52:9e:b8:05:
dc:31:74:76:c9:6e:18:ab:06:9a:82:46:68:64:d5:
a0:ad:6c:6b:7d:f2:7f:76:48:b4:1c:65:c2:75:81:
8b:e8:d4:08:21:95:77:88:98:d5:fc:11:1e:eb:a2:
e5:e4:20:e4:a8:99:6a:c8:6a:37:d2:c8:c3:49:c0:
87:40:ca:e9:fb:ad:9a:68:81:89:4c:fd:76:d0:bb:
b1:0a:fa:b8:5c:8f:fe:b2:06:c3:da:04:c9:2b:01:
e6:83:e1:cf:c9:09:39:d6:6d:1c:5f:81:54:0d:34:
c1:e9:37:8d:82:bc:28:09:e4:e3:af:42:af:25:46:
ec:ae:65:ee:9e:7e:24:af:98:6e:f7:ce:dc:1a:3a:
8a:e6:d1:02:c8:33:0e:18:ef:33:3b:f3:e1:7e:58:
d9:45:09:36:7c:de:8e:e8:c5:1d:3a:e1:47:c4:2b:
fe:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:80:E1:ED:98:E9:94:66:FE:3C:DE:12:29:08:6C:B7:83:1E:3F:02
X509v3 Authority Key Identifier:
keyid:E3:D1:D7:D4:33:66:A5:B0:06:3C:37:57:13:19:DF:A4:32:D1:53:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/49HX1DNmpbAGPDdXExnfpDLRUxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/e91627-843c-49bc-9bea-f72ab03177c1/1/A4Dh7ZjplGb-PN4SKQhst4MePwI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/e91627-843c-49bc-9bea-f72ab03177c1/1/49HX1DNmpbAGPDdXExnfpDLRUxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
191.44.96.0/24
191.44.103.0/24
Signature Algorithm: sha256WithRSAEncryption
64:22:04:14:7e:fb:fd:f1:8a:1a:73:5f:10:4d:84:71:1b:39:
21:46:1d:b2:1f:20:e6:0d:d4:6d:c2:14:26:11:ce:b4:7b:a7:
07:81:64:22:ab:c6:e0:25:75:7b:75:5f:56:00:47:48:dc:83:
ef:21:5b:95:4d:2f:6d:cb:5e:d8:95:ee:b2:af:e2:ef:a3:a8:
cf:9c:9a:da:43:8d:0c:7c:be:1e:da:e1:9c:56:05:09:8b:1f:
66:fe:ca:72:36:57:da:9e:ec:36:ca:2a:ff:bc:ea:08:a2:9d:
30:11:78:86:00:73:4f:e7:ed:97:b2:9f:07:38:f5:34:90:62:
b9:34:c0:59:f4:ee:51:54:f3:cb:00:d3:af:6f:50:29:64:d6:
b3:ee:15:c7:17:28:0d:bb:3d:cc:fe:bd:63:5d:ff:9b:54:52:
9a:47:9d:ad:44:3e:e3:58:6a:22:a0:ee:bb:2a:96:39:e9:ce:
34:01:b5:c9:06:86:1b:ab:85:7f:1d:52:27:be:68:27:07:d4:
a9:75:48:4e:ab:f7:0a:cc:9f:87:24:6a:9a:cd:b6:62:4b:ad:
8d:d9:a3:e8:09:6e:1e:1e:fa:0d:fc:a7:dd:a9:4d:27:30:92:
b2:a2:f6:6f:4f:a0:a0:0d:94:ee:ee:da:e9:6e:51:d7:7c:fd:
a6:84:6e:49
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ3Z/jcwuhZv54XYjdzyGAfgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzZDFkN2Q0MzM2NmE1YjAwNjNjMzc1NzEzMTlkZmE0MzJk
MTUzMWIwHhcNMjYwNDI5MTYwNjQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzgwZTFlZDk4ZTk5NDY2ZmUzY2RlMTIyOTA4NmNiNzgzMWUzZjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu813k+K98KpHckOX2i5tpAW1UzYo
MWQerQOA6ZzJweCXQs/a9LoJ8dtgyZ845Xtp0wm6Fe3w6usINVI9GvJppq1mwNmc
mijn0kcJTtZr72wSstVZ4FKeuAXcMXR2yW4YqwaagkZoZNWgrWxrffJ/dki0HGXC
dYGL6NQIIZV3iJjV/BEe66Ll5CDkqJlqyGo30sjDScCHQMrp+62aaIGJTP120Lux
Cvq4XI/+sgbD2gTJKwHmg+HPyQk51m0cX4FUDTTB6TeNgrwoCeTjr0KvJUbsrmXu
nn4kr5hu987cGjqK5tECyDMOGO8zO/PhfljZRQk2fN6O6MUdOuFHxCv+IQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAOA4e2Y6ZRm/jzeEikIbLeDHj8CMB8GA1UdIwQY
MBaAFOPR19QzZqWwBjw3VxMZ36Qy0VMbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDlIWDFETm1wYkFHUERkWEV4bmZwRExSVXhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9lOTE2MjctODQzYy00OWJjLTliZWEt
ZjcyYWIwMzE3N2MxLzEvQTREaDdaanBsR2ItUE40U0tRaHN0NE1lUHdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy9lOTE2MjctODQzYy00OWJjLTliZWEtZjcyYWIwMzE3N2Mx
LzEvNDlIWDFETm1wYkFHUERkWEV4bmZwRExSVXhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAvyxgAwQA
vyxnMA0GCSqGSIb3DQEBCwUAA4IBAQBkIgQUfvv98Yoac18QTYRxGzkhRh2yHyDm
DdRtwhQmEc60e6cHgWQiq8bgJXV7dV9WAEdI3IPvIVuVTS9ty17Yle6yr+Lvo6jP
nJraQ40MfL4e2uGcVgUJix9m/spyNlfanuw2yir/vOoIop0wEXiGAHNP5+2Xsp8H
OPU0kGK5NMBZ9O5RVPPLANOvb1ApZNaz7hXHFygNuz3M/r1jXf+bVFKaR52tRD7j
WGoioO67KpY56c40AbXJBoYbq4V/HVInvmgnB9SpdUhOq/cKzJ+HJGqazbZiS62N
2aPoCW4eHvoN/KfdqU0nMJKyovZvT6CgDZTu7trpblHXfP2mhG5J
-----END CERTIFICATE-----
Generated at Wed May 6 02:40:41 2026 by rpki-client