Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/e91627-843c-49bc-9bea-f72ab03177c1/1/NULvqw0kCs2_ZCjWBt2VvJZGol0.roa
File: NULvqw0kCs2_ZCjWBt2VvJZGol0.roa (raw, json)
Hash identifier: Quuw7IcBlyEOqPvHtcoQTgXeSrnSYFAW6dEgncEw35U=
Subject key identifier: 35:42:EF:AB:0D:24:0A:CD:BF:64:28:D6:06:DD:95:BC:96:46:A2:5D
Certificate issuer: /CN=e3d1d7d43366a5b0063c37571319dfa432d1531b
Certificate serial: 019E70A64D38ADEA15E7E0800A636C04525E
Authority key identifier: E3:D1:D7:D4:33:66:A5:B0:06:3C:37:57:13:19:DF:A4:32:D1:53:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/49HX1DNmpbAGPDdXExnfpDLRUxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/e91627-843c-49bc-9bea-f72ab03177c1/1/NULvqw0kCs2_ZCjWBt2VvJZGol0.roa
Signing time: Thu 28 May 2026 22:13:27 +0000
ROA not before: Thu 28 May 2026 22:13:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 201861
IP address blocks: 191.44.90.0/24 maxlen: 24
191.44.116.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6c/e91627-843c-49bc-9bea-f72ab03177c1/1/49HX1DNmpbAGPDdXExnfpDLRUxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/6c/e91627-843c-49bc-9bea-f72ab03177c1/1/49HX1DNmpbAGPDdXExnfpDLRUxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/49HX1DNmpbAGPDdXExnfpDLRUxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Jun 2026 02:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:70:a6:4d:38:ad:ea:15:e7:e0:80:0a:63:6c:04:52:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3d1d7d43366a5b0063c37571319dfa432d1531b
Validity
Not Before: May 28 22:13:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3542efab0d240acdbf6428d606dd95bc9646a25d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:c5:9f:45:31:99:78:77:99:45:18:d4:d9:07:
2b:1f:b1:5c:32:58:ba:bf:bf:9b:ad:16:d5:ac:4f:
92:fb:c6:13:88:e6:1a:9e:ae:4a:0b:e7:ec:76:f3:
63:c6:75:bf:6c:b5:64:27:2b:79:69:17:8f:10:33:
cd:89:10:ef:c6:51:0c:a6:ea:8b:ac:b3:99:12:2a:
53:da:84:47:e8:c7:45:4d:45:80:93:e9:d4:12:fa:
25:4d:ca:6a:20:af:36:9b:38:e9:cc:98:da:66:dc:
8f:e5:6c:6f:88:a0:b5:98:42:b6:bd:d0:5f:d8:3f:
cb:7e:b1:df:e2:a8:3a:32:ea:89:16:e0:c2:f5:c3:
c4:ae:dd:59:fb:bc:e4:67:50:57:d1:61:34:11:26:
73:d6:93:fc:1a:27:be:b1:59:1b:b7:a3:c5:43:e1:
58:d1:65:1f:15:7c:86:07:77:d9:c2:6f:30:94:b6:
d4:3b:08:95:c7:ae:ef:c4:73:ca:96:6e:b1:e6:5d:
c3:54:6d:66:5e:f8:81:ee:5f:b1:8e:ac:6c:5a:65:
d1:de:97:7e:fe:fe:2f:ed:8e:3c:d1:f8:ad:a5:80:
1b:4d:18:41:b0:e9:4f:07:42:da:cc:3f:2c:47:64:
1c:9e:38:bd:25:01:e4:a6:78:ce:4b:cf:26:ee:90:
c6:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:42:EF:AB:0D:24:0A:CD:BF:64:28:D6:06:DD:95:BC:96:46:A2:5D
X509v3 Authority Key Identifier:
keyid:E3:D1:D7:D4:33:66:A5:B0:06:3C:37:57:13:19:DF:A4:32:D1:53:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/49HX1DNmpbAGPDdXExnfpDLRUxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/e91627-843c-49bc-9bea-f72ab03177c1/1/NULvqw0kCs2_ZCjWBt2VvJZGol0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/e91627-843c-49bc-9bea-f72ab03177c1/1/49HX1DNmpbAGPDdXExnfpDLRUxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
191.44.90.0/24
191.44.116.0/24
Signature Algorithm: sha256WithRSAEncryption
35:95:09:e8:fb:21:c9:82:61:ea:e2:e8:ea:ee:d5:b9:cc:af:
e2:90:7f:31:12:0f:b5:b7:af:99:2f:6f:48:de:02:db:39:d6:
6b:03:ba:62:4d:e9:57:7f:fd:8e:48:5c:20:c7:11:c7:61:60:
43:7a:69:03:56:9d:1d:9c:e6:5e:bd:3f:30:df:68:5e:10:ab:
a0:0a:d0:98:97:85:4e:b2:af:25:24:11:ca:da:df:d5:b1:12:
50:db:8e:f3:0f:f7:9e:ca:62:a8:e6:3d:4f:e4:89:ee:51:ee:
b4:4a:d0:39:79:8b:26:2a:db:44:3a:bb:2b:42:73:05:40:3f:
9c:1a:b1:57:92:0f:0b:b5:97:b6:f0:96:d4:69:df:39:ab:9f:
67:34:17:96:7e:83:49:d1:57:ee:b0:8a:14:ca:bf:0a:f7:f0:
1f:10:ea:d8:a8:64:05:c8:b0:87:bf:9d:ef:e9:56:fc:6e:3b:
65:c9:a5:5b:82:af:7c:a1:39:3c:42:3d:74:5b:be:cd:30:98:
a2:14:c5:ff:60:17:e6:04:6a:c9:17:e3:00:8b:72:51:35:bd:
9a:7d:db:e5:8b:bc:28:0e:58:8d:49:61:e8:ab:9c:ad:82:08:
17:cd:14:72:be:f9:e5:4b:f1:51:af:80:9a:b2:51:6b:4c:82:
4d:4e:0d:de
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ5wpk04reoV5+CACmNsBFJeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzZDFkN2Q0MzM2NmE1YjAwNjNjMzc1NzEzMTlkZmE0MzJk
MTUzMWIwHhcNMjYwNTI4MjIxMzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTQyZWZhYjBkMjQwYWNkYmY2NDI4ZDYwNmRkOTViYzk2NDZhMjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAycWfRTGZeHeZRRjU2QcrH7FcMli6
v7+brRbVrE+S+8YTiOYanq5KC+fsdvNjxnW/bLVkJyt5aRePEDPNiRDvxlEMpuqL
rLOZEipT2oRH6MdFTUWAk+nUEvolTcpqIK82mzjpzJjaZtyP5WxviKC1mEK2vdBf
2D/LfrHf4qg6MuqJFuDC9cPErt1Z+7zkZ1BX0WE0ESZz1pP8Gie+sVkbt6PFQ+FY
0WUfFXyGB3fZwm8wlLbUOwiVx67vxHPKlm6x5l3DVG1mXviB7l+xjqxsWmXR3pd+
/v4v7Y480fitpYAbTRhBsOlPB0LazD8sR2Qcnji9JQHkpnjOS88m7pDGtwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDVC76sNJArNv2Qo1gbdlbyWRqJdMB8GA1UdIwQY
MBaAFOPR19QzZqWwBjw3VxMZ36Qy0VMbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDlIWDFETm1wYkFHUERkWEV4bmZwRExSVXhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9lOTE2MjctODQzYy00OWJjLTliZWEt
ZjcyYWIwMzE3N2MxLzEvTlVMdnF3MGtDczJfWkNqV0J0MlZ2SlpHb2wwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy9lOTE2MjctODQzYy00OWJjLTliZWEtZjcyYWIwMzE3N2Mx
LzEvNDlIWDFETm1wYkFHUERkWEV4bmZwRExSVXhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAvyxaAwQA
vyx0MA0GCSqGSIb3DQEBCwUAA4IBAQA1lQno+yHJgmHq4ujq7tW5zK/ikH8xEg+1
t6+ZL29I3gLbOdZrA7piTelXf/2OSFwgxxHHYWBDemkDVp0dnOZevT8w32heEKug
CtCYl4VOsq8lJBHK2t/VsRJQ247zD/eeymKo5j1P5InuUe60StA5eYsmKttEOrsr
QnMFQD+cGrFXkg8LtZe28JbUad85q59nNBeWfoNJ0VfusIoUyr8K9/AfEOrYqGQF
yLCHv53v6Vb8bjtlyaVbgq98oTk8Qj10W77NMJiiFMX/YBfmBGrJF+MAi3JRNb2a
fdvli7woDliNSWHoq5ytgggXzRRyvvnlS/FRr4CaslFrTIJNTg3e
-----END CERTIFICATE-----
Generated at Sat Jun 6 08:04:19 2026 by rpki-client