Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/tO23-qMAsDBtU6MpF4WNQK1Xeg0.roa
File: tO23-qMAsDBtU6MpF4WNQK1Xeg0.roa (raw, json)
Hash identifier: iFIhOTOP6nzdiLHdfwCuFc8wGiIOLQ6R04Q5J4q3fuk=
Subject key identifier: B4:ED:B7:FA:A3:00:B0:30:6D:53:A3:29:17:85:8D:40:AD:57:7A:0D
Certificate issuer: /CN=50c1e426f58e42ae30e56cdb7ff4d8f9ddd85b30
Certificate serial: 019E20C9CDA340BF76F15B8B1042DFA3D3A8
Authority key identifier: 50:C1:E4:26:F5:8E:42:AE:30:E5:6C:DB:7F:F4:D8:F9:DD:D8:5B:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/tO23-qMAsDBtU6MpF4WNQK1Xeg0.roa
Signing time: Wed 13 May 2026 10:02:36 +0000
ROA not before: Wed 13 May 2026 10:02:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 20546
IP address blocks: 195.253.64.0/24 maxlen: 24
195.253.65.0/24 maxlen: 24
195.253.88.0/24 maxlen: 24
195.253.92.0/24 maxlen: 24
195.253.118.0/24 maxlen: 24
2a01:5b0:4::/46 maxlen: 48
2a01:5b0:5::/48 maxlen: 48
2a01:5b0:16::/48 maxlen: 48
2a01:5b0:36::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.mft
rsync://rpki.ripe.net/repository/DEFAULT/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 16 May 2026 11:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:20:c9:cd:a3:40:bf:76:f1:5b:8b:10:42:df:a3:d3:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50c1e426f58e42ae30e56cdb7ff4d8f9ddd85b30
Validity
Not Before: May 13 10:02:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b4edb7faa300b0306d53a32917858d40ad577a0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:15:f2:41:75:62:41:fa:74:a7:e4:21:3c:f4:
61:d5:0c:ca:65:2e:eb:fe:32:fb:18:53:16:fd:0b:
b1:a4:e2:2b:59:3c:ee:7f:08:86:79:85:87:b8:6e:
15:f3:22:70:47:82:1b:f4:ea:6d:a9:96:8d:bf:41:
19:48:e2:c2:83:6d:59:31:29:4b:e3:20:aa:ca:47:
13:ec:4f:66:6b:0a:53:bc:30:8b:68:0f:29:64:ed:
1c:1b:9c:cc:e4:a1:60:3f:bf:0f:f2:78:8e:bd:a7:
d0:12:20:c2:44:1f:52:8e:8d:99:a9:9c:3b:03:2e:
d2:76:c4:01:37:3e:27:3b:35:be:f7:48:38:0d:be:
f4:4c:8f:2a:ef:84:da:be:1c:0c:b0:51:cf:51:50:
b0:c1:f4:f3:59:94:0d:83:c4:46:3d:07:f4:5f:c9:
59:81:9f:19:c3:41:70:6d:f3:63:30:71:67:58:6c:
29:bf:97:36:a3:d5:64:53:3b:49:a9:af:24:c9:f6:
30:b2:19:73:74:46:c2:d3:fa:c0:15:a3:17:d6:d3:
2e:6b:62:8b:9d:e3:6e:98:38:13:7b:7a:5f:28:d5:
57:90:aa:c5:35:65:e3:ad:f3:a5:93:73:27:a7:04:
d4:f9:65:d8:3b:23:ac:7b:79:4c:04:01:2b:c8:97:
2e:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:ED:B7:FA:A3:00:B0:30:6D:53:A3:29:17:85:8D:40:AD:57:7A:0D
X509v3 Authority Key Identifier:
keyid:50:C1:E4:26:F5:8E:42:AE:30:E5:6C:DB:7F:F4:D8:F9:DD:D8:5B:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/tO23-qMAsDBtU6MpF4WNQK1Xeg0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.253.64.0/23
195.253.88.0/24
195.253.92.0/24
195.253.118.0/24
IPv6:
2a01:5b0:4::/46
2a01:5b0:16::/48
2a01:5b0:36::/48
Signature Algorithm: sha256WithRSAEncryption
79:6f:57:07:fe:04:1b:2a:84:d2:66:b9:fd:a1:05:81:0d:66:
28:a7:e5:4d:57:3b:82:f0:df:44:cb:51:2e:f5:ef:a2:fb:d1:
56:f5:c1:68:c0:a6:be:b8:30:3a:ef:d1:c1:45:03:3f:08:3c:
5d:dc:95:46:7d:b2:e6:98:51:cb:6d:65:c7:ea:3a:51:e1:53:
f3:2e:99:77:9c:43:33:5c:9b:d3:f3:99:bd:23:5c:5c:04:f8:
74:f3:5b:83:f8:a3:c7:ca:49:0d:6c:b9:c2:3b:e8:94:f5:37:
8a:7e:06:a5:ae:0c:05:a6:71:f0:91:c3:89:22:81:3f:8b:fa:
a7:66:fe:73:0a:b0:30:37:d6:bd:4d:be:a1:d3:58:4d:58:8d:
e0:a7:d9:1d:e7:67:68:d8:08:aa:93:a3:6c:88:a9:1c:46:c7:
73:56:33:96:3d:1c:f5:87:9c:89:b6:5d:03:10:94:75:29:b8:
ac:fe:e1:0c:66:d1:dc:46:84:2a:64:2b:d1:7a:95:49:37:4b:
c6:45:ce:e6:4e:29:2b:0d:55:d0:2f:e2:1e:8a:50:79:f6:34:
96:82:63:e9:59:72:1f:e2:ea:28:83:51:d9:d2:f3:37:e9:74:
03:45:a2:e4:4e:fa:ce:50:59:30:04:7e:17:1a:84:dc:0e:4b:
3c:c3:00:ee
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAZ4gyc2jQL928VuLEELfo9OoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwYzFlNDI2ZjU4ZTQyYWUzMGU1NmNkYjdmZjRkOGY5ZGRk
ODViMzAwHhcNMjYwNTEzMTAwMjM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGVkYjdmYWEzMDBiMDMwNmQ1M2EzMjkxNzg1OGQ0MGFkNTc3YTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1BXyQXViQfp0p+QhPPRh1QzKZS7r
/jL7GFMW/QuxpOIrWTzufwiGeYWHuG4V8yJwR4Ib9OptqZaNv0EZSOLCg21ZMSlL
4yCqykcT7E9mawpTvDCLaA8pZO0cG5zM5KFgP78P8niOvafQEiDCRB9Sjo2ZqZw7
Ay7SdsQBNz4nOzW+90g4Db70TI8q74TavhwMsFHPUVCwwfTzWZQNg8RGPQf0X8lZ
gZ8Zw0FwbfNjMHFnWGwpv5c2o9VkUztJqa8kyfYwshlzdEbC0/rAFaMX1tMua2KL
neNumDgTe3pfKNVXkKrFNWXjrfOlk3MnpwTU+WXYOyOse3lMBAEryJcurwIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFLTtt/qjALAwbVOjKReFjUCtV3oNMB8GA1UdIwQY
MBaAFFDB5Cb1jkKuMOVs23/02Pnd2FswMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVU1Ia0p2V09RcTR3NVd6YmZfVFktZDNZV3pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi85YzZkYWQtMzc3YS00NDRlLWIwZGMt
MDYzY2U2Y2Y0NjBkLzEvdE8yMy1xTUFzREJ0VTZNcEY0V05RSzFYZWcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi85YzZkYWQtMzc3YS00NDRlLWIwZGMtMDYzY2U2Y2Y0NjBk
LzEvVU1Ia0p2V09RcTR3NVd6YmZfVFktZDNZV3pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAeBAIAATAYAwQBw/1AAwQA
w/1YAwQAw/1cAwQAw/12MCEEAgACMBsDBwIqAQWwAAQDBwAqAQWwABYDBwAqAQWw
ADYwDQYJKoZIhvcNAQELBQADggEBAHlvVwf+BBsqhNJmuf2hBYENZiin5U1XO4Lw
30TLUS7176L70Vb1wWjApr64MDrv0cFFAz8IPF3clUZ9suaYUcttZcfqOlHhU/Mu
mXecQzNcm9Pzmb0jXFwE+HTzW4P4o8fKSQ1sucI76JT1N4p+BqWuDAWmcfCRw4ki
gT+L+qdm/nMKsDA31r1NvqHTWE1YjeCn2R3nZ2jYCKqTo2yIqRxGx3NWM5Y9HPWH
nIm2XQMQlHUpuKz+4Qxm0dxGhCpkK9F6lUk3S8ZFzuZOKSsNVdAv4h6KUHn2NJaC
Y+lZch/i6iiDUdnS8zfpdANFouRO+s5QWTAEfhcahNwOSzzDAO4=
-----END CERTIFICATE-----
Generated at Fri May 15 19:22:54 2026 by rpki-client