Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/28MnuBuWMkf8YOUEK1t42dzS8iY.roa
File: 28MnuBuWMkf8YOUEK1t42dzS8iY.roa (raw, json)
Hash identifier: eMlMHl46n0Zt6mHyAMkeO9Sq3gX3a6oaKFf2QAyBvEs=
Subject key identifier: DB:C3:27:B8:1B:96:32:47:FC:60:E5:04:2B:5B:78:D9:DC:D2:F2:26
Certificate issuer: /CN=a2088e06d553cff293d277f4d76c3a710bd8b2f7
Certificate serial: 019DB46D2CD6229D7DF03DBEAB08656A8D01
Authority key identifier: A2:08:8E:06:D5:53:CF:F2:93:D2:77:F4:D7:6C:3A:71:0B:D8:B2:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ogiOBtVTz_KT0nf012w6cQvYsvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/28MnuBuWMkf8YOUEK1t42dzS8iY.roa
Signing time: Wed 22 Apr 2026 09:02:26 +0000
ROA not before: Wed 22 Apr 2026 09:02:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 49453
IP address blocks: 188.214.137.0/24 maxlen: 24
188.214.138.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/ogiOBtVTz_KT0nf012w6cQvYsvc.crl
rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/ogiOBtVTz_KT0nf012w6cQvYsvc.mft
rsync://rpki.ripe.net/repository/DEFAULT/ogiOBtVTz_KT0nf012w6cQvYsvc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 13:16:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:b4:6d:2c:d6:22:9d:7d:f0:3d:be:ab:08:65:6a:8d:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2088e06d553cff293d277f4d76c3a710bd8b2f7
Validity
Not Before: Apr 22 09:02:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=dbc327b81b963247fc60e5042b5b78d9dcd2f226
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:d9:5c:e0:95:ac:53:d8:a2:48:fe:f6:ff:54:
bd:26:e0:b7:ab:16:e5:5d:05:c1:de:df:2a:4c:b6:
2d:b7:27:8c:fb:f5:9e:5f:3c:10:ac:73:9d:1e:5c:
36:34:9c:1f:e7:35:dd:43:d3:af:5e:c3:a9:e8:5f:
20:bf:37:cc:2f:5d:73:ba:04:5b:f1:a8:3e:7e:e4:
0e:ba:87:ac:97:23:ad:4c:dc:8c:64:82:ed:a2:1e:
52:da:e9:2e:06:cc:0c:57:78:7b:1e:e8:10:dd:05:
cb:36:27:58:59:03:8e:33:52:4e:52:87:26:fa:bd:
8c:17:63:8a:11:16:71:39:41:d9:61:63:cd:5e:b5:
51:c2:ba:c1:53:2c:75:de:27:67:ce:88:9e:cc:32:
b1:7b:35:21:76:3d:2e:08:00:76:e2:32:cd:03:3f:
4a:cd:49:05:c5:94:95:a6:98:f8:85:c2:b4:12:ee:
6b:e0:4e:3b:56:c5:eb:88:a9:0a:62:58:66:f4:9c:
9c:80:03:8d:7e:a8:46:28:36:ff:8e:9a:ce:a8:aa:
7c:e6:ba:1a:15:cb:b3:2d:e5:4e:a4:ca:d2:31:41:
70:38:07:52:59:81:56:17:7b:74:de:5a:a8:3d:d0:
1d:51:41:95:d4:5e:ab:00:d4:21:fa:86:4d:dd:07:
fe:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:C3:27:B8:1B:96:32:47:FC:60:E5:04:2B:5B:78:D9:DC:D2:F2:26
X509v3 Authority Key Identifier:
keyid:A2:08:8E:06:D5:53:CF:F2:93:D2:77:F4:D7:6C:3A:71:0B:D8:B2:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ogiOBtVTz_KT0nf012w6cQvYsvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/28MnuBuWMkf8YOUEK1t42dzS8iY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/ogiOBtVTz_KT0nf012w6cQvYsvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.214.137.0-188.214.138.255
Signature Algorithm: sha256WithRSAEncryption
53:de:6f:71:6d:8c:c6:44:c6:72:17:c0:55:70:27:39:f4:e4:
db:be:70:85:01:a0:0c:03:3b:47:05:58:b0:6b:de:53:b1:42:
6a:08:7c:b8:4a:fd:28:fc:67:bd:4a:45:4f:04:61:8c:0f:05:
8f:ae:e7:52:e3:05:08:2c:3c:f7:8d:08:9f:3b:c8:b2:08:9b:
09:d2:63:56:4e:d3:85:c8:5f:5e:94:11:7c:8a:bd:3f:34:fa:
62:d6:87:7b:c0:7b:13:49:08:57:76:13:ea:d2:c3:75:40:a0:
26:00:ab:f5:83:cd:20:e5:db:e7:65:86:3c:23:f1:aa:95:e6:
2d:cb:70:ab:5c:08:14:ed:65:31:33:7b:c6:13:9b:a3:0e:a3:
fd:50:b0:85:a9:20:2f:94:30:a6:23:99:89:bc:57:47:c0:bc:
29:96:e2:df:ba:ff:f5:70:78:08:2e:56:e5:17:07:b4:2e:b5:
95:53:75:65:66:26:0d:00:be:c5:f0:a7:94:f8:a1:80:e5:ce:
fa:9a:28:ed:01:49:62:12:8a:29:60:a2:bd:8d:fc:99:39:69:
cf:69:3b:cd:eb:ac:37:c5:99:d3:9f:01:99:47:5d:fc:b0:ff:
e5:d2:4b:bd:ec:6a:07:12:ce:dc:17:10:03:24:b0:af:39:7b:
f3:ab:2e:71
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZ20bSzWIp198D2+qwhlao0BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMDg4ZTA2ZDU1M2NmZjI5M2QyNzdmNGQ3NmMzYTcxMGJk
OGIyZjcwHhcNMjYwNDIyMDkwMjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmMzMjdiODFiOTYzMjQ3ZmM2MGU1MDQyYjViNzhkOWRjZDJmMjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNlc4JWsU9iiSP72/1S9JuC3qxbl
XQXB3t8qTLYttyeM+/WeXzwQrHOdHlw2NJwf5zXdQ9OvXsOp6F8gvzfML11zugRb
8ag+fuQOuoeslyOtTNyMZILtoh5S2ukuBswMV3h7HugQ3QXLNidYWQOOM1JOUocm
+r2MF2OKERZxOUHZYWPNXrVRwrrBUyx13idnzoiezDKxezUhdj0uCAB24jLNAz9K
zUkFxZSVppj4hcK0Eu5r4E47VsXriKkKYlhm9JycgAONfqhGKDb/jprOqKp85roa
FcuzLeVOpMrSMUFwOAdSWYFWF3t03lqoPdAdUUGV1F6rANQh+oZN3Qf+VwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNvDJ7gbljJH/GDlBCtbeNnc0vImMB8GA1UdIwQY
MBaAFKIIjgbVU8/yk9J39NdsOnEL2LL3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2dpT0J0VlR6X0tUMG5mMDEydzZjUXZZc3ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9iNDVkNzktYTRkNy00NDYwLWJmZTct
YmJlYTI5MThlMTAyLzEvMjhNbnVCdVdNa2Y4WU9VRUsxdDQyZHpTOGlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9iNDVkNzktYTRkNy00NDYwLWJmZTctYmJlYTI5MThlMTAy
LzEvb2dpT0J0VlR6X0tUMG5mMDEydzZjUXZZc3ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC81okD
BAC81oowDQYJKoZIhvcNAQELBQADggEBAFPeb3FtjMZExnIXwFVwJzn05Nu+cIUB
oAwDO0cFWLBr3lOxQmoIfLhK/Sj8Z71KRU8EYYwPBY+u51LjBQgsPPeNCJ87yLII
mwnSY1ZO04XIX16UEXyKvT80+mLWh3vAexNJCFd2E+rSw3VAoCYAq/WDzSDl2+dl
hjwj8aqV5i3LcKtcCBTtZTEze8YTm6MOo/1QsIWpIC+UMKYjmYm8V0fAvCmW4t+6
//VweAguVuUXB7QutZVTdWVmJg0AvsXwp5T4oYDlzvqaKO0BSWISiilgor2N/Jk5
ac9pO83rrDfFmdOfAZlHXfyw/+XSS73sagcSztwXEAMksK85e/OrLnE=
-----END CERTIFICATE-----
Generated at Mon Apr 27 23:35:53 2026 by rpki-client