Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/A5xsj21QVErPlOze4DaAnr87Oj4.roa
File: A5xsj21QVErPlOze4DaAnr87Oj4.roa (raw, json)
Hash identifier: hWndvgrM1LQSZ8FOmZz93KDqeJdddEgRruxaGxptg2I=
Subject key identifier: 03:9C:6C:8F:6D:50:54:4A:CF:94:EC:DE:E0:36:80:9E:BF:3B:3A:3E
Certificate issuer: /CN=914aa557c3d3d1e6b7f0525c34cc1d488a5a9294
Certificate serial: 019DC301C7FB80ABF73010707B44BBC5F4C0
Authority key identifier: 91:4A:A5:57:C3:D3:D1:E6:B7:F0:52:5C:34:CC:1D:48:8A:5A:92:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/A5xsj21QVErPlOze4DaAnr87Oj4.roa
Signing time: Sat 25 Apr 2026 04:59:26 +0000
ROA not before: Sat 25 Apr 2026 04:59:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 16276
IP address blocks: 192.144.79.0/24 maxlen: 24
222.167.192.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Apr 2026 14:21:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:c3:01:c7:fb:80:ab:f7:30:10:70:7b:44:bb:c5:f4:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=914aa557c3d3d1e6b7f0525c34cc1d488a5a9294
Validity
Not Before: Apr 25 04:59:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=039c6c8f6d50544acf94ecdee036809ebf3b3a3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:68:49:8e:ab:80:50:2f:2f:35:d0:f4:55:a0:
10:3d:b2:66:09:72:b6:05:df:fa:03:3b:1f:1a:70:
e0:96:c7:71:54:97:35:06:d3:d9:4a:d2:de:e3:be:
d0:b2:5f:a4:fb:b4:15:3f:c3:08:85:b8:8d:eb:87:
e6:97:9a:37:19:af:f6:cc:21:3d:51:1a:a2:5e:29:
18:ed:50:8b:93:50:92:c3:57:b7:b5:82:95:71:77:
8d:37:ac:a6:f4:9b:d5:3d:18:bb:a9:32:6d:09:c0:
28:f7:bb:8c:5c:c5:35:be:0f:23:4d:0a:f0:6f:e9:
1f:c0:b2:23:ff:86:73:13:61:63:01:1d:46:30:6c:
a6:9d:14:c6:0c:cb:3f:6f:ff:43:77:30:8f:df:3c:
17:a9:23:34:9d:64:fb:62:ea:c3:b1:4d:fb:84:b9:
a0:56:94:3c:b5:a6:f6:8a:3e:0e:ab:b6:bc:68:57:
5f:0a:18:1c:92:63:bb:80:2e:13:db:f3:83:f1:1a:
0a:7c:d3:65:b0:8a:e8:ad:8e:69:24:e6:53:7d:4a:
8c:be:ca:67:c7:f7:06:c9:2b:a7:eb:1e:19:12:21:
9c:a8:17:ee:79:59:14:92:5e:bc:1e:f1:35:20:af:
4e:bb:bf:b4:9a:17:56:8b:e2:ff:2a:b1:66:32:2e:
75:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:9C:6C:8F:6D:50:54:4A:CF:94:EC:DE:E0:36:80:9E:BF:3B:3A:3E
X509v3 Authority Key Identifier:
keyid:91:4A:A5:57:C3:D3:D1:E6:B7:F0:52:5C:34:CC:1D:48:8A:5A:92:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/A5xsj21QVErPlOze4DaAnr87Oj4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.144.79.0/24
222.167.192.0/24
Signature Algorithm: sha256WithRSAEncryption
08:0b:93:90:ac:49:ce:3c:e6:f0:c4:32:40:f1:5a:f7:08:30:
76:6a:7f:f4:c6:55:56:83:2f:a7:d6:bf:64:d6:dd:6e:6d:73:
04:17:87:1c:5f:f2:b6:2d:c4:87:63:08:4b:e3:06:66:3a:70:
65:99:4a:6b:e2:e4:c8:75:eb:32:11:54:63:a7:15:8b:d4:53:
a8:ab:3a:e7:b2:d2:02:24:d5:76:f4:e1:33:1a:2c:b5:3c:83:
b3:ff:12:ed:c3:ae:12:df:77:16:d5:96:a4:fb:7d:bb:41:60:
14:63:c6:2e:a9:9c:56:19:ff:7d:8e:80:c3:cf:a1:49:37:af:
01:80:14:ce:e7:bf:b3:db:f2:7c:08:80:4b:d4:b1:6e:ef:a9:
a1:50:23:8a:72:ff:62:cd:09:76:e5:5b:0f:87:50:7b:d1:80:
d9:be:3f:05:83:b7:be:fe:39:30:55:52:cd:33:d5:5b:e5:34:
5b:ee:a7:c2:dd:4b:69:45:d6:04:00:52:1b:b6:70:5b:16:77:
e1:2e:63:fe:d6:68:79:2d:c6:85:7c:b0:b6:d7:3d:c4:8e:11:
a2:4e:b7:29:ef:69:5d:8c:a2:f6:8b:c6:9d:6f:07:ca:c4:d6:
89:d3:23:02:32:eb:52:f4:32:32:9b:73:4c:52:61:40:d9:3b:
45:b1:1b:8b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ3DAcf7gKv3MBBwe0S7xfTAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxNGFhNTU3YzNkM2QxZTZiN2YwNTI1YzM0Y2MxZDQ4OGE1
YTkyOTQwHhcNMjYwNDI1MDQ1OTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzljNmM4ZjZkNTA1NDRhY2Y5NGVjZGVlMDM2ODA5ZWJmM2IzYTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2hJjquAUC8vNdD0VaAQPbJmCXK2
Bd/6AzsfGnDglsdxVJc1BtPZStLe477Qsl+k+7QVP8MIhbiN64fml5o3Ga/2zCE9
URqiXikY7VCLk1CSw1e3tYKVcXeNN6ym9JvVPRi7qTJtCcAo97uMXMU1vg8jTQrw
b+kfwLIj/4ZzE2FjAR1GMGymnRTGDMs/b/9DdzCP3zwXqSM0nWT7YurDsU37hLmg
VpQ8tab2ij4Oq7a8aFdfChgckmO7gC4T2/OD8RoKfNNlsIrorY5pJOZTfUqMvspn
x/cGySun6x4ZEiGcqBfueVkUkl68HvE1IK9Ou7+0mhdWi+L/KrFmMi51DwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAOcbI9tUFRKz5Ts3uA2gJ6/Ozo+MB8GA1UdIwQY
MBaAFJFKpVfD09Hmt/BSXDTMHUiKWpKUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1VxbFY4UFQwZWEzOEZKY05Nd2RTSXBha3BRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9kYjk3ZDAtMjhmMi00MzI5LWI4NTYt
NGEzNDhlN2JlNDQxLzEvQTV4c2oyMVFWRXJQbE96ZTREYUFucjg3T2o0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9kYjk3ZDAtMjhmMi00MzI5LWI4NTYtNGEzNDhlN2JlNDQx
LzEva1VxbFY4UFQwZWEzOEZKY05Nd2RTSXBha3BRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwJBPAwQA
3qfAMA0GCSqGSIb3DQEBCwUAA4IBAQAIC5OQrEnOPObwxDJA8Vr3CDB2an/0xlVW
gy+n1r9k1t1ubXMEF4ccX/K2LcSHYwhL4wZmOnBlmUpr4uTIdesyEVRjpxWL1FOo
qzrnstICJNV29OEzGiy1PIOz/xLtw64S33cW1Zak+327QWAUY8YuqZxWGf99joDD
z6FJN68BgBTO57+z2/J8CIBL1LFu76mhUCOKcv9izQl25VsPh1B70YDZvj8Fg7e+
/jkwVVLNM9Vb5TRb7qfC3UtpRdYEAFIbtnBbFnfhLmP+1mh5LcaFfLC21z3EjhGi
Trcp72ldjKL2i8adbwfKxNaJ0yMCMutS9DIym3NMUmFA2TtFsRuL
-----END CERTIFICATE-----
Generated at Tue Apr 28 17:26:25 2026 by rpki-client