Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/fOoxnzASXzopslTz2k2wiJL3x5M.roa
File: fOoxnzASXzopslTz2k2wiJL3x5M.roa (raw, json)
Hash identifier: D1BQFLMSMw0KzyyXwQEu8OixU3Lr8v2KEMxHdqrQGxI=
Subject key identifier: 7C:EA:31:9F:30:12:5F:3A:29:B2:54:F3:DA:4D:B0:88:92:F7:C7:93
Certificate issuer: /CN=19ee5f16fc144acb98977449faa0ab77de1bdcc9
Certificate serial: 019E4F13CC880EBE68CBF813ABA5F574FC27
Authority key identifier: 19:EE:5F:16:FC:14:4A:CB:98:97:74:49:FA:A0:AB:77:DE:1B:DC:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/fOoxnzASXzopslTz2k2wiJL3x5M.roa
Signing time: Fri 22 May 2026 09:45:58 +0000
ROA not before: Fri 22 May 2026 09:45:58 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 185.1.15.0/24 maxlen: 24
193.34.203.128/26 maxlen: 26
2001:7f8:7a::/48 maxlen: 48
2001:7f8:96::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 May 2026 17:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:4f:13:cc:88:0e:be:68:cb:f8:13:ab:a5:f5:74:fc:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19ee5f16fc144acb98977449faa0ab77de1bdcc9
Validity
Not Before: May 22 09:45:58 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7cea319f30125f3a29b254f3da4db08892f7c793
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:46:00:2c:ed:b3:7a:f8:f1:5a:a3:cb:80:4b:
30:e8:2d:e9:d9:22:b1:f8:34:47:68:c9:e5:b0:d7:
7c:8f:b6:ab:de:57:f7:64:7c:49:a4:f6:01:00:8b:
c6:3d:f9:80:3c:7c:74:bb:60:42:ba:d3:59:df:7d:
81:66:94:98:1f:80:b2:cf:9a:9c:26:ca:31:52:61:
1c:64:c8:4d:7a:d0:80:e8:a3:cc:b8:4f:0b:a8:be:
9b:e3:24:af:5e:90:dc:29:cf:54:24:78:e4:f0:e0:
6a:3f:69:6a:1f:8c:db:7a:ae:37:28:8b:0d:c3:32:
83:5d:b5:f8:f2:79:da:b9:24:c6:4c:de:cc:44:9f:
fa:91:cd:cb:7e:28:94:e8:3f:7e:de:c7:7b:e5:cd:
c8:ef:ca:43:91:3e:a2:31:27:31:73:4c:aa:fe:75:
89:1c:39:c2:71:a4:f8:5c:cf:2b:3c:d8:b0:b2:03:
98:9c:cc:ae:5d:8a:b3:82:0a:fd:ab:f0:8a:9f:99:
62:8d:c1:2b:e5:0b:8c:50:04:2f:10:1f:ca:61:f8:
25:15:a5:e8:72:fb:7d:80:1d:9b:6c:94:06:a9:54:
23:4a:1a:a9:36:b0:fc:a1:be:1f:65:ee:a0:a8:36:
1e:cf:9b:67:5c:ac:d1:ab:0f:a8:7b:ee:f8:b8:ce:
c4:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:EA:31:9F:30:12:5F:3A:29:B2:54:F3:DA:4D:B0:88:92:F7:C7:93
X509v3 Authority Key Identifier:
keyid:19:EE:5F:16:FC:14:4A:CB:98:97:74:49:FA:A0:AB:77:DE:1B:DC:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/fOoxnzASXzopslTz2k2wiJL3x5M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.15.0/24
193.34.203.128/26
IPv6:
2001:7f8:7a::/48
2001:7f8:96::/48
Signature Algorithm: sha256WithRSAEncryption
7e:ca:15:b0:82:35:97:ab:c1:72:08:0f:3a:c4:4c:32:5f:84:
7f:ef:38:f0:2b:b3:2c:bd:92:09:1c:a9:97:7e:1b:54:dc:92:
b3:94:0f:f2:cc:22:43:e3:f7:d0:af:31:c0:68:1f:8c:48:62:
1e:db:0b:71:d6:3f:22:f5:2a:76:6e:92:ab:2b:0d:a2:09:24:
00:bf:9a:0f:34:d9:50:3a:73:e5:92:64:59:1e:86:10:66:e8:
59:22:11:85:c3:42:f8:85:7f:16:e6:f0:7b:59:74:63:20:22:
f8:8b:0c:12:94:b6:6d:46:90:97:6c:c4:d8:49:5b:49:02:50:
39:9b:69:5f:01:2a:9a:00:15:a3:e5:29:ae:a7:96:91:83:c1:
b5:85:b7:4f:17:93:b8:a3:63:09:5e:43:e9:9b:2d:9a:34:aa:
3f:c5:af:52:bf:0a:d9:06:3a:ee:a2:72:45:06:be:66:ad:8e:
74:f6:09:b5:3c:ba:7a:b1:d4:5c:f1:85:09:60:cf:66:f6:6e:
da:74:2c:0c:9c:25:38:94:bc:1b:f4:1d:d8:99:70:47:2f:72:
ee:20:81:26:d3:38:7e:96:fa:b7:7a:ae:50:a8:ba:12:83:8f:
2d:18:0e:a9:07:53:d9:84:4b:6d:b4:1e:ff:97:11:15:94:62:
9a:1a:94:11
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZ5PE8yIDr5oy/gTq6X1dPwnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5ZWU1ZjE2ZmMxNDRhY2I5ODk3NzQ0OWZhYTBhYjc3ZGUx
YmRjYzkwHhcNMjYwNTIyMDk0NTU4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2VhMzE5ZjMwMTI1ZjNhMjliMjU0ZjNkYTRkYjA4ODkyZjdjNzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArEYALO2zevjxWqPLgEsw6C3p2SKx
+DRHaMnlsNd8j7ar3lf3ZHxJpPYBAIvGPfmAPHx0u2BCutNZ332BZpSYH4Cyz5qc
JsoxUmEcZMhNetCA6KPMuE8LqL6b4ySvXpDcKc9UJHjk8OBqP2lqH4zbeq43KIsN
wzKDXbX48nnauSTGTN7MRJ/6kc3LfiiU6D9+3sd75c3I78pDkT6iMScxc0yq/nWJ
HDnCcaT4XM8rPNiwsgOYnMyuXYqzggr9q/CKn5lijcEr5QuMUAQvEB/KYfglFaXo
cvt9gB2bbJQGqVQjShqpNrD8ob4fZe6gqDYez5tnXKzRqw+oe+74uM7EjQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFHzqMZ8wEl86KbJU89pNsIiS98eTMB8GA1UdIwQY
MBaAFBnuXxb8FErLmJd0Sfqgq3feG9zJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2U1ZkZ2d1VTc3VZbDNSSi1xQ3JkOTRiM01rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC83NDIzNzAtZTEwZi00NTQxLWFhNmMt
NjFhZmI2NmQxZThjLzEvZk9veG56QVNYem9wc2xUejJrMndpSkwzeDVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC83NDIzNzAtZTEwZi00NTQxLWFhNmMtNjFhZmI2NmQxZThj
LzEvR2U1ZkZ2d1VTc3VZbDNSSi1xQ3JkOTRiM01rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzATBAIAATANAwQAuQEPAwUG
wSLLgDAYBAIAAjASAwcAIAEH+AB6AwcAIAEH+ACWMA0GCSqGSIb3DQEBCwUAA4IB
AQB+yhWwgjWXq8FyCA86xEwyX4R/7zjwK7MsvZIJHKmXfhtU3JKzlA/yzCJD4/fQ
rzHAaB+MSGIe2wtx1j8i9Sp2bpKrKw2iCSQAv5oPNNlQOnPlkmRZHoYQZuhZIhGF
w0L4hX8W5vB7WXRjICL4iwwSlLZtRpCXbMTYSVtJAlA5m2lfASqaABWj5Smup5aR
g8G1hbdPF5O4o2MJXkPpmy2aNKo/xa9SvwrZBjruonJFBr5mrY509gm1PLp6sdRc
8YUJYM9m9m7adCwMnCU4lLwb9B3YmXBHL3LuIIEm0zh+lvq3eq5QqLoSg48tGA6p
B1PZhEtttB7/lxEVlGKaGpQR
-----END CERTIFICATE-----
Generated at Sat May 23 03:03:22 2026 by rpki-client