Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/9a1893-730d-4536-aa17-cd4effb60eee/1/1KFYu4jy7l9aS9TUPXk3DANIqRI.roa
File: 1KFYu4jy7l9aS9TUPXk3DANIqRI.roa (raw, json)
Hash identifier: njXP8EpKLgeDLlRTelpsCQZaLi9KdwzoO/HaFQGDV1o=
Subject key identifier: D4:A1:58:BB:88:F2:EE:5F:5A:4B:D4:D4:3D:79:37:0C:03:48:A9:12
Certificate issuer: /CN=cc1a8572a805d61e68cf1208bbd08439a778dde2
Certificate serial: 019D2B89647AFCD30B81631A959887E3DFBF
Authority key identifier: CC:1A:85:72:A8:05:D6:1E:68:CF:12:08:BB:D0:84:39:A7:78:DD:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zBqFcqgF1h5ozxIIu9CEOad43eI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/9a1893-730d-4536-aa17-cd4effb60eee/1/1KFYu4jy7l9aS9TUPXk3DANIqRI.roa
Signing time: Thu 26 Mar 2026 19:05:17 +0000
ROA not before: Thu 26 Mar 2026 19:05:17 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 198084
IP address blocks: 194.32.212.0/24 maxlen: 24
2a0e:7bc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/9a1893-730d-4536-aa17-cd4effb60eee/1/zBqFcqgF1h5ozxIIu9CEOad43eI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/9a1893-730d-4536-aa17-cd4effb60eee/1/zBqFcqgF1h5ozxIIu9CEOad43eI.mft
rsync://rpki.ripe.net/repository/DEFAULT/zBqFcqgF1h5ozxIIu9CEOad43eI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 16:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2b:89:64:7a:fc:d3:0b:81:63:1a:95:98:87:e3:df:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cc1a8572a805d61e68cf1208bbd08439a778dde2
Validity
Not Before: Mar 26 19:05:17 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d4a158bb88f2ee5f5a4bd4d43d79370c0348a912
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:15:e0:ca:32:65:99:8b:1d:06:c3:cb:7e:91:
89:1d:f9:4a:ba:0f:9a:ef:69:07:63:c0:f1:fc:2c:
81:21:39:a7:9d:4a:50:ac:dc:c1:bf:dd:6e:56:a8:
e8:3f:74:24:ca:1b:be:dc:48:8c:82:35:dc:00:81:
4b:1e:bc:e9:6e:b6:ad:3b:dc:94:52:9f:7c:6e:4f:
0c:b9:8e:d4:67:26:63:2d:06:df:6b:dc:46:dc:fe:
04:42:fe:43:de:5f:8a:65:f3:b7:9f:17:6b:9c:39:
75:a2:00:c2:e9:b8:12:bd:dd:60:ae:73:93:3c:9a:
d4:e7:fb:90:b7:4d:ed:bb:49:6e:54:52:ca:39:f2:
44:e6:a8:c6:31:0c:3a:a7:1d:fc:4e:89:13:9d:9f:
9a:8c:ee:cc:63:34:c1:0b:b5:1c:79:96:4f:41:2c:
90:41:6c:49:e3:cb:4b:4b:6c:00:f2:6e:11:58:82:
42:7a:98:e1:5f:86:c8:50:b7:87:7f:f3:81:f6:ed:
fa:d9:5d:fd:44:3d:32:59:83:94:d2:8e:db:2e:1b:
b3:f6:0e:dd:58:01:fc:d5:ce:a7:3b:46:30:56:53:
4c:ff:68:a0:58:e2:87:d3:0c:47:0f:bf:5c:d6:b3:
72:10:a8:c5:3b:67:86:d8:95:f9:a7:25:e7:63:d1:
86:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:A1:58:BB:88:F2:EE:5F:5A:4B:D4:D4:3D:79:37:0C:03:48:A9:12
X509v3 Authority Key Identifier:
keyid:CC:1A:85:72:A8:05:D6:1E:68:CF:12:08:BB:D0:84:39:A7:78:DD:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zBqFcqgF1h5ozxIIu9CEOad43eI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/9a1893-730d-4536-aa17-cd4effb60eee/1/1KFYu4jy7l9aS9TUPXk3DANIqRI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/9a1893-730d-4536-aa17-cd4effb60eee/1/zBqFcqgF1h5ozxIIu9CEOad43eI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.32.212.0/24
IPv6:
2a0e:7bc0::/29
Signature Algorithm: sha256WithRSAEncryption
01:84:d0:3d:5e:a7:4c:5e:fd:48:62:15:41:06:75:37:99:15:
85:a8:69:af:23:8f:2c:dc:70:7e:61:59:a2:80:1c:73:ca:5b:
4d:52:2e:76:6f:45:0a:fc:b3:3d:c3:33:f1:88:97:4f:19:80:
eb:83:5c:60:a4:e9:cd:94:58:33:d3:95:09:a2:f1:1a:e4:9a:
0b:5f:05:c0:3b:02:6a:cc:46:d4:b0:d5:ef:30:7d:00:89:1a:
10:c9:85:25:70:f1:fb:94:5a:ff:0f:9b:d7:7c:be:5b:d4:66:
b1:9c:bd:09:4c:82:48:04:70:c0:38:c7:74:01:5c:89:66:4c:
76:af:2a:dd:2d:57:26:63:62:12:00:c6:27:8e:99:49:30:c2:
6e:75:1d:35:b0:31:0a:dd:73:66:14:39:cb:5e:2b:e6:c7:61:
6d:d1:0b:a5:8e:53:6d:f7:83:f5:67:11:db:02:45:8e:4e:d8:
ae:72:25:4d:d8:e7:25:6f:1b:90:5e:33:2a:b6:e8:3c:b0:a2:
2e:ea:28:d4:ed:96:1e:c6:98:ec:c6:6a:bb:cd:77:7e:11:a5:
05:cf:b7:e3:e0:e0:0f:c4:1f:4e:27:f0:49:59:30:7e:94:d2:
e0:db:84:e6:79:4d:bc:53:a7:a4:6a:8f:05:de:85:0d:5a:15:
0a:da:c7:59
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZ0riWR6/NMLgWMalZiH49+/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjMWE4NTcyYTgwNWQ2MWU2OGNmMTIwOGJiZDA4NDM5YTc3
OGRkZTIwHhcNMjYwMzI2MTkwNTE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGExNThiYjg4ZjJlZTVmNWE0YmQ0ZDQzZDc5MzcwYzAzNDhhOTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBXgyjJlmYsdBsPLfpGJHflKug+a
72kHY8Dx/CyBITmnnUpQrNzBv91uVqjoP3Qkyhu+3EiMgjXcAIFLHrzpbratO9yU
Up98bk8MuY7UZyZjLQbfa9xG3P4EQv5D3l+KZfO3nxdrnDl1ogDC6bgSvd1grnOT
PJrU5/uQt03tu0luVFLKOfJE5qjGMQw6px38TokTnZ+ajO7MYzTBC7UceZZPQSyQ
QWxJ48tLS2wA8m4RWIJCepjhX4bIULeHf/OB9u362V39RD0yWYOU0o7bLhuz9g7d
WAH81c6nO0YwVlNM/2igWOKH0wxHD79c1rNyEKjFO2eG2JX5pyXnY9GGawIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNShWLuI8u5fWkvU1D15NwwDSKkSMB8GA1UdIwQY
MBaAFMwahXKoBdYeaM8SCLvQhDmneN3iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekJxRmNxZ0YxaDVvenhJSXU5Q0VPYWQ0M2VJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC85YTE4OTMtNzMwZC00NTM2LWFhMTct
Y2Q0ZWZmYjYwZWVlLzEvMUtGWXU0ank3bDlhUzlUVVBYazNEQU5JcVJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC85YTE4OTMtNzMwZC00NTM2LWFhMTctY2Q0ZWZmYjYwZWVl
LzEvekJxRmNxZ0YxaDVvenhJSXU5Q0VPYWQ0M2VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwiDUMA0E
AgACMAcDBQMqDnvAMA0GCSqGSIb3DQEBCwUAA4IBAQABhNA9XqdMXv1IYhVBBnU3
mRWFqGmvI48s3HB+YVmigBxzyltNUi52b0UK/LM9wzPxiJdPGYDrg1xgpOnNlFgz
05UJovEa5JoLXwXAOwJqzEbUsNXvMH0AiRoQyYUlcPH7lFr/D5vXfL5b1GaxnL0J
TIJIBHDAOMd0AVyJZkx2ryrdLVcmY2ISAMYnjplJMMJudR01sDEK3XNmFDnLXivm
x2Ft0QuljlNt94P1ZxHbAkWOTtiuciVN2OclbxuQXjMqtug8sKIu6ijU7ZYexpjs
xmq7zXd+EaUFz7fj4OAPxB9OJ/BJWTB+lNLg24TmeU28U6ekao8F3oUNWhUK2sdZ
-----END CERTIFICATE-----
Generated at Sun Mar 29 20:20:29 2026 by rpki-client