Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/R91KW6utwmeCGCDEbsLR29-0mTI.roa
File: R91KW6utwmeCGCDEbsLR29-0mTI.roa (raw, json)
Hash identifier: FfWrGjiDD7Q3qgnRmpY5sO3kav8Yr1FwGw2VtadmWss=
Subject key identifier: 47:DD:4A:5B:AB:AD:C2:67:82:18:20:C4:6E:C2:D1:DB:DF:B4:99:32
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019DB0FD47A4C0C2631AC46919782EB4E5B1
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/R91KW6utwmeCGCDEbsLR29-0mTI.roa
Signing time: Tue 21 Apr 2026 17:01:22 +0000
ROA not before: Tue 21 Apr 2026 17:01:22 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 393942
IP address blocks: 2.26.182.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 May 2026 07:02:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:b0:fd:47:a4:c0:c2:63:1a:c4:69:19:78:2e:b4:e5:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Apr 21 17:01:22 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=47dd4a5babadc267821820c46ec2d1dbdfb49932
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:8b:74:4a:fc:8e:f4:b2:87:bc:00:3d:7c:af:
5e:37:a4:cd:f4:ba:a0:a3:dc:e6:b7:20:4b:6f:96:
a9:3d:72:93:ac:22:af:5a:b1:01:cb:68:4d:f2:e1:
e4:b6:18:98:58:39:ca:b4:58:cb:db:84:8e:6e:51:
96:1a:f6:18:1e:a1:ef:33:1c:54:15:69:b2:35:66:
14:6b:21:d0:b1:8d:a8:a5:8f:1b:6b:6b:55:cc:3c:
b9:51:c8:cf:9a:e2:db:22:55:a7:f1:4c:5c:94:21:
3c:08:f4:88:3d:96:3f:7a:8a:5e:de:45:2b:7f:9e:
d1:2d:99:a5:83:6f:69:c2:f4:82:30:22:01:89:78:
3d:fc:58:31:87:4f:f2:1e:b0:48:31:7e:a2:9f:61:
ac:7f:f6:90:7c:11:f0:8a:ee:54:09:f4:41:77:88:
18:ef:6f:aa:67:e5:76:a8:c5:d2:4e:22:a1:6a:4f:
cc:43:c6:dc:7f:6e:d7:05:77:ce:22:55:46:2f:77:
6f:e4:9b:f7:89:16:03:df:8e:fe:17:ad:2c:93:9f:
99:26:3f:a4:76:01:a9:97:5c:1b:17:de:a3:0a:2e:
49:de:32:93:03:b6:b1:4f:2f:c6:4f:5a:9c:9f:c7:
30:62:d7:17:dd:3a:93:63:2f:0a:e9:4f:c0:81:91:
bb:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:DD:4A:5B:AB:AD:C2:67:82:18:20:C4:6E:C2:D1:DB:DF:B4:99:32
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/R91KW6utwmeCGCDEbsLR29-0mTI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.26.182.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:d2:4a:32:41:de:87:fb:7f:62:99:be:8d:56:a1:49:57:08:
9c:ae:0e:5e:b0:01:05:bf:0c:c1:63:b9:19:6d:ef:ac:75:34:
fc:28:4d:9e:6b:9a:04:cf:44:fa:d5:ff:2f:50:2d:d9:d9:11:
f7:01:1f:49:13:d9:f3:69:8f:ae:97:f9:28:c7:fc:60:a2:c2:
7a:c6:d8:24:98:70:16:66:84:0d:60:b9:3b:91:d4:d5:8f:06:
1b:64:f7:3c:34:bf:06:1e:39:a4:a6:0b:e7:41:d7:71:14:cb:
c7:1f:10:90:bb:11:aa:c8:83:ac:57:df:85:a1:e1:e8:fc:d5:
79:8e:d7:60:8a:19:6d:b5:01:06:71:ea:cd:38:36:b8:6a:75:
22:89:43:1a:c4:72:ce:12:51:4e:0d:a9:80:4a:57:92:f2:99:
3b:be:84:36:2c:21:d1:74:3a:a7:33:f8:db:ce:b9:9a:d3:32:
c6:c3:e5:89:11:4c:ee:b0:8e:c4:6d:01:62:f5:93:d9:f1:3b:
2d:b3:44:a3:2f:3b:3f:79:9b:d3:ac:f5:32:a8:3f:d5:3d:6d:
59:81:9b:22:b6:d9:ee:e8:fb:20:c2:64:cc:9c:c0:74:47:26:
4b:70:57:2c:d3:aa:96:fe:7e:5b:09:c8:2f:87:92:21:e8:5e:
53:29:19:df
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ2w/UekwMJjGsRpGXgutOWxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwNDIxMTcwMTIyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2RkNGE1YmFiYWRjMjY3ODIxODIwYzQ2ZWMyZDFkYmRmYjQ5OTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlIt0SvyO9LKHvAA9fK9eN6TN9Lqg
o9zmtyBLb5apPXKTrCKvWrEBy2hN8uHkthiYWDnKtFjL24SOblGWGvYYHqHvMxxU
FWmyNWYUayHQsY2opY8ba2tVzDy5UcjPmuLbIlWn8UxclCE8CPSIPZY/eope3kUr
f57RLZmlg29pwvSCMCIBiXg9/Fgxh0/yHrBIMX6in2Gsf/aQfBHwiu5UCfRBd4gY
72+qZ+V2qMXSTiKhak/MQ8bcf27XBXfOIlVGL3dv5Jv3iRYD347+F60sk5+ZJj+k
dgGpl1wbF96jCi5J3jKTA7axTy/GT1qcn8cwYtcX3TqTYy8K6U/AgZG7HwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEfdSlurrcJnghggxG7C0dvftJkyMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvUjkxS1c2dXR3bWVDR0NERWJzTFIyOS0wbVRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAhq2MA0G
CSqGSIb3DQEBCwUAA4IBAQCc0koyQd6H+39imb6NVqFJVwicrg5esAEFvwzBY7kZ
be+sdTT8KE2ea5oEz0T61f8vUC3Z2RH3AR9JE9nzaY+ul/kox/xgosJ6xtgkmHAW
ZoQNYLk7kdTVjwYbZPc8NL8GHjmkpgvnQddxFMvHHxCQuxGqyIOsV9+FoeHo/NV5
jtdgihlttQEGcerNODa4anUiiUMaxHLOElFODamASleS8pk7voQ2LCHRdDqnM/jb
zrma0zLGw+WJEUzusI7EbQFi9ZPZ8Tsts0SjLzs/eZvTrPUyqD/VPW1ZgZsittnu
6PsgwmTMnMB0RyZLcFcs06qW/n5bCcgvh5Ih6F5TKRnf
-----END CERTIFICATE-----
Generated at Tue May 5 16:49:32 2026 by rpki-client