Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/1-AaI8fejT2EuBy8bU5EK8dhnX4M.roa
File: 1-AaI8fejT2EuBy8bU5EK8dhnX4M.roa (raw, json)
Hash identifier: qwdK+ai51JoHl+AaZesyfOeD/xmeqONm4BEGQ9/yp+8=
Subject key identifier: F8:06:88:F1:F7:A3:4F:61:2E:07:2F:1B:53:91:0A:F1:D8:67:5F:83
Certificate issuer: /CN=0c90c356e2864f43894857443555d8b5c0352819
Certificate serial: 019E2B185AA659E9923E2B5A56092A85FEFD
Authority key identifier: 0C:90:C3:56:E2:86:4F:43:89:48:57:44:35:55:D8:B5:C0:35:28:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DJDDVuKGT0OJSFdENVXYtcA1KBk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/1-AaI8fejT2EuBy8bU5EK8dhnX4M.roa
Signing time: Fri 15 May 2026 10:04:36 +0000
ROA not before: Fri 15 May 2026 10:04:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 197834
IP address blocks: 109.75.32.0/23 maxlen: 24
176.32.192.0/21 maxlen: 21
176.32.192.0/23 maxlen: 24
176.32.192.0/24 maxlen: 24
176.32.192.236/32 maxlen: 32
176.32.193.0/24 maxlen: 24
176.32.194.0/23 maxlen: 24
176.32.194.0/24 maxlen: 24
176.32.195.0/24 maxlen: 24
176.32.196.0/23 maxlen: 24
176.32.196.0/24 maxlen: 24
176.32.197.0/24 maxlen: 24
176.32.198.0/23 maxlen: 24
176.32.198.0/24 maxlen: 24
176.32.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/DJDDVuKGT0OJSFdENVXYtcA1KBk.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/DJDDVuKGT0OJSFdENVXYtcA1KBk.mft
rsync://rpki.ripe.net/repository/DEFAULT/DJDDVuKGT0OJSFdENVXYtcA1KBk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 17 May 2026 12:40:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:2b:18:5a:a6:59:e9:92:3e:2b:5a:56:09:2a:85:fe:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c90c356e2864f43894857443555d8b5c0352819
Validity
Not Before: May 15 10:04:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f80688f1f7a34f612e072f1b53910af1d8675f83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:84:53:86:93:a0:b7:21:99:66:ea:8b:da:b7:
2a:3a:c7:41:e3:4a:2b:9a:32:da:56:43:46:f1:b0:
66:0e:10:c2:30:20:f3:19:37:49:1f:23:06:57:11:
1f:33:e1:2e:49:87:8c:d9:1a:ae:78:64:70:60:6f:
1b:2b:cf:4a:af:0d:36:70:41:88:c1:07:43:56:ca:
d8:ef:62:0a:6e:e0:b8:7d:49:ac:ad:df:59:e0:e6:
f4:42:be:35:ca:6a:97:f2:dd:49:8f:ec:dd:20:44:
b6:c8:9b:5b:90:e8:c0:2c:1e:8f:fc:6c:4e:69:e7:
3c:dc:4d:e9:7a:ea:51:74:46:64:84:90:02:e5:af:
59:93:06:3b:13:aa:4b:b8:4d:b3:ce:74:b6:87:bd:
81:3f:11:32:66:99:4a:51:59:1c:15:2d:e5:65:ee:
97:e3:29:a6:92:8d:92:03:a2:ab:19:db:85:f4:a6:
78:02:10:51:50:97:f8:eb:cb:c5:46:01:db:2c:67:
60:c2:ce:54:0e:e4:28:65:46:9a:24:be:7e:4a:d8:
b8:ec:ad:50:db:79:f7:dd:d1:cf:dd:64:b9:57:7b:
2e:72:68:78:8d:66:57:1a:75:a4:55:b6:f4:67:c0:
56:4a:fa:01:8c:df:c5:4f:8b:ba:d5:92:01:86:18:
07:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:06:88:F1:F7:A3:4F:61:2E:07:2F:1B:53:91:0A:F1:D8:67:5F:83
X509v3 Authority Key Identifier:
keyid:0C:90:C3:56:E2:86:4F:43:89:48:57:44:35:55:D8:B5:C0:35:28:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DJDDVuKGT0OJSFdENVXYtcA1KBk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/1-AaI8fejT2EuBy8bU5EK8dhnX4M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/DJDDVuKGT0OJSFdENVXYtcA1KBk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.75.32.0/23
176.32.192.0/21
Signature Algorithm: sha256WithRSAEncryption
4d:87:7b:42:20:4c:37:89:3c:71:1c:8c:00:9d:92:b5:3f:a4:
7d:32:13:80:13:6e:eb:4d:c1:f8:ca:45:fb:b8:cb:cf:b4:94:
74:92:71:ae:7e:5a:42:73:ed:e7:67:75:df:20:d5:fb:cb:8c:
4f:19:44:43:e3:9c:11:ff:07:6e:96:d4:f2:fc:dd:14:28:2a:
d6:5f:03:0a:c4:04:f8:cc:7a:d2:af:ef:7a:9a:f3:38:c1:f4:
5a:16:01:3c:26:9a:7d:9c:2a:63:f7:b2:db:c5:0c:5d:d5:8d:
16:83:cf:d8:b7:dc:24:bf:2e:83:93:31:ec:46:b2:43:8e:2b:
4f:71:67:b6:a5:48:a4:0f:cf:de:15:03:6d:7d:0a:d0:59:59:
b8:ef:c6:e2:dd:00:80:c1:af:93:95:af:c0:85:fa:86:53:85:
47:3f:e1:4d:6a:f6:8e:2f:af:f0:c8:be:15:25:96:65:ab:e7:
f7:95:c7:1e:5b:e3:4d:af:4f:d3:42:2f:fa:b8:68:7a:22:73:
82:f1:2b:86:eb:4c:8c:c7:41:0f:3f:9d:11:89:86:46:31:59:
d0:18:d8:4e:9a:76:f2:19:70:2d:84:71:79:ae:fc:48:6b:f1:
16:6b:09:c8:19:13:04:09:a3:fb:2f:44:e4:5b:f4:51:fd:ab:
bc:8d:3c:54
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAZ4rGFqmWemSPitaVgkqhf79MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjOTBjMzU2ZTI4NjRmNDM4OTQ4NTc0NDM1NTVkOGI1YzAz
NTI4MTkwHhcNMjYwNTE1MTAwNDM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODA2ODhmMWY3YTM0ZjYxMmUwNzJmMWI1MzkxMGFmMWQ4Njc1ZjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkoRThpOgtyGZZuqL2rcqOsdB40or
mjLaVkNG8bBmDhDCMCDzGTdJHyMGVxEfM+EuSYeM2RqueGRwYG8bK89Krw02cEGI
wQdDVsrY72IKbuC4fUmsrd9Z4Ob0Qr41ymqX8t1Jj+zdIES2yJtbkOjALB6P/GxO
aec83E3peupRdEZkhJAC5a9ZkwY7E6pLuE2zznS2h72BPxEyZplKUVkcFS3lZe6X
4ymmko2SA6KrGduF9KZ4AhBRUJf468vFRgHbLGdgws5UDuQoZUaaJL5+Sti47K1Q
23n33dHP3WS5V3sucmh4jWZXGnWkVbb0Z8BWSvoBjN/FT4u61ZIBhhgHFQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPgGiPH3o09hLgcvG1ORCvHYZ1+DMB8GA1UdIwQY
MBaAFAyQw1bihk9DiUhXRDVV2LXANSgZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREpERFZ1S0dUME9KU0ZkRU5WWFl0Y0ExS0JrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hYzVhNTYtMTYzYS00OTdhLTk1NDct
ZTM3OTlhZGU5ZGZlLzEvMS1BYUk4ZmVqVDJFdUJ5OGJVNUVLOGRoblg0TS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzgvYWM1YTU2LTE2M2EtNDk3YS05NTQ3LWUzNzk5YWRlOWRm
ZS8xL0RKRERWdUtHVDBPSlNGZEVOVlhZdGNBMUtCay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAW1LIAME
A7AgwDANBgkqhkiG9w0BAQsFAAOCAQEATYd7QiBMN4k8cRyMAJ2StT+kfTITgBNu
603B+MpF+7jLz7SUdJJxrn5aQnPt52d13yDV+8uMTxlEQ+OcEf8HbpbU8vzdFCgq
1l8DCsQE+Mx60q/veprzOMH0WhYBPCaafZwqY/ey28UMXdWNFoPP2LfcJL8ug5Mx
7EayQ44rT3FntqVIpA/P3hUDbX0K0FlZuO/G4t0AgMGvk5WvwIX6hlOFRz/hTWr2
ji+v8Mi+FSWWZavn95XHHlvjTa9P00Iv+rhoeiJzgvErhutMjMdBDz+dEYmGRjFZ
0BjYTpp28hlwLYRxea78SGvxFmsJyBkTBAmj+y9E5Fv0Uf2rvI08VA==
-----END CERTIFICATE-----
Generated at Sat May 16 19:27:56 2026 by rpki-client