Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/07f623-14fb-4a80-9f46-23331b64916c/1/sMrBExcBNyZbEnrVywVSOFeLcb4.roa
File: sMrBExcBNyZbEnrVywVSOFeLcb4.roa (raw, json)
Hash identifier: eoOQQ8Kblfu/hBOPnWF2JYYp3Cnwq5S5/rfMWegrtbQ=
Subject key identifier: B0:CA:C1:13:17:01:37:26:5B:12:7A:D5:CB:05:52:38:57:8B:71:BE
Certificate issuer: /CN=a7a4e23482268475c1b935637d0002c2fd2993b8
Certificate serial: 019DDD89803DAC8A21E68845AC032C1A6A36
Authority key identifier: A7:A4:E2:34:82:26:84:75:C1:B9:35:63:7D:00:02:C2:FD:29:93:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p6TiNIImhHXBuTVjfQACwv0pk7g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/07f623-14fb-4a80-9f46-23331b64916c/1/sMrBExcBNyZbEnrVywVSOFeLcb4.roa
Signing time: Thu 30 Apr 2026 08:37:49 +0000
ROA not before: Thu 30 Apr 2026 08:37:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 199154
IP address blocks: 185.43.32.0/24 maxlen: 24
2a14:ae00:101::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/07f623-14fb-4a80-9f46-23331b64916c/1/p6TiNIImhHXBuTVjfQACwv0pk7g.crl
rsync://rpki.ripe.net/repository/DEFAULT/cc/07f623-14fb-4a80-9f46-23331b64916c/1/p6TiNIImhHXBuTVjfQACwv0pk7g.mft
rsync://rpki.ripe.net/repository/DEFAULT/p6TiNIImhHXBuTVjfQACwv0pk7g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 04 May 2026 08:01:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:dd:89:80:3d:ac:8a:21:e6:88:45:ac:03:2c:1a:6a:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7a4e23482268475c1b935637d0002c2fd2993b8
Validity
Not Before: Apr 30 08:37:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b0cac113170137265b127ad5cb055238578b71be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:42:1e:be:0b:d4:21:09:e6:f0:12:70:d0:32:
02:bc:6b:99:c7:02:34:bf:c4:33:7f:ec:32:c3:06:
0e:1e:88:0d:f3:bf:f4:62:84:30:76:da:5c:45:bd:
ec:95:d6:d2:6c:cd:a1:a3:b8:a0:1a:f4:22:1a:87:
39:40:f4:48:eb:3a:ab:18:c1:a1:5b:5b:af:07:38:
21:73:55:13:83:45:d7:2d:d7:74:d3:8c:a8:4c:3d:
16:fd:b1:a8:1b:14:dc:bd:45:f8:ab:96:05:a0:30:
3d:0e:97:95:f9:6e:58:3a:58:b0:f9:c9:66:58:31:
94:ba:84:e3:a5:0b:b4:99:87:34:19:f2:57:d3:33:
b2:61:df:16:ba:a1:53:de:71:e4:e3:9e:e9:f7:f5:
51:65:c3:46:08:82:03:95:81:ac:6f:9e:d4:73:d7:
29:ac:31:15:01:92:d4:89:03:76:a0:63:7d:8e:01:
ef:7d:41:76:b1:67:11:d2:fe:f0:69:1b:5d:87:05:
cd:b8:b9:a0:69:07:81:ba:13:6f:3c:ff:fc:9d:0d:
e2:77:6a:15:9f:88:ec:08:b5:13:24:6c:98:ee:f3:
4c:67:85:cb:48:9e:19:16:44:fd:39:ef:f1:4f:d5:
f6:a6:93:cb:5b:17:91:b4:78:f1:45:7d:91:f8:4e:
36:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:CA:C1:13:17:01:37:26:5B:12:7A:D5:CB:05:52:38:57:8B:71:BE
X509v3 Authority Key Identifier:
keyid:A7:A4:E2:34:82:26:84:75:C1:B9:35:63:7D:00:02:C2:FD:29:93:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p6TiNIImhHXBuTVjfQACwv0pk7g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/07f623-14fb-4a80-9f46-23331b64916c/1/sMrBExcBNyZbEnrVywVSOFeLcb4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/07f623-14fb-4a80-9f46-23331b64916c/1/p6TiNIImhHXBuTVjfQACwv0pk7g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.43.32.0/24
IPv6:
2a14:ae00:101::/48
Signature Algorithm: sha256WithRSAEncryption
a1:74:9b:31:b0:36:68:7b:89:71:4b:0f:2d:15:82:37:57:e3:
cb:ee:e9:ed:3f:9e:23:8c:d7:f1:4b:33:c1:d7:b3:88:eb:8d:
96:cc:66:d3:33:98:e2:2e:cd:fc:a7:69:f6:f5:a8:8d:29:a1:
78:99:d9:08:4b:5e:f0:8b:61:4e:33:14:64:ee:b4:7d:ae:6d:
4d:30:26:8b:57:ab:f2:cb:4a:a1:6e:6b:ae:45:a2:8a:94:42:
db:83:bb:f4:06:ff:f5:1e:4a:6f:a5:45:2f:58:ca:b2:55:d2:
c9:46:d2:2b:83:85:4c:a8:1a:bc:40:48:d5:bf:cd:15:2e:9b:
97:8c:66:90:e5:24:ff:71:64:86:80:42:49:7d:17:5e:75:f5:
bc:d7:3d:23:f2:5b:bd:06:fc:a5:4c:f7:5f:40:ca:fd:0d:69:
7b:f3:ea:41:08:1e:f9:c0:3e:c9:37:25:23:25:d6:05:ba:e6:
63:81:ef:7b:52:1d:df:5d:a3:5e:a5:ad:2a:ed:d1:d2:16:13:
e9:c4:df:72:2a:8b:ed:66:1b:97:ee:00:13:c1:4f:19:39:6d:
a7:a6:9f:e5:8c:86:27:48:a4:d1:d0:b7:a1:b9:ec:30:0c:1e:
8c:20:f2:1b:4b:2f:5d:53:a9:73:34:98:5f:d6:fd:99:f7:4d:
09:c5:81:cd
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZ3diYA9rIoh5ohFrAMsGmo2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3YTRlMjM0ODIyNjg0NzVjMWI5MzU2MzdkMDAwMmMyZmQy
OTkzYjgwHhcNMjYwNDMwMDgzNzQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGNhYzExMzE3MDEzNzI2NWIxMjdhZDVjYjA1NTIzODU3OGI3MWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxkIevgvUIQnm8BJw0DICvGuZxwI0
v8Qzf+wywwYOHogN87/0YoQwdtpcRb3sldbSbM2ho7igGvQiGoc5QPRI6zqrGMGh
W1uvBzghc1UTg0XXLdd004yoTD0W/bGoGxTcvUX4q5YFoDA9DpeV+W5YOliw+clm
WDGUuoTjpQu0mYc0GfJX0zOyYd8WuqFT3nHk457p9/VRZcNGCIIDlYGsb57Uc9cp
rDEVAZLUiQN2oGN9jgHvfUF2sWcR0v7waRtdhwXNuLmgaQeBuhNvPP/8nQ3id2oV
n4jsCLUTJGyY7vNMZ4XLSJ4ZFkT9Oe/xT9X2ppPLWxeRtHjxRX2R+E42sQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLDKwRMXATcmWxJ61csFUjhXi3G+MB8GA1UdIwQY
MBaAFKek4jSCJoR1wbk1Y30AAsL9KZO4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDZUaU5JSW1oSFhCdVRWamZRQUN3djBwazdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8wN2Y2MjMtMTRmYi00YTgwLTlmNDYt
MjMzMzFiNjQ5MTZjLzEvc01yQkV4Y0JOeVpiRW5yVnl3VlNPRmVMY2I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8wN2Y2MjMtMTRmYi00YTgwLTlmNDYtMjMzMzFiNjQ5MTZj
LzEvcDZUaU5JSW1oSFhCdVRWamZRQUN3djBwazdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuSsgMA8E
AgACMAkDBwAqFK4AAQEwDQYJKoZIhvcNAQELBQADggEBAKF0mzGwNmh7iXFLDy0V
gjdX48vu6e0/niOM1/FLM8HXs4jrjZbMZtMzmOIuzfynafb1qI0poXiZ2QhLXvCL
YU4zFGTutH2ubU0wJotXq/LLSqFua65FooqUQtuDu/QG//UeSm+lRS9YyrJV0slG
0iuDhUyoGrxASNW/zRUum5eMZpDlJP9xZIaAQkl9F1519bzXPSPyW70G/KVM919A
yv0NaXvz6kEIHvnAPsk3JSMl1gW65mOB73tSHd9do16lrSrt0dIWE+nE33Iqi+1m
G5fuABPBTxk5baemn+WMhidIpNHQt6G57DAMHowg8htLL11TqXM0mF/W/Zn3TQnF
gc0=
-----END CERTIFICATE-----
Generated at Sun May 3 17:06:21 2026 by rpki-client