Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/_kLUu1dth_3B7PmF9-06HIamY54.roa
File: _kLUu1dth_3B7PmF9-06HIamY54.roa (raw, json)
Hash identifier: tsrahVaEw+Px1LJbghjEKURjrjy27msOxqKrS4SxHPA=
Subject key identifier: FE:42:D4:BB:57:6D:87:FD:C1:EC:F9:85:F7:ED:3A:1C:86:A6:63:9E
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 019CD782FBE90981BF674966329D1D945D30
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/_kLUu1dth_3B7PmF9-06HIamY54.roa
Signing time: Tue 10 Mar 2026 11:30:11 +0000
ROA not before: Tue 10 Mar 2026 11:30:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 57169
IP address blocks: 192.36.38.0/24 maxlen: 24
192.36.39.0/24 maxlen: 24
192.36.41.0/24 maxlen: 24
192.36.56.0/24 maxlen: 24
192.36.61.0/24 maxlen: 24
192.71.26.0/24 maxlen: 24
192.71.233.0/24 maxlen: 24
192.71.247.0/24 maxlen: 24
192.71.249.0/24 maxlen: 24
192.121.16.0/24 maxlen: 24
192.121.17.0/24 maxlen: 24
192.121.163.0/24 maxlen: 24
192.121.170.0/24 maxlen: 24
192.121.171.0/24 maxlen: 24
193.182.145.0/24 maxlen: 24
193.235.147.0/24 maxlen: 24
194.14.208.0/24 maxlen: 24
194.68.225.0/24 maxlen: 24
194.71.107.0/24 maxlen: 24
194.71.227.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Mar 2026 13:53:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:d7:82:fb:e9:09:81:bf:67:49:66:32:9d:1d:94:5d:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Mar 10 11:30:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=fe42d4bb576d87fdc1ecf985f7ed3a1c86a6639e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:1a:94:e7:fb:c6:4a:ae:c2:15:bb:15:a6:f3:
10:8c:ba:02:bb:bf:0d:b5:36:ad:92:e3:9b:7d:0c:
4c:c7:39:e5:5e:42:6a:c3:71:84:e8:8d:3d:1c:85:
0e:ef:5d:de:72:96:ec:f9:6b:4d:5a:11:39:83:a3:
66:45:2d:b2:3f:77:40:30:dd:8f:07:33:47:2d:24:
c2:e2:7c:21:2d:b3:9d:87:b9:07:6b:e8:15:70:f1:
33:e0:64:d5:04:c0:bb:34:cf:4c:75:54:6b:96:be:
4f:a5:92:17:eb:0d:1c:f9:bf:a1:de:3d:3e:f2:04:
07:c1:1d:89:b9:b0:87:96:20:7a:f3:a0:d5:9c:e8:
6b:e8:5c:9c:75:af:bd:01:e9:ab:f0:a9:8f:5f:a0:
eb:f0:9b:10:3d:c4:d2:8b:d9:18:c4:fd:c6:1a:7e:
81:26:70:59:d7:9e:ed:88:55:31:5b:9f:d8:33:a9:
96:52:2c:09:86:eb:ec:0f:36:b2:b3:88:cc:e7:60:
6e:64:fc:82:06:65:f9:fa:bd:ba:12:42:aa:aa:e6:
e2:58:b1:ba:cf:4f:00:38:7b:83:f4:79:44:83:86:
31:5d:b2:03:f9:d1:31:28:fa:d5:81:e9:7f:89:14:
1e:58:76:75:16:2f:3a:20:30:76:d0:ca:63:fd:da:
e3:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:42:D4:BB:57:6D:87:FD:C1:EC:F9:85:F7:ED:3A:1C:86:A6:63:9E
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/_kLUu1dth_3B7PmF9-06HIamY54.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.38.0/23
192.36.41.0/24
192.36.56.0/24
192.36.61.0/24
192.71.26.0/24
192.71.233.0/24
192.71.247.0/24
192.71.249.0/24
192.121.16.0/23
192.121.163.0/24
192.121.170.0/23
193.182.145.0/24
193.235.147.0/24
194.14.208.0/24
194.68.225.0/24
194.71.107.0/24
194.71.227.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:d6:83:56:f7:84:d7:39:d7:30:9b:0d:58:88:85:df:6a:aa:
86:ec:c4:70:ad:69:41:8e:b1:32:f9:4a:bf:6b:b0:19:54:a6:
fb:69:1a:cf:de:82:5a:8a:aa:ec:fe:15:b8:5b:98:d6:02:ec:
15:cd:4e:86:76:4e:8c:fe:2d:64:40:b2:e8:a6:ed:ff:1d:4e:
0c:36:dd:71:d7:50:da:4d:af:b8:d4:de:f6:27:7a:fe:fc:49:
58:ec:2f:ec:3b:0c:82:6e:41:a6:7d:47:d6:f9:93:1a:64:91:
30:ce:5c:d1:7b:bc:c7:8d:66:77:5f:3a:ea:e4:cc:6a:b4:22:
a5:f1:66:30:e9:91:e5:d1:7c:c9:ce:6e:03:4b:31:cc:2d:a5:
92:45:79:93:4c:d4:3b:70:d2:d5:09:cc:17:66:36:94:ab:5d:
a2:22:6f:42:ea:04:74:bd:ee:a7:2f:66:e3:15:e7:e8:72:cd:
8f:b7:54:48:88:f2:ab:c6:59:3d:b6:e3:32:54:3f:fd:fa:01:
2f:5d:08:1f:7b:2a:7d:6e:3d:3c:eb:61:ab:5f:7c:62:7d:e5:
e6:de:38:0a:70:dc:07:60:2a:1b:73:3d:8d:6d:dd:e4:22:8b:
d9:7c:25:91:f5:43:cc:29:4b:85:55:c9:60:40:1e:cc:69:82:
5d:a1:27:6f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAZzXgvvpCYG/Z0lmMp0dlF0wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjYwMzEwMTEzMDExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTQyZDRiYjU3NmQ4N2ZkYzFlY2Y5ODVmN2VkM2ExYzg2YTY2MzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyhqU5/vGSq7CFbsVpvMQjLoCu78N
tTatkuObfQxMxznlXkJqw3GE6I09HIUO713ecpbs+WtNWhE5g6NmRS2yP3dAMN2P
BzNHLSTC4nwhLbOdh7kHa+gVcPEz4GTVBMC7NM9MdVRrlr5PpZIX6w0c+b+h3j0+
8gQHwR2JubCHliB686DVnOhr6Fycda+9Aemr8KmPX6Dr8JsQPcTSi9kYxP3GGn6B
JnBZ157tiFUxW5/YM6mWUiwJhuvsDzays4jM52BuZPyCBmX5+r26EkKqqubiWLG6
z08AOHuD9HlEg4YxXbID+dExKPrVgel/iRQeWHZ1Fi86IDB20Mpj/drjbwIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFP5C1LtXbYf9wez5hfftOhyGpmOeMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvX2tMVXUxZHRoXzNCN1BtRjktMDZISWFtWTU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQBwCQmAwQA
wCQpAwQAwCQ4AwQAwCQ9AwQAwEcaAwQAwEfpAwQAwEf3AwQAwEf5AwQBwHkQAwQA
wHmjAwQBwHmqAwQAwbaRAwQAweuTAwQAwg7QAwQAwkThAwQAwkdrAwQAwkfjMA0G
CSqGSIb3DQEBCwUAA4IBAQA+1oNW94TXOdcwmw1YiIXfaqqG7MRwrWlBjrEy+Uq/
a7AZVKb7aRrP3oJaiqrs/hW4W5jWAuwVzU6Gdk6M/i1kQLLopu3/HU4MNt1x11Da
Ta+41N72J3r+/ElY7C/sOwyCbkGmfUfW+ZMaZJEwzlzRe7zHjWZ3Xzrq5MxqtCKl
8WYw6ZHl0XzJzm4DSzHMLaWSRXmTTNQ7cNLVCcwXZjaUq12iIm9C6gR0ve6nL2bj
Fefocs2Pt1RIiPKrxlk9tuMyVD/9+gEvXQgfeyp9bj0862GrX3xifeXm3jgKcNwH
YCobcz2Nbd3kIovZfCWR9UPMKUuFVclgQB7MaYJdoSdv
-----END CERTIFICATE-----
Generated at Thu Mar 12 21:36:36 2026 by rpki-client