Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/tBNYZaieyLkxhAG8K6mEqTlyWQc.roa
File: tBNYZaieyLkxhAG8K6mEqTlyWQc.roa (raw, json)
Hash identifier: BSOv9GE43L4HUqWHnXz8Vq3yMdutByUFpTe8Jjtvtv4=
Subject key identifier: B4:13:58:65:A8:9E:C8:B9:31:84:01:BC:2B:A9:84:A9:39:72:59:07
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 019CD784D15E972063C9437AEBAF3A18E907
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/tBNYZaieyLkxhAG8K6mEqTlyWQc.roa
Signing time: Tue 10 Mar 2026 11:32:11 +0000
ROA not before: Tue 10 Mar 2026 11:32:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 61102
IP address blocks: 192.71.27.0/24 maxlen: 24
193.182.144.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Mar 2026 13:53:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:d7:84:d1:5e:97:20:63:c9:43:7a:eb:af:3a:18:e9:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Mar 10 11:32:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b4135865a89ec8b9318401bc2ba984a939725907
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:00:69:72:34:c4:1d:f4:a9:8b:b6:a4:ed:9e:
ce:40:b1:cb:a3:69:8a:3f:00:1a:fc:46:0b:a6:47:
64:6e:b5:57:b3:46:f5:57:30:35:8e:d2:e6:6c:5b:
e4:88:43:1c:08:f1:a1:cc:78:8b:00:86:d0:4e:c0:
dc:dd:3a:5e:0c:37:e4:b9:e2:a7:20:70:23:65:6b:
06:da:da:34:70:6f:39:31:55:d3:f0:81:b8:77:1a:
22:c3:26:58:d1:71:59:aa:63:05:1f:7a:5a:b3:55:
c7:f0:1b:4e:a5:ba:fd:97:ee:01:a1:3d:b7:ee:ca:
b7:d7:8b:2a:2f:a1:2e:26:7d:83:3d:0a:6a:81:de:
88:17:e1:94:0c:46:dd:79:0e:26:47:19:1b:30:ed:
e4:f4:05:2f:f2:99:ad:02:88:8b:31:32:f8:2d:d7:
e7:45:25:fd:9c:96:d1:51:41:cf:b8:c2:8a:22:c7:
d3:7d:89:a5:6f:e3:7d:96:c8:ce:16:a3:51:68:ab:
68:c4:b6:ee:3d:64:4d:f7:83:26:92:e2:29:e9:a5:
6f:c2:e4:87:9f:f9:42:82:12:dd:7d:5e:81:67:43:
b4:df:6d:b2:e5:fd:a8:64:ed:bc:a6:64:54:bc:19:
2c:4a:a7:1a:2d:2d:db:54:3e:1d:82:3e:f4:2e:88:
71:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:13:58:65:A8:9E:C8:B9:31:84:01:BC:2B:A9:84:A9:39:72:59:07
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/tBNYZaieyLkxhAG8K6mEqTlyWQc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.27.0/24
193.182.144.0/24
Signature Algorithm: sha256WithRSAEncryption
53:a8:d9:78:72:3f:bc:fa:0b:a3:a7:35:8c:47:44:0e:ac:1d:
e1:af:74:5a:40:cb:5d:b9:4c:07:a0:19:96:ae:da:28:0d:2d:
09:38:6c:19:66:8b:b1:f8:3d:72:6a:b0:b1:2f:cd:0c:63:2e:
53:dc:4d:ca:d3:53:92:58:7a:ee:c6:2b:49:54:4b:2d:35:08:
43:60:31:b2:33:3e:ad:63:ab:a8:3b:50:14:21:7f:0d:ae:cc:
a0:e7:cb:fe:cd:85:ad:34:cc:79:9f:b5:7f:27:ed:93:bf:ed:
bc:4e:7f:45:26:13:9e:53:bf:8e:3a:fc:c1:5b:fe:2f:ea:bd:
8c:1a:9e:3e:b5:2f:dd:c8:5c:43:ae:15:d2:b8:29:a3:6d:6f:
04:7b:a2:be:6e:82:d7:10:d5:5c:e8:4e:a0:3c:85:0c:1d:b6:
37:70:6d:da:b0:03:b3:b3:d4:da:92:b2:97:1c:ad:5a:af:a1:
61:96:e0:b8:c4:68:ca:fc:f5:46:3f:45:9c:23:dd:c3:fe:95:
2e:d7:b9:96:f5:17:04:2d:fc:97:41:cf:00:a1:58:aa:53:64:
c8:eb:ad:7a:9f:e7:e8:49:3d:bf:f6:d5:28:be:b5:70:97:42:
0f:a8:67:66:04:39:cc:65:2e:9f:8f:13:97:91:d8:33:51:13:
49:7f:2b:c0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZzXhNFelyBjyUN66686GOkHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjYwMzEwMTEzMjExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDEzNTg2NWE4OWVjOGI5MzE4NDAxYmMyYmE5ODRhOTM5NzI1OTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5wBpcjTEHfSpi7ak7Z7OQLHLo2mK
PwAa/EYLpkdkbrVXs0b1VzA1jtLmbFvkiEMcCPGhzHiLAIbQTsDc3TpeDDfkueKn
IHAjZWsG2to0cG85MVXT8IG4dxoiwyZY0XFZqmMFH3pas1XH8BtOpbr9l+4BoT23
7sq314sqL6EuJn2DPQpqgd6IF+GUDEbdeQ4mRxkbMO3k9AUv8pmtAoiLMTL4Ldfn
RSX9nJbRUUHPuMKKIsfTfYmlb+N9lsjOFqNRaKtoxLbuPWRN94MmkuIp6aVvwuSH
n/lCghLdfV6BZ0O0322y5f2oZO28pmRUvBksSqcaLS3bVD4dgj70LohxKQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLQTWGWonsi5MYQBvCuphKk5clkHMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvdEJOWVphaWV5TGt4aEFHOEs2bUVxVGx5V1FjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwEcbAwQA
wbaQMA0GCSqGSIb3DQEBCwUAA4IBAQBTqNl4cj+8+gujpzWMR0QOrB3hr3RaQMtd
uUwHoBmWrtooDS0JOGwZZoux+D1yarCxL80MYy5T3E3K01OSWHruxitJVEstNQhD
YDGyMz6tY6uoO1AUIX8Nrsyg58v+zYWtNMx5n7V/J+2Tv+28Tn9FJhOeU7+OOvzB
W/4v6r2MGp4+tS/dyFxDrhXSuCmjbW8Ee6K+boLXENVc6E6gPIUMHbY3cG3asAOz
s9TakrKXHK1ar6FhluC4xGjK/PVGP0WcI93D/pUu17mW9RcELfyXQc8AoViqU2TI
6616n+foST2/9tUovrVwl0IPqGdmBDnMZS6fjxOXkdgzURNJfyvA
-----END CERTIFICATE-----
Generated at Thu Mar 12 21:36:38 2026 by rpki-client