Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/TpP8go9gxjsA4n1kC2kuJQbokBE.roa
File: TpP8go9gxjsA4n1kC2kuJQbokBE.roa (raw, json)
Hash identifier: 7lExTFrNOgtfm66T9jsBGx9Cjl+c6H6zYjBrnH5qrXg=
Subject key identifier: 4E:93:FC:82:8F:60:C6:3B:00:E2:7D:64:0B:69:2E:25:06:E8:90:11
Certificate issuer: /CN=c6a249a0eacd8abcbea0d82ef71016d386e8ef94
Certificate serial: 019D3F2E633840319D855A3820476BAC1717
Authority key identifier: C6:A2:49:A0:EA:CD:8A:BC:BE:A0:D8:2E:F7:10:16:D3:86:E8:EF:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xqJJoOrNiry-oNgu9xAW04bo75Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/TpP8go9gxjsA4n1kC2kuJQbokBE.roa
Signing time: Mon 30 Mar 2026 14:38:17 +0000
ROA not before: Mon 30 Mar 2026 14:38:17 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 142146
IP address blocks: 95.155.179.0/24 maxlen: 24
95.155.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/xqJJoOrNiry-oNgu9xAW04bo75Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/xqJJoOrNiry-oNgu9xAW04bo75Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/xqJJoOrNiry-oNgu9xAW04bo75Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 31 Mar 2026 19:28:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:3f:2e:63:38:40:31:9d:85:5a:38:20:47:6b:ac:17:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6a249a0eacd8abcbea0d82ef71016d386e8ef94
Validity
Not Before: Mar 30 14:38:17 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4e93fc828f60c63b00e27d640b692e2506e89011
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:cd:ac:76:4a:0b:3c:73:df:71:2f:67:d8:9a:
e8:cd:ba:8e:08:6f:fe:ab:a0:9d:a0:d2:81:2f:51:
bc:70:54:77:14:30:a5:cc:1e:45:dd:af:14:ad:10:
e2:c6:b5:e6:d5:c1:4c:ce:12:a6:19:f3:55:a8:3b:
d3:48:4d:e5:6f:e5:0e:73:2b:95:ec:f7:a9:1e:ed:
61:1a:9a:37:d7:5f:5f:8b:2e:51:22:f9:2f:0d:af:
46:bb:2e:c3:b7:55:70:49:46:c4:57:03:74:92:30:
4e:02:3c:38:b0:df:49:78:1d:dc:e6:88:0b:07:b0:
3f:6b:40:a6:0c:b3:5b:30:8c:61:93:1a:54:c3:3f:
39:5e:89:f8:a2:89:d5:1f:09:69:c2:10:06:86:01:
8b:63:c7:55:14:57:60:47:0f:89:d0:bb:fa:cf:e1:
1c:1f:88:91:6d:99:10:e4:d2:ef:39:74:6d:4f:ec:
13:d0:63:09:7a:f6:fb:55:97:44:13:0b:7a:0b:d3:
dc:30:e5:cf:b1:c1:48:ec:b6:99:46:e4:74:d5:5d:
ec:be:ca:ed:b5:81:c8:cc:b2:e7:6d:bd:96:43:de:
78:ec:c7:d4:3c:40:9d:3f:59:d1:21:25:38:84:95:
5b:10:80:d2:73:d6:18:79:f9:cc:6c:f7:ce:23:8f:
d2:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:93:FC:82:8F:60:C6:3B:00:E2:7D:64:0B:69:2E:25:06:E8:90:11
X509v3 Authority Key Identifier:
keyid:C6:A2:49:A0:EA:CD:8A:BC:BE:A0:D8:2E:F7:10:16:D3:86:E8:EF:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xqJJoOrNiry-oNgu9xAW04bo75Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/TpP8go9gxjsA4n1kC2kuJQbokBE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/xqJJoOrNiry-oNgu9xAW04bo75Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.155.179.0/24
95.155.183.0/24
Signature Algorithm: sha256WithRSAEncryption
17:fb:79:9b:d6:6a:8c:85:7f:8b:c8:2d:32:18:8a:b1:c3:5d:
29:3d:9f:a4:76:b9:61:63:1c:2f:cd:95:1d:d2:91:f3:9c:0b:
b4:75:21:21:9a:70:81:15:16:88:02:6f:e8:88:94:53:c1:9d:
f5:60:f9:22:db:3d:dd:0f:dd:a6:9c:db:5f:91:dc:c4:95:b2:
95:f8:7e:a5:0f:15:46:d5:17:c7:e4:ca:73:df:28:a7:4e:a7:
49:27:df:2c:89:fd:35:50:74:58:85:d3:1e:b8:32:da:fd:7b:
d0:98:7c:f2:bc:00:9d:e5:27:7e:86:df:e7:75:8e:3f:26:b7:
5f:ef:f7:7e:6d:2e:6b:17:a3:fe:5d:e1:93:03:22:c5:0d:a0:
ab:b5:78:b1:de:fb:3d:7f:11:0c:65:6a:af:73:9c:7d:d8:ef:
77:19:a0:05:f6:64:cf:ac:53:2c:a2:34:2e:89:7a:9a:83:86:
4a:13:3d:97:2e:02:77:f0:c3:d8:a0:e3:99:20:22:2f:25:fd:
14:c6:0f:b3:8b:22:4b:63:fb:a8:e5:96:b7:57:8d:46:26:46:
19:eb:aa:18:6b:a9:59:24:0a:ab:c1:07:07:d0:77:09:ef:3d:
3f:d1:36:cb:2b:24:15:28:f4:3e:d5:a6:80:12:27:62:ca:24:
d4:8b:de:46
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ0/LmM4QDGdhVo4IEdrrBcXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YTI0OWEwZWFjZDhhYmNiZWEwZDgyZWY3MTAxNmQzODZl
OGVmOTQwHhcNMjYwMzMwMTQzODE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTkzZmM4MjhmNjBjNjNiMDBlMjdkNjQwYjY5MmUyNTA2ZTg5MDExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp82sdkoLPHPfcS9n2JrozbqOCG/+
q6CdoNKBL1G8cFR3FDClzB5F3a8UrRDixrXm1cFMzhKmGfNVqDvTSE3lb+UOcyuV
7PepHu1hGpo3119fiy5RIvkvDa9Guy7Dt1VwSUbEVwN0kjBOAjw4sN9JeB3c5ogL
B7A/a0CmDLNbMIxhkxpUwz85Xon4oonVHwlpwhAGhgGLY8dVFFdgRw+J0Lv6z+Ec
H4iRbZkQ5NLvOXRtT+wT0GMJevb7VZdEEwt6C9PcMOXPscFI7LaZRuR01V3svsrt
tYHIzLLnbb2WQ9547MfUPECdP1nRISU4hJVbEIDSc9YYefnMbPfOI4/S2wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE6T/IKPYMY7AOJ9ZAtpLiUG6JARMB8GA1UdIwQY
MBaAFMaiSaDqzYq8vqDYLvcQFtOG6O+UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHFKSm9Pck5pcnktb05ndTl4QVcwNGJvNzVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8zMGYxODYtOTBlMi00Y2E2LTkxN2Ut
MjEwNTdkMjI4ZDA1LzEvVHBQOGdvOWd4anNBNG4xa0Mya3VKUWJva0JFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8zMGYxODYtOTBlMi00Y2E2LTkxN2UtMjEwNTdkMjI4ZDA1
LzEveHFKSm9Pck5pcnktb05ndTl4QVcwNGJvNzVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAX5uzAwQA
X5u3MA0GCSqGSIb3DQEBCwUAA4IBAQAX+3mb1mqMhX+LyC0yGIqxw10pPZ+kdrlh
YxwvzZUd0pHznAu0dSEhmnCBFRaIAm/oiJRTwZ31YPki2z3dD92mnNtfkdzElbKV
+H6lDxVG1RfH5Mpz3yinTqdJJ98sif01UHRYhdMeuDLa/XvQmHzyvACd5Sd+ht/n
dY4/Jrdf7/d+bS5rF6P+XeGTAyLFDaCrtXix3vs9fxEMZWqvc5x92O93GaAF9mTP
rFMsojQuiXqag4ZKEz2XLgJ38MPYoOOZICIvJf0Uxg+ziyJLY/uo5Za3V41GJkYZ
66oYa6lZJAqrwQcH0HcJ7z0/0TbLKyQVKPQ+1aaAEidiyiTUi95G
-----END CERTIFICATE-----
Generated at Tue Mar 31 02:10:21 2026 by rpki-client