Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/8GJJ4AKaUniX8s4WsSBMvXfO2is.roa
File: 8GJJ4AKaUniX8s4WsSBMvXfO2is.roa (raw, json)
Hash identifier: HdAEUvEwsZFelbaCeF+bPALgo9css5LX1Q86gbTCpp4=
Subject key identifier: F0:62:49:E0:02:9A:52:78:97:F2:CE:16:B1:20:4C:BD:77:CE:DA:2B
Certificate issuer: /CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Certificate serial: 019CDCA5AC7E1D47E13FA6A6E3E535485FB8
Authority key identifier: 6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/8GJJ4AKaUniX8s4WsSBMvXfO2is.roa
Signing time: Wed 11 Mar 2026 11:26:10 +0000
ROA not before: Wed 11 Mar 2026 11:26:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 42007
IP address blocks: 2.58.124.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.mft
rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Mar 2026 15:04:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:dc:a5:ac:7e:1d:47:e1:3f:a6:a6:e3:e5:35:48:5f:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Validity
Not Before: Mar 11 11:26:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f06249e0029a527897f2ce16b1204cbd77ceda2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:10:4a:66:30:24:6e:9d:eb:d1:83:5c:0d:f8:
51:13:7f:d6:bc:4a:71:15:5f:d0:16:59:34:62:2b:
db:85:2d:47:27:24:29:9c:29:bf:f9:8f:a2:9c:a3:
a1:13:fc:af:84:45:4e:31:0d:8a:f3:21:d1:88:ce:
3e:d6:3c:8d:8b:bc:bc:38:f0:fa:57:f5:f9:3e:9d:
ea:19:0a:d1:15:cf:81:c8:27:b6:54:bd:e4:ef:e4:
32:92:44:8f:f1:67:c5:44:28:3e:ba:80:e5:b2:45:
86:6b:b5:e1:d3:e1:82:b6:47:c0:30:7c:36:64:1f:
07:86:a2:ef:de:df:dc:35:6f:1b:58:4d:b1:cf:64:
34:63:b9:16:5a:97:74:2d:59:a9:6e:39:b4:f4:8e:
22:0c:e5:89:42:33:ea:b7:83:92:41:3e:82:17:2c:
b9:50:72:25:10:85:54:49:70:66:8c:30:46:81:74:
ec:d0:19:88:57:e0:2c:e3:bb:7b:b5:33:d5:59:b3:
8c:01:20:83:6d:6c:85:66:b8:b6:3a:ed:4e:50:f0:
75:1e:72:19:4e:5d:6d:c6:f8:25:24:b3:f1:7a:8b:
50:94:17:a2:cc:7f:b7:81:ff:5e:40:91:88:9f:ce:
1d:52:a2:dd:44:37:f1:6b:2e:c1:a7:ff:d6:ed:c4:
de:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:62:49:E0:02:9A:52:78:97:F2:CE:16:B1:20:4C:BD:77:CE:DA:2B
X509v3 Authority Key Identifier:
keyid:6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/8GJJ4AKaUniX8s4WsSBMvXfO2is.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.124.0/22
Signature Algorithm: sha256WithRSAEncryption
40:8b:77:f7:17:c2:0d:24:53:30:d1:9e:82:79:25:26:04:40:
09:0a:1e:c1:61:12:f6:95:c0:df:ab:53:7c:02:10:7a:91:cd:
a7:06:b4:2d:31:d4:cc:1f:04:4f:c8:de:17:ed:e6:81:3a:94:
12:f7:1c:87:10:51:9c:1a:b5:c0:22:31:32:e6:c6:e0:36:c2:
ac:97:27:d4:e0:ef:33:90:d6:b0:03:37:e3:7d:8b:8b:d1:3b:
41:1b:fe:a3:fc:38:fa:61:00:ae:3b:71:d3:ca:b2:a4:8a:cc:
ab:6a:d2:d7:7e:50:af:f2:df:af:38:8a:18:20:c4:0f:fa:7d:
6f:a4:ed:b9:b1:67:71:27:f7:7c:c8:5c:c8:8e:35:b8:ec:cd:
65:64:f2:14:45:ed:d7:6b:28:4c:a0:63:fc:e1:18:5d:34:cc:
ee:01:43:c8:38:0b:22:ed:80:63:10:30:b1:14:50:4c:69:ba:
53:7e:a3:7c:f4:ab:25:18:9e:17:34:c7:0d:86:79:d8:ac:1b:
25:02:39:6d:2a:0e:b5:c7:10:db:67:77:3f:35:99:10:d0:1d:
b2:ce:e9:90:1e:84:d8:5d:78:11:e0:78:76:64:51:11:68:17:
4c:d4:c8:a1:73:56:cb:ad:24:ab:66:5d:de:a0:6a:fb:ca:ac:
11:ac:22:4f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZzcpax+HUfhP6am4+U1SF+4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMjBkZGQzOThkYWM4ZjYyY2MxMjUyNjMyNWYxODIxZmI3
MjRmNzUwHhcNMjYwMzExMTEyNjEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDYyNDllMDAyOWE1Mjc4OTdmMmNlMTZiMTIwNGNiZDc3Y2VkYTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxRBKZjAkbp3r0YNcDfhRE3/WvEpx
FV/QFlk0YivbhS1HJyQpnCm/+Y+inKOhE/yvhEVOMQ2K8yHRiM4+1jyNi7y8OPD6
V/X5Pp3qGQrRFc+ByCe2VL3k7+QykkSP8WfFRCg+uoDlskWGa7Xh0+GCtkfAMHw2
ZB8HhqLv3t/cNW8bWE2xz2Q0Y7kWWpd0LVmpbjm09I4iDOWJQjPqt4OSQT6CFyy5
UHIlEIVUSXBmjDBGgXTs0BmIV+As47t7tTPVWbOMASCDbWyFZri2Ou1OUPB1HnIZ
Tl1txvglJLPxeotQlBeizH+3gf9eQJGIn84dUqLdRDfxay7Bp//W7cTelQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPBiSeACmlJ4l/LOFrEgTL13ztorMB8GA1UdIwQY
MBaAFG0g3dOY2sj2LMElJjJfGCH7ck91MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmIt
MzZkZTY1NzIzMmJlLzEvOEdKSjRBS2FVbmlYOHM0V3NTQk12WGZPMmlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmItMzZkZTY1NzIzMmJl
LzEvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCAjp8MA0G
CSqGSIb3DQEBCwUAA4IBAQBAi3f3F8INJFMw0Z6CeSUmBEAJCh7BYRL2lcDfq1N8
AhB6kc2nBrQtMdTMHwRPyN4X7eaBOpQS9xyHEFGcGrXAIjEy5sbgNsKslyfU4O8z
kNawAzfjfYuL0TtBG/6j/Dj6YQCuO3HTyrKkisyratLXflCv8t+vOIoYIMQP+n1v
pO25sWdxJ/d8yFzIjjW47M1lZPIURe3XayhMoGP84RhdNMzuAUPIOAsi7YBjEDCx
FFBMabpTfqN89KslGJ4XNMcNhnnYrBslAjltKg61xxDbZ3c/NZkQ0B2yzumQHoTY
XXgR4Hh2ZFERaBdM1Mihc1bLrSSrZl3eoGr7yqwRrCJP
-----END CERTIFICATE-----
Generated at Thu Mar 12 21:36:36 2026 by rpki-client