Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a7ef4d-dc44-4faf-9513-e9c9132836ff/1/Gi7sCCfKR95N2aHicd7FbOjBr8I.roa
File: Gi7sCCfKR95N2aHicd7FbOjBr8I.roa (raw, json)
Hash identifier: OQ/d+3fsf9yQoe//ZYqmXZhSoGbi8dYq3SEHzPc2Mfg=
Subject key identifier: 1A:2E:EC:08:27:CA:47:DE:4D:D9:A1:E2:71:DE:C5:6C:E8:C1:AF:C2
Certificate issuer: /CN=0dd441c3ffae829842249e944b03851081f4d9e0
Certificate serial: 019E82A9E0D1817B94A711E4FF7FA11D13E6
Authority key identifier: 0D:D4:41:C3:FF:AE:82:98:42:24:9E:94:4B:03:85:10:81:F4:D9:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DdRBw_-ugphCJJ6USwOFEIH02eA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a7ef4d-dc44-4faf-9513-e9c9132836ff/1/Gi7sCCfKR95N2aHicd7FbOjBr8I.roa
Signing time: Mon 01 Jun 2026 10:10:31 +0000
ROA not before: Mon 01 Jun 2026 10:10:31 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 6977
IP address blocks: 91.235.168.0/24 maxlen: 24
2001:67c:2d78::/48 maxlen: 48
2a09:8400::/29 maxlen: 48
2a0f:75c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/a7ef4d-dc44-4faf-9513-e9c9132836ff/1/DdRBw_-ugphCJJ6USwOFEIH02eA.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/a7ef4d-dc44-4faf-9513-e9c9132836ff/1/DdRBw_-ugphCJJ6USwOFEIH02eA.mft
rsync://rpki.ripe.net/repository/DEFAULT/DdRBw_-ugphCJJ6USwOFEIH02eA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 20:26:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:82:a9:e0:d1:81:7b:94:a7:11:e4:ff:7f:a1:1d:13:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0dd441c3ffae829842249e944b03851081f4d9e0
Validity
Not Before: Jun 1 10:10:31 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1a2eec0827ca47de4dd9a1e271dec56ce8c1afc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:71:35:09:a8:e0:e7:47:1d:33:aa:f1:e0:3b:
e0:21:0d:39:9c:2e:6b:28:4b:46:89:fa:3c:ab:b2:
a4:f2:d1:bc:c1:92:db:76:eb:50:47:0c:ba:73:16:
da:10:fc:e7:02:ab:d9:5d:aa:73:d8:f2:16:ee:ad:
4d:73:98:09:b8:38:41:5f:72:12:06:cb:92:71:b1:
aa:e9:61:ce:df:ec:00:ee:8a:ef:62:95:ee:f5:bc:
14:67:88:44:7b:16:55:53:fb:26:5a:6a:1b:fc:f8:
b4:0c:b8:88:6c:95:a7:dd:a4:c5:7e:50:28:20:c5:
83:e1:9d:2d:0c:2f:78:91:92:fe:8a:50:e5:3f:18:
98:62:12:d2:d0:71:eb:de:3f:08:ec:d6:c6:44:d1:
bc:c8:80:cc:28:e0:6d:a2:d7:40:e3:ec:e6:30:f9:
8a:7d:78:85:50:1b:c1:71:1e:46:9a:fb:26:55:03:
80:83:c3:96:87:f0:66:24:07:e6:d8:dc:f0:99:3a:
d2:d2:97:ca:59:a3:f8:3b:60:06:5f:78:35:e7:b1:
e0:b6:0d:34:40:16:77:44:fe:7a:fe:ae:59:3d:cf:
25:0e:9a:17:58:f8:ca:a3:01:bb:ac:17:51:1b:93:
ae:52:52:fc:ba:24:54:7b:3d:0f:40:d3:02:3f:8d:
9e:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:2E:EC:08:27:CA:47:DE:4D:D9:A1:E2:71:DE:C5:6C:E8:C1:AF:C2
X509v3 Authority Key Identifier:
keyid:0D:D4:41:C3:FF:AE:82:98:42:24:9E:94:4B:03:85:10:81:F4:D9:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DdRBw_-ugphCJJ6USwOFEIH02eA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a7ef4d-dc44-4faf-9513-e9c9132836ff/1/Gi7sCCfKR95N2aHicd7FbOjBr8I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a7ef4d-dc44-4faf-9513-e9c9132836ff/1/DdRBw_-ugphCJJ6USwOFEIH02eA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.235.168.0/24
IPv6:
2001:67c:2d78::/48
2a09:8400::/29
2a0f:75c0::/29
Signature Algorithm: sha256WithRSAEncryption
29:9a:72:02:e6:27:0d:e8:35:7e:97:98:62:10:3c:48:68:8f:
cc:af:b5:1e:e5:2e:2f:23:83:7c:1e:fe:50:5a:f9:50:0a:2a:
48:7a:a8:2e:a7:38:cb:93:a7:28:43:3d:3d:aa:d5:eb:19:a9:
33:85:80:92:44:ab:ec:6e:8f:55:81:7e:88:4f:5b:5b:16:89:
4b:52:81:81:45:bc:d5:21:f0:bd:b2:fd:9e:6d:af:19:50:c9:
e3:ab:06:09:6c:97:e1:2b:29:d5:59:75:52:a2:b6:62:01:95:
3a:c2:3a:c4:8e:85:bb:4c:ac:83:d5:59:26:4c:cf:f7:f7:31:
73:91:30:17:a8:c1:35:23:c4:1f:47:77:18:9e:ba:5a:7f:07:
1d:2f:ea:90:cc:bb:0b:35:aa:12:be:71:25:3e:4c:32:f5:61:
e4:91:77:6c:a2:6f:48:c6:9a:4d:89:de:60:12:20:73:64:cd:
7d:ce:54:69:8f:b5:cc:ae:59:5d:fa:cc:d4:cf:dd:fb:40:08:
9b:0a:20:20:85:92:8e:8b:9a:f9:e2:88:90:c3:4c:64:16:c9:
63:bc:85:c1:8b:05:db:13:41:78:e8:a3:11:0d:ad:37:55:b7:
aa:77:2a:5e:e2:ea:38:64:98:63:a1:75:79:1f:42:36:58:24:
01:50:cd:82
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAZ6CqeDRgXuUpxHk/3+hHRPmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkZDQ0MWMzZmZhZTgyOTg0MjI0OWU5NDRiMDM4NTEwODFm
NGQ5ZTAwHhcNMjYwNjAxMTAxMDMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTJlZWMwODI3Y2E0N2RlNGRkOWExZTI3MWRlYzU2Y2U4YzFhZmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy3E1Cajg50cdM6rx4DvgIQ05nC5r
KEtGifo8q7Kk8tG8wZLbdutQRwy6cxbaEPznAqvZXapz2PIW7q1Nc5gJuDhBX3IS
BsuScbGq6WHO3+wA7orvYpXu9bwUZ4hEexZVU/smWmob/Pi0DLiIbJWn3aTFflAo
IMWD4Z0tDC94kZL+ilDlPxiYYhLS0HHr3j8I7NbGRNG8yIDMKOBtotdA4+zmMPmK
fXiFUBvBcR5GmvsmVQOAg8OWh/BmJAfm2NzwmTrS0pfKWaP4O2AGX3g157Hgtg00
QBZ3RP56/q5ZPc8lDpoXWPjKowG7rBdRG5OuUlL8uiRUez0PQNMCP42e3wIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFBou7AgnykfeTdmh4nHexWzowa/CMB8GA1UdIwQY
MBaAFA3UQcP/roKYQiSelEsDhRCB9NngMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGRSQndfLXVncGhDSko2VVN3T0ZFSUgwMmVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hN2VmNGQtZGM0NC00ZmFmLTk1MTMt
ZTljOTEzMjgzNmZmLzEvR2k3c0NDZktSOTVOMmFIaWNkN0ZiT2pCcjhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9hN2VmNGQtZGM0NC00ZmFmLTk1MTMtZTljOTEzMjgzNmZm
LzEvRGRSQndfLXVncGhDSko2VVN3T0ZFSUgwMmVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAMBAIAATAGAwQAW+uoMB0E
AgACMBcDBwAgAQZ8LXgDBQMqCYQAAwUDKg91wDANBgkqhkiG9w0BAQsFAAOCAQEA
KZpyAuYnDeg1fpeYYhA8SGiPzK+1HuUuLyODfB7+UFr5UAoqSHqoLqc4y5OnKEM9
ParV6xmpM4WAkkSr7G6PVYF+iE9bWxaJS1KBgUW81SHwvbL9nm2vGVDJ46sGCWyX
4Ssp1Vl1UqK2YgGVOsI6xI6Fu0ysg9VZJkzP9/cxc5EwF6jBNSPEH0d3GJ66Wn8H
HS/qkMy7CzWqEr5xJT5MMvVh5JF3bKJvSMaaTYneYBIgc2TNfc5UaY+1zK5ZXfrM
1M/d+0AImwogIIWSjoua+eKIkMNMZBbJY7yFwYsF2xNBeOijEQ2tN1W3qncqXuLq
OGSYY6F1eR9CNlgkAVDNgg==
-----END CERTIFICATE-----
Generated at Fri Jun 12 00:05:44 2026 by rpki-client