Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/gA-HJo_Yv9VFPsrJNNwTwqN9dug.roa
File: gA-HJo_Yv9VFPsrJNNwTwqN9dug.roa (raw, json)
Hash identifier: FCK8GWBJ0evmrEvRfBuOP4N8CxF7eXAOJPW7ShIm5io=
Subject key identifier: 80:0F:87:26:8F:D8:BF:D5:45:3E:CA:C9:34:DC:13:C2:A3:7D:76:E8
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 019DAA2BC6CD59ADEAC040719A33C17AF72E
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/gA-HJo_Yv9VFPsrJNNwTwqN9dug.roa
Signing time: Mon 20 Apr 2026 09:14:48 +0000
ROA not before: Mon 20 Apr 2026 09:14:48 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 202147
IP address blocks: 77.90.36.0/24 maxlen: 24
85.93.1.0/24 maxlen: 24
85.118.165.0/24 maxlen: 24
94.249.205.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 07:32:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:aa:2b:c6:cd:59:ad:ea:c0:40:71:9a:33:c1:7a:f7:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Apr 20 09:14:48 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=800f87268fd8bfd5453ecac934dc13c2a37d76e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:a9:2b:12:48:d8:42:45:d2:88:2d:20:53:0f:
fb:02:77:cd:64:d4:dc:39:41:e5:bf:7e:ca:6d:4b:
df:39:16:da:d7:b5:09:ed:6d:05:2d:3b:46:d7:24:
05:2a:41:db:de:c7:f2:f5:ac:fb:60:26:0b:c5:7b:
69:b3:ae:52:c1:67:2e:f3:c2:89:d6:72:5f:ad:f1:
12:67:13:5c:77:cb:fb:4d:ac:ec:b2:30:7f:70:d8:
af:be:c3:54:82:6a:9f:23:64:ff:03:fa:58:2e:7f:
43:54:9b:f6:52:1b:15:e5:9d:80:14:c1:fb:f8:8e:
b1:cc:2e:62:8b:ac:60:ba:a0:cd:e8:78:52:29:98:
3f:d0:a1:05:da:16:c8:11:d6:57:5e:7b:fe:e7:59:
06:a9:31:39:79:30:07:ee:5c:f9:fb:8c:d9:6d:8c:
f2:1d:34:dc:d1:74:d7:ef:9a:2b:60:8b:d9:08:88:
a3:fa:12:f8:14:75:6a:b6:01:ff:70:46:6f:c3:fd:
e9:68:97:07:fd:af:2f:67:af:ed:5f:27:13:a7:e1:
42:63:a5:9b:84:73:b1:98:b0:05:26:68:54:14:b1:
bc:80:e5:26:b5:42:89:a1:01:0d:16:b8:29:f5:9c:
a2:73:60:f9:d6:f8:21:77:13:8e:70:ef:5d:10:86:
66:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:0F:87:26:8F:D8:BF:D5:45:3E:CA:C9:34:DC:13:C2:A3:7D:76:E8
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/gA-HJo_Yv9VFPsrJNNwTwqN9dug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.36.0/24
85.93.1.0/24
85.118.165.0/24
94.249.205.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:f8:31:ef:2f:5e:05:3c:ac:a4:2b:a1:69:1f:a5:3a:ca:04:
dc:f8:2e:bd:5d:d1:3b:61:73:c7:06:12:06:6c:08:18:88:82:
67:e9:68:3d:85:0f:c0:ff:2d:d6:f7:b1:2d:a9:2e:58:3d:a0:
f4:92:3f:97:16:c4:71:70:e5:ce:b6:f7:94:89:bb:5b:cb:d3:
8b:8e:c0:99:7b:1a:66:05:97:70:16:ab:d6:8a:ce:05:ef:ec:
d8:1c:e3:0c:07:fe:54:2f:cd:ea:25:ca:9f:9d:14:ed:82:7b:
cc:3e:f5:21:b3:c7:66:aa:5d:a7:64:bd:19:85:ef:71:3c:26:
50:8b:a8:2b:00:4d:13:42:af:5e:d5:76:44:f3:5d:4f:8a:5d:
b7:14:47:30:fb:6b:45:a8:e5:5c:95:4e:23:cc:19:42:87:2e:
1a:cc:cd:cf:82:ec:3c:cb:6c:f8:d7:b8:d6:ea:97:f2:07:5e:
ad:b9:a6:bc:b0:f3:6a:80:bb:13:9b:34:18:90:e0:5e:f7:4a:
9d:f2:dd:0c:f0:cc:3d:63:e1:c9:32:59:dd:a9:a6:09:80:05:
35:f9:f0:76:a1:45:5c:39:d0:95:70:db:ed:78:74:a8:3a:eb:
23:85:e2:a3:f6:e6:ab:13:aa:41:99:6b:b6:77:72:79:6a:64:
16:37:3a:6b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ2qK8bNWa3qwEBxmjPBevcuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjYwNDIwMDkxNDQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDBmODcyNjhmZDhiZmQ1NDUzZWNhYzkzNGRjMTNjMmEzN2Q3NmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwqkrEkjYQkXSiC0gUw/7AnfNZNTc
OUHlv37KbUvfORba17UJ7W0FLTtG1yQFKkHb3sfy9az7YCYLxXtps65SwWcu88KJ
1nJfrfESZxNcd8v7TazssjB/cNivvsNUgmqfI2T/A/pYLn9DVJv2UhsV5Z2AFMH7
+I6xzC5ii6xguqDN6HhSKZg/0KEF2hbIEdZXXnv+51kGqTE5eTAH7lz5+4zZbYzy
HTTc0XTX75orYIvZCIij+hL4FHVqtgH/cEZvw/3paJcH/a8vZ6/tXycTp+FCY6Wb
hHOxmLAFJmhUFLG8gOUmtUKJoQENFrgp9Zyic2D51vghdxOOcO9dEIZmqQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIAPhyaP2L/VRT7KyTTcE8KjfXboMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvZ0EtSEpvX1l2OVZGUHNySk5Od1R3cU45ZHVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATVokAwQA
VV0BAwQAVXalAwQAXvnNMA0GCSqGSIb3DQEBCwUAA4IBAQCO+DHvL14FPKykK6Fp
H6U6ygTc+C69XdE7YXPHBhIGbAgYiIJn6Wg9hQ/A/y3W97EtqS5YPaD0kj+XFsRx
cOXOtveUibtby9OLjsCZexpmBZdwFqvWis4F7+zYHOMMB/5UL83qJcqfnRTtgnvM
PvUhs8dmql2nZL0Zhe9xPCZQi6grAE0TQq9e1XZE811Pil23FEcw+2tFqOVclU4j
zBlChy4azM3Pguw8y2z417jW6pfyB16tuaa8sPNqgLsTmzQYkOBe90qd8t0M8Mw9
Y+HJMlndqaYJgAU1+fB2oUVcOdCVcNvteHSoOusjheKj9uarE6pBmWu2d3J5amQW
Nzpr
-----END CERTIFICATE-----
Generated at Mon Apr 27 09:51:13 2026 by rpki-client