Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/d8793d-47d8-4d78-9ade-351bfd83fcc1/1/_d-CFEMcXTCBxMYYwaRIA3_8Mj8.roa
File: _d-CFEMcXTCBxMYYwaRIA3_8Mj8.roa (raw, json)
Hash identifier: wJlrxRnPc85yw0LRsjdXZscmyYO4/G8JoNKPUPsic7k=
Subject key identifier: FD:DF:82:14:43:1C:5D:30:81:C4:C6:18:C1:A4:48:03:7F:FC:32:3F
Certificate issuer: /CN=80f358b2ce02ba8ff0ba14eec5f337a8da11c0dc
Certificate serial: 019EE607240D665EC80650E198EADA9E5E34
Authority key identifier: 80:F3:58:B2:CE:02:BA:8F:F0:BA:14:EE:C5:F3:37:A8:DA:11:C0:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gPNYss4Cuo_wuhTuxfM3qNoRwNw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/d8793d-47d8-4d78-9ade-351bfd83fcc1/1/_d-CFEMcXTCBxMYYwaRIA3_8Mj8.roa
Signing time: Sat 20 Jun 2026 17:14:48 +0000
ROA not before: Sat 20 Jun 2026 17:14:48 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 60331
IP address blocks: 185.32.96.0/22 maxlen: 22
2a00:c120::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/d8793d-47d8-4d78-9ade-351bfd83fcc1/1/gPNYss4Cuo_wuhTuxfM3qNoRwNw.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/d8793d-47d8-4d78-9ade-351bfd83fcc1/1/gPNYss4Cuo_wuhTuxfM3qNoRwNw.mft
rsync://rpki.ripe.net/repository/DEFAULT/gPNYss4Cuo_wuhTuxfM3qNoRwNw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Jun 2026 02:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:e6:07:24:0d:66:5e:c8:06:50:e1:98:ea:da:9e:5e:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80f358b2ce02ba8ff0ba14eec5f337a8da11c0dc
Validity
Not Before: Jun 20 17:14:48 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=fddf8214431c5d3081c4c618c1a448037ffc323f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:04:44:83:65:62:2b:a0:04:1c:2d:ae:2f:f1:
c3:83:68:5c:63:16:62:7e:65:f1:09:65:c7:10:88:
f7:1d:7b:4e:13:a7:3c:bf:f4:41:e1:ba:18:c0:40:
ae:15:b7:f9:54:1c:22:1f:ed:a7:c1:89:de:e7:18:
b7:6d:4c:2a:97:76:87:a2:69:cf:83:ac:f6:54:4a:
f3:d2:69:f6:74:85:b3:98:28:c4:ec:bb:72:26:c4:
87:7b:cb:20:b2:b0:0a:be:f8:df:b6:ca:1c:1e:ab:
38:c9:e0:b5:b2:4e:0a:e4:3f:cc:f1:4b:2f:b1:c5:
d5:44:b7:f4:de:04:28:34:31:94:2d:be:77:d1:41:
7b:57:1a:d1:32:2e:13:33:2e:7f:35:fa:8b:45:28:
9c:7f:68:ab:fa:e5:5b:37:df:ca:be:0a:2e:9c:2b:
2e:cd:fe:86:39:a3:cc:2f:2b:90:29:68:db:1d:6c:
5e:74:ab:a3:2a:e9:25:0f:1b:c9:dd:fe:c8:96:8d:
44:c4:13:ee:f0:68:d2:4e:f0:19:e9:dc:42:68:58:
22:ad:93:80:fd:ad:85:f5:41:3e:23:fb:79:b6:92:
e7:8c:76:bb:be:24:f9:7a:1b:bf:a9:c6:05:37:ed:
54:b9:77:a8:71:83:0d:bf:08:26:62:da:4e:4b:5e:
81:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:DF:82:14:43:1C:5D:30:81:C4:C6:18:C1:A4:48:03:7F:FC:32:3F
X509v3 Authority Key Identifier:
keyid:80:F3:58:B2:CE:02:BA:8F:F0:BA:14:EE:C5:F3:37:A8:DA:11:C0:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gPNYss4Cuo_wuhTuxfM3qNoRwNw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/d8793d-47d8-4d78-9ade-351bfd83fcc1/1/_d-CFEMcXTCBxMYYwaRIA3_8Mj8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/d8793d-47d8-4d78-9ade-351bfd83fcc1/1/gPNYss4Cuo_wuhTuxfM3qNoRwNw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.32.96.0/22
IPv6:
2a00:c120::/32
Signature Algorithm: sha256WithRSAEncryption
62:12:82:44:44:5b:bf:45:31:9a:a8:92:8e:ca:df:ae:4b:92:
a9:fd:e0:a9:18:06:6e:30:29:15:20:83:c7:3f:ab:9e:c3:b0:
3f:60:ca:ea:6b:30:3e:37:53:54:dd:4f:5e:40:de:27:69:02:
74:5c:ed:b5:a3:db:9b:1e:62:7c:e2:c8:0c:aa:93:1b:4a:65:
db:39:c3:9d:f7:f2:60:f5:f3:2a:f3:a9:fb:f1:4b:5b:23:0c:
36:86:6b:ff:8e:50:44:21:f4:f7:20:c4:e8:c0:29:34:8a:24:
39:7a:0c:55:66:ad:bf:bb:55:ec:f0:6e:ea:ab:96:01:c5:2c:
38:57:7c:41:94:7b:ff:e5:0e:01:e0:16:66:84:96:b9:67:ce:
31:a7:f5:4b:77:46:f5:41:cb:08:dd:89:cf:31:f0:42:d3:bb:
75:e8:46:d0:77:86:ef:23:d5:9f:63:92:58:52:e1:fd:6a:07:
ce:ca:43:2d:bc:64:b1:2b:e0:e0:c1:7c:b7:19:7e:0d:3b:40:
29:ba:41:93:c8:0e:09:6e:72:59:d6:d9:89:2c:b9:2a:96:91:
88:9d:20:16:03:2a:78:a3:7a:0e:3b:4d:6d:1a:8c:aa:ea:e3:
ed:54:ea:0c:74:69:a5:34:8f:4a:5e:0b:b4:6b:6f:f7:f7:83:
4a:6a:dd:a0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZ7mByQNZl7IBlDhmOranl40MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwZjM1OGIyY2UwMmJhOGZmMGJhMTRlZWM1ZjMzN2E4ZGEx
MWMwZGMwHhcNMjYwNjIwMTcxNDQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGRmODIxNDQzMWM1ZDMwODFjNGM2MThjMWE0NDgwMzdmZmMzMjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1QREg2ViK6AEHC2uL/HDg2hcYxZi
fmXxCWXHEIj3HXtOE6c8v/RB4boYwECuFbf5VBwiH+2nwYne5xi3bUwql3aHomnP
g6z2VErz0mn2dIWzmCjE7LtyJsSHe8sgsrAKvvjftsocHqs4yeC1sk4K5D/M8Usv
scXVRLf03gQoNDGULb530UF7VxrRMi4TMy5/NfqLRSicf2ir+uVbN9/KvgounCsu
zf6GOaPMLyuQKWjbHWxedKujKuklDxvJ3f7Ilo1ExBPu8GjSTvAZ6dxCaFgirZOA
/a2F9UE+I/t5tpLnjHa7viT5ehu/qcYFN+1UuXeocYMNvwgmYtpOS16BSwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFP3fghRDHF0wgcTGGMGkSAN//DI/MB8GA1UdIwQY
MBaAFIDzWLLOArqP8LoU7sXzN6jaEcDcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1BOWXNzNEN1b193dWhUdXhmTTNxTm9Sd053LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy9kODc5M2QtNDdkOC00ZDc4LTlhZGUt
MzUxYmZkODNmY2MxLzEvX2QtQ0ZFTWNYVENCeE1ZWXdhUklBM184TWo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy9kODc5M2QtNDdkOC00ZDc4LTlhZGUtMzUxYmZkODNmY2Mx
LzEvZ1BOWXNzNEN1b193dWhUdXhmTTNxTm9Sd053LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuSBgMA0E
AgACMAcDBQAqAMEgMA0GCSqGSIb3DQEBCwUAA4IBAQBiEoJERFu/RTGaqJKOyt+u
S5Kp/eCpGAZuMCkVIIPHP6uew7A/YMrqazA+N1NU3U9eQN4naQJ0XO21o9ubHmJ8
4sgMqpMbSmXbOcOd9/Jg9fMq86n78UtbIww2hmv/jlBEIfT3IMTowCk0iiQ5egxV
Zq2/u1Xs8G7qq5YBxSw4V3xBlHv/5Q4B4BZmhJa5Z84xp/VLd0b1QcsI3YnPMfBC
07t16EbQd4bvI9WfY5JYUuH9agfOykMtvGSxK+DgwXy3GX4NO0ApukGTyA4JbnJZ
1tmJLLkqlpGInSAWAyp4o3oOO01tGoyq6uPtVOoMdGmlNI9KXgu0a2/394NKat2g
-----END CERTIFICATE-----
Generated at Mon Jun 29 10:35:39 2026 by rpki-client