Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/f90883-e480-4cf1-abd2-9091cd73d38c/1/glnm8xkFmkyDnAUiwsatA2Kodgs.roa
File: glnm8xkFmkyDnAUiwsatA2Kodgs.roa (raw, json)
Hash identifier: fWL/LJ3IYMAlKiuesh/wJUaIRPkKyGpbzqDlFGh6EOw=
Subject key identifier: 82:59:E6:F3:19:05:9A:4C:83:9C:05:22:C2:C6:AD:03:62:A8:76:0B
Certificate issuer: /CN=deb180ddc7143103f02e69cb9cda19c2395e57a1
Certificate serial: 019D2F63F43E30F1E055C49C82C3BCC57C08
Authority key identifier: DE:B1:80:DD:C7:14:31:03:F0:2E:69:CB:9C:DA:19:C2:39:5E:57:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3rGA3ccUMQPwLmnLnNoZwjleV6E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/f90883-e480-4cf1-abd2-9091cd73d38c/1/glnm8xkFmkyDnAUiwsatA2Kodgs.roa
Signing time: Fri 27 Mar 2026 13:02:52 +0000
ROA not before: Fri 27 Mar 2026 13:02:52 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 58243
IP address blocks: 80.246.112.0/20 maxlen: 20
80.246.112.0/22 maxlen: 22
80.246.120.0/23 maxlen: 23
80.246.124.0/23 maxlen: 23
2a13:79c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/f90883-e480-4cf1-abd2-9091cd73d38c/1/3rGA3ccUMQPwLmnLnNoZwjleV6E.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/f90883-e480-4cf1-abd2-9091cd73d38c/1/3rGA3ccUMQPwLmnLnNoZwjleV6E.mft
rsync://rpki.ripe.net/repository/DEFAULT/3rGA3ccUMQPwLmnLnNoZwjleV6E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2f:63:f4:3e:30:f1:e0:55:c4:9c:82:c3:bc:c5:7c:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=deb180ddc7143103f02e69cb9cda19c2395e57a1
Validity
Not Before: Mar 27 13:02:52 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8259e6f319059a4c839c0522c2c6ad0362a8760b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:6f:00:ba:45:7a:c7:54:bf:4a:d8:6b:57:29:
6d:d0:62:85:eb:72:68:35:ba:21:2b:8e:4a:c4:e0:
c2:70:0b:dc:a7:59:b9:e3:54:6d:57:d0:ac:8b:1d:
22:8e:a6:24:04:6e:e1:55:52:af:87:0d:1b:13:79:
4d:4e:d2:c5:66:96:13:26:49:db:8e:3b:c5:e4:2a:
2a:26:50:48:71:3a:6e:6c:c2:bb:ee:3b:f0:a3:34:
9f:bc:d8:46:88:44:d7:d6:08:33:1a:fc:38:91:51:
ea:47:4a:e5:a0:5f:f0:8b:78:47:bd:b9:17:1d:e2:
25:ba:fb:cc:4b:88:0f:f1:e3:40:e2:e8:f9:95:b3:
f7:5c:50:b8:31:98:e8:9d:a5:e9:90:a6:74:3e:39:
05:12:46:5b:19:45:9c:e2:6a:3b:af:54:52:d7:99:
d6:d5:16:1c:f0:56:9c:60:09:3a:e9:a0:c9:da:92:
ac:1e:44:70:ed:6d:ea:29:12:ad:2d:4a:73:81:45:
6c:e4:8e:46:c8:44:64:36:09:df:25:d1:92:86:b8:
2b:39:f4:f2:68:b1:94:15:a1:1e:e9:90:b7:37:56:
41:51:d1:a5:68:8b:25:1d:74:d4:2a:4c:9a:74:4d:
ba:09:92:4c:40:aa:74:6f:ad:66:15:96:4c:e1:bb:
25:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:59:E6:F3:19:05:9A:4C:83:9C:05:22:C2:C6:AD:03:62:A8:76:0B
X509v3 Authority Key Identifier:
keyid:DE:B1:80:DD:C7:14:31:03:F0:2E:69:CB:9C:DA:19:C2:39:5E:57:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3rGA3ccUMQPwLmnLnNoZwjleV6E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/f90883-e480-4cf1-abd2-9091cd73d38c/1/glnm8xkFmkyDnAUiwsatA2Kodgs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/f90883-e480-4cf1-abd2-9091cd73d38c/1/3rGA3ccUMQPwLmnLnNoZwjleV6E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.246.112.0/20
IPv6:
2a13:79c0::/29
Signature Algorithm: sha256WithRSAEncryption
99:54:90:b5:f1:f3:0b:04:2d:88:19:dd:76:4a:cd:e5:97:49:
5c:96:99:fe:ac:49:45:5b:94:01:c4:92:20:44:be:42:55:05:
d7:67:75:8a:e6:4b:af:e2:6f:99:72:6e:8f:9c:eb:0b:74:94:
38:a4:53:ac:bb:65:d9:42:aa:25:a3:fd:f8:7c:89:ee:61:3c:
f9:9b:ac:14:ba:ec:33:8c:35:0c:01:3b:0f:79:60:46:fd:de:
44:55:17:a1:dc:39:3e:20:43:50:7e:fe:80:3c:26:73:de:c5:
d6:ee:7e:1e:b5:cd:79:d7:7e:03:43:f3:a2:69:87:f3:0d:98:
52:ad:26:df:f2:7c:36:39:29:72:9f:61:92:6b:04:b0:d7:51:
69:17:00:00:fd:d3:06:74:a9:6f:ef:cf:95:da:2e:ac:0a:e7:
62:5c:7a:4c:13:c7:93:6c:ea:50:52:e6:c3:c3:8c:1f:f2:00:
87:90:b8:70:2f:bb:ce:6a:cb:0d:d7:07:0a:31:f6:35:7c:88:
d3:24:be:b9:3f:fc:d3:ab:c7:60:48:08:31:d5:b7:1e:1e:8f:
6e:9b:8e:83:83:30:d1:de:e1:43:07:81:7a:42:75:e9:bb:86:
74:d4:74:51:f4:9b:4c:58:be:74:03:7a:43:fb:af:b2:5f:2f:
99:41:b5:5c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZ0vY/Q+MPHgVcScgsO8xXwIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlYjE4MGRkYzcxNDMxMDNmMDJlNjljYjljZGExOWMyMzk1
ZTU3YTEwHhcNMjYwMzI3MTMwMjUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjU5ZTZmMzE5MDU5YTRjODM5YzA1MjJjMmM2YWQwMzYyYTg3NjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjm8AukV6x1S/SthrVylt0GKF63Jo
NbohK45KxODCcAvcp1m541RtV9Csix0ijqYkBG7hVVKvhw0bE3lNTtLFZpYTJknb
jjvF5CoqJlBIcTpubMK77jvwozSfvNhGiETX1ggzGvw4kVHqR0rloF/wi3hHvbkX
HeIluvvMS4gP8eNA4uj5lbP3XFC4MZjonaXpkKZ0PjkFEkZbGUWc4mo7r1RS15nW
1RYc8FacYAk66aDJ2pKsHkRw7W3qKRKtLUpzgUVs5I5GyERkNgnfJdGShrgrOfTy
aLGUFaEe6ZC3N1ZBUdGlaIslHXTUKkyadE26CZJMQKp0b61mFZZM4bsluQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIJZ5vMZBZpMg5wFIsLGrQNiqHYLMB8GA1UdIwQY
MBaAFN6xgN3HFDED8C5py5zaGcI5XlehMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3JHQTNjY1VNUVB3TG1uTG5Ob1p3amxlVjZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy9mOTA4ODMtZTQ4MC00Y2YxLWFiZDIt
OTA5MWNkNzNkMzhjLzEvZ2xubTh4a0Zta3lEbkFVaXdzYXRBMktvZGdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy9mOTA4ODMtZTQ4MC00Y2YxLWFiZDItOTA5MWNkNzNkMzhj
LzEvM3JHQTNjY1VNUVB3TG1uTG5Ob1p3amxlVjZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQEUPZwMA0E
AgACMAcDBQMqE3nAMA0GCSqGSIb3DQEBCwUAA4IBAQCZVJC18fMLBC2IGd12Ss3l
l0lclpn+rElFW5QBxJIgRL5CVQXXZ3WK5kuv4m+Zcm6PnOsLdJQ4pFOsu2XZQqol
o/34fInuYTz5m6wUuuwzjDUMATsPeWBG/d5EVReh3Dk+IENQfv6APCZz3sXW7n4e
tc15134DQ/OiaYfzDZhSrSbf8nw2OSlyn2GSawSw11FpFwAA/dMGdKlv78+V2i6s
CudiXHpME8eTbOpQUubDw4wf8gCHkLhwL7vOassN1wcKMfY1fIjTJL65P/zTq8dg
SAgx1bceHo9um46DgzDR3uFDB4F6QnXpu4Z01HRR9JtMWL50A3pD+6+yXy+ZQbVc
-----END CERTIFICATE-----
Generated at Sun Mar 29 13:39:08 2026 by rpki-client