Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/rDG-AsNjvl2_saHLd2-gAR4GSFk.roa
File: rDG-AsNjvl2_saHLd2-gAR4GSFk.roa (raw, json)
Hash identifier: /VNpKM5bPDeHxjflPXNKFB2OTbOQfLdehbQgPeBJtwI=
Subject key identifier: AC:31:BE:02:C3:63:BE:5D:BF:B1:A1:CB:77:6F:A0:01:1E:06:48:59
Certificate issuer: /CN=5853e65a3087b4ca85c8802b60ff0f02b4106d97
Certificate serial: 019E8E3D1D4BC959D90F57E7054F0B32F198
Authority key identifier: 58:53:E6:5A:30:87:B4:CA:85:C8:80:2B:60:FF:0F:02:B4:10:6D:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WFPmWjCHtMqFyIArYP8PArQQbZc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/rDG-AsNjvl2_saHLd2-gAR4GSFk.roa
Signing time: Wed 03 Jun 2026 16:07:10 +0000
ROA not before: Wed 03 Jun 2026 16:07:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 51456
IP address blocks: 212.107.248.0/21 maxlen: 21
212.107.248.0/23 maxlen: 23
212.107.252.0/22 maxlen: 22
212.107.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/WFPmWjCHtMqFyIArYP8PArQQbZc.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/WFPmWjCHtMqFyIArYP8PArQQbZc.mft
rsync://rpki.ripe.net/repository/DEFAULT/WFPmWjCHtMqFyIArYP8PArQQbZc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 20:26:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:8e:3d:1d:4b:c9:59:d9:0f:57:e7:05:4f:0b:32:f1:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5853e65a3087b4ca85c8802b60ff0f02b4106d97
Validity
Not Before: Jun 3 16:07:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ac31be02c363be5dbfb1a1cb776fa0011e064859
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:94:ac:ee:b9:8d:a5:71:29:9e:a7:96:00:9b:
08:c7:07:3d:41:61:f8:5b:fb:5e:53:70:25:e6:e1:
ab:05:0b:e0:3f:a3:46:ca:d3:ad:bf:99:95:a6:13:
c2:80:8c:dc:a4:2f:0f:ed:c8:17:eb:a9:13:cc:cb:
be:9a:b0:4d:6e:35:0a:93:e0:32:64:f1:3d:3d:37:
e9:02:8a:fa:b8:91:81:45:7f:e5:a8:d1:c8:9c:dd:
9c:62:0d:8a:38:e1:a4:1b:9c:37:09:00:e1:e4:12:
a0:ea:55:8c:4d:19:ae:cd:f1:e4:34:be:89:b0:ad:
eb:8a:8c:66:c6:34:53:8c:22:4e:66:4c:30:24:f3:
4f:2d:4a:9e:d3:a8:65:ed:01:3a:f3:ac:d9:db:21:
82:a8:aa:8f:e5:54:5c:19:49:63:a7:89:79:ca:07:
29:dd:9e:95:ac:05:79:b9:24:87:f4:f5:b3:b6:7f:
07:4a:3c:12:37:f8:af:16:ab:ff:2c:0d:fa:ba:27:
e6:c0:15:5e:6e:7d:c5:ae:3c:fa:ca:24:bf:51:5f:
c0:94:2c:6c:76:10:ac:22:bf:c1:95:83:a4:5d:b2:
9a:64:80:89:40:1a:1f:af:be:21:99:af:58:e6:1a:
a9:41:5a:52:03:ae:f5:67:09:e5:5f:1a:bd:e8:39:
01:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:31:BE:02:C3:63:BE:5D:BF:B1:A1:CB:77:6F:A0:01:1E:06:48:59
X509v3 Authority Key Identifier:
keyid:58:53:E6:5A:30:87:B4:CA:85:C8:80:2B:60:FF:0F:02:B4:10:6D:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WFPmWjCHtMqFyIArYP8PArQQbZc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/rDG-AsNjvl2_saHLd2-gAR4GSFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/WFPmWjCHtMqFyIArYP8PArQQbZc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.107.248.0/21
Signature Algorithm: sha256WithRSAEncryption
c2:11:22:72:ee:ff:7e:c4:a0:bf:32:35:cb:bd:78:ce:da:19:
a8:83:9f:15:24:fa:9d:05:2e:89:b8:84:55:db:9e:af:01:f7:
01:bc:6e:33:f5:46:5e:93:14:65:8a:64:86:ac:f3:58:97:ab:
d1:6c:bd:52:69:de:d6:31:e5:09:fe:db:14:b7:e4:86:15:ee:
bc:4e:dc:94:6a:85:01:c9:88:b8:eb:67:3d:17:60:b1:27:9b:
a3:59:53:cf:bd:65:3a:a1:98:7f:c8:bc:6e:53:6b:ab:de:ec:
e3:5f:58:bf:d1:b3:df:08:fe:67:dc:66:49:67:91:55:33:e5:
2b:29:73:cc:c0:64:43:d5:8b:fd:5c:b0:ee:d6:ab:54:ca:87:
51:09:0f:b4:6f:3d:65:7c:dd:3b:cc:41:af:87:61:c6:4e:e7:
84:98:80:27:8e:45:b7:49:1f:72:77:db:c7:c2:ce:91:dc:a4:
14:fa:a7:38:38:da:b4:1b:e9:12:23:54:53:c8:7f:44:e5:ed:
01:fd:24:56:5c:14:fa:db:a1:8f:94:c4:63:17:7a:e2:d8:29:
3c:31:3b:cd:f5:fc:62:5f:23:2c:89:cf:54:25:4e:67:70:70:
a5:21:4b:3b:ce:f5:d5:9f:33:6b:ef:6b:67:09:61:33:ae:42:
9e:05:74:90
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ6OPR1LyVnZD1fnBU8LMvGYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4NTNlNjVhMzA4N2I0Y2E4NWM4ODAyYjYwZmYwZjAyYjQx
MDZkOTcwHhcNMjYwNjAzMTYwNzEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzMxYmUwMmMzNjNiZTVkYmZiMWExY2I3NzZmYTAwMTFlMDY0ODU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZSs7rmNpXEpnqeWAJsIxwc9QWH4
W/teU3Al5uGrBQvgP6NGytOtv5mVphPCgIzcpC8P7cgX66kTzMu+mrBNbjUKk+Ay
ZPE9PTfpAor6uJGBRX/lqNHInN2cYg2KOOGkG5w3CQDh5BKg6lWMTRmuzfHkNL6J
sK3rioxmxjRTjCJOZkwwJPNPLUqe06hl7QE686zZ2yGCqKqP5VRcGUljp4l5ygcp
3Z6VrAV5uSSH9PWztn8HSjwSN/ivFqv/LA36uifmwBVebn3Frjz6yiS/UV/AlCxs
dhCsIr/BlYOkXbKaZICJQBofr74hma9Y5hqpQVpSA671ZwnlXxq96DkBfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKwxvgLDY75dv7Ghy3dvoAEeBkhZMB8GA1UdIwQY
MBaAFFhT5lowh7TKhciAK2D/DwK0EG2XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0ZQbVdqQ0h0TXFGeUlBcllQOFBBclFRYlpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi82YWZkMWUtY2I3ZS00ZTZlLWE4YTQt
ZTE4NjAyNzM5Y2Q1LzEvckRHLUFzTmp2bDJfc2FITGQyLWdBUjRHU0ZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi82YWZkMWUtY2I3ZS00ZTZlLWE4YTQtZTE4NjAyNzM5Y2Q1
LzEvV0ZQbVdqQ0h0TXFGeUlBcllQOFBBclFRYlpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD1Gv4MA0G
CSqGSIb3DQEBCwUAA4IBAQDCESJy7v9+xKC/MjXLvXjO2hmog58VJPqdBS6JuIRV
256vAfcBvG4z9UZekxRlimSGrPNYl6vRbL1Sad7WMeUJ/tsUt+SGFe68TtyUaoUB
yYi462c9F2CxJ5ujWVPPvWU6oZh/yLxuU2ur3uzjX1i/0bPfCP5n3GZJZ5FVM+Ur
KXPMwGRD1Yv9XLDu1qtUyodRCQ+0bz1lfN07zEGvh2HGTueEmIAnjkW3SR9yd9vH
ws6R3KQU+qc4ONq0G+kSI1RTyH9E5e0B/SRWXBT626GPlMRjF3ri2Ck8MTvN9fxi
XyMsic9UJU5ncHClIUs7zvXVnzNr72tnCWEzrkKeBXSQ
-----END CERTIFICATE-----
Generated at Thu Jun 11 23:41:33 2026 by rpki-client