Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/8c1544-7cf2-4871-a1df-0253d04fb8ff/1/1J8iJjDshk0K5lYg4l_c2ofYegs.roa
File: 1J8iJjDshk0K5lYg4l_c2ofYegs.roa (raw, json)
Hash identifier: qSMx+hDj/RyqV4hBcH75SbfZI3k3bmyUJ0HCop3PjC0=
Subject key identifier: D4:9F:22:26:30:EC:86:4D:0A:E6:56:20:E2:5F:DC:DA:87:D8:7A:0B
Certificate issuer: /CN=943e3f4856dac2a005c3a52347114dec453934b8
Certificate serial: 019CE12BD0E322952A0A617EEE8126F824AB
Authority key identifier: 94:3E:3F:48:56:DA:C2:A0:05:C3:A5:23:47:11:4D:EC:45:39:34:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lD4_SFbawqAFw6UjRxFN7EU5NLg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/8c1544-7cf2-4871-a1df-0253d04fb8ff/1/1J8iJjDshk0K5lYg4l_c2ofYegs.roa
Signing time: Thu 12 Mar 2026 08:31:10 +0000
ROA not before: Thu 12 Mar 2026 08:31:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 8300
IP address blocks: 62.202.201.0/24 maxlen: 24
62.202.203.0/24 maxlen: 24
2a02:1211:e400::/40 maxlen: 40
2a02:1211:e500::/40 maxlen: 40
2a02:1211:e600::/40 maxlen: 40
2a02:1211:e700::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6c/8c1544-7cf2-4871-a1df-0253d04fb8ff/1/lD4_SFbawqAFw6UjRxFN7EU5NLg.crl
rsync://rpki.ripe.net/repository/DEFAULT/6c/8c1544-7cf2-4871-a1df-0253d04fb8ff/1/lD4_SFbawqAFw6UjRxFN7EU5NLg.mft
rsync://rpki.ripe.net/repository/DEFAULT/lD4_SFbawqAFw6UjRxFN7EU5NLg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Mar 2026 21:05:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e1:2b:d0:e3:22:95:2a:0a:61:7e:ee:81:26:f8:24:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=943e3f4856dac2a005c3a52347114dec453934b8
Validity
Not Before: Mar 12 08:31:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d49f222630ec864d0ae65620e25fdcda87d87a0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:46:30:8f:11:4d:aa:08:77:cc:e4:44:f2:86:
fa:3e:4d:a1:b2:f2:25:bd:3f:d6:24:5e:d1:72:9a:
fc:47:ab:ef:72:64:72:ed:7f:8e:0e:54:4e:93:df:
e9:2d:6f:b9:d7:67:6a:be:8b:65:a4:66:29:62:a2:
0b:d0:92:ff:31:17:37:84:5e:0e:a6:08:d8:a5:3a:
26:24:1a:5f:48:96:ab:4a:f9:48:c2:ec:73:e6:aa:
8e:f2:38:81:32:6f:c0:6d:3f:01:9f:0c:c9:9f:c1:
ce:ef:31:4f:75:c9:be:dd:bd:3a:50:20:96:dc:1a:
66:6d:e6:07:25:10:b3:f7:0c:39:4a:2f:ed:0f:94:
7d:56:c8:b9:32:ba:43:51:21:bd:eb:4f:e8:0f:fd:
ab:11:6d:30:83:1a:a8:64:12:16:7f:85:9a:c6:bb:
e6:21:5f:00:55:1f:47:6d:dd:4f:b5:16:ed:c4:76:
ce:82:04:bc:43:8e:60:9f:0c:f4:ef:ef:b3:1a:bd:
a2:75:48:61:d0:a8:23:8c:3a:4e:27:dd:c0:59:22:
40:d3:58:ac:0c:b6:4f:f8:d8:b6:88:64:9f:92:2a:
f7:26:c4:c1:21:31:f7:c6:7f:be:3b:e8:64:83:33:
1f:0c:10:bc:b9:82:d9:70:74:c9:34:d5:7a:0b:b0:
48:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:9F:22:26:30:EC:86:4D:0A:E6:56:20:E2:5F:DC:DA:87:D8:7A:0B
X509v3 Authority Key Identifier:
keyid:94:3E:3F:48:56:DA:C2:A0:05:C3:A5:23:47:11:4D:EC:45:39:34:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lD4_SFbawqAFw6UjRxFN7EU5NLg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/8c1544-7cf2-4871-a1df-0253d04fb8ff/1/1J8iJjDshk0K5lYg4l_c2ofYegs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/8c1544-7cf2-4871-a1df-0253d04fb8ff/1/lD4_SFbawqAFw6UjRxFN7EU5NLg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.202.201.0/24
62.202.203.0/24
IPv6:
2a02:1211:e400::/38
Signature Algorithm: sha256WithRSAEncryption
08:34:b9:9b:ea:aa:f4:15:eb:c8:19:91:92:41:f3:65:8e:26:
50:44:2f:4e:ef:49:54:13:f1:01:08:07:3a:a1:3b:c0:48:76:
08:35:37:e9:59:de:98:89:34:3d:a1:4e:4b:3e:ad:dc:29:95:
58:43:f9:c2:68:1d:ea:ca:af:c3:94:8e:7e:30:64:58:21:e8:
bf:10:64:ab:6c:b8:72:bd:1e:02:87:1c:43:bb:bd:b4:7b:02:
c8:1b:9b:5f:3c:31:7d:d1:0e:a1:dc:c2:fa:86:f5:9b:68:fb:
ed:c3:4d:16:58:da:bd:f5:5c:df:ce:37:58:71:bf:3b:a3:7b:
7f:34:63:5b:a1:a5:34:bf:75:14:7e:e3:b8:24:23:14:c1:8f:
97:4d:af:ca:22:a0:fe:52:9f:cc:08:59:fc:52:c3:55:4d:0d:
20:e1:ca:39:98:51:5e:37:9c:81:ee:69:76:4b:35:97:79:5d:
86:12:1e:a1:c4:69:78:61:d7:da:6e:c6:4c:ad:96:0a:50:c0:
08:6d:9a:09:b5:46:aa:a9:f3:5c:7d:3c:e5:4d:5f:0f:15:5a:
fb:e0:a1:45:f8:79:bb:02:f4:8e:86:99:b1:a9:fa:70:2a:2a:
90:96:fa:70:1c:4f:25:fe:61:4e:66:20:65:b0:97:99:63:db:
2a:1b:e7:ec
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZzhK9DjIpUqCmF+7oEm+CSrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0M2UzZjQ4NTZkYWMyYTAwNWMzYTUyMzQ3MTE0ZGVjNDUz
OTM0YjgwHhcNMjYwMzEyMDgzMTEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDlmMjIyNjMwZWM4NjRkMGFlNjU2MjBlMjVmZGNkYTg3ZDg3YTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo0YwjxFNqgh3zORE8ob6Pk2hsvIl
vT/WJF7Rcpr8R6vvcmRy7X+ODlROk9/pLW+512dqvotlpGYpYqIL0JL/MRc3hF4O
pgjYpTomJBpfSJarSvlIwuxz5qqO8jiBMm/AbT8BnwzJn8HO7zFPdcm+3b06UCCW
3BpmbeYHJRCz9ww5Si/tD5R9Vsi5MrpDUSG960/oD/2rEW0wgxqoZBIWf4Waxrvm
IV8AVR9Hbd1PtRbtxHbOggS8Q45gnwz07++zGr2idUhh0KgjjDpOJ93AWSJA01is
DLZP+Ni2iGSfkir3JsTBITH3xn++O+hkgzMfDBC8uYLZcHTJNNV6C7BIUQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFNSfIiYw7IZNCuZWIOJf3NqH2HoLMB8GA1UdIwQY
MBaAFJQ+P0hW2sKgBcOlI0cRTexFOTS4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEQ0X1NGYmF3cUFGdzZValJ4Rk43RVU1TkxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy84YzE1NDQtN2NmMi00ODcxLWExZGYt
MDI1M2QwNGZiOGZmLzEvMUo4aUpqRHNoazBLNWxZZzRsX2Myb2ZZZWdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy84YzE1NDQtN2NmMi00ODcxLWExZGYtMDI1M2QwNGZiOGZm
LzEvbEQ0X1NGYmF3cUFGdzZValJ4Rk43RVU1TkxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQAPsrJAwQA
PsrLMA4EAgACMAgDBgIqAhIR5DANBgkqhkiG9w0BAQsFAAOCAQEACDS5m+qq9BXr
yBmRkkHzZY4mUEQvTu9JVBPxAQgHOqE7wEh2CDU36VnemIk0PaFOSz6t3CmVWEP5
wmgd6sqvw5SOfjBkWCHovxBkq2y4cr0eAoccQ7u9tHsCyBubXzwxfdEOodzC+ob1
m2j77cNNFljavfVc3843WHG/O6N7fzRjW6GlNL91FH7juCQjFMGPl02vyiKg/lKf
zAhZ/FLDVU0NIOHKOZhRXjecge5pdks1l3ldhhIeocRpeGHX2m7GTK2WClDACG2a
CbVGqqnzXH085U1fDxVa++ChRfh5uwL0joaZsan6cCoqkJb6cBxPJf5hTmYgZbCX
mWPbKhvn7A==
-----END CERTIFICATE-----
Generated at Fri Mar 13 04:10:52 2026 by rpki-client