Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/c89677-1d9a-418d-8593-c18e3ccc742b/1/r0AFj-BeUbLYPyjTprHPF7tdDuE.roa
File: r0AFj-BeUbLYPyjTprHPF7tdDuE.roa (raw, json)
Hash identifier: oCRnR5JTPT7Uzd20zuI9sNuaaOR3EwvRWmYovxeVTP8=
Subject key identifier: AF:40:05:8F:E0:5E:51:B2:D8:3F:28:D3:A6:B1:CF:17:BB:5D:0E:E1
Certificate issuer: /CN=5c6b0c001a99ab6296e242173bf7e7fdcf03c019
Certificate serial: 019E73B2664E4224B4C19CDFD11D808E90BD
Authority key identifier: 5C:6B:0C:00:1A:99:AB:62:96:E2:42:17:3B:F7:E7:FD:CF:03:C0:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XGsMABqZq2KW4kIXO_fn_c8DwBk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/c89677-1d9a-418d-8593-c18e3ccc742b/1/r0AFj-BeUbLYPyjTprHPF7tdDuE.roa
Signing time: Fri 29 May 2026 12:25:31 +0000
ROA not before: Fri 29 May 2026 12:25:31 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 9304
IP address blocks: 178.214.214.0/24 maxlen: 24
178.214.216.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7e/c89677-1d9a-418d-8593-c18e3ccc742b/1/XGsMABqZq2KW4kIXO_fn_c8DwBk.crl
rsync://rpki.ripe.net/repository/DEFAULT/7e/c89677-1d9a-418d-8593-c18e3ccc742b/1/XGsMABqZq2KW4kIXO_fn_c8DwBk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XGsMABqZq2KW4kIXO_fn_c8DwBk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 13:01:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:73:b2:66:4e:42:24:b4:c1:9c:df:d1:1d:80:8e:90:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c6b0c001a99ab6296e242173bf7e7fdcf03c019
Validity
Not Before: May 29 12:25:31 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=af40058fe05e51b2d83f28d3a6b1cf17bb5d0ee1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:6e:18:c4:57:87:84:e2:f6:8f:3f:1b:76:6a:
d8:46:3c:d8:32:7d:41:ee:cc:0f:d0:05:33:a3:4c:
de:9b:34:be:7f:75:17:82:c7:0b:50:65:11:2b:d6:
19:af:88:b7:f5:77:73:ff:94:4a:d5:d3:dd:6e:92:
3b:e6:cb:5a:0f:0c:50:94:fb:59:71:9d:e8:81:24:
4d:40:32:a6:88:ea:40:2d:2e:0f:56:41:92:cb:e4:
42:5d:dd:63:a1:b0:72:f1:1a:e4:d4:ff:51:3f:ae:
cd:15:2b:2a:b0:b9:7e:55:6a:62:f2:c1:14:fd:08:
e1:2f:24:e9:a0:a2:36:61:ad:b0:cf:8e:8e:7d:6c:
11:48:21:ee:82:9a:dc:a7:b2:22:90:a3:e8:61:f9:
4d:fe:51:53:f8:e5:d0:51:c1:52:ce:34:ca:f7:dd:
75:a4:42:a1:40:05:de:5d:86:eb:52:32:81:7c:9b:
36:8f:6f:9b:eb:c0:61:08:3a:e2:b1:49:0b:34:4e:
cd:3d:32:24:4d:fb:7d:7e:0e:70:7c:f1:95:55:ab:
08:d4:4a:9e:8c:27:7b:b5:3d:96:45:29:66:a8:50:
d5:73:0d:fd:71:a4:6c:9e:c7:24:8c:3d:54:37:74:
65:44:09:0a:78:67:c8:8c:0d:6a:75:9f:a5:d7:8b:
5e:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:40:05:8F:E0:5E:51:B2:D8:3F:28:D3:A6:B1:CF:17:BB:5D:0E:E1
X509v3 Authority Key Identifier:
keyid:5C:6B:0C:00:1A:99:AB:62:96:E2:42:17:3B:F7:E7:FD:CF:03:C0:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XGsMABqZq2KW4kIXO_fn_c8DwBk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/c89677-1d9a-418d-8593-c18e3ccc742b/1/r0AFj-BeUbLYPyjTprHPF7tdDuE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/c89677-1d9a-418d-8593-c18e3ccc742b/1/XGsMABqZq2KW4kIXO_fn_c8DwBk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.214.214.0/24
178.214.216.0/24
Signature Algorithm: sha256WithRSAEncryption
35:e9:11:2f:0f:45:90:51:08:7e:f1:76:0d:be:ed:49:6b:73:
cc:0e:41:80:46:b0:07:c3:32:d2:e8:17:e2:6c:ed:f5:33:ee:
65:ed:af:dd:b2:e1:9d:42:0b:3c:1d:b0:e3:31:6a:8f:39:87:
21:de:4d:be:32:7f:ff:74:f1:aa:87:9a:fa:0a:0d:5d:4a:b6:
b7:96:f9:91:d4:e1:42:05:cf:32:ff:07:77:1f:34:97:0a:87:
7d:1b:be:9d:d4:87:76:90:39:e6:24:dc:ea:e0:6c:ae:c1:ec:
90:49:01:c6:c1:50:f8:c6:11:8c:df:54:8f:10:66:44:6b:df:
65:08:72:7c:9c:9d:4a:90:97:f4:de:3a:57:4c:be:c9:89:ac:
4b:4c:72:fa:9d:cf:0d:c8:6f:b6:1d:3e:f4:fc:d4:86:3d:32:
d2:ad:9b:7a:f3:84:1b:11:55:f8:11:6c:71:fb:df:15:de:5f:
6c:62:ae:dc:2c:16:29:aa:2d:7a:eb:fb:59:a5:55:bd:6d:4e:
21:bd:4d:df:62:c8:bf:04:da:27:4a:1b:25:1f:13:c1:b7:7f:
b2:0b:94:0e:d3:30:fe:32:bb:73:e9:fd:23:9a:8c:7e:f5:60:
52:38:5a:74:1e:82:b4:08:30:c5:a6:13:50:89:90:60:29:ce:
cb:ca:54:36
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ5zsmZOQiS0wZzf0R2AjpC9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNmIwYzAwMWE5OWFiNjI5NmUyNDIxNzNiZjdlN2ZkY2Yw
M2MwMTkwHhcNMjYwNTI5MTIyNTMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjQwMDU4ZmUwNWU1MWIyZDgzZjI4ZDNhNmIxY2YxN2JiNWQwZWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw24YxFeHhOL2jz8bdmrYRjzYMn1B
7swP0AUzo0zemzS+f3UXgscLUGURK9YZr4i39Xdz/5RK1dPdbpI75staDwxQlPtZ
cZ3ogSRNQDKmiOpALS4PVkGSy+RCXd1jobBy8Rrk1P9RP67NFSsqsLl+VWpi8sEU
/QjhLyTpoKI2Ya2wz46OfWwRSCHugprcp7IikKPoYflN/lFT+OXQUcFSzjTK9911
pEKhQAXeXYbrUjKBfJs2j2+b68BhCDrisUkLNE7NPTIkTft9fg5wfPGVVasI1Eqe
jCd7tT2WRSlmqFDVcw39caRsnsckjD1UN3RlRAkKeGfIjA1qdZ+l14teawIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK9ABY/gXlGy2D8o06axzxe7XQ7hMB8GA1UdIwQY
MBaAFFxrDAAamatiluJCFzv35/3PA8AZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEdzTUFCcVpxMktXNGtJWE9fZm5fYzhEd0JrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9jODk2NzctMWQ5YS00MThkLTg1OTMt
YzE4ZTNjY2M3NDJiLzEvcjBBRmotQmVVYkxZUHlqVHBySFBGN3RkRHVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9jODk2NzctMWQ5YS00MThkLTg1OTMtYzE4ZTNjY2M3NDJi
LzEvWEdzTUFCcVpxMktXNGtJWE9fZm5fYzhEd0JrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAstbWAwQA
stbYMA0GCSqGSIb3DQEBCwUAA4IBAQA16REvD0WQUQh+8XYNvu1Ja3PMDkGARrAH
wzLS6BfibO31M+5l7a/dsuGdQgs8HbDjMWqPOYch3k2+Mn//dPGqh5r6Cg1dSra3
lvmR1OFCBc8y/wd3HzSXCod9G76d1Id2kDnmJNzq4GyuweyQSQHGwVD4xhGM31SP
EGZEa99lCHJ8nJ1KkJf03jpXTL7JiaxLTHL6nc8NyG+2HT70/NSGPTLSrZt684Qb
EVX4EWxx+98V3l9sYq7cLBYpqi166/tZpVW9bU4hvU3fYsi/BNonShslHxPBt3+y
C5QO0zD+Mrtz6f0jmox+9WBSOFp0HoK0CDDFphNQiZBgKc7LylQ2
-----END CERTIFICATE-----
Generated at Tue Jun 2 20:50:31 2026 by rpki-client