Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/AJLP9JiL00zLQVdWs1QaU1UT0i4.roa
File: AJLP9JiL00zLQVdWs1QaU1UT0i4.roa (raw, json)
Hash identifier: rln/wA7IR5Ivsdngw+7h4V6CmOpdbKfoxbL3+mwh54k=
Subject key identifier: 00:92:CF:F4:98:8B:D3:4C:CB:41:57:56:B3:54:1A:53:55:13:D2:2E
Certificate issuer: /CN=1ba51a0bc0f0afebbf6d5d927fe1f9816f52352d
Certificate serial: 019CDE6BC6B3559B130696D6EC06FC2EA6C1
Authority key identifier: 1B:A5:1A:0B:C0:F0:AF:EB:BF:6D:5D:92:7F:E1:F9:81:6F:52:35:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/AJLP9JiL00zLQVdWs1QaU1UT0i4.roa
Signing time: Wed 11 Mar 2026 19:42:11 +0000
ROA not before: Wed 11 Mar 2026 19:42:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 63911
IP address blocks: 62.32.33.0/24 maxlen: 24
62.32.34.0/24 maxlen: 24
64.255.0.0/21 maxlen: 24
64.255.16.0/21 maxlen: 24
64.255.28.0/22 maxlen: 24
64.255.32.0/22 maxlen: 24
64.255.36.0/22 maxlen: 24
64.255.48.0/22 maxlen: 24
64.255.56.0/21 maxlen: 24
69.5.160.0/21 maxlen: 24
165.217.100.0/22 maxlen: 24
168.151.0.0/22 maxlen: 24
168.151.9.0/24 maxlen: 24
193.33.64.0/23 maxlen: 24
195.214.213.0/24 maxlen: 24
195.214.214.0/24 maxlen: 24
208.92.160.0/21 maxlen: 24
213.187.156.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.mft
rsync://rpki.ripe.net/repository/DEFAULT/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Mar 2026 21:05:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:de:6b:c6:b3:55:9b:13:06:96:d6:ec:06:fc:2e:a6:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ba51a0bc0f0afebbf6d5d927fe1f9816f52352d
Validity
Not Before: Mar 11 19:42:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0092cff4988bd34ccb415756b3541a535513d22e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:e7:f3:ca:3f:85:4a:72:c5:da:c1:4a:8a:44:
b8:ac:9f:10:12:aa:f8:e2:f3:c7:84:85:de:bc:8d:
86:c1:9f:69:67:b1:e6:c1:96:16:de:52:1e:19:fe:
c7:35:ee:5e:c9:a7:75:5e:45:8e:b4:e4:ae:a0:d6:
eb:86:a5:48:f8:ed:cb:95:a9:41:00:63:8c:10:df:
36:ed:70:bd:46:92:20:62:c9:7d:9c:34:75:22:af:
6b:d9:a2:86:99:36:c8:d1:c9:39:1b:d9:74:75:ce:
cc:22:d4:db:f8:f9:22:e4:5a:a3:d4:9e:01:f5:9e:
bc:65:30:76:98:a5:55:58:fc:60:32:fb:df:d5:c1:
7a:62:ef:0d:0e:2c:e0:03:4d:2d:9b:3d:17:6c:72:
cc:7f:72:8b:e7:90:f7:b4:00:78:c9:25:23:b2:9b:
89:06:d0:e4:ae:58:c3:71:f6:00:23:70:1a:bf:f7:
83:d4:d9:73:c4:04:0b:dc:a6:53:da:e3:5f:4a:04:
6c:91:79:ec:af:71:33:99:6b:8e:5f:c2:24:71:23:
0a:f8:b0:94:a9:a8:7b:65:e0:17:d2:51:ce:31:da:
e2:61:89:c6:e3:9a:b5:de:ca:3a:c9:ac:7c:35:c7:
fc:d7:b3:25:2f:c3:33:9a:53:81:a1:ba:28:14:29:
99:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:92:CF:F4:98:8B:D3:4C:CB:41:57:56:B3:54:1A:53:55:13:D2:2E
X509v3 Authority Key Identifier:
keyid:1B:A5:1A:0B:C0:F0:AF:EB:BF:6D:5D:92:7F:E1:F9:81:6F:52:35:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/AJLP9JiL00zLQVdWs1QaU1UT0i4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.32.33.0-62.32.34.255
64.255.0.0/21
64.255.16.0/21
64.255.28.0-64.255.39.255
64.255.48.0/22
64.255.56.0/21
69.5.160.0/21
165.217.100.0/22
168.151.0.0/22
168.151.9.0/24
193.33.64.0/23
195.214.213.0-195.214.214.255
208.92.160.0/21
213.187.156.0/22
Signature Algorithm: sha256WithRSAEncryption
8d:67:dc:8d:25:e7:f9:c1:5a:95:2e:79:34:e9:62:2f:b2:fe:
60:ea:46:c2:ab:16:f7:6f:6c:f9:db:d6:3d:ed:ed:36:30:90:
09:ef:91:b3:1e:17:28:28:9c:ba:e1:2d:b5:04:fc:84:4a:cf:
5f:a5:1b:67:ee:60:84:95:72:da:ff:6f:6e:23:de:9b:4e:bf:
95:e8:7c:62:54:11:98:c9:8a:80:ef:51:b3:d5:bf:8d:9b:a7:
ec:0b:b7:7b:68:b7:15:a8:5e:ab:6c:d0:11:e7:21:c7:cd:99:
ff:df:9f:5b:19:df:84:77:26:fb:e2:bd:eb:9e:d9:ae:fe:5d:
2b:88:9c:59:87:53:68:df:9b:22:8f:e0:5f:c9:07:5a:33:0c:
22:eb:76:c8:db:59:37:6f:1f:30:da:85:b6:6f:14:e4:76:c5:
de:7f:50:80:68:58:96:68:25:a3:97:cd:bd:9c:2f:75:0f:ae:
a8:07:e8:9d:8e:8c:0d:35:08:fe:d0:41:a7:3c:85:af:1d:57:
07:a4:32:36:84:11:b0:5b:5d:91:0d:77:da:42:5c:2c:32:d3:
ce:92:3b:cd:7a:d8:06:69:07:3a:0f:24:b1:dd:75:00:ed:97:
b3:b2:c9:f1:ea:ea:db:fe:8e:7f:92:1d:e3:f3:7f:eb:40:da:
4d:73:86:0a
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAZzea8azVZsTBpbW7Ab8LqbBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiYTUxYTBiYzBmMGFmZWJiZjZkNWQ5MjdmZTFmOTgxNmY1
MjM1MmQwHhcNMjYwMzExMTk0MjExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDkyY2ZmNDk4OGJkMzRjY2I0MTU3NTZiMzU0MWE1MzU1MTNkMjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlefzyj+FSnLF2sFKikS4rJ8QEqr4
4vPHhIXevI2GwZ9pZ7HmwZYW3lIeGf7HNe5eyad1XkWOtOSuoNbrhqVI+O3LlalB
AGOMEN827XC9RpIgYsl9nDR1Iq9r2aKGmTbI0ck5G9l0dc7MItTb+Pki5Fqj1J4B
9Z68ZTB2mKVVWPxgMvvf1cF6Yu8NDizgA00tmz0XbHLMf3KL55D3tAB4ySUjspuJ
BtDkrljDcfYAI3Aav/eD1NlzxAQL3KZT2uNfSgRskXnsr3EzmWuOX8IkcSMK+LCU
qah7ZeAX0lHOMdriYYnG45q13so6yax8Ncf817MlL8MzmlOBobooFCmZ3QIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFACSz/SYi9NMy0FXVrNUGlNVE9IuMB8GA1UdIwQY
MBaAFBulGgvA8K/rv21dkn/h+YFvUjUtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzZVYUM4RHdyLXVfYlYyU2YtSDVnVzlTTlMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80ZjIxMWUtNzlkNy00NTA0LTllYWQt
ODcxZjllZDcwOGUwLzEvQUpMUDlKaUwwMHpMUVZkV3MxUWFVMVVUMGk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80ZjIxMWUtNzlkNy00NTA0LTllYWQtODcxZjllZDcwOGUw
LzEvRzZVYUM4RHdyLXVfYlYyU2YtSDVnVzlTTlMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbDAMAwQAPiAh
AwQAPiAiAwQDQP8AAwQDQP8QMAwDBAJA/xwDBANA/yADBAJA/zADBANA/zgDBANF
BaADBAKl2WQDBAKolwADBAColwkDBAHBIUAwDAMEAMPW1QMEAMPW1gMEA9BcoAME
AtW7nDANBgkqhkiG9w0BAQsFAAOCAQEAjWfcjSXn+cFalS55NOliL7L+YOpGwqsW
929s+dvWPe3tNjCQCe+Rsx4XKCicuuEttQT8hErPX6UbZ+5ghJVy2v9vbiPem06/
leh8YlQRmMmKgO9Rs9W/jZun7Au3e2i3Faheq2zQEechx82Z/9+fWxnfhHcm++K9
657Zrv5dK4icWYdTaN+bIo/gX8kHWjMMIut2yNtZN28fMNqFtm8U5HbF3n9QgGhY
lmglo5fNvZwvdQ+uqAfonY6MDTUI/tBBpzyFrx1XB6QyNoQRsFtdkQ132kJcLDLT
zpI7zXrYBmkHOg8ksd11AO2Xs7LJ8erq2/6Of5Id4/N/60DaTXOGCg==
-----END CERTIFICATE-----
Generated at Fri Mar 13 05:28:43 2026 by rpki-client