Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/1GFAtlcUlaf60DpxTvgEzaWM7tE.roa
File: 1GFAtlcUlaf60DpxTvgEzaWM7tE.roa (raw, json)
Hash identifier: dykia7zXWwpqogUCseZJgA+Bn3OQBUTsK2CryV1n4C4=
Subject key identifier: D4:61:40:B6:57:14:95:A7:FA:D0:3A:71:4E:F8:04:CD:A5:8C:EE:D1
Certificate issuer: /CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Certificate serial: 019CC7C8BB7D556ED1F6EAD73B4C8EEA4F61
Authority key identifier: 93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/1GFAtlcUlaf60DpxTvgEzaWM7tE.roa
Signing time: Sat 07 Mar 2026 10:12:26 +0000
ROA not before: Sat 07 Mar 2026 10:12:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 207359
IP address blocks: 217.147.13.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.mft
rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Mar 2026 20:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:c7:c8:bb:7d:55:6e:d1:f6:ea:d7:3b:4c:8e:ea:4f:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Validity
Not Before: Mar 7 10:12:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d46140b6571495a7fad03a714ef804cda58ceed1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:35:94:ad:f7:49:a9:10:3e:0d:d3:26:9b:c2:
7c:99:b2:4b:a8:ab:c0:a8:27:43:66:ec:7c:c8:c9:
8f:a0:b6:23:2b:e3:82:55:a3:68:df:1e:c0:3d:18:
2c:e9:03:82:d8:b4:ad:4e:1a:24:51:3d:fb:14:51:
b0:94:e3:70:83:7c:36:3a:e8:ac:64:d6:64:f7:bf:
f1:f0:e9:b6:d8:e7:74:ca:16:b1:6c:9d:cb:65:da:
bf:8e:ef:14:0c:05:73:17:18:5b:00:05:87:db:df:
bb:bb:e8:73:74:c9:2a:8d:e0:63:08:d1:36:26:0c:
a8:2c:5d:01:5f:6c:9f:22:7f:27:48:38:46:a3:45:
c2:57:82:2d:16:38:fb:1d:ee:a0:e5:40:63:53:42:
7d:f4:f3:94:8e:10:04:43:f1:df:7c:9f:55:d2:3d:
37:8b:f6:37:90:24:3e:4b:8b:81:4c:39:44:21:e7:
10:14:d8:a3:de:8f:db:14:8e:23:81:12:f0:52:87:
2a:75:b4:6a:b3:29:60:cb:dc:5f:90:03:f2:c3:12:
cd:ad:ee:a5:0a:1c:7c:64:fa:34:83:73:35:98:b9:
61:9b:57:8a:8b:6d:a5:9d:23:b8:01:5b:52:cf:ec:
1f:53:19:e1:2b:98:9d:9f:d0:37:e7:37:7b:22:a8:
f9:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:61:40:B6:57:14:95:A7:FA:D0:3A:71:4E:F8:04:CD:A5:8C:EE:D1
X509v3 Authority Key Identifier:
keyid:93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/1GFAtlcUlaf60DpxTvgEzaWM7tE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.147.13.0/24
Signature Algorithm: sha256WithRSAEncryption
36:a1:c0:0a:0b:84:91:4f:17:b5:70:55:aa:b0:45:70:47:74:
91:4b:01:bc:70:8a:80:08:67:54:46:03:f7:33:56:fc:32:df:
57:c9:b6:8b:09:98:ba:10:c2:9c:f2:71:4d:fb:d9:53:c6:da:
34:ec:a9:04:17:b4:12:30:6b:b4:f6:ad:a3:d0:eb:4b:1a:e5:
8a:12:8e:57:4b:e6:db:62:53:a8:6e:b9:03:72:fd:79:79:ce:
62:0d:0b:a9:99:03:3c:96:29:64:d3:6a:c7:32:0e:81:08:0e:
4c:ba:de:7a:eb:9c:86:7a:0b:c3:44:88:4b:14:7c:e9:08:5f:
46:c5:52:e3:2d:1c:20:0b:ab:a1:93:a5:ef:c8:6a:d5:9f:c0:
c2:be:f6:ca:03:e7:1b:83:a7:3c:a9:07:f3:3a:ae:a6:57:eb:
af:8d:5f:41:ed:8f:e6:8a:82:88:57:1a:9c:a2:34:70:bc:8c:
46:b6:ef:91:82:88:49:a6:9d:fa:7f:20:c1:ea:a0:3f:74:4f:
67:8e:ae:63:d6:09:69:5e:f5:1a:77:b7:d8:d2:46:19:b8:59:
14:17:e4:63:9b:e2:15:5c:ce:3d:b7:77:38:ff:86:37:8a:6e:
08:2d:d8:3b:dc:2a:0e:f8:7d:f6:e3:4d:85:39:fd:2e:5b:34:
46:2a:93:67
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZzHyLt9VW7R9urXO0yO6k9hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjc3ZDdjYjkyNzFjZTM2MTI1NmU5ODMzY2M3YjE0ZmQw
MjNlYmUwHhcNMjYwMzA3MTAxMjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDYxNDBiNjU3MTQ5NWE3ZmFkMDNhNzE0ZWY4MDRjZGE1OGNlZWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnTWUrfdJqRA+DdMmm8J8mbJLqKvA
qCdDZux8yMmPoLYjK+OCVaNo3x7APRgs6QOC2LStThokUT37FFGwlONwg3w2Ouis
ZNZk97/x8Om22Od0yhaxbJ3LZdq/ju8UDAVzFxhbAAWH29+7u+hzdMkqjeBjCNE2
JgyoLF0BX2yfIn8nSDhGo0XCV4ItFjj7He6g5UBjU0J99POUjhAEQ/HffJ9V0j03
i/Y3kCQ+S4uBTDlEIecQFNij3o/bFI4jgRLwUocqdbRqsylgy9xfkAPywxLNre6l
Chx8ZPo0g3M1mLlhm1eKi22lnSO4AVtSz+wfUxnhK5idn9A35zd7Iqj57QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNRhQLZXFJWn+tA6cU74BM2ljO7RMB8GA1UdIwQY
MBaAFJNnfXy5JxzjYSVumDPMexT9Aj6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYt
OTlhY2I5OWNlNzU0LzEvMUdGQXRsY1VsYWY2MERweFR2Z0V6YVdNN3RFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYtOTlhY2I5OWNlNzU0
LzEvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2ZMNMA0G
CSqGSIb3DQEBCwUAA4IBAQA2ocAKC4SRTxe1cFWqsEVwR3SRSwG8cIqACGdURgP3
M1b8Mt9XybaLCZi6EMKc8nFN+9lTxto07KkEF7QSMGu09q2j0OtLGuWKEo5XS+bb
YlOobrkDcv15ec5iDQupmQM8lilk02rHMg6BCA5Mut5665yGegvDRIhLFHzpCF9G
xVLjLRwgC6uhk6XvyGrVn8DCvvbKA+cbg6c8qQfzOq6mV+uvjV9B7Y/mioKIVxqc
ojRwvIxGtu+RgohJpp36fyDB6qA/dE9njq5j1glpXvUad7fY0kYZuFkUF+Rjm+IV
XM49t3c4/4Y3im4ILdg73CoO+H32402FOf0uWzRGKpNn
-----END CERTIFICATE-----
Generated at Sat Mar 14 22:56:36 2026 by rpki-client