Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/c57dc2-cfa9-42b9-b9c7-7f201212d883/1/_Sg-Ok67OaoyeP-hghZrij9Q1F8.roa
File: _Sg-Ok67OaoyeP-hghZrij9Q1F8.roa (raw, json)
Hash identifier: lBGTEGK+kOeRMB1Hj50S1sF2hEOSmV/Hxb+g9yqzKMk=
Subject key identifier: FD:28:3E:3A:4E:BB:39:AA:32:78:FF:A1:82:16:6B:8A:3F:50:D4:5F
Certificate issuer: /CN=26bdec99d89565a634a7b2c5401fed7ac47bf232
Certificate serial: 019EB049DE7660646110AAE88FE09A169A71
Authority key identifier: 26:BD:EC:99:D8:95:65:A6:34:A7:B2:C5:40:1F:ED:7A:C4:7B:F2:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Jr3smdiVZaY0p7LFQB_tesR78jI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/c57dc2-cfa9-42b9-b9c7-7f201212d883/1/_Sg-Ok67OaoyeP-hghZrij9Q1F8.roa
Signing time: Wed 10 Jun 2026 06:48:11 +0000
ROA not before: Wed 10 Jun 2026 06:48:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 16074
IP address blocks: 62.112.160.0/19 maxlen: 20
62.145.32.0/19 maxlen: 24
192.113.0.0/16 maxlen: 24
2a01:67c0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/c57dc2-cfa9-42b9-b9c7-7f201212d883/1/Jr3smdiVZaY0p7LFQB_tesR78jI.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/c57dc2-cfa9-42b9-b9c7-7f201212d883/1/Jr3smdiVZaY0p7LFQB_tesR78jI.mft
rsync://rpki.ripe.net/repository/DEFAULT/Jr3smdiVZaY0p7LFQB_tesR78jI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 03:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:b0:49:de:76:60:64:61:10:aa:e8:8f:e0:9a:16:9a:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26bdec99d89565a634a7b2c5401fed7ac47bf232
Validity
Not Before: Jun 10 06:48:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=fd283e3a4ebb39aa3278ffa182166b8a3f50d45f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:7e:28:ac:45:2e:d8:a0:f0:af:ff:d8:fd:25:
93:7c:15:6f:a7:50:a0:02:6c:e9:dd:ce:0a:4c:b0:
9f:6e:17:f4:42:97:5f:ed:8b:80:73:38:d9:46:4e:
9a:da:60:c0:96:fe:3a:fc:af:9f:56:d1:f1:41:1f:
9d:a1:3f:d4:3d:ad:ee:20:0f:18:8c:cb:26:1a:53:
4a:fb:2a:0b:f4:f1:0b:78:5b:dd:40:ac:78:3c:6b:
30:5f:d6:c0:65:c9:de:a7:8c:c8:64:28:3b:bd:55:
5a:c9:f1:61:94:58:91:39:7e:20:07:57:6d:60:06:
50:bd:07:6f:64:89:ff:d3:63:db:e2:1e:5a:d5:71:
c4:b6:33:72:d4:5a:7c:02:a6:33:49:46:36:ba:7e:
61:f8:28:63:c1:e6:5b:1c:8b:20:db:bd:9b:ca:2f:
f1:c6:4d:8d:79:43:bb:c6:65:14:01:38:8c:78:dd:
c4:84:03:88:0c:9d:77:0a:89:11:a8:e1:2f:f6:0b:
dd:2e:aa:36:bc:60:9d:69:c5:9c:8d:8f:3c:cd:e5:
e1:21:33:12:9f:5f:15:09:59:c3:2b:24:23:68:a2:
ad:08:90:f7:e9:e3:ab:02:3c:b9:04:3b:c3:e6:67:
34:5b:9a:8c:3d:d5:1c:ea:53:75:58:81:11:d3:84:
39:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:28:3E:3A:4E:BB:39:AA:32:78:FF:A1:82:16:6B:8A:3F:50:D4:5F
X509v3 Authority Key Identifier:
keyid:26:BD:EC:99:D8:95:65:A6:34:A7:B2:C5:40:1F:ED:7A:C4:7B:F2:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jr3smdiVZaY0p7LFQB_tesR78jI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/c57dc2-cfa9-42b9-b9c7-7f201212d883/1/_Sg-Ok67OaoyeP-hghZrij9Q1F8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/c57dc2-cfa9-42b9-b9c7-7f201212d883/1/Jr3smdiVZaY0p7LFQB_tesR78jI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.112.160.0/19
62.145.32.0/19
192.113.0.0/16
IPv6:
2a01:67c0::/32
Signature Algorithm: sha256WithRSAEncryption
d6:d5:70:42:a6:d9:c6:8e:04:fe:7c:70:52:a9:4c:eb:5a:9e:
76:b2:66:cd:58:45:9b:5c:cd:08:5b:50:d3:cd:55:74:7b:52:
2c:6e:cc:38:e8:cd:4b:cb:21:31:37:bc:be:d3:e1:73:bf:5c:
44:04:ba:7b:bc:b8:2e:a2:a3:8c:e6:c4:45:57:4b:f0:e2:e8:
ae:6b:22:1a:f4:61:07:9b:bd:33:23:39:ec:bd:d3:46:3f:69:
74:40:a5:15:94:34:64:b9:e2:df:b7:90:1a:b9:86:5a:09:26:
cf:14:2e:e7:f6:b6:84:ef:29:63:0f:2d:f1:4b:7f:1d:22:01:
c5:a5:71:bc:c0:b2:13:9f:78:4f:db:c6:64:24:a1:49:70:cc:
bc:94:50:78:10:99:32:71:48:f2:b4:c9:ab:c2:d6:79:87:53:
e8:1a:04:a5:c1:6a:57:0d:af:e3:1e:77:59:86:89:1a:11:16:
36:01:1b:da:64:e4:f2:21:02:94:bd:fa:7a:17:d2:df:d3:15:
fb:1e:3c:f2:24:ef:cd:98:03:55:b7:db:f8:81:0b:ad:a6:08:
46:3d:21:fb:59:07:ae:c5:c2:9b:27:c2:c8:97:a4:f0:5c:23:
7f:8a:53:84:3a:98:84:83:98:2a:5d:34:d4:eb:d7:f4:31:f1:
7a:5a:22:6a
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZ6wSd52YGRhEKroj+CaFppxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2YmRlYzk5ZDg5NTY1YTYzNGE3YjJjNTQwMWZlZDdhYzQ3
YmYyMzIwHhcNMjYwNjEwMDY0ODExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDI4M2UzYTRlYmIzOWFhMzI3OGZmYTE4MjE2NmI4YTNmNTBkNDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4X4orEUu2KDwr//Y/SWTfBVvp1Cg
Amzp3c4KTLCfbhf0Qpdf7YuAczjZRk6a2mDAlv46/K+fVtHxQR+doT/UPa3uIA8Y
jMsmGlNK+yoL9PELeFvdQKx4PGswX9bAZcnep4zIZCg7vVVayfFhlFiROX4gB1dt
YAZQvQdvZIn/02Pb4h5a1XHEtjNy1Fp8AqYzSUY2un5h+ChjweZbHIsg272byi/x
xk2NeUO7xmUUATiMeN3EhAOIDJ13CokRqOEv9gvdLqo2vGCdacWcjY88zeXhITMS
n18VCVnDKyQjaKKtCJD36eOrAjy5BDvD5mc0W5qMPdUc6lN1WIER04Q56QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFP0oPjpOuzmqMnj/oYIWa4o/UNRfMB8GA1UdIwQY
MBaAFCa97JnYlWWmNKeyxUAf7XrEe/IyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnIzc21kaVZaYVkwcDdMRlFCX3Rlc1I3OGpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9jNTdkYzItY2ZhOS00MmI5LWI5Yzct
N2YyMDEyMTJkODgzLzEvX1NnLU9rNjdPYW95ZVAtaGdoWnJpajlRMUY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9jNTdkYzItY2ZhOS00MmI5LWI5YzctN2YyMDEyMTJkODgz
LzEvSnIzc21kaVZaYVkwcDdMRlFCX3Rlc1I3OGpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAXBAIAATARAwQFPnCgAwQF
PpEgAwMAwHEwDQQCAAIwBwMFACoBZ8AwDQYJKoZIhvcNAQELBQADggEBANbVcEKm
2caOBP58cFKpTOtannayZs1YRZtczQhbUNPNVXR7UixuzDjozUvLITE3vL7T4XO/
XEQEunu8uC6io4zmxEVXS/Di6K5rIhr0YQebvTMjOey900Y/aXRApRWUNGS54t+3
kBq5hloJJs8ULuf2toTvKWMPLfFLfx0iAcWlcbzAshOfeE/bxmQkoUlwzLyUUHgQ
mTJxSPK0yavC1nmHU+gaBKXBalcNr+Med1mGiRoRFjYBG9pk5PIhApS9+noX0t/T
FfsePPIk782YA1W32/iBC62mCEY9IftZB67FwpsnwsiXpPBcI3+KU4Q6mISDmCpd
NNTr1/Qx8XpaImo=
-----END CERTIFICATE-----
Generated at Fri Jun 12 11:06:24 2026 by rpki-client