Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/O07Gs9HJGBohmqGgV1Fxi8Cjya8.roa
File: O07Gs9HJGBohmqGgV1Fxi8Cjya8.roa (raw, json)
Hash identifier: kUD7jvRRGDKgNARltP3yg1eJ0LsDhp1ki9c7vn6WIlQ=
Subject key identifier: 3B:4E:C6:B3:D1:C9:18:1A:21:9A:A1:A0:57:51:71:8B:C0:A3:C9:AF
Certificate issuer: /CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Certificate serial: 019D924DA687D90CC0E31F5D815F22144A98
Authority key identifier: 7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/O07Gs9HJGBohmqGgV1Fxi8Cjya8.roa
Signing time: Wed 15 Apr 2026 18:00:55 +0000
ROA not before: Wed 15 Apr 2026 18:00:55 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 210705
IP address blocks: 212.23.214.0/24 maxlen: 24
217.18.90.0/24 maxlen: 24
2a05:9080:3::/48 maxlen: 48
2a05:9080:11::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.mft
rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 11:21:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:92:4d:a6:87:d9:0c:c0:e3:1f:5d:81:5f:22:14:4a:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Validity
Not Before: Apr 15 18:00:55 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3b4ec6b3d1c9181a219aa1a05751718bc0a3c9af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:66:d6:93:bb:d2:17:6e:08:8b:64:dd:22:12:
ea:34:60:b2:c9:6a:c4:39:5e:94:19:2a:6a:37:f1:
0b:73:3e:81:bf:39:8b:b3:68:26:61:cb:4a:53:83:
c6:c1:d1:6b:45:57:29:2e:d2:1e:cf:af:3c:95:2c:
78:8e:e8:b5:20:8b:08:73:41:ac:ec:c7:c9:fc:3e:
9b:f1:8e:ef:b3:7a:1f:7f:76:44:3d:c2:89:0a:84:
34:5b:76:f7:40:38:51:a5:38:7b:98:d7:fa:8d:26:
66:42:77:0e:ef:64:24:fd:ff:5a:5a:bd:2b:b6:f5:
ec:c0:12:8d:72:a6:2c:74:9c:a1:ea:39:0a:1e:9f:
49:95:1f:64:cb:56:c9:a4:fe:70:21:5e:9d:30:96:
b0:ff:05:06:b3:57:8e:c8:45:d0:e8:43:84:5f:ab:
4e:17:6f:73:22:ff:23:45:95:02:1d:1f:3c:87:93:
9a:21:c7:3d:d5:0c:0d:05:8f:d4:f6:23:84:0d:db:
de:a5:d8:6a:6c:ea:b6:c3:c4:55:44:32:84:2f:a8:
5c:b2:22:a4:15:12:d1:f5:c0:31:f7:57:fc:44:3d:
3c:f4:ec:80:c0:53:62:eb:19:cf:8c:a3:db:30:0f:
72:4e:49:e3:c6:9a:26:58:e8:ee:e0:41:53:d5:ef:
ed:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:4E:C6:B3:D1:C9:18:1A:21:9A:A1:A0:57:51:71:8B:C0:A3:C9:AF
X509v3 Authority Key Identifier:
keyid:7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/O07Gs9HJGBohmqGgV1Fxi8Cjya8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.23.214.0/24
217.18.90.0/24
IPv6:
2a05:9080:3::/48
2a05:9080:11::/48
Signature Algorithm: sha256WithRSAEncryption
04:35:d2:98:29:4c:d6:cf:9e:c2:26:36:be:c7:28:38:6d:b1:
f0:1e:9f:95:86:d1:94:0c:ff:98:e5:3e:1b:06:d1:b1:59:28:
4e:7a:06:3d:20:66:61:c5:3a:d6:0d:27:38:78:b3:ab:8b:ce:
ef:a8:08:bd:a3:ac:51:ef:e2:80:e2:8e:f4:e1:64:5d:5d:db:
ac:93:4d:ae:56:3d:f1:64:89:78:2c:b3:a8:10:62:d3:71:e1:
85:b9:87:01:59:c7:ba:e0:25:be:49:d2:39:8a:36:d7:28:22:
46:fa:ad:a9:d2:2d:33:88:72:1b:a0:19:3e:d3:a5:7e:72:74:
4d:f1:54:13:a3:fa:5d:c7:57:19:bb:13:24:aa:8f:0b:6e:58:
9b:ff:bc:b7:a4:5f:08:a8:83:08:39:07:c5:50:9b:ba:b2:69:
45:aa:c2:79:7d:9a:05:a9:ef:82:15:5f:57:4d:36:1a:9a:93:
25:51:6f:ac:d2:b5:92:13:e0:15:db:fb:da:3b:48:10:67:4c:
14:ed:2b:ea:51:f1:f1:e7:64:51:73:51:95:f2:ba:40:3b:9e:
cf:8b:bb:4d:43:69:d0:6e:69:2b:44:88:9d:46:fa:93:06:d1:
2f:1b:ad:08:04:cc:25:e2:3a:2e:7c:f1:9a:4c:41:13:59:cd:
f2:ff:ac:52
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZ2STaaH2QzA4x9dgV8iFEqYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2QwMjJhMjQwY2U3MWUwYTZlMWU5YWFlMDExMmRhODQw
Y2MzNGIwHhcNMjYwNDE1MTgwMDU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjRlYzZiM2QxYzkxODFhMjE5YWExYTA1NzUxNzE4YmMwYTNjOWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2GbWk7vSF24Ii2TdIhLqNGCyyWrE
OV6UGSpqN/ELcz6BvzmLs2gmYctKU4PGwdFrRVcpLtIez688lSx4jui1IIsIc0Gs
7MfJ/D6b8Y7vs3off3ZEPcKJCoQ0W3b3QDhRpTh7mNf6jSZmQncO72Qk/f9aWr0r
tvXswBKNcqYsdJyh6jkKHp9JlR9ky1bJpP5wIV6dMJaw/wUGs1eOyEXQ6EOEX6tO
F29zIv8jRZUCHR88h5OaIcc91QwNBY/U9iOEDdvepdhqbOq2w8RVRDKEL6hcsiKk
FRLR9cAx91f8RD089OyAwFNi6xnPjKPbMA9yTknjxpomWOju4EFT1e/tywIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFDtOxrPRyRgaIZqhoFdRcYvAo8mvMB8GA1UdIwQY
MBaAFHw9AiokDOceCm4emq4BEtqEDMNLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYt
MDk0ODk4OWU2ZDU1LzEvTzA3R3M5SEpHQm9obXFHZ1YxRnhpOENqeWE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYtMDk0ODk4OWU2ZDU1
LzEvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQA1BfWAwQA
2RJaMBgEAgACMBIDBwAqBZCAAAMDBwAqBZCAABEwDQYJKoZIhvcNAQELBQADggEB
AAQ10pgpTNbPnsImNr7HKDhtsfAen5WG0ZQM/5jlPhsG0bFZKE56Bj0gZmHFOtYN
Jzh4s6uLzu+oCL2jrFHv4oDijvThZF1d26yTTa5WPfFkiXgss6gQYtNx4YW5hwFZ
x7rgJb5J0jmKNtcoIkb6ranSLTOIchugGT7TpX5ydE3xVBOj+l3HVxm7EySqjwtu
WJv/vLekXwiogwg5B8VQm7qyaUWqwnl9mgWp74IVX1dNNhqakyVRb6zStZIT4BXb
+9o7SBBnTBTtK+pR8fHnZFFzUZXyukA7ns+Lu01DadBuaStEiJ1G+pMG0S8brQgE
zCXiOi588ZpMQRNZzfL/rFI=
-----END CERTIFICATE-----
Generated at Thu Apr 16 21:50:05 2026 by rpki-client