Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/dgjOJkYm4NlEFuZKaTram-N8Vb8.roa
File: dgjOJkYm4NlEFuZKaTram-N8Vb8.roa (raw, json)
Hash identifier: wElcUk2Te+VUa7w+wZq9RrDpV/vAw/zGNdVK9LHKC0Y=
Subject key identifier: 76:08:CE:26:46:26:E0:D9:44:16:E6:4A:69:3A:DA:9B:E3:7C:55:BF
Certificate issuer: /CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Certificate serial: 019D067CB6D3752364C748B74B3527371F6E
Authority key identifier: 7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/dgjOJkYm4NlEFuZKaTram-N8Vb8.roa
Signing time: Thu 19 Mar 2026 14:25:29 +0000
ROA not before: Thu 19 Mar 2026 14:25:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 198154
IP address blocks: 87.236.38.0/24 maxlen: 24
195.190.144.0/24 maxlen: 24
2a05:9080::/48 maxlen: 48
2a05:9080:4::/48 maxlen: 48
2a05:9080:7::/48 maxlen: 48
2a05:9080:10::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.mft
rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Mar 2026 23:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:06:7c:b6:d3:75:23:64:c7:48:b7:4b:35:27:37:1f:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Validity
Not Before: Mar 19 14:25:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7608ce264626e0d94416e64a693ada9be37c55bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:e0:6a:c2:29:fd:62:2e:df:01:cf:7b:c5:0f:
eb:9c:7a:7d:dc:ab:4a:db:65:4a:a9:51:de:90:77:
2c:91:96:bc:ea:23:83:4b:7b:41:48:08:8b:86:23:
83:dc:a2:37:2c:91:39:22:bd:ae:6a:4f:1b:d1:40:
1d:55:38:22:11:f0:85:44:20:0e:3f:0c:02:4f:af:
3a:3f:5c:2c:16:42:0c:e7:47:c9:32:41:ff:ea:f6:
39:bb:f7:ce:1e:42:f8:70:4e:4f:05:91:bf:81:4c:
95:df:65:b4:58:f2:98:df:c5:73:7b:58:c4:a8:5a:
5b:00:c7:54:99:8e:36:6a:ad:0e:09:8d:48:83:87:
12:bd:8e:e4:af:0b:87:6f:70:7b:12:0d:b5:35:45:
4e:be:13:fe:6d:5e:46:20:43:16:2b:41:8c:c1:4e:
7a:4e:9a:7f:f1:66:cf:33:33:1e:07:4f:39:0c:33:
c9:80:b1:c7:22:98:4b:58:67:0d:dd:8b:67:a8:74:
c7:94:d3:83:f7:42:73:3c:76:39:04:cb:ff:c7:33:
dc:f4:53:63:5d:87:b2:7e:26:01:aa:47:99:3e:bd:
03:50:67:16:5f:2f:20:73:c4:40:5e:be:26:75:1e:
cf:03:81:41:64:07:fe:ec:c6:e5:76:b6:8a:67:47:
7c:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:08:CE:26:46:26:E0:D9:44:16:E6:4A:69:3A:DA:9B:E3:7C:55:BF
X509v3 Authority Key Identifier:
keyid:7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/dgjOJkYm4NlEFuZKaTram-N8Vb8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.236.38.0/24
195.190.144.0/24
IPv6:
2a05:9080::/48
2a05:9080:4::/48
2a05:9080:7::/48
2a05:9080:10::/48
Signature Algorithm: sha256WithRSAEncryption
8b:0d:56:8e:27:ee:40:8f:c7:eb:59:f1:58:4f:e6:60:ec:91:
15:ef:93:9c:00:4c:92:25:50:e6:6b:16:7a:14:90:c1:20:b5:
1a:bf:3e:e4:2e:09:72:7e:a7:d6:8a:ec:d1:44:12:63:2f:78:
48:fd:ee:27:bd:fe:7d:ac:c3:8f:75:32:23:87:ab:a5:8a:6d:
7a:42:65:ef:e6:61:fe:b6:de:63:8c:67:00:45:11:70:9b:5a:
3f:9c:c9:9c:dd:3a:10:e3:86:ee:c8:33:42:ab:1d:4b:22:28:
60:40:57:91:5c:d6:4d:a9:e7:b5:2e:b8:0b:47:55:56:91:c1:
c4:86:ae:4b:37:fa:9e:d4:a5:46:f3:ac:31:e5:47:27:85:2e:
a2:ab:65:57:23:6c:4b:4c:ee:10:e8:65:ae:d4:bb:ac:8a:32:
a8:2c:75:f1:64:77:9b:bb:92:90:f6:53:17:69:0d:80:31:52:
02:fb:b1:bb:1b:61:a6:55:c9:c1:fe:fa:65:55:24:f2:0a:c2:
3f:54:31:d5:b7:ad:79:30:7c:87:2e:3f:42:17:fc:9e:21:f5:
40:df:71:5f:33:87:0d:21:fa:2e:cb:ab:2c:85:7f:9c:5b:39:
af:67:69:ec:10:bf:a5:3f:72:c0:13:1c:6e:fa:2a:9a:5f:f6:
5e:68:5b:f3
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZ0GfLbTdSNkx0i3SzUnNx9uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2QwMjJhMjQwY2U3MWUwYTZlMWU5YWFlMDExMmRhODQw
Y2MzNGIwHhcNMjYwMzE5MTQyNTI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjA4Y2UyNjQ2MjZlMGQ5NDQxNmU2NGE2OTNhZGE5YmUzN2M1NWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3eBqwin9Yi7fAc97xQ/rnHp93KtK
22VKqVHekHcskZa86iODS3tBSAiLhiOD3KI3LJE5Ir2uak8b0UAdVTgiEfCFRCAO
PwwCT686P1wsFkIM50fJMkH/6vY5u/fOHkL4cE5PBZG/gUyV32W0WPKY38Vze1jE
qFpbAMdUmY42aq0OCY1Ig4cSvY7krwuHb3B7Eg21NUVOvhP+bV5GIEMWK0GMwU56
Tpp/8WbPMzMeB085DDPJgLHHIphLWGcN3YtnqHTHlNOD90JzPHY5BMv/xzPc9FNj
XYeyfiYBqkeZPr0DUGcWXy8gc8RAXr4mdR7PA4FBZAf+7MbldraKZ0d8MQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFHYIziZGJuDZRBbmSmk62pvjfFW/MB8GA1UdIwQY
MBaAFHw9AiokDOceCm4emq4BEtqEDMNLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYt
MDk0ODk4OWU2ZDU1LzEvZGdqT0prWW00TmxFRnVaS2FUcmFtLU44VmI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYtMDk0ODk4OWU2ZDU1
LzEvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDASBAIAATAMAwQAV+wmAwQA
w76QMCoEAgACMCQDBwAqBZCAAAADBwAqBZCAAAQDBwAqBZCAAAcDBwAqBZCAABAw
DQYJKoZIhvcNAQELBQADggEBAIsNVo4n7kCPx+tZ8VhP5mDskRXvk5wATJIlUOZr
FnoUkMEgtRq/PuQuCXJ+p9aK7NFEEmMveEj97ie9/n2sw491MiOHq6WKbXpCZe/m
Yf623mOMZwBFEXCbWj+cyZzdOhDjhu7IM0KrHUsiKGBAV5Fc1k2p57UuuAtHVVaR
wcSGrks3+p7UpUbzrDHlRyeFLqKrZVcjbEtM7hDoZa7Uu6yKMqgsdfFkd5u7kpD2
UxdpDYAxUgL7sbsbYaZVycH++mVVJPIKwj9UMdW3rXkwfIcuP0IX/J4h9UDfcV8z
hw0h+i7LqyyFf5xbOa9naewQv6U/csATHG76Kppf9l5oW/M=
-----END CERTIFICATE-----
Generated at Sun Mar 22 06:35:38 2026 by rpki-client