Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/0895d2-b778-46c4-a691-f1237f4c5cf6/1/_6ixJuOyBdDWsrg7PfndJ2TSGK0.roa
File: _6ixJuOyBdDWsrg7PfndJ2TSGK0.roa (raw, json)
Hash identifier: F0rHZIZZ2rx/QrDQPKEtB+najpsBYGjbpBhGiX4HEZU=
Subject key identifier: FF:A8:B1:26:E3:B2:05:D0:D6:B2:B8:3B:3D:F9:DD:27:64:D2:18:AD
Certificate issuer: /CN=0837c99b2a4c062d5c20678f9dcf3207aefd5e78
Certificate serial: 019CB70DE54EF871A1A916959FFCEA9AD2B4
Authority key identifier: 08:37:C9:9B:2A:4C:06:2D:5C:20:67:8F:9D:CF:32:07:AE:FD:5E:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CDfJmypMBi1cIGePnc8yB679Xng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/0895d2-b778-46c4-a691-f1237f4c5cf6/1/_6ixJuOyBdDWsrg7PfndJ2TSGK0.roa
Signing time: Wed 04 Mar 2026 04:14:26 +0000
ROA not before: Wed 04 Mar 2026 04:14:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 138997
IP address blocks: 64.118.128.0/19 maxlen: 24
216.195.192.0/19 maxlen: 24
216.236.0.0/18 maxlen: 24
2a01:4240::/30 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/0895d2-b778-46c4-a691-f1237f4c5cf6/1/CDfJmypMBi1cIGePnc8yB679Xng.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/0895d2-b778-46c4-a691-f1237f4c5cf6/1/CDfJmypMBi1cIGePnc8yB679Xng.mft
rsync://rpki.ripe.net/repository/DEFAULT/CDfJmypMBi1cIGePnc8yB679Xng.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Mar 2026 04:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:b7:0d:e5:4e:f8:71:a1:a9:16:95:9f:fc:ea:9a:d2:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0837c99b2a4c062d5c20678f9dcf3207aefd5e78
Validity
Not Before: Mar 4 04:14:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ffa8b126e3b205d0d6b2b83b3df9dd2764d218ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:54:41:02:4d:94:43:2f:d9:ef:4a:a6:6f:45:
2f:c7:bf:1a:44:58:cc:23:a9:00:ee:a2:a1:3e:b1:
80:a6:61:e1:85:78:f7:d0:08:8f:a8:c4:4b:4a:da:
6b:a4:40:59:ff:a3:2e:90:9c:c8:a0:e4:28:c3:b6:
ea:29:f2:bc:8b:d9:ed:5f:cd:82:28:91:dc:8b:b0:
04:52:54:78:06:ae:15:14:3e:79:05:6d:2f:ba:ea:
93:43:44:bf:fc:fd:f0:42:71:7f:da:f4:78:92:2a:
40:54:4f:64:cf:c6:53:2d:42:17:a0:92:83:ba:f1:
97:63:9d:ab:16:be:0c:06:11:1d:d2:40:40:7b:33:
a6:55:56:f6:8a:a6:88:de:ee:ff:31:01:b2:83:e2:
fd:80:88:60:bd:74:18:96:24:b1:71:52:da:54:6e:
99:7d:a1:02:7b:cd:d3:bf:12:7a:57:4e:0e:4f:dd:
8f:33:fc:bf:8f:a5:d9:aa:5e:ab:15:71:c0:7e:d3:
3a:ae:5e:53:59:df:fd:47:1c:ba:06:19:83:8f:4c:
6e:0d:9e:0b:27:29:62:07:cb:2a:da:e6:c0:fe:a6:
5a:6a:a5:22:3c:f2:6e:4f:73:07:33:e8:1b:f7:a6:
de:8c:fb:c5:07:16:dd:31:29:31:6a:6d:b7:f8:13:
18:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:A8:B1:26:E3:B2:05:D0:D6:B2:B8:3B:3D:F9:DD:27:64:D2:18:AD
X509v3 Authority Key Identifier:
keyid:08:37:C9:9B:2A:4C:06:2D:5C:20:67:8F:9D:CF:32:07:AE:FD:5E:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CDfJmypMBi1cIGePnc8yB679Xng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/0895d2-b778-46c4-a691-f1237f4c5cf6/1/_6ixJuOyBdDWsrg7PfndJ2TSGK0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/0895d2-b778-46c4-a691-f1237f4c5cf6/1/CDfJmypMBi1cIGePnc8yB679Xng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.118.128.0/19
216.195.192.0/19
216.236.0.0/18
IPv6:
2a01:4240::/30
Signature Algorithm: sha256WithRSAEncryption
5e:51:7a:ab:06:82:14:5f:33:69:4b:a7:c3:a0:f8:db:c0:83:
c0:f1:49:74:c1:05:2e:f7:6f:05:f0:33:b1:e9:83:e6:90:e2:
6b:9c:71:f9:21:73:ea:f1:f3:7e:41:c3:de:81:86:7c:4b:31:
13:68:6f:bd:39:60:74:b5:c7:87:ad:92:1b:c0:ca:66:ca:00:
92:f9:3a:28:f1:c5:ef:55:1c:e8:9d:62:dd:1f:1f:31:15:f3:
cb:b4:34:30:3b:04:34:db:68:cc:97:db:e3:07:e9:97:27:f6:
92:d4:8a:81:81:21:21:3b:06:76:58:e7:df:87:19:ed:a8:87:
9d:de:f9:fe:ba:24:0e:a0:38:4b:74:40:35:71:46:da:87:5e:
6e:3c:22:8f:00:68:16:e3:92:ee:9d:55:90:31:93:47:ad:f3:
af:83:96:d8:13:65:0b:e6:b0:55:b6:60:35:a9:2d:2b:a4:75:
07:ae:60:dc:50:a8:f4:2b:61:bd:d3:a3:0b:e6:9c:cd:5d:97:
e9:f9:93:95:22:04:3c:7b:25:28:8e:2a:dd:cb:7c:68:e2:9d:
68:d2:dc:3c:f7:65:d6:43:57:14:8d:c1:b5:72:6b:4d:84:c2:
1f:55:e6:b2:d4:19:dc:6a:ae:7e:10:c8:f2:0c:f7:0a:88:72:
d6:80:eb:2a
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZy3DeVO+HGhqRaVn/zqmtK0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MzdjOTliMmE0YzA2MmQ1YzIwNjc4ZjlkY2YzMjA3YWVm
ZDVlNzgwHhcNMjYwMzA0MDQxNDI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmE4YjEyNmUzYjIwNWQwZDZiMmI4M2IzZGY5ZGQyNzY0ZDIxOGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp1RBAk2UQy/Z70qmb0Uvx78aRFjM
I6kA7qKhPrGApmHhhXj30AiPqMRLStprpEBZ/6MukJzIoOQow7bqKfK8i9ntX82C
KJHci7AEUlR4Bq4VFD55BW0vuuqTQ0S//P3wQnF/2vR4kipAVE9kz8ZTLUIXoJKD
uvGXY52rFr4MBhEd0kBAezOmVVb2iqaI3u7/MQGyg+L9gIhgvXQYliSxcVLaVG6Z
faECe83TvxJ6V04OT92PM/y/j6XZql6rFXHAftM6rl5TWd/9Rxy6BhmDj0xuDZ4L
JyliB8sq2ubA/qZaaqUiPPJuT3MHM+gb96bejPvFBxbdMSkxam23+BMYwQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFP+osSbjsgXQ1rK4Oz353Sdk0hitMB8GA1UdIwQY
MBaAFAg3yZsqTAYtXCBnj53PMgeu/V54MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0RmSm15cE1CaTFjSUdlUG5jOHlCNjc5WG5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8wODk1ZDItYjc3OC00NmM0LWE2OTEt
ZjEyMzdmNGM1Y2Y2LzEvXzZpeEp1T3lCZERXc3JnN1BmbmRKMlRTR0swLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8wODk1ZDItYjc3OC00NmM0LWE2OTEtZjEyMzdmNGM1Y2Y2
LzEvQ0RmSm15cE1CaTFjSUdlUG5jOHlCNjc5WG5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQFQHaAAwQF
2MPAAwQG2OwAMA0EAgACMAcDBQIqAUJAMA0GCSqGSIb3DQEBCwUAA4IBAQBeUXqr
BoIUXzNpS6fDoPjbwIPA8Ul0wQUu928F8DOx6YPmkOJrnHH5IXPq8fN+QcPegYZ8
SzETaG+9OWB0tceHrZIbwMpmygCS+Too8cXvVRzonWLdHx8xFfPLtDQwOwQ022jM
l9vjB+mXJ/aS1IqBgSEhOwZ2WOffhxntqIed3vn+uiQOoDhLdEA1cUbah15uPCKP
AGgW45LunVWQMZNHrfOvg5bYE2UL5rBVtmA1qS0rpHUHrmDcUKj0K2G906ML5pzN
XZfp+ZOVIgQ8eyUojirdy3xo4p1o0tw892XWQ1cUjcG1cmtNhMIfVeay1Bncaq5+
EMjyDPcKiHLWgOsq
-----END CERTIFICATE-----
Generated at Sat Mar 7 08:06:10 2026 by rpki-client