Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/961aca-f425-4887-af4a-cfa061030346/1/bo9Ko4HgF0NGY0x7JNh4-GVgDJo.roa
File: bo9Ko4HgF0NGY0x7JNh4-GVgDJo.roa (raw, json)
Hash identifier: tUVeOTBTPwteXhY4vj03N/tGfiCI5pAsvZ6bGoHFfww=
Subject key identifier: 6E:8F:4A:A3:81:E0:17:43:46:63:4C:7B:24:D8:78:F8:65:60:0C:9A
Certificate issuer: /CN=a3be74d7d6b37644c01bed55e0db31464b9860c6
Certificate serial: 019D1AFD1F20237D313FFBFC98917E37037D
Authority key identifier: A3:BE:74:D7:D6:B3:76:44:C0:1B:ED:55:E0:DB:31:46:4B:98:60:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o75019azdkTAG-1V4NsxRkuYYMY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/961aca-f425-4887-af4a-cfa061030346/1/bo9Ko4HgF0NGY0x7JNh4-GVgDJo.roa
Signing time: Mon 23 Mar 2026 13:58:09 +0000
ROA not before: Mon 23 Mar 2026 13:58:09 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 204731
IP address blocks: 185.241.224.0/22 maxlen: 22
185.241.224.0/23 maxlen: 23
185.241.226.0/23 maxlen: 23
2a0c:b381::/32 maxlen: 32
2a0c:b381:500::/40 maxlen: 40
2a0c:b381:700::/40 maxlen: 40
2a0c:b381:800::/40 maxlen: 40
2a0c:b381:900::/40 maxlen: 40
2a0c:b381:a00::/40 maxlen: 40
2a0c:b381:b00::/40 maxlen: 40
2a0c:b381:d00::/40 maxlen: 40
2a0c:b381:e00::/40 maxlen: 40
2a0c:b381:f00::/40 maxlen: 40
2a0c:b381:1000::/40 maxlen: 40
2a0c:b381:1100::/40 maxlen: 40
2a0c:b381:1200::/40 maxlen: 40
2a0c:b381:1300::/40 maxlen: 40
2a0c:b381:1400::/40 maxlen: 40
2a0c:b381:1500::/40 maxlen: 40
2a0c:b381:1600::/40 maxlen: 40
2a0c:b381:1700::/40 maxlen: 40
2a0c:b381:1800::/40 maxlen: 40
2a0c:b381:1900::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/961aca-f425-4887-af4a-cfa061030346/1/o75019azdkTAG-1V4NsxRkuYYMY.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/961aca-f425-4887-af4a-cfa061030346/1/o75019azdkTAG-1V4NsxRkuYYMY.mft
rsync://rpki.ripe.net/repository/DEFAULT/o75019azdkTAG-1V4NsxRkuYYMY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 13:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:1a:fd:1f:20:23:7d:31:3f:fb:fc:98:91:7e:37:03:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3be74d7d6b37644c01bed55e0db31464b9860c6
Validity
Not Before: Mar 23 13:58:09 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6e8f4aa381e0174346634c7b24d878f865600c9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:92:86:0d:5b:0c:2d:14:21:b2:f4:85:12:6f:
ea:da:0e:1b:04:70:b6:8c:8d:48:54:00:36:13:a2:
d4:47:08:64:8c:a8:e0:4f:9b:de:f4:bf:86:f9:7b:
02:95:56:73:db:b6:72:f3:0f:5c:6b:59:26:d1:2b:
c0:67:7a:12:ee:c8:75:a5:a6:36:d0:05:3a:73:3e:
65:50:e2:ff:2f:d0:11:b8:81:dd:0e:f5:a4:af:ae:
cb:3a:eb:b5:1f:65:2f:ac:8c:0d:97:02:1a:ac:c0:
38:e8:32:26:06:8b:fc:06:f9:b4:f6:93:51:ba:de:
fe:e6:f3:7b:35:7d:79:8f:f6:e2:07:4b:4d:6c:6b:
4a:45:d5:eb:70:76:e3:46:cd:01:40:74:f6:d7:43:
17:eb:23:56:16:1b:af:52:e6:d1:b9:85:f7:c0:c8:
57:17:8e:17:59:9e:e8:2a:e3:36:a0:b8:3a:de:89:
5f:01:a6:17:e0:94:72:1d:c0:f8:3d:63:71:51:ae:
cc:ba:74:07:ef:71:a9:94:95:b0:56:c0:77:cc:6b:
48:d4:d8:ba:11:37:30:47:62:2d:08:0f:6d:78:61:
9d:9b:7b:05:88:1a:ed:b5:4d:1f:d4:45:93:e3:26:
d9:c6:87:17:4d:6b:19:75:d3:e8:db:c3:9f:d2:4f:
aa:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:8F:4A:A3:81:E0:17:43:46:63:4C:7B:24:D8:78:F8:65:60:0C:9A
X509v3 Authority Key Identifier:
keyid:A3:BE:74:D7:D6:B3:76:44:C0:1B:ED:55:E0:DB:31:46:4B:98:60:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o75019azdkTAG-1V4NsxRkuYYMY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/961aca-f425-4887-af4a-cfa061030346/1/bo9Ko4HgF0NGY0x7JNh4-GVgDJo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/961aca-f425-4887-af4a-cfa061030346/1/o75019azdkTAG-1V4NsxRkuYYMY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.241.224.0/22
IPv6:
2a0c:b381::/32
Signature Algorithm: sha256WithRSAEncryption
c2:93:c5:00:d2:13:81:97:1c:74:6a:c8:2e:04:89:da:7f:fe:
32:1f:3a:7d:f9:72:4f:f8:64:5c:67:5a:b2:0c:ee:2d:22:e9:
3d:54:dd:e5:31:9b:8f:28:bd:34:31:16:55:74:5a:71:33:6e:
62:d3:c8:44:ac:df:2f:a0:05:8e:c9:89:1e:4a:a6:ba:2e:83:
70:dc:db:44:f9:d1:ee:ce:0c:38:35:54:85:8b:7c:dd:47:ab:
e4:a3:b0:a6:09:37:0d:78:27:3b:1b:fd:6c:90:0f:21:1d:a0:
05:cd:2c:f1:cd:03:f1:69:8c:93:17:04:6a:41:0c:5d:c3:9e:
85:e3:3e:2b:cd:22:4e:d6:cb:f9:c0:3f:86:4e:0d:8b:8d:21:
ec:81:52:31:9f:35:47:f8:ce:f1:e5:67:f6:05:28:15:49:b5:
8d:c6:e8:2e:ea:54:0b:67:f5:c3:9c:5f:45:01:1b:d3:94:12:
39:63:b3:9b:ab:43:0e:d4:08:e6:74:a9:8a:91:ea:12:e0:11:
d8:d9:fc:0a:18:84:85:9c:1f:b3:ab:e8:3d:bc:60:25:27:5b:
bf:01:20:9b:1a:a3:bd:8a:d4:6d:83:68:72:ba:d9:8b:e5:c9:
51:8d:3d:f4:bb:de:a8:0a:37:2e:f3:93:31:84:89:2c:7e:b8:
77:d6:8a:37
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZ0a/R8gI30xP/v8mJF+NwN9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzYmU3NGQ3ZDZiMzc2NDRjMDFiZWQ1NWUwZGIzMTQ2NGI5
ODYwYzYwHhcNMjYwMzIzMTM1ODA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZThmNGFhMzgxZTAxNzQzNDY2MzRjN2IyNGQ4NzhmODY1NjAwYzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ZKGDVsMLRQhsvSFEm/q2g4bBHC2
jI1IVAA2E6LURwhkjKjgT5ve9L+G+XsClVZz27Zy8w9ca1km0SvAZ3oS7sh1paY2
0AU6cz5lUOL/L9ARuIHdDvWkr67LOuu1H2UvrIwNlwIarMA46DImBov8Bvm09pNR
ut7+5vN7NX15j/biB0tNbGtKRdXrcHbjRs0BQHT210MX6yNWFhuvUubRuYX3wMhX
F44XWZ7oKuM2oLg63olfAaYX4JRyHcD4PWNxUa7MunQH73GplJWwVsB3zGtI1Ni6
ETcwR2ItCA9teGGdm3sFiBrttU0f1EWT4ybZxocXTWsZddPo28Of0k+qlwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFG6PSqOB4BdDRmNMeyTYePhlYAyaMB8GA1UdIwQY
MBaAFKO+dNfWs3ZEwBvtVeDbMUZLmGDGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzc1MDE5YXpka1RBRy0xVjROc3hSa3VZWU1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi85NjFhY2EtZjQyNS00ODg3LWFmNGEt
Y2ZhMDYxMDMwMzQ2LzEvYm85S280SGdGME5HWTB4N0pOaDQtR1ZnREpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi85NjFhY2EtZjQyNS00ODg3LWFmNGEtY2ZhMDYxMDMwMzQ2
LzEvbzc1MDE5YXpka1RBRy0xVjROc3hSa3VZWU1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCufHgMA0E
AgACMAcDBQAqDLOBMA0GCSqGSIb3DQEBCwUAA4IBAQDCk8UA0hOBlxx0asguBIna
f/4yHzp9+XJP+GRcZ1qyDO4tIuk9VN3lMZuPKL00MRZVdFpxM25i08hErN8voAWO
yYkeSqa6LoNw3NtE+dHuzgw4NVSFi3zdR6vko7CmCTcNeCc7G/1skA8hHaAFzSzx
zQPxaYyTFwRqQQxdw56F4z4rzSJO1sv5wD+GTg2LjSHsgVIxnzVH+M7x5Wf2BSgV
SbWNxugu6lQLZ/XDnF9FARvTlBI5Y7Obq0MO1AjmdKmKkeoS4BHY2fwKGISFnB+z
q+g9vGAlJ1u/ASCbGqO9itRtg2hyutmL5clRjT30u96oCjcu85MxhIksfrh31oo3
-----END CERTIFICATE-----
Generated at Thu Mar 26 20:19:35 2026 by rpki-client