Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/481786-77fd-4316-96ce-822b842c3c0e/1/CpV5ifZcjPyGOZZo5Kthc-0aYIE.roa
File: CpV5ifZcjPyGOZZo5Kthc-0aYIE.roa (raw, json)
Hash identifier: lgb25S95umOL8YFj63EWLcLTY42lwBMqoGZsvrLzBnU=
Subject key identifier: 0A:95:79:89:F6:5C:8C:FC:86:39:96:68:E4:AB:61:73:ED:1A:60:81
Certificate issuer: /CN=e22277fdf65828ef40b58ce101946595507f1330
Certificate serial: 019CAFA97F70B6CCC1025065977F29DB25E5
Authority key identifier: E2:22:77:FD:F6:58:28:EF:40:B5:8C:E1:01:94:65:95:50:7F:13:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4iJ3_fZYKO9AtYzhAZRllVB_EzA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/481786-77fd-4316-96ce-822b842c3c0e/1/CpV5ifZcjPyGOZZo5Kthc-0aYIE.roa
Signing time: Mon 02 Mar 2026 17:47:26 +0000
ROA not before: Mon 02 Mar 2026 17:47:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 200083
IP address blocks: 62.182.16.0/21 maxlen: 23
62.182.16.0/23 maxlen: 23
62.182.18.0/23 maxlen: 23
62.182.20.0/23 maxlen: 23
62.182.22.0/23 maxlen: 23
185.41.8.0/22 maxlen: 23
185.41.8.0/23 maxlen: 23
185.41.10.0/23 maxlen: 23
2a04:84c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/481786-77fd-4316-96ce-822b842c3c0e/1/4iJ3_fZYKO9AtYzhAZRllVB_EzA.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/481786-77fd-4316-96ce-822b842c3c0e/1/4iJ3_fZYKO9AtYzhAZRllVB_EzA.mft
rsync://rpki.ripe.net/repository/DEFAULT/4iJ3_fZYKO9AtYzhAZRllVB_EzA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 16:32:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:af:a9:7f:70:b6:cc:c1:02:50:65:97:7f:29:db:25:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e22277fdf65828ef40b58ce101946595507f1330
Validity
Not Before: Mar 2 17:47:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0a957989f65c8cfc86399668e4ab6173ed1a6081
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:7f:95:46:68:4d:d5:5c:21:5c:f1:6f:eb:d1:
3d:17:0b:36:56:6f:05:25:2e:d0:a7:e7:97:fe:e8:
f2:54:27:34:7e:d8:12:cd:54:56:09:99:e1:c1:01:
76:21:24:5d:95:10:66:b2:f2:36:8e:a5:ed:9d:b1:
b4:cd:e6:12:f7:fc:b1:55:9f:ae:fc:51:f8:d7:6a:
96:66:69:4c:64:03:df:e5:76:7e:2b:7a:fb:7a:56:
a8:62:d7:0d:db:5b:a4:12:61:1c:87:70:93:21:b7:
15:a0:82:d7:21:da:09:96:cd:58:dc:eb:b9:1f:e2:
cd:a9:70:93:43:11:c6:01:85:2e:7e:31:0a:90:83:
50:64:fd:c5:91:5d:af:cc:b5:d5:d3:34:7f:bf:28:
aa:cc:cd:8c:fa:97:5e:9a:0f:d6:56:71:49:07:ef:
81:d2:87:ad:42:9d:75:3a:55:de:1c:ee:bc:2c:79:
50:1b:1b:cd:2b:5e:4e:37:5c:ad:36:01:1e:7e:61:
c9:de:b8:8f:ed:2e:1e:24:1b:f9:77:e5:48:7f:62:
bc:ea:f0:7f:61:5f:a0:6c:00:81:67:f7:0a:3c:5e:
26:05:7f:0c:20:b2:83:57:21:4d:5b:96:df:85:6e:
e4:50:62:a4:26:2b:0f:00:c6:65:e0:48:37:b7:31:
5b:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:95:79:89:F6:5C:8C:FC:86:39:96:68:E4:AB:61:73:ED:1A:60:81
X509v3 Authority Key Identifier:
keyid:E2:22:77:FD:F6:58:28:EF:40:B5:8C:E1:01:94:65:95:50:7F:13:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4iJ3_fZYKO9AtYzhAZRllVB_EzA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/481786-77fd-4316-96ce-822b842c3c0e/1/CpV5ifZcjPyGOZZo5Kthc-0aYIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/481786-77fd-4316-96ce-822b842c3c0e/1/4iJ3_fZYKO9AtYzhAZRllVB_EzA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.182.16.0/21
185.41.8.0/22
IPv6:
2a04:84c0::/32
Signature Algorithm: sha256WithRSAEncryption
39:96:dd:41:b7:f8:7a:4f:88:79:f8:8b:d9:bc:88:9e:32:c0:
10:1c:3f:9d:7f:69:38:65:54:c0:2a:91:8a:94:69:2d:ad:75:
3a:0e:76:64:1b:f6:54:d2:f7:80:0c:9b:2c:c2:9a:e2:77:89:
41:60:ba:ee:a2:9c:37:c8:14:7f:ef:c4:18:44:2f:78:69:54:
b9:f6:03:3b:05:7c:a1:b8:6e:15:ce:ee:ad:b2:f3:a3:72:ff:
25:3c:0c:9d:f4:0f:34:97:17:96:8b:14:49:d5:5d:95:e4:54:
78:82:ab:19:cf:70:86:e4:78:b0:41:99:2f:5e:b3:f0:cc:7f:
74:ff:21:33:77:7c:06:8d:87:f5:12:d9:69:11:29:c0:85:c7:
ea:7a:46:60:0a:f8:00:a6:81:39:22:24:e3:46:1c:7d:fc:7f:
dd:2d:ef:3b:d6:7d:f1:30:69:d1:72:35:8c:d6:5f:f7:28:87:
0a:67:70:28:ac:aa:df:05:08:7d:fe:b2:d4:4c:36:1b:c9:bc:
bd:8d:da:54:53:3d:cd:97:ce:dd:15:43:16:9a:b9:18:60:49:
1d:4a:07:a5:c3:0d:d7:40:2d:e9:92:c3:c6:f4:6c:d6:5f:04:
a4:4f:7d:83:4c:52:04:ab:bc:c2:5d:ff:79:ef:f3:79:06:0e:
3d:99:bd:10
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZyvqX9wtszBAlBll38p2yXlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyMjI3N2ZkZjY1ODI4ZWY0MGI1OGNlMTAxOTQ2NTk1NTA3
ZjEzMzAwHhcNMjYwMzAyMTc0NzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTk1Nzk4OWY2NWM4Y2ZjODYzOTk2NjhlNGFiNjE3M2VkMWE2MDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArn+VRmhN1VwhXPFv69E9Fws2Vm8F
JS7Qp+eX/ujyVCc0ftgSzVRWCZnhwQF2ISRdlRBmsvI2jqXtnbG0zeYS9/yxVZ+u
/FH412qWZmlMZAPf5XZ+K3r7elaoYtcN21ukEmEch3CTIbcVoILXIdoJls1Y3Ou5
H+LNqXCTQxHGAYUufjEKkINQZP3FkV2vzLXV0zR/vyiqzM2M+pdemg/WVnFJB++B
0oetQp11OlXeHO68LHlQGxvNK15ON1ytNgEefmHJ3riP7S4eJBv5d+VIf2K86vB/
YV+gbACBZ/cKPF4mBX8MILKDVyFNW5bfhW7kUGKkJisPAMZl4Eg3tzFbEQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAqVeYn2XIz8hjmWaOSrYXPtGmCBMB8GA1UdIwQY
MBaAFOIid/32WCjvQLWM4QGUZZVQfxMwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGlKM19mWllLTzlBdFl6aEFaUmxsVkJfRXpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy80ODE3ODYtNzdmZC00MzE2LTk2Y2Ut
ODIyYjg0MmMzYzBlLzEvQ3BWNWlmWmNqUHlHT1pabzVLdGhjLTBhWUlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy80ODE3ODYtNzdmZC00MzE2LTk2Y2UtODIyYjg0MmMzYzBl
LzEvNGlKM19mWllLTzlBdFl6aEFaUmxsVkJfRXpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDPrYQAwQC
uSkIMA0EAgACMAcDBQAqBITAMA0GCSqGSIb3DQEBCwUAA4IBAQA5lt1Bt/h6T4h5
+IvZvIieMsAQHD+df2k4ZVTAKpGKlGktrXU6DnZkG/ZU0veADJsswprid4lBYLru
opw3yBR/78QYRC94aVS59gM7BXyhuG4Vzu6tsvOjcv8lPAyd9A80lxeWixRJ1V2V
5FR4gqsZz3CG5HiwQZkvXrPwzH90/yEzd3wGjYf1EtlpESnAhcfqekZgCvgApoE5
IiTjRhx9/H/dLe871n3xMGnRcjWM1l/3KIcKZ3AorKrfBQh9/rLUTDYbyby9jdpU
Uz3Nl87dFUMWmrkYYEkdSgelww3XQC3pksPG9GzWXwSkT32DTFIEq7zCXf957/N5
Bg49mb0Q
-----END CERTIFICATE-----
Generated at Thu Mar 26 20:56:41 2026 by rpki-client