Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/0gkjksOno670ocIFMbRjSDKIvKQ.roa
File: 0gkjksOno670ocIFMbRjSDKIvKQ.roa (raw, json)
Hash identifier: 7fdQyOsucl3w/CcG9UB31TgK1ZGG4pW/88lMHFnh6NI=
Subject key identifier: D2:09:23:92:C3:A7:A3:AE:F4:A1:C2:05:31:B4:63:48:32:88:BC:A4
Certificate issuer: /CN=77eda8f726a69b504de994943b0a5f2308c2a96b
Certificate serial: 019CDBE1BF84076B7950814FAF6492048940
Authority key identifier: 77:ED:A8:F7:26:A6:9B:50:4D:E9:94:94:3B:0A:5F:23:08:C2:A9:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d-2o9yamm1BN6ZSUOwpfIwjCqWs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/0gkjksOno670ocIFMbRjSDKIvKQ.roa
Signing time: Wed 11 Mar 2026 07:52:10 +0000
ROA not before: Wed 11 Mar 2026 07:52:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 20765
IP address blocks: 139.3.0.0/16 maxlen: 16
185.84.216.0/22 maxlen: 24
185.84.216.0/24 maxlen: 24
185.84.219.0/24 maxlen: 24
193.8.213.0/24 maxlen: 24
193.56.217.0/24 maxlen: 24
193.56.218.0/24 maxlen: 24
193.56.219.0/24 maxlen: 24
193.96.96.0/21 maxlen: 24
193.187.12.0/22 maxlen: 22
193.187.16.0/20 maxlen: 20
193.187.32.0/21 maxlen: 21
193.187.40.0/22 maxlen: 22
194.45.0.0/22 maxlen: 22
194.45.6.0/23 maxlen: 23
194.115.4.0/24 maxlen: 24
2a05:a880:8000::/40 maxlen: 40
2a05:a880:de10::/48 maxlen: 48
2a05:a880:de52::/48 maxlen: 48
2a05:a880:de56::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/d-2o9yamm1BN6ZSUOwpfIwjCqWs.crl
rsync://rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/d-2o9yamm1BN6ZSUOwpfIwjCqWs.mft
rsync://rpki.ripe.net/repository/DEFAULT/d-2o9yamm1BN6ZSUOwpfIwjCqWs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 22:01:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:db:e1:bf:84:07:6b:79:50:81:4f:af:64:92:04:89:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77eda8f726a69b504de994943b0a5f2308c2a96b
Validity
Not Before: Mar 11 07:52:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d2092392c3a7a3aef4a1c20531b463483288bca4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:62:c6:f5:54:58:b5:0a:42:03:a2:38:5b:79:
eb:ba:99:4d:2a:90:96:be:a2:a1:7a:da:c7:bf:65:
a5:0a:ba:65:db:dc:75:55:07:df:71:57:11:8a:7c:
86:28:ec:f0:61:8e:34:b8:6c:5a:ac:92:b8:0e:11:
f5:27:83:cc:e3:25:72:3b:3c:bc:16:cd:60:86:d2:
b4:31:dc:e2:da:74:88:ad:4a:85:dd:a5:40:f2:3b:
5d:c4:ea:be:1f:45:c4:9a:49:82:b6:cd:4b:d9:c1:
25:2a:18:94:3d:96:10:45:14:9d:2a:9d:49:d1:83:
2a:be:9d:86:94:fc:42:de:9d:f3:eb:74:cf:16:54:
00:17:14:df:19:01:73:a8:b2:48:8d:49:a4:ea:e4:
7c:1e:0c:c4:a0:c5:6a:4a:60:7b:c3:7e:c7:c1:1b:
93:9e:d0:54:c6:71:12:63:b2:95:7a:60:4c:1a:e5:
f3:ac:27:08:e9:bb:4a:c3:9e:42:b0:fa:54:49:c0:
d6:29:8d:c9:3b:82:fa:a7:82:15:c3:a0:b8:5f:29:
84:61:9e:25:36:01:13:60:52:eb:99:9c:8e:a6:14:
07:32:74:fd:a7:7c:c8:fc:b0:4d:4a:1b:b0:d2:b2:
b6:4c:d1:f6:20:b9:9f:08:2c:c0:65:5f:0d:91:7f:
35:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:09:23:92:C3:A7:A3:AE:F4:A1:C2:05:31:B4:63:48:32:88:BC:A4
X509v3 Authority Key Identifier:
keyid:77:ED:A8:F7:26:A6:9B:50:4D:E9:94:94:3B:0A:5F:23:08:C2:A9:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d-2o9yamm1BN6ZSUOwpfIwjCqWs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/0gkjksOno670ocIFMbRjSDKIvKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/d-2o9yamm1BN6ZSUOwpfIwjCqWs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.3.0.0/16
185.84.216.0/22
193.8.213.0/24
193.56.217.0-193.56.219.255
193.96.96.0/21
193.187.12.0-193.187.43.255
194.45.0.0/22
194.45.6.0/23
194.115.4.0/24
IPv6:
2a05:a880:8000::/40
2a05:a880:de10::/48
2a05:a880:de52::/48
2a05:a880:de56::/48
Signature Algorithm: sha256WithRSAEncryption
a4:17:ed:dc:77:c5:08:ac:b8:25:0f:03:2f:e4:c5:97:d0:43:
14:7b:4e:75:d0:bd:91:8b:aa:34:73:4e:48:41:09:20:52:50:
fb:03:ac:09:5b:3b:da:87:00:b1:b4:c3:8c:7c:b6:6d:8e:c7:
3b:da:8e:50:e3:86:5a:6a:ee:4d:76:30:49:44:58:0f:82:fc:
bb:e7:36:3a:22:11:59:a2:87:56:59:4a:bd:4b:cd:01:ff:f9:
ed:f2:07:95:98:a8:8a:59:e8:e9:c8:9c:51:db:bf:7a:c8:d5:
f3:48:7d:61:7d:b1:d7:44:30:6c:30:37:2e:1b:b0:16:1c:48:
4e:f8:1a:b0:11:d6:4e:3f:39:24:f7:46:60:a0:f9:6e:9e:68:
b3:8b:a5:c4:ec:97:c8:73:90:7e:ca:ae:30:52:9d:6a:95:3b:
0f:85:09:7b:0d:84:3b:b2:e3:40:e2:47:7a:87:c1:51:e7:32:
11:03:2a:0d:0e:e6:d0:66:f3:29:88:cf:22:b3:6e:f4:23:7e:
72:cb:a4:ee:18:39:f2:6a:ed:06:94:40:af:86:c1:38:7e:b7:
54:f9:78:15:b0:ce:5c:a6:84:fb:c3:1e:5e:b0:1b:df:62:91:
6b:77:d4:a1:15:f8:7a:d9:69:51:9f:67:ce:d2:67:3f:bf:84:
2b:43:b5:f1
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAZzb4b+EB2t5UIFPr2SSBIlAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZWRhOGY3MjZhNjliNTA0ZGU5OTQ5NDNiMGE1ZjIzMDhj
MmE5NmIwHhcNMjYwMzExMDc1MjEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjA5MjM5MmMzYTdhM2FlZjRhMWMyMDUzMWI0NjM0ODMyODhiY2E0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmLG9VRYtQpCA6I4W3nruplNKpCW
vqKhetrHv2WlCrpl29x1VQffcVcRinyGKOzwYY40uGxarJK4DhH1J4PM4yVyOzy8
Fs1ghtK0Mdzi2nSIrUqF3aVA8jtdxOq+H0XEmkmCts1L2cElKhiUPZYQRRSdKp1J
0YMqvp2GlPxC3p3z63TPFlQAFxTfGQFzqLJIjUmk6uR8HgzEoMVqSmB7w37HwRuT
ntBUxnESY7KVemBMGuXzrCcI6btKw55CsPpUScDWKY3JO4L6p4IVw6C4XymEYZ4l
NgETYFLrmZyOphQHMnT9p3zI/LBNShuw0rK2TNH2ILmfCCzAZV8NkX81CQIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFNIJI5LDp6Ou9KHCBTG0Y0gyiLykMB8GA1UdIwQY
MBaAFHftqPcmpptQTemUlDsKXyMIwqlrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZC0ybzl5YW1tMUJONlpTVU93cGZJd2pDcVdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi83Mjc2ZjMtYzg4ZS00ODE5LTllNTkt
NjA4NGNmYzZlNGM0LzEvMGdramtzT25vNjcwb2NJRk1iUmpTREtJdktRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi83Mjc2ZjMtYzg4ZS00ODE5LTllNTktNjA4NGNmYzZlNGM0
LzEvZC0ybzl5YW1tMUJONlpTVU93cGZJd2pDcVdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwSwQCAAEwRQMDAIsDAwQC
uVTYAwQAwQjVMAwDBADBONkDBALBONgDBAPBYGAwDAMEAsG7DAMEAsG7KAMEAsIt
AAMEAcItBgMEAMJzBDApBAIAAjAjAwYAKgWogIADBwAqBaiA3hADBwAqBaiA3lID
BwAqBaiA3lYwDQYJKoZIhvcNAQELBQADggEBAKQX7dx3xQisuCUPAy/kxZfQQxR7
TnXQvZGLqjRzTkhBCSBSUPsDrAlbO9qHALG0w4x8tm2OxzvajlDjhlpq7k12MElE
WA+C/LvnNjoiEVmih1ZZSr1LzQH/+e3yB5WYqIpZ6OnInFHbv3rI1fNIfWF9sddE
MGwwNy4bsBYcSE74GrAR1k4/OST3RmCg+W6eaLOLpcTsl8hzkH7KrjBSnWqVOw+F
CXsNhDuy40DiR3qHwVHnMhEDKg0O5tBm8ymIzyKzbvQjfnLLpO4YOfJq7QaUQK+G
wTh+t1T5eBWwzlymhPvDHl6wG99ikWt31KEV+HrZaVGfZ87SZz+/hCtDtfE=
-----END CERTIFICATE-----
Generated at Thu Mar 26 08:17:51 2026 by rpki-client