Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/0f12f2-8a2b-4346-b6b6-2b78b19b5a87/1/Bdg271exhyz0CYhhKf6M3589gNE.roa
File: Bdg271exhyz0CYhhKf6M3589gNE.roa (raw, json)
Hash identifier: ZrdLyfslw3wS4iBvsrm0qGwScbCJHNT3/0sq90OCkrs=
Subject key identifier: 05:D8:36:EF:57:B1:87:2C:F4:09:88:61:29:FE:8C:DF:9F:3D:80:D1
Certificate issuer: /CN=1a4dc22595fc1f588fbc4dde07c1c394998f33a7
Certificate serial: 019D20631A319BB5C938555B33306DF14AF4
Authority key identifier: 1A:4D:C2:25:95:FC:1F:58:8F:BC:4D:DE:07:C1:C3:94:99:8F:33:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gk3CJZX8H1iPvE3eB8HDlJmPM6c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/0f12f2-8a2b-4346-b6b6-2b78b19b5a87/1/Bdg271exhyz0CYhhKf6M3589gNE.roa
Signing time: Tue 24 Mar 2026 15:07:38 +0000
ROA not before: Tue 24 Mar 2026 15:07:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 34984
IP address blocks: 131.222.192.0/24 maxlen: 24
131.222.193.0/24 maxlen: 24
131.222.194.0/24 maxlen: 24
131.222.195.0/24 maxlen: 24
131.222.196.0/24 maxlen: 24
131.222.197.0/24 maxlen: 24
131.222.198.0/24 maxlen: 24
131.222.199.0/24 maxlen: 24
131.222.200.0/24 maxlen: 24
131.222.201.0/24 maxlen: 24
131.222.202.0/24 maxlen: 24
131.222.203.0/24 maxlen: 24
131.222.204.0/24 maxlen: 24
131.222.205.0/24 maxlen: 24
131.222.206.0/24 maxlen: 24
131.222.207.0/24 maxlen: 24
131.222.208.0/24 maxlen: 24
131.222.209.0/24 maxlen: 24
131.222.210.0/24 maxlen: 24
131.222.211.0/24 maxlen: 24
131.222.212.0/24 maxlen: 24
131.222.213.0/24 maxlen: 24
131.222.214.0/24 maxlen: 24
131.222.215.0/24 maxlen: 24
131.222.220.0/24 maxlen: 24
131.222.221.0/24 maxlen: 24
131.222.222.0/24 maxlen: 24
131.222.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/0f12f2-8a2b-4346-b6b6-2b78b19b5a87/1/Gk3CJZX8H1iPvE3eB8HDlJmPM6c.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/0f12f2-8a2b-4346-b6b6-2b78b19b5a87/1/Gk3CJZX8H1iPvE3eB8HDlJmPM6c.mft
rsync://rpki.ripe.net/repository/DEFAULT/Gk3CJZX8H1iPvE3eB8HDlJmPM6c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:20:63:1a:31:9b:b5:c9:38:55:5b:33:30:6d:f1:4a:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a4dc22595fc1f588fbc4dde07c1c394998f33a7
Validity
Not Before: Mar 24 15:07:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=05d836ef57b1872cf409886129fe8cdf9f3d80d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:71:d1:b7:d2:d9:7d:83:f0:9b:3f:b5:0b:15:
1d:a7:e3:47:74:62:bb:58:df:f7:64:e4:6e:6b:42:
f4:a3:b9:b7:31:cf:95:85:15:76:8b:35:90:fc:6e:
de:5d:53:4c:61:26:d1:4a:0e:79:f0:97:b6:69:05:
b5:50:d4:a8:25:21:66:d6:88:10:d7:7c:2f:ed:f1:
22:2d:10:7a:d8:68:99:b1:53:79:c2:21:25:fd:40:
0c:1d:2a:ed:68:5f:be:e9:73:e7:52:2d:5f:7c:2e:
ab:60:9b:c3:52:84:91:67:8e:54:73:48:10:8f:ca:
bc:db:ed:85:ae:2f:aa:e6:d9:40:6a:d7:43:f0:be:
8f:76:ac:12:5a:ba:77:b4:d0:66:63:e5:10:d2:69:
04:25:d8:dc:27:00:ca:a8:ad:3c:64:9f:b4:60:e7:
30:ba:ef:e3:4f:48:a5:6c:85:fa:46:4c:cf:6f:98:
df:cf:45:44:0a:84:14:2c:8c:ab:0e:22:df:88:30:
64:e3:02:db:c3:52:a0:4d:87:89:75:b5:18:fd:ae:
44:ae:a1:04:f1:90:c4:9a:3b:5b:52:bc:6a:00:52:
80:79:02:6c:37:32:e5:2b:d1:11:0c:71:f1:e3:1f:
f4:a6:ef:be:87:83:33:8e:be:c3:e5:d2:b5:54:ea:
f7:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:D8:36:EF:57:B1:87:2C:F4:09:88:61:29:FE:8C:DF:9F:3D:80:D1
X509v3 Authority Key Identifier:
keyid:1A:4D:C2:25:95:FC:1F:58:8F:BC:4D:DE:07:C1:C3:94:99:8F:33:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gk3CJZX8H1iPvE3eB8HDlJmPM6c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/0f12f2-8a2b-4346-b6b6-2b78b19b5a87/1/Bdg271exhyz0CYhhKf6M3589gNE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/0f12f2-8a2b-4346-b6b6-2b78b19b5a87/1/Gk3CJZX8H1iPvE3eB8HDlJmPM6c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
131.222.192.0-131.222.215.255
131.222.220.0/22
Signature Algorithm: sha256WithRSAEncryption
09:3e:74:56:23:0d:2e:76:f3:26:b7:4e:a4:85:ae:2a:f2:be:
f0:a5:29:5f:5f:bd:de:73:43:65:d2:1d:90:99:a8:52:9d:98:
07:75:4e:39:ef:9c:5c:34:36:55:01:a5:fa:57:71:41:e2:42:
4e:d1:95:fe:b3:a3:33:3f:09:ce:34:88:a7:86:88:25:db:94:
3f:79:14:64:bc:c3:da:3c:9d:0c:81:94:aa:47:6e:87:9c:9b:
15:7c:71:93:16:96:5b:60:a4:fe:8f:46:94:21:de:e6:9a:e0:
85:58:46:9a:8d:58:e0:26:ff:cb:bf:63:dd:dd:f5:4c:3b:a6:
df:97:2f:84:d8:01:aa:95:06:b4:90:64:c1:81:7d:e4:6c:8a:
7e:c1:20:4b:39:7a:c9:17:c4:f0:34:fe:87:83:56:9f:fd:dc:
c7:13:3e:a8:b2:14:47:91:66:fc:0f:78:d8:a5:1e:54:78:c3:
1b:44:9c:0e:00:80:a7:8a:da:ba:ec:73:68:64:ef:d9:87:b3:
d8:a2:d9:29:fd:c4:51:9a:9b:57:36:41:c8:55:43:03:77:a2:
38:59:ea:8b:a4:bf:7a:4b:78:f9:30:ae:cb:10:d7:3a:dc:28:
ec:89:b5:bf:28:79:ca:05:5f:65:ce:01:41:03:5d:b7:15:f8:
ef:4c:2a:94
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZ0gYxoxm7XJOFVbMzBt8Ur0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhNGRjMjI1OTVmYzFmNTg4ZmJjNGRkZTA3YzFjMzk0OTk4
ZjMzYTcwHhcNMjYwMzI0MTUwNzM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWQ4MzZlZjU3YjE4NzJjZjQwOTg4NjEyOWZlOGNkZjlmM2Q4MGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnHHRt9LZfYPwmz+1CxUdp+NHdGK7
WN/3ZORua0L0o7m3Mc+VhRV2izWQ/G7eXVNMYSbRSg558Je2aQW1UNSoJSFm1ogQ
13wv7fEiLRB62GiZsVN5wiEl/UAMHSrtaF++6XPnUi1ffC6rYJvDUoSRZ45Uc0gQ
j8q82+2Fri+q5tlAatdD8L6PdqwSWrp3tNBmY+UQ0mkEJdjcJwDKqK08ZJ+0YOcw
uu/jT0ilbIX6RkzPb5jfz0VECoQULIyrDiLfiDBk4wLbw1KgTYeJdbUY/a5ErqEE
8ZDEmjtbUrxqAFKAeQJsNzLlK9ERDHHx4x/0pu++h4Mzjr7D5dK1VOr3MwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFAXYNu9XsYcs9AmIYSn+jN+fPYDRMB8GA1UdIwQY
MBaAFBpNwiWV/B9Yj7xN3gfBw5SZjzOnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2szQ0paWDhIMWlQdkUzZUI4SERsSm1QTTZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8wZjEyZjItOGEyYi00MzQ2LWI2YjYt
MmI3OGIxOWI1YTg3LzEvQmRnMjcxZXhoeXowQ1loaEtmNk0zNTg5Z05FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8wZjEyZjItOGEyYi00MzQ2LWI2YjYtMmI3OGIxOWI1YTg3
LzEvR2szQ0paWDhIMWlQdkUzZUI4SERsSm1QTTZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAaD3sAD
BAOD3tADBAKD3twwDQYJKoZIhvcNAQELBQADggEBAAk+dFYjDS528ya3TqSFriry
vvClKV9fvd5zQ2XSHZCZqFKdmAd1TjnvnFw0NlUBpfpXcUHiQk7Rlf6zozM/Cc40
iKeGiCXblD95FGS8w9o8nQyBlKpHboecmxV8cZMWlltgpP6PRpQh3uaa4IVYRpqN
WOAm/8u/Y93d9Uw7pt+XL4TYAaqVBrSQZMGBfeRsin7BIEs5eskXxPA0/oeDVp/9
3McTPqiyFEeRZvwPeNilHlR4wxtEnA4AgKeK2rrsc2hk79mHs9ii2Sn9xFGam1c2
QchVQwN3ojhZ6oukv3pLePkwrssQ1zrcKOyJtb8oecoFX2XOAUEDXbcV+O9MKpQ=
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:49:54 2026 by rpki-client