Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/59cf71-9dce-4d54-aca7-c06d0360e114/1/k-VO8ggs_LH1_UGXAjJl2qu3xAk.roa
File: k-VO8ggs_LH1_UGXAjJl2qu3xAk.roa (raw, json)
Hash identifier: jtFttJWKX2PthCP7kr0cHeX5j6ZBysryPnwLyQmABY0=
Subject key identifier: 93:E5:4E:F2:08:2C:FC:B1:F5:FD:41:97:02:32:65:DA:AB:B7:C4:09
Certificate issuer: /CN=232b703089e3800d9ed29124731ecba4e9ab454f
Certificate serial: 019B76EB7B7D2AC4BBA94524F9308E62260D
Authority key identifier: 23:2B:70:30:89:E3:80:0D:9E:D2:91:24:73:1E:CB:A4:E9:AB:45:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IytwMInjgA2e0pEkcx7LpOmrRU8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/59cf71-9dce-4d54-aca7-c06d0360e114/1/k-VO8ggs_LH1_UGXAjJl2qu3xAk.roa
Signing time: Thu 01 Jan 2026 00:18:22 +0000
ROA not before: Thu 01 Jan 2026 00:18:22 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 206890
IP address blocks: 185.172.240.0/22 maxlen: 22
2a0d:4140::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/59cf71-9dce-4d54-aca7-c06d0360e114/1/IytwMInjgA2e0pEkcx7LpOmrRU8.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/59cf71-9dce-4d54-aca7-c06d0360e114/1/IytwMInjgA2e0pEkcx7LpOmrRU8.mft
rsync://rpki.ripe.net/repository/DEFAULT/IytwMInjgA2e0pEkcx7LpOmrRU8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:76:eb:7b:7d:2a:c4:bb:a9:45:24:f9:30:8e:62:26:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=232b703089e3800d9ed29124731ecba4e9ab454f
Validity
Not Before: Jan 1 00:18:22 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=93e54ef2082cfcb1f5fd4197023265daabb7c409
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:44:73:45:fd:61:d3:0c:ee:f5:ac:11:0c:30:
b5:0c:f6:59:6f:4a:5a:52:d6:3b:75:d6:4b:a3:e8:
ee:1d:2a:6f:96:7a:35:9a:2c:01:bd:44:e4:2a:bc:
81:1f:8c:f9:e9:15:8c:ce:ca:e4:fe:0f:f6:5c:1f:
d0:c3:9c:9c:06:01:6d:a2:a4:77:74:f2:37:22:34:
df:f3:05:9a:54:6b:1b:5e:b7:de:c5:ec:c3:f5:97:
05:1d:8b:20:0a:00:99:a3:25:88:a2:0f:d9:37:5f:
0a:72:9b:c0:c9:21:a7:1f:f1:d0:f1:41:50:4b:f8:
fa:65:94:0a:77:5c:5e:78:01:30:f4:2c:d3:56:ee:
41:97:9a:7a:5c:1a:7a:3e:61:e0:01:6f:57:af:f7:
df:12:db:54:c8:4b:9e:98:67:ff:0d:7f:b8:f5:3d:
fd:8c:59:59:d2:29:8e:aa:2a:55:b4:63:97:25:9f:
77:70:32:01:34:96:95:d9:64:68:c7:a8:2b:5c:7d:
f0:1a:4d:c5:89:e0:be:7c:22:3c:c8:03:ed:af:c7:
ac:91:e8:d8:d3:37:b0:67:92:05:7d:42:ba:7e:00:
36:cb:b8:94:76:b7:26:79:e7:fd:67:1d:21:72:8a:
74:11:e2:89:a9:3f:0b:e5:86:42:4a:7f:10:29:6f:
f8:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:E5:4E:F2:08:2C:FC:B1:F5:FD:41:97:02:32:65:DA:AB:B7:C4:09
X509v3 Authority Key Identifier:
keyid:23:2B:70:30:89:E3:80:0D:9E:D2:91:24:73:1E:CB:A4:E9:AB:45:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IytwMInjgA2e0pEkcx7LpOmrRU8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/59cf71-9dce-4d54-aca7-c06d0360e114/1/k-VO8ggs_LH1_UGXAjJl2qu3xAk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/59cf71-9dce-4d54-aca7-c06d0360e114/1/IytwMInjgA2e0pEkcx7LpOmrRU8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.172.240.0/22
IPv6:
2a0d:4140::/29
Signature Algorithm: sha256WithRSAEncryption
85:13:cd:bf:3c:0c:15:e5:58:77:4a:34:be:04:c6:72:78:58:
30:c3:a1:24:65:0e:99:e8:30:88:15:46:2d:19:6a:66:9a:32:
78:f7:65:75:5b:7f:f0:bf:f1:6e:d1:70:3b:0d:94:9a:96:4a:
3e:fe:a6:96:d0:e9:b2:3b:f1:ef:ea:82:fd:4c:83:55:26:aa:
b0:46:07:c3:ce:70:f9:15:c9:ec:29:ba:6d:37:1c:65:ae:09:
85:c0:89:e1:67:3b:eb:67:8f:97:79:83:d0:87:fe:e2:d5:51:
d6:12:32:41:60:ee:0c:d3:94:96:d0:d4:f0:17:c0:8e:59:31:
86:23:66:48:2b:2e:bf:01:80:03:aa:e1:b1:10:ee:7b:35:70:
f0:08:c5:aa:b6:f4:7a:c2:c4:ac:9b:22:fd:09:28:31:48:08:
3e:3f:71:ca:5e:84:34:ff:eb:2b:82:d0:f5:6c:85:67:6f:61:
a0:95:58:79:c3:59:72:05:92:26:9c:26:20:d8:9f:87:a1:a7:
2e:14:33:96:8e:0d:09:76:80:8d:a4:57:55:4e:6e:90:ae:d0:
e9:ad:e0:2f:6d:75:1c:ff:33:ad:20:9a:01:19:d3:b4:34:1b:
e8:ff:47:ae:90:0d:e9:e5:3a:72:7d:d1:52:ea:cd:5d:fc:c4:
b9:1e:30:9a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZt263t9KsS7qUUk+TCOYiYNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzMmI3MDMwODllMzgwMGQ5ZWQyOTEyNDczMWVjYmE0ZTlh
YjQ1NGYwHhcNMjYwMTAxMDAxODIyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2U1NGVmMjA4MmNmY2IxZjVmZDQxOTcwMjMyNjVkYWFiYjdjNDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwkRzRf1h0wzu9awRDDC1DPZZb0pa
UtY7ddZLo+juHSpvlno1miwBvUTkKryBH4z56RWMzsrk/g/2XB/Qw5ycBgFtoqR3
dPI3IjTf8wWaVGsbXrfexezD9ZcFHYsgCgCZoyWIog/ZN18KcpvAySGnH/HQ8UFQ
S/j6ZZQKd1xeeAEw9CzTVu5Bl5p6XBp6PmHgAW9Xr/ffEttUyEuemGf/DX+49T39
jFlZ0imOqipVtGOXJZ93cDIBNJaV2WRox6grXH3wGk3FieC+fCI8yAPtr8eskejY
0zewZ5IFfUK6fgA2y7iUdrcmeef9Zx0hcop0EeKJqT8L5YZCSn8QKW/4jwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJPlTvIILPyx9f1BlwIyZdqrt8QJMB8GA1UdIwQY
MBaAFCMrcDCJ44ANntKRJHMey6Tpq0VPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXl0d01JbmpnQTJlMHBFa2N4N0xwT21yUlU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC81OWNmNzEtOWRjZS00ZDU0LWFjYTct
YzA2ZDAzNjBlMTE0LzEvay1WTzhnZ3NfTEgxX1VHWEFqSmwycXUzeEFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC81OWNmNzEtOWRjZS00ZDU0LWFjYTctYzA2ZDAzNjBlMTE0
LzEvSXl0d01JbmpnQTJlMHBFa2N4N0xwT21yUlU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuazwMA0E
AgACMAcDBQMqDUFAMA0GCSqGSIb3DQEBCwUAA4IBAQCFE82/PAwV5Vh3SjS+BMZy
eFgww6EkZQ6Z6DCIFUYtGWpmmjJ492V1W3/wv/Fu0XA7DZSalko+/qaW0OmyO/Hv
6oL9TINVJqqwRgfDznD5FcnsKbptNxxlrgmFwInhZzvrZ4+XeYPQh/7i1VHWEjJB
YO4M05SW0NTwF8COWTGGI2ZIKy6/AYADquGxEO57NXDwCMWqtvR6wsSsmyL9CSgx
SAg+P3HKXoQ0/+srgtD1bIVnb2GglVh5w1lyBZImnCYg2J+HoacuFDOWjg0JdoCN
pFdVTm6QrtDpreAvbXUc/zOtIJoBGdO0NBvo/0eukA3p5TpyfdFS6s1d/MS5HjCa
-----END CERTIFICATE-----
Generated at Thu Mar 26 16:16:02 2026 by rpki-client