Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/25d540-4f5b-4a5b-88ec-624584d1fd96/1/pGugAdUz5p-YAsFMIka9-wuebXc.roa
File: pGugAdUz5p-YAsFMIka9-wuebXc.roa (raw, json)
Hash identifier: YdqhZ0Mq4ECgTaBnJBwjKT9BiKBYB9QUoZqYUPVe6yI=
Subject key identifier: A4:6B:A0:01:D5:33:E6:9F:98:02:C1:4C:22:46:BD:FB:0B:9E:6D:77
Certificate issuer: /CN=ababd67e3e108c19f34fc00c76c6005993233512
Certificate serial: 019D09CF3CA7F7A4176A441F2C61811FD9E3
Authority key identifier: AB:AB:D6:7E:3E:10:8C:19:F3:4F:C0:0C:76:C6:00:59:93:23:35:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q6vWfj4QjBnzT8AMdsYAWZMjNRI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/25d540-4f5b-4a5b-88ec-624584d1fd96/1/pGugAdUz5p-YAsFMIka9-wuebXc.roa
Signing time: Fri 20 Mar 2026 05:54:29 +0000
ROA not before: Fri 20 Mar 2026 05:54:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212316
IP address blocks: 107.6.126.0/23 maxlen: 24
107.6.126.0/24 maxlen: 24
107.6.127.0/24 maxlen: 24
2a05:dc80::/29 maxlen: 48
2a05:dc80::/48 maxlen: 48
2a05:dc81::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/25d540-4f5b-4a5b-88ec-624584d1fd96/1/q6vWfj4QjBnzT8AMdsYAWZMjNRI.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/25d540-4f5b-4a5b-88ec-624584d1fd96/1/q6vWfj4QjBnzT8AMdsYAWZMjNRI.mft
rsync://rpki.ripe.net/repository/DEFAULT/q6vWfj4QjBnzT8AMdsYAWZMjNRI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 04:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:09:cf:3c:a7:f7:a4:17:6a:44:1f:2c:61:81:1f:d9:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ababd67e3e108c19f34fc00c76c6005993233512
Validity
Not Before: Mar 20 05:54:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a46ba001d533e69f9802c14c2246bdfb0b9e6d77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:c9:8b:84:5d:c4:3e:23:37:34:7f:44:cc:ce:
8f:d6:59:bc:38:47:c1:07:1f:3f:9d:b0:a8:5d:f4:
5c:03:03:4c:36:67:2a:49:38:e3:45:da:01:2a:8c:
70:4d:f2:41:41:cf:6e:79:bb:52:cb:52:ab:d8:49:
5f:40:44:0a:b9:e2:0c:e4:f8:e0:fa:55:e0:82:bd:
ec:87:0c:9b:66:f0:23:d4:02:2f:d4:3b:e7:f0:ec:
8a:ed:86:b0:72:2a:59:d4:dd:db:69:fc:cf:10:4d:
52:d0:a5:1a:18:1b:7a:cf:9a:f4:c1:4d:83:3f:ad:
b1:98:e7:38:65:3b:27:43:62:06:90:db:57:65:b5:
0d:57:c1:88:95:1a:be:55:58:0a:7f:da:bb:b3:fd:
a6:cf:f4:26:15:45:a5:e9:e4:9f:69:be:99:93:c6:
61:3b:30:9f:3f:c4:ad:fe:ae:db:e5:39:c5:12:44:
5a:42:4b:a8:92:f6:a4:96:7d:fd:5f:63:50:c6:78:
6c:13:2f:c5:e7:ad:be:7f:ce:0a:e3:0d:88:c6:e1:
a3:dd:97:35:1e:6a:8e:74:88:fd:bb:39:f9:38:70:
10:32:94:d9:47:a8:b8:2e:e8:c6:4e:39:68:a2:ac:
8b:fb:8e:a1:93:af:87:70:81:60:3c:f2:48:ba:e1:
75:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:6B:A0:01:D5:33:E6:9F:98:02:C1:4C:22:46:BD:FB:0B:9E:6D:77
X509v3 Authority Key Identifier:
keyid:AB:AB:D6:7E:3E:10:8C:19:F3:4F:C0:0C:76:C6:00:59:93:23:35:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q6vWfj4QjBnzT8AMdsYAWZMjNRI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/25d540-4f5b-4a5b-88ec-624584d1fd96/1/pGugAdUz5p-YAsFMIka9-wuebXc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/25d540-4f5b-4a5b-88ec-624584d1fd96/1/q6vWfj4QjBnzT8AMdsYAWZMjNRI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
107.6.126.0/23
IPv6:
2a05:dc80::/29
Signature Algorithm: sha256WithRSAEncryption
50:ef:b0:29:7e:8b:7e:ee:23:ce:a0:24:db:dd:00:15:60:af:
f1:9a:4d:14:92:7f:42:6c:98:f3:eb:0e:bf:1a:90:b5:e1:d0:
ff:a9:01:21:b5:b7:8b:5f:59:a0:2e:c0:c9:d7:bf:16:88:9a:
f1:31:ba:87:5f:e6:5b:fd:5d:6c:9f:39:2c:75:5f:27:d0:4d:
25:bf:5b:28:fe:1b:f2:e2:08:32:24:57:1f:34:cc:c3:79:54:
bc:dc:5d:f3:ae:08:8d:8b:2b:6d:ab:ed:85:fd:66:a3:d4:1f:
51:f8:37:a2:3b:7a:52:39:88:33:a1:5a:cc:7a:66:d5:ed:fc:
21:da:df:38:7e:cb:65:70:12:d1:b6:b6:c8:20:b8:b9:27:77:
18:fe:c7:96:10:37:7f:a1:ca:32:f2:f3:65:95:2d:bd:a0:92:
40:a3:06:d2:33:6e:d2:17:e2:d4:de:34:04:a7:f2:d6:98:65:
f7:66:f7:e8:23:25:ed:89:21:99:cb:5e:3d:e3:fe:d3:cd:c5:
42:cf:d2:1e:ee:f0:e3:81:1d:c3:d4:92:7f:0b:48:a4:d2:3f:
d1:31:ff:a3:52:5a:f5:f2:8a:04:15:ca:08:80:36:a6:50:34:
bf:a6:c2:fb:5f:61:66:e5:24:64:25:e1:d9:02:38:e8:93:7c:
87:cd:27:3d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZ0Jzzyn96QXakQfLGGBH9njMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYWJkNjdlM2UxMDhjMTlmMzRmYzAwYzc2YzYwMDU5OTMy
MzM1MTIwHhcNMjYwMzIwMDU1NDI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDZiYTAwMWQ1MzNlNjlmOTgwMmMxNGMyMjQ2YmRmYjBiOWU2ZDc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApsmLhF3EPiM3NH9EzM6P1lm8OEfB
Bx8/nbCoXfRcAwNMNmcqSTjjRdoBKoxwTfJBQc9uebtSy1Kr2ElfQEQKueIM5Pjg
+lXggr3shwybZvAj1AIv1Dvn8OyK7YawcipZ1N3bafzPEE1S0KUaGBt6z5r0wU2D
P62xmOc4ZTsnQ2IGkNtXZbUNV8GIlRq+VVgKf9q7s/2mz/QmFUWl6eSfab6Zk8Zh
OzCfP8St/q7b5TnFEkRaQkuokvakln39X2NQxnhsEy/F562+f84K4w2IxuGj3Zc1
HmqOdIj9uzn5OHAQMpTZR6i4LujGTjlooqyL+46hk6+HcIFgPPJIuuF1uwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKRroAHVM+afmALBTCJGvfsLnm13MB8GA1UdIwQY
MBaAFKur1n4+EIwZ80/ADHbGAFmTIzUSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTZ2V2ZqNFFqQm56VDhBTWRzWUFXWk1qTlJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC8yNWQ1NDAtNGY1Yi00YTViLTg4ZWMt
NjI0NTg0ZDFmZDk2LzEvcEd1Z0FkVXo1cC1ZQXNGTUlrYTktd3VlYlhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC8yNWQ1NDAtNGY1Yi00YTViLTg4ZWMtNjI0NTg0ZDFmZDk2
LzEvcTZ2V2ZqNFFqQm56VDhBTWRzWUFXWk1qTlJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBawZ+MA0E
AgACMAcDBQMqBdyAMA0GCSqGSIb3DQEBCwUAA4IBAQBQ77Apfot+7iPOoCTb3QAV
YK/xmk0Ukn9CbJjz6w6/GpC14dD/qQEhtbeLX1mgLsDJ178WiJrxMbqHX+Zb/V1s
nzksdV8n0E0lv1so/hvy4ggyJFcfNMzDeVS83F3zrgiNiyttq+2F/Waj1B9R+Dei
O3pSOYgzoVrMembV7fwh2t84fstlcBLRtrbIILi5J3cY/seWEDd/ocoy8vNllS29
oJJAowbSM27SF+LU3jQEp/LWmGX3ZvfoIyXtiSGZy1494/7TzcVCz9Ie7vDjgR3D
1JJ/C0ik0j/RMf+jUlr18ooEFcoIgDamUDS/psL7X2Fm5SRkJeHZAjjok3yHzSc9
-----END CERTIFICATE-----
Generated at Sat Mar 28 12:19:27 2026 by rpki-client