Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/49cb09-683e-430d-bc7b-3cf1a82d20de/1/aIKtZGQTlVVpSIQ2xB365ii0-Kw.roa
File: aIKtZGQTlVVpSIQ2xB365ii0-Kw.roa (raw, json)
Hash identifier: m8BHvkfBcBguPzQ9nNGWSBwFbV1HakSsU6GmXM8bvfY=
Subject key identifier: 68:82:AD:64:64:13:95:55:69:48:84:36:C4:1D:FA:E6:28:B4:F8:AC
Certificate issuer: /CN=e743678746e79e91a4768c831738df823e13e8c2
Certificate serial: 019D030DCDFC08D73100D3E9AA0F304B4516
Authority key identifier: E7:43:67:87:46:E7:9E:91:A4:76:8C:83:17:38:DF:82:3E:13:E8:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/50Nnh0bnnpGkdoyDFzjfgj4T6MI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/49cb09-683e-430d-bc7b-3cf1a82d20de/1/aIKtZGQTlVVpSIQ2xB365ii0-Kw.roa
Signing time: Wed 18 Mar 2026 22:25:29 +0000
ROA not before: Wed 18 Mar 2026 22:25:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 16066
IP address blocks: 109.237.80.0/20 maxlen: 20
109.237.95.0/24 maxlen: 24
217.76.192.0/20 maxlen: 20
2a00:ec00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/49cb09-683e-430d-bc7b-3cf1a82d20de/1/50Nnh0bnnpGkdoyDFzjfgj4T6MI.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/49cb09-683e-430d-bc7b-3cf1a82d20de/1/50Nnh0bnnpGkdoyDFzjfgj4T6MI.mft
rsync://rpki.ripe.net/repository/DEFAULT/50Nnh0bnnpGkdoyDFzjfgj4T6MI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:03:0d:cd:fc:08:d7:31:00:d3:e9:aa:0f:30:4b:45:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e743678746e79e91a4768c831738df823e13e8c2
Validity
Not Before: Mar 18 22:25:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6882ad646413955569488436c41dfae628b4f8ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ab:90:8b:ab:50:bb:77:6d:8c:11:d9:c0:c4:
d8:a1:61:6c:4d:0d:bb:8e:96:86:05:18:55:8a:14:
91:6d:af:1f:df:58:3d:db:08:61:61:01:7d:a9:5f:
75:d9:d1:e6:85:06:92:40:79:e4:e1:b7:70:01:cb:
ba:e6:77:c1:ed:33:ca:37:2d:7a:6b:0f:a5:4f:46:
c5:c2:27:64:b2:71:29:b3:0c:cb:01:ef:3c:5a:ac:
18:60:b9:d5:ae:c3:77:aa:8a:ac:45:d0:a9:a1:59:
28:0c:28:96:68:06:0b:a2:16:e6:e0:42:e5:f9:ae:
dd:70:5d:7a:f8:28:ec:3e:f3:49:f3:7f:d6:e5:e5:
d1:70:2f:e2:9d:38:6b:2b:97:9d:8a:4f:04:17:13:
b5:e1:73:a8:6a:ec:3d:e6:42:69:e9:0e:f5:ee:0a:
92:d3:a9:ff:ad:49:71:e4:3e:18:46:6e:67:7e:c6:
ee:7b:4b:da:56:84:61:58:11:13:fa:92:80:75:06:
7b:70:bd:8a:f7:32:bf:77:73:8d:48:86:e3:be:94:
78:2d:f0:1a:e1:ce:9f:0c:cc:89:76:fb:88:33:36:
df:df:ef:c1:cb:12:b2:65:c8:7e:1f:b9:09:12:b6:
bc:62:31:99:17:2b:8f:4a:95:0a:c1:d5:cf:55:a2:
d5:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:82:AD:64:64:13:95:55:69:48:84:36:C4:1D:FA:E6:28:B4:F8:AC
X509v3 Authority Key Identifier:
keyid:E7:43:67:87:46:E7:9E:91:A4:76:8C:83:17:38:DF:82:3E:13:E8:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/50Nnh0bnnpGkdoyDFzjfgj4T6MI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/49cb09-683e-430d-bc7b-3cf1a82d20de/1/aIKtZGQTlVVpSIQ2xB365ii0-Kw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/49cb09-683e-430d-bc7b-3cf1a82d20de/1/50Nnh0bnnpGkdoyDFzjfgj4T6MI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.237.80.0/20
217.76.192.0/20
IPv6:
2a00:ec00::/32
Signature Algorithm: sha256WithRSAEncryption
7d:f5:14:5a:87:fb:2e:f4:c5:f0:6d:92:9e:bd:f8:ab:ea:3e:
ad:71:6a:f7:09:75:67:86:33:94:16:ea:b2:b4:d7:0d:0c:bf:
b7:8f:91:97:8f:6b:f8:38:04:2b:6f:f7:bd:39:dd:5f:65:2f:
b1:49:a9:6f:df:74:2b:b5:27:55:e2:ef:4f:f6:94:47:52:1f:
46:e6:06:f9:be:8f:ee:56:79:34:6d:55:0a:a6:68:2f:de:41:
79:3d:f3:30:a7:44:19:88:3f:1c:b8:14:4e:4b:b9:e4:da:ec:
74:74:a6:ca:a4:f5:19:ab:cf:43:6e:55:0c:ee:7b:0b:d9:76:
2f:9d:85:7e:b1:97:88:0a:b3:40:f3:04:9c:4b:de:f7:8c:6c:
ca:0e:f2:5d:cf:cb:36:69:2f:6e:ab:1f:59:df:4e:dd:05:95:
4b:e8:fc:6f:6f:c5:37:b2:35:89:26:f2:30:1a:d4:91:5e:10:
f2:bc:81:36:bc:93:3c:62:a9:1d:dc:65:b0:b6:7f:e8:2d:e9:
5f:51:6e:59:23:2c:98:1e:8b:7a:fa:32:40:a1:42:28:cb:38:
5f:d1:d5:50:cf:d6:dc:a8:25:c9:5c:bc:c4:66:81:20:ed:db:
38:e0:c8:b9:a8:e2:9c:d3:9c:af:d2:92:4e:29:64:89:20:8a:
29:b0:6c:79
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZ0DDc38CNcxANPpqg8wS0UWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NDM2Nzg3NDZlNzllOTFhNDc2OGM4MzE3MzhkZjgyM2Ux
M2U4YzIwHhcNMjYwMzE4MjIyNTI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODgyYWQ2NDY0MTM5NTU1Njk0ODg0MzZjNDFkZmFlNjI4YjRmOGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuquQi6tQu3dtjBHZwMTYoWFsTQ27
jpaGBRhVihSRba8f31g92whhYQF9qV912dHmhQaSQHnk4bdwAcu65nfB7TPKNy16
aw+lT0bFwidksnEpswzLAe88WqwYYLnVrsN3qoqsRdCpoVkoDCiWaAYLohbm4ELl
+a7dcF16+CjsPvNJ83/W5eXRcC/inThrK5edik8EFxO14XOoauw95kJp6Q717gqS
06n/rUlx5D4YRm5nfsbue0vaVoRhWBET+pKAdQZ7cL2K9zK/d3ONSIbjvpR4LfAa
4c6fDMyJdvuIMzbf3+/ByxKyZch+H7kJEra8YjGZFyuPSpUKwdXPVaLV2QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGiCrWRkE5VVaUiENsQd+uYotPisMB8GA1UdIwQY
MBaAFOdDZ4dG556RpHaMgxc434I+E+jCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTBObmgwYm5ucEdrZG95REZ6amZnajRUNk1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS80OWNiMDktNjgzZS00MzBkLWJjN2It
M2NmMWE4MmQyMGRlLzEvYUlLdFpHUVRsVlZwU0lRMnhCMzY1aWkwLUt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS80OWNiMDktNjgzZS00MzBkLWJjN2ItM2NmMWE4MmQyMGRl
LzEvNTBObmgwYm5ucEdrZG95REZ6amZnajRUNk1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEbe1QAwQE
2UzAMA0EAgACMAcDBQAqAOwAMA0GCSqGSIb3DQEBCwUAA4IBAQB99RRah/su9MXw
bZKevfir6j6tcWr3CXVnhjOUFuqytNcNDL+3j5GXj2v4OAQrb/e9Od1fZS+xSalv
33QrtSdV4u9P9pRHUh9G5gb5vo/uVnk0bVUKpmgv3kF5PfMwp0QZiD8cuBROS7nk
2ux0dKbKpPUZq89DblUM7nsL2XYvnYV+sZeICrNA8wScS973jGzKDvJdz8s2aS9u
qx9Z307dBZVL6Pxvb8U3sjWJJvIwGtSRXhDyvIE2vJM8Yqkd3GWwtn/oLelfUW5Z
IyyYHot6+jJAoUIoyzhf0dVQz9bcqCXJXLzEZoEg7ds44Mi5qOKc05yv0pJOKWSJ
IIopsGx5
-----END CERTIFICATE-----
Generated at Thu Mar 26 08:06:10 2026 by rpki-client