Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/g1Cn2Ncb-NH2vPDu1rAM_nngh8A.roa
File: g1Cn2Ncb-NH2vPDu1rAM_nngh8A.roa (raw, json)
Hash identifier: XqTdmhDShGggEOKrm5wuP3qVSvIEVuXwd+5DD/NUNO0=
Subject key identifier: 83:50:A7:D8:D7:1B:F8:D1:F6:BC:F0:EE:D6:B0:0C:FE:79:E0:87:C0
Certificate issuer: /CN=914aa557c3d3d1e6b7f0525c34cc1d488a5a9294
Certificate serial: 019D0C233F179F32AE802791378721ADC228
Authority key identifier: 91:4A:A5:57:C3:D3:D1:E6:B7:F0:52:5C:34:CC:1D:48:8A:5A:92:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/g1Cn2Ncb-NH2vPDu1rAM_nngh8A.roa
Signing time: Fri 20 Mar 2026 16:45:29 +0000
ROA not before: Fri 20 Mar 2026 16:45:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 201136
IP address blocks: 222.167.214.0/24 maxlen: 24
222.167.246.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 14:39:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:0c:23:3f:17:9f:32:ae:80:27:91:37:87:21:ad:c2:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=914aa557c3d3d1e6b7f0525c34cc1d488a5a9294
Validity
Not Before: Mar 20 16:45:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8350a7d8d71bf8d1f6bcf0eed6b00cfe79e087c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:17:20:76:cc:3b:e1:6c:80:b0:53:db:d8:b7:
b6:31:84:eb:da:f6:a4:5d:19:db:7f:ac:18:88:7a:
3b:fc:9e:e4:3c:63:6f:d4:a7:02:4f:4e:f5:d0:a6:
94:03:79:8e:7f:43:5c:d1:29:04:4a:65:7c:74:f2:
2d:89:0d:cd:56:59:87:47:25:e4:c8:1c:67:57:3a:
ef:70:f6:b0:41:d8:4f:c0:65:15:b5:af:fd:a6:df:
fd:6c:cf:3b:be:ff:56:a4:b1:a0:ea:88:06:24:d3:
75:33:cf:18:46:bb:b9:2e:50:d1:40:c7:a9:67:89:
1c:f5:4a:a2:2e:df:e4:13:df:5a:09:b4:50:87:7c:
c5:51:4c:5c:d1:56:b6:f6:21:29:02:7f:3e:79:c2:
b6:0f:4b:c8:01:3c:8e:56:3e:81:31:fa:28:31:9f:
94:56:32:bc:2d:c1:06:de:3b:ae:19:f2:94:61:ad:
73:73:85:2c:86:d4:98:2d:b7:eb:07:fb:a5:31:0b:
d1:32:29:75:df:7b:68:c6:2a:03:ac:b8:fa:ed:29:
0f:a7:17:a7:92:5c:ae:cd:4b:3d:e1:57:a7:a2:a0:
66:bf:fd:2e:9d:87:a0:49:f1:8e:94:69:08:ff:b3:
c4:1f:ab:03:91:65:90:3d:e0:75:d3:9f:57:7d:77:
1f:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:50:A7:D8:D7:1B:F8:D1:F6:BC:F0:EE:D6:B0:0C:FE:79:E0:87:C0
X509v3 Authority Key Identifier:
keyid:91:4A:A5:57:C3:D3:D1:E6:B7:F0:52:5C:34:CC:1D:48:8A:5A:92:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/g1Cn2Ncb-NH2vPDu1rAM_nngh8A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
222.167.214.0/24
222.167.246.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:1a:4a:86:40:07:0c:4a:fa:4f:93:ee:78:f1:a1:40:fa:a0:
83:05:ab:0d:39:b9:ea:03:3a:54:aa:dc:4f:e7:a1:17:45:e2:
5f:54:40:e2:60:97:04:8d:b8:fe:1a:6d:85:3e:84:07:96:09:
24:8d:65:a4:7d:10:36:be:12:99:4d:b1:15:11:98:71:fc:59:
5b:7f:52:7c:14:13:af:cc:e9:f1:0b:1e:92:1b:07:c0:f8:c9:
a4:4b:74:51:4d:57:38:ba:3c:bf:68:2a:29:e1:cc:6d:1e:37:
b9:5f:77:d1:2a:c9:18:0f:fb:ef:00:35:35:97:44:d4:bd:85:
59:32:3b:10:9f:57:c2:f0:a1:33:19:41:d2:c9:71:3e:08:a9:
9c:5d:2f:27:c1:29:88:ae:cb:d8:48:a0:2d:e1:2b:79:e9:4b:
b5:fb:cb:79:ce:f5:e9:90:0b:53:91:2d:4f:54:4e:df:6d:10:
6f:18:ea:ef:fc:e9:ce:eb:56:67:d1:b1:81:bf:14:6a:26:6b:
2d:9f:f6:1d:86:33:94:76:3d:18:b9:bb:34:b8:d7:93:7c:9d:
97:1a:54:7d:84:d1:eb:34:46:42:31:a8:63:e3:85:5e:3b:a5:
dd:d8:69:4a:97:f8:9f:a8:ba:19:8f:b8:a4:6e:01:a9:a4:e0:
63:84:2f:37
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ0MIz8XnzKugCeRN4chrcIoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxNGFhNTU3YzNkM2QxZTZiN2YwNTI1YzM0Y2MxZDQ4OGE1
YTkyOTQwHhcNMjYwMzIwMTY0NTI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzUwYTdkOGQ3MWJmOGQxZjZiY2YwZWVkNmIwMGNmZTc5ZTA4N2MwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvBcgdsw74WyAsFPb2Le2MYTr2vak
XRnbf6wYiHo7/J7kPGNv1KcCT0710KaUA3mOf0Nc0SkESmV8dPItiQ3NVlmHRyXk
yBxnVzrvcPawQdhPwGUVta/9pt/9bM87vv9WpLGg6ogGJNN1M88YRru5LlDRQMep
Z4kc9UqiLt/kE99aCbRQh3zFUUxc0Va29iEpAn8+ecK2D0vIATyOVj6BMfooMZ+U
VjK8LcEG3juuGfKUYa1zc4UshtSYLbfrB/ulMQvRMil133toxioDrLj67SkPpxen
klyuzUs94VenoqBmv/0unYegSfGOlGkI/7PEH6sDkWWQPeB1059XfXcfcwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFINQp9jXG/jR9rzw7tawDP554IfAMB8GA1UdIwQY
MBaAFJFKpVfD09Hmt/BSXDTMHUiKWpKUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1VxbFY4UFQwZWEzOEZKY05Nd2RTSXBha3BRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9kYjk3ZDAtMjhmMi00MzI5LWI4NTYt
NGEzNDhlN2JlNDQxLzEvZzFDbjJOY2ItTkgydlBEdTFyQU1fbm5naDhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9kYjk3ZDAtMjhmMi00MzI5LWI4NTYtNGEzNDhlN2JlNDQx
LzEva1VxbFY4UFQwZWEzOEZKY05Nd2RTSXBha3BRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA3qfWAwQA
3qf2MA0GCSqGSIb3DQEBCwUAA4IBAQAvGkqGQAcMSvpPk+548aFA+qCDBasNObnq
AzpUqtxP56EXReJfVEDiYJcEjbj+Gm2FPoQHlgkkjWWkfRA2vhKZTbEVEZhx/Flb
f1J8FBOvzOnxCx6SGwfA+MmkS3RRTVc4ujy/aCop4cxtHje5X3fRKskYD/vvADU1
l0TUvYVZMjsQn1fC8KEzGUHSyXE+CKmcXS8nwSmIrsvYSKAt4St56Uu1+8t5zvXp
kAtTkS1PVE7fbRBvGOrv/OnO61Zn0bGBvxRqJmstn/YdhjOUdj0Yubs0uNeTfJ2X
GlR9hNHrNEZCMahj44VeO6Xd2GlKl/ifqLoZj7ikbgGppOBjhC83
-----END CERTIFICATE-----
Generated at Wed Mar 25 23:53:17 2026 by rpki-client