Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/0895d2-b778-46c4-a691-f1237f4c5cf6/1/gIeaPpxjEdHljDQYkxl5yfrkzlg.roa
File: gIeaPpxjEdHljDQYkxl5yfrkzlg.roa (raw, json)
Hash identifier: Ly4b9Ljl8JcL3KNEpA0qm1DizsVn4jpOu21qrK+L6V4=
Subject key identifier: 80:87:9A:3E:9C:63:11:D1:E5:8C:34:18:93:19:79:C9:FA:E4:CE:58
Certificate issuer: /CN=0837c99b2a4c062d5c20678f9dcf3207aefd5e78
Certificate serial: 019D19366A5CD48B71910A11183720AF9B71
Authority key identifier: 08:37:C9:9B:2A:4C:06:2D:5C:20:67:8F:9D:CF:32:07:AE:FD:5E:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CDfJmypMBi1cIGePnc8yB679Xng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/0895d2-b778-46c4-a691-f1237f4c5cf6/1/gIeaPpxjEdHljDQYkxl5yfrkzlg.roa
Signing time: Mon 23 Mar 2026 05:41:29 +0000
ROA not before: Mon 23 Mar 2026 05:41:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 48266
IP address blocks: 216.236.6.0/23 maxlen: 24
216.236.6.0/24 maxlen: 24
216.236.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/0895d2-b778-46c4-a691-f1237f4c5cf6/1/CDfJmypMBi1cIGePnc8yB679Xng.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/0895d2-b778-46c4-a691-f1237f4c5cf6/1/CDfJmypMBi1cIGePnc8yB679Xng.mft
rsync://rpki.ripe.net/repository/DEFAULT/CDfJmypMBi1cIGePnc8yB679Xng.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:19:36:6a:5c:d4:8b:71:91:0a:11:18:37:20:af:9b:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0837c99b2a4c062d5c20678f9dcf3207aefd5e78
Validity
Not Before: Mar 23 05:41:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=80879a3e9c6311d1e58c3418931979c9fae4ce58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:5e:30:d0:9c:7f:9a:0b:0a:d2:bb:31:e3:51:
b8:00:5e:19:db:24:97:37:74:1e:21:21:85:9d:75:
da:7a:bf:ca:b4:bf:f3:d3:80:aa:e4:74:2c:dc:15:
7b:86:4b:1d:67:dc:6f:6d:a4:40:1a:45:e5:d6:08:
aa:29:4d:05:d2:9d:f3:cc:ea:47:7b:43:4a:b3:f6:
52:09:a4:ac:c2:67:a6:31:95:de:02:86:9d:81:20:
04:70:31:7f:d8:ce:fb:d9:9a:d9:51:e9:da:a1:20:
f4:0e:9c:13:94:6a:e3:57:14:e1:7c:3a:83:81:db:
2e:a5:a5:58:a5:83:8f:93:b2:5b:5b:e7:01:b0:6c:
7f:f8:70:10:ea:b7:88:52:04:8f:27:e6:8e:fb:6f:
bd:e9:2a:ff:3a:36:1c:f7:f1:62:c1:ff:d0:37:0e:
bc:1d:03:b5:af:8e:53:2e:fa:c7:79:55:ef:54:77:
8c:22:ea:26:62:17:49:6a:1a:9c:ea:5c:f3:2c:26:
df:01:b3:38:13:03:0b:90:ae:c8:12:d1:ff:8c:f2:
84:94:a0:62:45:1f:b6:d5:ff:a1:e1:e6:28:1f:c4:
f8:20:ae:1f:04:f5:23:9f:36:c2:c8:a7:a4:71:e3:
3c:f7:cb:b1:3d:44:7c:f5:fd:67:22:f7:47:f1:59:
83:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:87:9A:3E:9C:63:11:D1:E5:8C:34:18:93:19:79:C9:FA:E4:CE:58
X509v3 Authority Key Identifier:
keyid:08:37:C9:9B:2A:4C:06:2D:5C:20:67:8F:9D:CF:32:07:AE:FD:5E:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CDfJmypMBi1cIGePnc8yB679Xng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/0895d2-b778-46c4-a691-f1237f4c5cf6/1/gIeaPpxjEdHljDQYkxl5yfrkzlg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/0895d2-b778-46c4-a691-f1237f4c5cf6/1/CDfJmypMBi1cIGePnc8yB679Xng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
216.236.6.0/23
Signature Algorithm: sha256WithRSAEncryption
87:c8:f3:17:a0:b8:5d:11:14:65:43:8c:60:25:07:ab:f7:72:
db:ba:7f:80:1f:f0:03:fd:11:01:58:d7:57:40:3c:0f:16:3f:
32:10:21:6f:3c:fd:d9:8f:fb:01:b3:45:46:c0:bc:a8:c2:f6:
bb:be:4d:00:34:d2:79:c2:a8:bc:45:c6:de:0a:fd:08:d8:54:
a8:80:10:51:9c:5d:19:ea:04:08:08:dc:6b:65:e9:fa:b2:83:
62:96:f9:5d:12:92:46:c6:58:e1:38:a3:3c:54:98:ac:c7:0f:
db:06:15:c1:dc:93:52:4f:66:42:bd:89:49:6b:e0:93:6f:36:
df:54:50:9a:2b:b6:5b:68:98:4e:c8:2d:db:d1:d4:dc:48:31:
ff:ae:f7:97:ce:a9:6a:d2:5b:ba:ff:e0:33:a1:5b:7d:aa:12:
da:96:36:3e:17:f7:65:bf:f7:c0:c1:c8:c5:a4:2e:c4:53:6f:
fb:4e:90:b5:cd:96:b6:1f:a1:88:a4:29:6a:d7:14:35:f5:b3:
94:71:fc:e5:2a:9b:9a:75:c9:e0:17:97:16:a6:1e:a9:7c:82:
45:58:78:db:0d:88:7b:88:f9:ca:59:ba:c2:34:e6:62:cf:33:
89:2b:d7:9b:e1:67:d6:0e:d4:9e:6c:b4:dc:95:cb:3a:13:3a:
84:e9:34:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ0ZNmpc1ItxkQoRGDcgr5txMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MzdjOTliMmE0YzA2MmQ1YzIwNjc4ZjlkY2YzMjA3YWVm
ZDVlNzgwHhcNMjYwMzIzMDU0MTI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDg3OWEzZTljNjMxMWQxZTU4YzM0MTg5MzE5NzljOWZhZTRjZTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn14w0Jx/mgsK0rsx41G4AF4Z2ySX
N3QeISGFnXXaer/KtL/z04Cq5HQs3BV7hksdZ9xvbaRAGkXl1giqKU0F0p3zzOpH
e0NKs/ZSCaSswmemMZXeAoadgSAEcDF/2M772ZrZUenaoSD0DpwTlGrjVxThfDqD
gdsupaVYpYOPk7JbW+cBsGx/+HAQ6reIUgSPJ+aO+2+96Sr/OjYc9/Fiwf/QNw68
HQO1r45TLvrHeVXvVHeMIuomYhdJahqc6lzzLCbfAbM4EwMLkK7IEtH/jPKElKBi
RR+21f+h4eYoH8T4IK4fBPUjnzbCyKekceM898uxPUR89f1nIvdH8VmDTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFICHmj6cYxHR5Yw0GJMZecn65M5YMB8GA1UdIwQY
MBaAFAg3yZsqTAYtXCBnj53PMgeu/V54MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0RmSm15cE1CaTFjSUdlUG5jOHlCNjc5WG5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8wODk1ZDItYjc3OC00NmM0LWE2OTEt
ZjEyMzdmNGM1Y2Y2LzEvZ0llYVBweGpFZEhsakRRWWt4bDV5ZnJremxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8wODk1ZDItYjc3OC00NmM0LWE2OTEtZjEyMzdmNGM1Y2Y2
LzEvQ0RmSm15cE1CaTFjSUdlUG5jOHlCNjc5WG5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB2OwGMA0G
CSqGSIb3DQEBCwUAA4IBAQCHyPMXoLhdERRlQ4xgJQer93Lbun+AH/AD/REBWNdX
QDwPFj8yECFvPP3Zj/sBs0VGwLyowva7vk0ANNJ5wqi8RcbeCv0I2FSogBBRnF0Z
6gQICNxrZen6soNilvldEpJGxljhOKM8VJisxw/bBhXB3JNST2ZCvYlJa+CTbzbf
VFCaK7ZbaJhOyC3b0dTcSDH/rveXzqlq0lu6/+AzoVt9qhLaljY+F/dlv/fAwcjF
pC7EU2/7TpC1zZa2H6GIpClq1xQ19bOUcfzlKpuadcngF5cWph6pfIJFWHjbDYh7
iPnKWbrCNOZizzOJK9eb4WfWDtSebLTclcs6EzqE6TTJ
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:01:43 2026 by rpki-client