Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/2c2817-3701-4783-8fbd-eec4885c4f8d/1/8xt8DevzL-rg7wfVKxc8RMN1Als.roa
File: 8xt8DevzL-rg7wfVKxc8RMN1Als.roa (raw, json)
Hash identifier: ylbk4AOnelYjCsDvJ4Axlet8bBci4BQF/dtfQYZ149Q=
Subject key identifier: F3:1B:7C:0D:EB:F3:2F:EA:E0:EF:07:D5:2B:17:3C:44:C3:75:02:5B
Certificate issuer: /CN=20ca2d4cb3e56b5d29970a97fc645eb2fd6876a1
Certificate serial: 019D003421D20F50873F2D092E6011CE57B2
Authority key identifier: 20:CA:2D:4C:B3:E5:6B:5D:29:97:0A:97:FC:64:5E:B2:FD:68:76:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IMotTLPla10plwqX_GResv1odqE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/2c2817-3701-4783-8fbd-eec4885c4f8d/1/8xt8DevzL-rg7wfVKxc8RMN1Als.roa
Signing time: Wed 18 Mar 2026 09:08:29 +0000
ROA not before: Wed 18 Mar 2026 09:08:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213479
IP address blocks: 62.113.58.0/24 maxlen: 24
111.88.132.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/2c2817-3701-4783-8fbd-eec4885c4f8d/1/IMotTLPla10plwqX_GResv1odqE.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/2c2817-3701-4783-8fbd-eec4885c4f8d/1/IMotTLPla10plwqX_GResv1odqE.mft
rsync://rpki.ripe.net/repository/DEFAULT/IMotTLPla10plwqX_GResv1odqE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 06:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:00:34:21:d2:0f:50:87:3f:2d:09:2e:60:11:ce:57:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20ca2d4cb3e56b5d29970a97fc645eb2fd6876a1
Validity
Not Before: Mar 18 09:08:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f31b7c0debf32feae0ef07d52b173c44c375025b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:7f:21:dd:a1:36:5e:5a:b2:1a:67:9a:bb:0d:
a9:57:7e:36:68:50:0e:94:b9:78:1b:d5:db:51:3c:
d2:4e:7b:3e:fd:7b:dd:99:57:b7:82:18:f0:e9:bb:
cb:45:4f:7a:1e:cf:18:76:9b:27:a1:3a:97:4c:3f:
7c:20:d1:e1:3b:f5:af:79:a0:06:e6:b4:04:da:00:
7e:31:1b:2c:30:5d:ad:52:1d:0d:22:0b:e5:6c:97:
79:59:33:e4:47:15:e2:b7:eb:de:97:7a:4f:52:e7:
da:3d:29:39:e3:70:40:8c:6d:6d:06:e1:d2:ad:7c:
63:70:bb:dc:d1:6c:7a:b7:66:bd:a8:f1:38:1d:d2:
d1:bc:ee:ee:be:b8:4c:47:cb:b6:9f:01:25:ec:ff:
2e:23:28:cb:c7:0b:69:b5:98:6d:61:b3:45:b3:9b:
3d:59:f9:8a:1d:7c:b4:31:57:25:bb:23:79:94:b9:
da:09:55:dd:6b:bf:49:cd:5e:97:b9:3f:95:bc:c4:
42:6d:b1:eb:43:e6:22:01:c7:7a:ea:4b:10:be:eb:
81:80:90:df:64:02:e9:65:19:26:5e:ee:67:a2:a2:
61:30:93:71:43:8c:ab:d5:fb:b7:12:6e:87:e7:c8:
6b:e3:b6:ad:b6:71:e4:a2:91:18:68:f9:58:a9:33:
31:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:1B:7C:0D:EB:F3:2F:EA:E0:EF:07:D5:2B:17:3C:44:C3:75:02:5B
X509v3 Authority Key Identifier:
keyid:20:CA:2D:4C:B3:E5:6B:5D:29:97:0A:97:FC:64:5E:B2:FD:68:76:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IMotTLPla10plwqX_GResv1odqE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/2c2817-3701-4783-8fbd-eec4885c4f8d/1/8xt8DevzL-rg7wfVKxc8RMN1Als.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/2c2817-3701-4783-8fbd-eec4885c4f8d/1/IMotTLPla10plwqX_GResv1odqE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.113.58.0/24
111.88.132.0/24
Signature Algorithm: sha256WithRSAEncryption
85:4a:39:e5:2d:6c:b4:f7:36:82:23:f5:df:d0:e9:88:0e:b3:
89:93:4a:78:8d:cc:37:ff:90:8f:0c:33:92:73:60:6a:27:c6:
5c:0c:de:0e:11:bf:3a:d9:b2:3d:15:c6:ae:4f:d8:18:c2:45:
fe:ba:01:01:ad:05:86:fd:4e:9b:12:ed:64:74:51:80:9c:80:
be:ee:7c:94:46:c1:37:c6:0e:1c:16:b7:ac:25:2e:af:f4:72:
69:48:69:d6:5a:2d:1a:5f:53:92:f6:11:f9:e1:ad:43:9f:1a:
5f:da:3c:a5:ea:8a:d5:69:6e:9e:ab:1c:39:1f:27:cc:92:5b:
31:27:60:f2:83:c0:a0:83:68:93:ac:05:e7:24:5c:9f:c9:c6:
90:38:f2:07:51:76:bc:34:f5:84:2a:97:67:64:61:d7:f4:ab:
a7:36:df:8d:4e:e2:af:54:d6:a0:54:7f:49:53:6a:7c:3c:9d:
1d:6b:48:e3:67:14:b2:dd:a2:06:c3:6a:c4:03:c3:67:96:73:
fa:67:c3:b1:d7:e1:46:82:05:7b:e6:6a:21:7a:21:cb:e3:56:
59:bc:07:53:32:63:b5:90:a0:ce:4d:97:a6:5e:cc:26:db:6e:
ff:89:e5:49:30:23:6e:b5:a2:a4:3d:68:30:8f:0a:d6:c7:49:
93:bf:d7:97
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ0ANCHSD1CHPy0JLmARzleyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwY2EyZDRjYjNlNTZiNWQyOTk3MGE5N2ZjNjQ1ZWIyZmQ2
ODc2YTEwHhcNMjYwMzE4MDkwODI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzFiN2MwZGViZjMyZmVhZTBlZjA3ZDUyYjE3M2M0NGMzNzUwMjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2H8h3aE2XlqyGmeauw2pV342aFAO
lLl4G9XbUTzSTns+/XvdmVe3ghjw6bvLRU96Hs8YdpsnoTqXTD98INHhO/WveaAG
5rQE2gB+MRssMF2tUh0NIgvlbJd5WTPkRxXit+vel3pPUufaPSk543BAjG1tBuHS
rXxjcLvc0Wx6t2a9qPE4HdLRvO7uvrhMR8u2nwEl7P8uIyjLxwtptZhtYbNFs5s9
WfmKHXy0MVcluyN5lLnaCVXda79JzV6XuT+VvMRCbbHrQ+YiAcd66ksQvuuBgJDf
ZALpZRkmXu5noqJhMJNxQ4yr1fu3Em6H58hr47attnHkopEYaPlYqTMxTQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPMbfA3r8y/q4O8H1SsXPETDdQJbMB8GA1UdIwQY
MBaAFCDKLUyz5WtdKZcKl/xkXrL9aHahMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU1vdFRMUGxhMTBwbHdxWF9HUmVzdjFvZHFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC8yYzI4MTctMzcwMS00NzgzLThmYmQt
ZWVjNDg4NWM0ZjhkLzEvOHh0OERldnpMLXJnN3dmVkt4YzhSTU4xQWxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC8yYzI4MTctMzcwMS00NzgzLThmYmQtZWVjNDg4NWM0Zjhk
LzEvSU1vdFRMUGxhMTBwbHdxWF9HUmVzdjFvZHFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAPnE6AwQA
b1iEMA0GCSqGSIb3DQEBCwUAA4IBAQCFSjnlLWy09zaCI/Xf0OmIDrOJk0p4jcw3
/5CPDDOSc2BqJ8ZcDN4OEb862bI9FcauT9gYwkX+ugEBrQWG/U6bEu1kdFGAnIC+
7nyURsE3xg4cFresJS6v9HJpSGnWWi0aX1OS9hH54a1Dnxpf2jyl6orVaW6eqxw5
HyfMklsxJ2Dyg8Cgg2iTrAXnJFyfycaQOPIHUXa8NPWEKpdnZGHX9KunNt+NTuKv
VNagVH9JU2p8PJ0da0jjZxSy3aIGw2rEA8NnlnP6Z8Ox1+FGggV75moheiHL41ZZ
vAdTMmO1kKDOTZemXswm227/ieVJMCNutaKkPWgwjwrWx0mTv9eX
-----END CERTIFICATE-----
Generated at Thu Mar 26 13:24:49 2026 by rpki-client