Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/_gx37fLAjTn81ea4QvOuL3hHCkg.roa
File: _gx37fLAjTn81ea4QvOuL3hHCkg.roa (raw, json)
Hash identifier: MCy3oFiQwUBO7wcUyatfr3G/3IlU2viPJ+3hsKVLQSY=
Subject key identifier: FE:0C:77:ED:F2:C0:8D:39:FC:D5:E6:B8:42:F3:AE:2F:78:47:0A:48
Certificate issuer: /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Certificate serial: 019DFD02CC08729F5E4E687B83DCB06B37E3
Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/_gx37fLAjTn81ea4QvOuL3hHCkg.roa
Signing time: Wed 06 May 2026 11:18:32 +0000
ROA not before: Wed 06 May 2026 11:18:32 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 41397
IP address blocks: 194.143.195.0/24 maxlen: 24
194.143.196.0/24 maxlen: 24
194.143.214.0/24 maxlen: 24
213.220.24.0/21 maxlen: 24
213.220.32.0/22 maxlen: 22
213.220.36.0/23 maxlen: 23
213.220.38.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.mft
rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:fd:02:cc:08:72:9f:5e:4e:68:7b:83:dc:b0:6b:37:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Validity
Not Before: May 6 11:18:32 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=fe0c77edf2c08d39fcd5e6b842f3ae2f78470a48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:3e:80:e9:62:0b:0d:db:82:9c:e1:e1:80:7b:
3c:18:64:4a:99:5b:f4:82:63:fc:d6:dc:77:fa:86:
fc:72:82:de:7f:1f:09:c6:ea:77:c4:88:d1:dd:dc:
2e:52:8a:dc:dc:98:64:f9:6f:7e:69:f8:33:f0:96:
cb:fe:e2:d6:db:1b:ce:97:26:62:25:57:27:63:b2:
94:03:20:2a:49:26:7a:a0:02:f3:63:f4:ee:a2:59:
18:8e:aa:28:f2:03:03:e2:29:61:a2:45:6f:63:82:
b1:56:5d:cb:40:dc:49:93:56:47:3e:ed:6b:f5:65:
af:73:de:49:30:62:03:c9:f4:f4:b0:af:a5:33:4d:
56:6b:6e:bb:2d:5c:9e:97:8e:dc:c8:21:15:e6:68:
0f:6e:96:82:44:0a:f1:94:e5:34:26:00:ca:c8:4e:
b2:01:76:58:53:0d:36:59:a9:64:41:cd:b2:a1:0c:
a9:57:d2:c7:c5:f4:e6:1d:0a:f4:25:50:97:99:bf:
38:90:1d:7d:f3:87:e9:1a:ab:3e:c9:07:14:17:a1:
c7:85:d8:da:68:67:d0:88:cf:42:f1:e8:f1:d4:91:
6a:e2:ab:04:f0:01:c9:a2:f6:15:af:58:15:5f:14:
ad:b3:e4:b2:f3:ab:19:ca:95:68:0d:12:88:1c:e0:
b9:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:0C:77:ED:F2:C0:8D:39:FC:D5:E6:B8:42:F3:AE:2F:78:47:0A:48
X509v3 Authority Key Identifier:
keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/_gx37fLAjTn81ea4QvOuL3hHCkg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.143.195.0-194.143.196.255
194.143.214.0/24
213.220.24.0-213.220.38.255
Signature Algorithm: sha256WithRSAEncryption
5a:9b:f2:da:67:02:a6:3f:94:de:0c:52:e2:39:55:de:68:29:
11:bc:6f:89:5d:02:02:32:d8:f3:17:f9:23:19:b1:2c:d1:58:
21:e3:f8:c0:6b:eb:e2:dc:68:8e:8f:aa:46:47:3b:49:ba:59:
41:5e:16:d4:57:91:c5:47:57:2b:5b:9a:86:b3:74:e9:d7:63:
f2:b6:12:1a:1f:f4:89:5f:e7:3d:e0:ac:eb:4c:5d:ad:d1:ba:
e9:fe:02:d3:bb:f8:46:2d:78:69:b4:a5:57:55:d7:df:50:85:
c0:4b:57:92:b2:e2:b4:34:26:66:da:0a:a2:32:ae:a3:f7:17:
67:ab:3b:a1:97:4b:51:10:d1:eb:5e:a7:43:3c:87:66:fb:59:
21:b7:e0:da:01:8a:53:5f:9c:80:9d:21:61:f3:30:9f:ba:aa:
9e:6e:61:fb:80:e3:4b:c0:99:4c:b8:c9:81:7a:67:a0:84:23:
17:db:4a:07:9a:82:70:82:5b:54:6a:36:6c:54:19:0c:22:bd:
e6:d2:98:4a:ba:7d:e3:11:89:aa:1f:2a:e2:8e:c5:2b:40:1f:
41:8e:7d:6d:2a:6a:71:5c:c4:4c:13:05:9a:45:43:e8:d1:f1:
31:5c:4b:5b:ac:a8:11:61:d2:93:de:b1:eb:25:46:b3:14:c6:
35:29:58:19
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZ39AswIcp9eTmh7g9ywazfjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy
MGFlMmUwHhcNMjYwNTA2MTExODMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTBjNzdlZGYyYzA4ZDM5ZmNkNWU2Yjg0MmYzYWUyZjc4NDcwYTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsj6A6WILDduCnOHhgHs8GGRKmVv0
gmP81tx3+ob8coLefx8Jxup3xIjR3dwuUorc3Jhk+W9+afgz8JbL/uLW2xvOlyZi
JVcnY7KUAyAqSSZ6oALzY/TuolkYjqoo8gMD4ilhokVvY4KxVl3LQNxJk1ZHPu1r
9WWvc95JMGIDyfT0sK+lM01Wa267LVyel47cyCEV5mgPbpaCRArxlOU0JgDKyE6y
AXZYUw02WalkQc2yoQypV9LHxfTmHQr0JVCXmb84kB1984fpGqs+yQcUF6HHhdja
aGfQiM9C8ejx1JFq4qsE8AHJovYVr1gVXxSts+Sy86sZypVoDRKIHOC5iwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFP4Md+3ywI05/NXmuELzri94RwpIMB8GA1UdIwQY
MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt
MWRkZWM0Y2NlMjRjLzEvX2d4MzdmTEFqVG44MWVhNFF2T3VMM2hIQ2tnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGItMWRkZWM0Y2NlMjRj
LzEvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBADCj8MD
BADCj8QDBADCj9YwDAMEA9XcGAMEANXcJjANBgkqhkiG9w0BAQsFAAOCAQEAWpvy
2mcCpj+U3gxS4jlV3mgpEbxviV0CAjLY8xf5IxmxLNFYIeP4wGvr4txojo+qRkc7
SbpZQV4W1FeRxUdXK1uahrN06ddj8rYSGh/0iV/nPeCs60xdrdG66f4C07v4Ri14
abSlV1XX31CFwEtXkrLitDQmZtoKojKuo/cXZ6s7oZdLURDR616nQzyHZvtZIbfg
2gGKU1+cgJ0hYfMwn7qqnm5h+4DjS8CZTLjJgXpnoIQjF9tKB5qCcIJbVGo2bFQZ
DCK95tKYSrp94xGJqh8q4o7FK0AfQY59bSpqcVzETBMFmkVD6NHxMVxLW6yoEWHS
k96x6yVGsxTGNSlYGQ==
-----END CERTIFICATE-----
Generated at Tue May 12 21:38:15 2026 by rpki-client