Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/f20df3-2753-4353-a668-621792f7e56a/1/oKVs8opycS84dPliSyLG0JkBb78.roa
File: oKVs8opycS84dPliSyLG0JkBb78.roa (raw, json)
Hash identifier: DN1KcXYNLdE20LwiPz7gOBh6DkJVLAflVxaRUQquGhs=
Subject key identifier: A0:A5:6C:F2:8A:72:71:2F:38:74:F9:62:4B:22:C6:D0:99:01:6F:BF
Certificate issuer: /CN=4b98127943e7175734964010c89ef821416a31b3
Certificate serial: 019CE7CBA8013E39CDC8F1E23187B7F9B3DB
Authority key identifier: 4B:98:12:79:43:E7:17:57:34:96:40:10:C8:9E:F8:21:41:6A:31:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S5gSeUPnF1c0lkAQyJ74IUFqMbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/f20df3-2753-4353-a668-621792f7e56a/1/oKVs8opycS84dPliSyLG0JkBb78.roa
Signing time: Fri 13 Mar 2026 15:23:29 +0000
ROA not before: Fri 13 Mar 2026 15:23:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 31.64.0.0/14 maxlen: 14
31.68.0.0/15 maxlen: 15
31.71.0.0/16 maxlen: 16
31.72.0.0/13 maxlen: 13
31.99.64.0/18 maxlen: 18
31.99.128.0/18 maxlen: 18
31.99.208.0/20 maxlen: 20
31.99.224.0/19 maxlen: 19
91.110.0.0/17 maxlen: 17
91.110.128.0/17 maxlen: 17
178.98.0.0/15 maxlen: 15
178.100.0.0/14 maxlen: 14
178.106.0.0/16 maxlen: 16
178.107.32.0/19 maxlen: 19
178.107.64.0/18 maxlen: 18
178.107.128.0/17 maxlen: 17
185.102.192.0/22 maxlen: 22
185.102.196.0/22 maxlen: 22
185.102.200.0/22 maxlen: 22
194.36.212.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/f20df3-2753-4353-a668-621792f7e56a/1/S5gSeUPnF1c0lkAQyJ74IUFqMbM.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/f20df3-2753-4353-a668-621792f7e56a/1/S5gSeUPnF1c0lkAQyJ74IUFqMbM.mft
rsync://rpki.ripe.net/repository/DEFAULT/S5gSeUPnF1c0lkAQyJ74IUFqMbM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e7:cb:a8:01:3e:39:cd:c8:f1:e2:31:87:b7:f9:b3:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b98127943e7175734964010c89ef821416a31b3
Validity
Not Before: Mar 13 15:23:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a0a56cf28a72712f3874f9624b22c6d099016fbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:f2:2d:12:40:e6:ab:4e:60:2d:0d:bd:69:98:
88:72:21:6c:17:33:b3:b1:25:ba:a8:59:25:8b:a2:
73:bc:dd:a5:a3:ab:af:74:3f:55:5c:af:3c:dd:3e:
b0:51:f0:d8:f8:27:2a:0e:41:e8:f7:f4:55:1c:1b:
f1:2b:c4:fa:2a:f7:91:15:92:d1:37:e3:c0:5e:f1:
57:5e:35:03:95:a1:4a:7e:f2:f5:42:1b:ac:d2:f8:
06:b4:55:68:ff:56:51:6b:a7:af:47:7c:81:3b:12:
2d:5d:44:46:09:7a:7a:17:7f:5f:5d:ff:a6:42:da:
2b:52:65:f7:c7:bc:20:1b:c7:21:b8:b1:43:5f:48:
5e:b8:b0:9e:88:17:c3:8a:90:41:ef:09:87:6c:7f:
91:8c:e2:b0:a4:48:e6:71:8f:4d:f5:eb:f0:7a:04:
94:b6:6a:30:06:16:d3:da:10:a7:bd:2f:83:3d:92:
ca:36:f5:11:27:93:ef:e8:aa:03:cd:af:b8:26:32:
6d:f3:a3:4b:2c:9e:46:b7:4e:29:89:a2:98:ab:10:
f4:27:c8:6f:8f:d0:f0:1a:97:a4:91:65:d9:8e:34:
74:e8:7b:cc:3c:1e:4d:2d:7b:4e:5f:f4:1a:b2:df:
27:65:ea:64:ce:bf:f6:20:78:40:86:c7:78:66:a5:
4c:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:A5:6C:F2:8A:72:71:2F:38:74:F9:62:4B:22:C6:D0:99:01:6F:BF
X509v3 Authority Key Identifier:
keyid:4B:98:12:79:43:E7:17:57:34:96:40:10:C8:9E:F8:21:41:6A:31:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S5gSeUPnF1c0lkAQyJ74IUFqMbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/f20df3-2753-4353-a668-621792f7e56a/1/oKVs8opycS84dPliSyLG0JkBb78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/f20df3-2753-4353-a668-621792f7e56a/1/S5gSeUPnF1c0lkAQyJ74IUFqMbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.64.0.0-31.69.255.255
31.71.0.0-31.79.255.255
31.99.64.0-31.99.191.255
31.99.208.0-31.99.255.255
91.110.0.0/16
178.98.0.0-178.103.255.255
178.106.0.0/16
178.107.32.0-178.107.255.255
185.102.192.0-185.102.203.255
194.36.212.0/22
Signature Algorithm: sha256WithRSAEncryption
b7:f8:41:90:da:99:19:b4:0a:91:ad:e3:5e:54:a0:a9:35:c1:
b8:af:17:f8:9f:fb:5b:df:8d:85:c5:40:3e:d7:9d:d9:56:f6:
2d:f8:ec:6f:d0:f0:df:8f:d2:e4:f2:96:9e:f7:89:5e:a8:05:
74:5b:fa:ec:52:59:80:f3:0e:a3:dd:ef:6b:42:3a:cd:9e:e5:
86:2c:39:61:d2:4d:74:a2:71:45:a2:37:34:e5:5f:be:29:8b:
1a:81:00:b8:9b:bb:0f:b9:6b:74:bc:dd:02:14:96:23:79:0b:
5b:7d:98:1b:09:0b:64:94:e3:fa:ad:f8:50:78:2d:6d:ad:5f:
92:85:3a:4b:a9:58:f0:6e:e4:97:5b:da:45:47:ec:ba:f0:21:
f2:a4:30:22:df:24:b6:08:56:39:1c:b7:31:8f:24:6e:b5:16:
55:f4:f7:a7:8d:2f:91:08:ef:94:92:75:cc:88:ab:26:f7:f4:
ac:b8:9c:cd:7f:aa:04:0a:88:fa:1f:68:89:55:5b:75:87:a6:
22:88:7f:2d:c6:b5:f0:8d:64:ef:86:9b:85:11:46:44:79:b1:
b9:d6:48:7a:d4:fc:28:1a:3e:bd:60:fa:f2:a9:9c:dd:7f:e4:
2c:71:c9:ed:45:3d:a0:56:d0:a2:f6:e2:a7:aa:27:f2:4f:45:
ea:0b:06:bb
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAZzny6gBPjnNyPHiMYe3+bPbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiOTgxMjc5NDNlNzE3NTczNDk2NDAxMGM4OWVmODIxNDE2
YTMxYjMwHhcNMjYwMzEzMTUyMzI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGE1NmNmMjhhNzI3MTJmMzg3NGY5NjI0YjIyYzZkMDk5MDE2ZmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz/ItEkDmq05gLQ29aZiIciFsFzOz
sSW6qFkli6JzvN2lo6uvdD9VXK883T6wUfDY+CcqDkHo9/RVHBvxK8T6KveRFZLR
N+PAXvFXXjUDlaFKfvL1Qhus0vgGtFVo/1ZRa6evR3yBOxItXURGCXp6F39fXf+m
QtorUmX3x7wgG8chuLFDX0heuLCeiBfDipBB7wmHbH+RjOKwpEjmcY9N9evwegSU
tmowBhbT2hCnvS+DPZLKNvURJ5Pv6KoDza+4JjJt86NLLJ5Gt04piaKYqxD0J8hv
j9DwGpekkWXZjjR06HvMPB5NLXtOX/Qast8nZepkzr/2IHhAhsd4ZqVM8QIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFKClbPKKcnEvOHT5YksixtCZAW+/MB8GA1UdIwQY
MBaAFEuYEnlD5xdXNJZAEMie+CFBajGzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzVnU2VVUG5GMWMwbGtBUXlKNzRJVUZxTWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9mMjBkZjMtMjc1My00MzUzLWE2Njgt
NjIxNzkyZjdlNTZhLzEvb0tWczhvcHljUzg0ZFBsaVN5TEcwSmtCYjc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9mMjBkZjMtMjc1My00MzUzLWE2NjgtNjIxNzkyZjdlNTZh
LzEvUzVnU2VVUG5GMWMwbGtBUXlKNzRJVUZxTWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwcAQCAAEwajAKAwMGH0AD
AwEfRDAKAwMAH0cDAwQfQDAMAwQGH2NAAwQGH2OAMAsDBAQfY9ADAwIfYAMDAFtu
MAoDAwGyYgMDA7JgAwMAsmowCwMEBbJrIAMDArJoMAwDBAa5ZsADBAK5ZsgDBALC
JNQwDQYJKoZIhvcNAQELBQADggEBALf4QZDamRm0CpGt415UoKk1wbivF/if+1vf
jYXFQD7XndlW9i347G/Q8N+P0uTylp73iV6oBXRb+uxSWYDzDqPd72tCOs2e5YYs
OWHSTXSicUWiNzTlX74pixqBALibuw+5a3S83QIUliN5C1t9mBsJC2SU4/qt+FB4
LW2tX5KFOkupWPBu5Jdb2kVH7LrwIfKkMCLfJLYIVjkctzGPJG61FlX096eNL5EI
75SSdcyIqyb39Ky4nM1/qgQKiPofaIlVW3WHpiKIfy3GtfCNZO+Gm4URRkR5sbnW
SHrU/CgaPr1g+vKpnN1/5Cxxye1FPaBW0KL24qeqJ/JPReoLBrs=
-----END CERTIFICATE-----
Generated at Thu Mar 26 01:48:19 2026 by rpki-client