Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/76e87d-7595-4ba1-a2d7-870e64d464d5/1/iw4AqRmRIMQgRY1v_jIj27JTYNA.roa
File: iw4AqRmRIMQgRY1v_jIj27JTYNA.roa (raw, json)
Hash identifier: gkzi1z5bUJVhySMVCKKlEz9ici4xT0whvHOWhFzYVIU=
Subject key identifier: 8B:0E:00:A9:19:91:20:C4:20:45:8D:6F:FE:32:23:DB:B2:53:60:D0
Certificate issuer: /CN=8559fea7e83e64e5d82562313c3a3f190f49f032
Certificate serial: 019B79105A789070C9DFFA0D177D0D2F44C8
Authority key identifier: 85:59:FE:A7:E8:3E:64:E5:D8:25:62:31:3C:3A:3F:19:0F:49:F0:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hVn-p-g-ZOXYJWIxPDo_GQ9J8DI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/76e87d-7595-4ba1-a2d7-870e64d464d5/1/iw4AqRmRIMQgRY1v_jIj27JTYNA.roa
Signing time: Thu 01 Jan 2026 10:17:53 +0000
ROA not before: Thu 01 Jan 2026 10:17:53 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 200869
IP address blocks: 62.112.14.0/24 maxlen: 24
62.112.15.0/24 maxlen: 24
62.112.16.0/24 maxlen: 24
62.112.17.0/24 maxlen: 24
62.112.20.0/24 maxlen: 24
185.93.16.0/24 maxlen: 24
185.93.17.0/24 maxlen: 24
185.93.18.0/24 maxlen: 24
185.93.19.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/76e87d-7595-4ba1-a2d7-870e64d464d5/1/hVn-p-g-ZOXYJWIxPDo_GQ9J8DI.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/76e87d-7595-4ba1-a2d7-870e64d464d5/1/hVn-p-g-ZOXYJWIxPDo_GQ9J8DI.mft
rsync://rpki.ripe.net/repository/DEFAULT/hVn-p-g-ZOXYJWIxPDo_GQ9J8DI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:79:10:5a:78:90:70:c9:df:fa:0d:17:7d:0d:2f:44:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8559fea7e83e64e5d82562313c3a3f190f49f032
Validity
Not Before: Jan 1 10:17:53 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8b0e00a9199120c420458d6ffe3223dbb25360d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:9e:3b:a7:f2:de:7c:00:3d:9c:40:8c:e0:e0:
c7:9b:48:40:a9:1e:5a:3b:12:11:28:a9:b8:0f:6d:
8e:e1:98:2b:2d:26:4d:a5:58:f2:0f:4f:74:90:53:
e0:99:bf:51:61:aa:cf:aa:4b:5a:5d:e1:b3:56:ea:
3f:6c:89:94:b5:00:46:4a:c4:31:8d:6e:ba:d2:b8:
86:d9:85:92:2d:59:c7:a4:c7:df:3d:42:6b:a7:6b:
9d:fe:fa:aa:d4:30:e6:1e:7a:cb:a5:86:a2:5b:21:
9f:1f:fe:bf:4d:8a:91:e8:82:45:85:45:b0:12:53:
30:da:03:e2:fc:7c:2a:25:45:d4:69:2c:53:8c:39:
ec:6b:67:d4:42:f6:5b:a8:2f:5b:1f:06:62:74:4f:
59:a3:c4:58:cc:a5:96:c6:ff:4f:19:34:37:10:0f:
43:96:05:a2:63:34:6e:16:16:65:50:23:60:7e:7b:
7f:d4:d4:b5:aa:42:39:82:b9:17:d6:ac:88:e6:c8:
00:84:53:a7:21:46:71:8b:b5:d9:51:ea:e9:29:bf:
3b:2f:38:36:62:40:d4:85:0f:8f:86:2d:36:99:f1:
3e:40:81:a2:4f:f9:72:bb:be:13:ca:ba:49:8f:6d:
ee:4d:95:90:7f:3b:70:e7:66:8b:18:39:fb:86:2c:
3a:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:0E:00:A9:19:91:20:C4:20:45:8D:6F:FE:32:23:DB:B2:53:60:D0
X509v3 Authority Key Identifier:
keyid:85:59:FE:A7:E8:3E:64:E5:D8:25:62:31:3C:3A:3F:19:0F:49:F0:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hVn-p-g-ZOXYJWIxPDo_GQ9J8DI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/76e87d-7595-4ba1-a2d7-870e64d464d5/1/iw4AqRmRIMQgRY1v_jIj27JTYNA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/76e87d-7595-4ba1-a2d7-870e64d464d5/1/hVn-p-g-ZOXYJWIxPDo_GQ9J8DI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.112.14.0-62.112.17.255
62.112.20.0/24
185.93.16.0/22
Signature Algorithm: sha256WithRSAEncryption
57:7d:3c:91:17:0b:94:64:48:ff:1d:34:dc:5c:73:f5:1b:75:
de:71:b7:0e:06:a3:3c:2b:6a:b2:be:9f:14:6f:5e:c1:ac:83:
84:ce:11:91:1f:3e:1e:06:da:23:df:7e:81:76:71:22:b3:b9:
e0:fd:1c:af:fc:74:e4:1c:34:4c:b0:3b:4b:3a:2c:93:e3:ad:
91:da:fd:ee:ad:37:53:d7:50:51:cf:db:1a:c6:52:45:44:80:
da:3f:f5:8a:84:c7:67:8e:64:7c:c9:7e:ed:2b:76:b4:46:5d:
5b:ea:9e:c2:05:43:52:35:f3:6f:6c:e3:f4:c5:24:14:8c:25:
35:93:c1:d3:a2:5a:ed:92:2c:fe:53:64:a1:e0:72:2d:6c:0b:
d0:ec:d5:8d:bd:ba:dd:20:41:e4:b0:53:57:48:6b:6e:de:f8:
c9:7d:e8:68:cd:4b:59:4e:35:74:0b:64:91:23:91:af:a1:24:
c6:3c:19:a3:61:e4:fb:b1:e2:d9:0b:bc:44:07:60:0a:c6:32:
d9:7d:2d:27:61:89:9d:1f:a0:bb:5d:39:f6:f7:72:df:0f:dd:
31:cd:da:b4:be:f7:77:a5:7b:26:4b:e8:82:5f:2a:1a:87:f2:
ca:42:4d:c6:d4:02:41:3e:3b:fd:92:76:68:5c:77:d3:e2:9f:
aa:c3:0b:1b
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZt5EFp4kHDJ3/oNF30NL0TIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NTlmZWE3ZTgzZTY0ZTVkODI1NjIzMTNjM2EzZjE5MGY0
OWYwMzIwHhcNMjYwMTAxMTAxNzUzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjBlMDBhOTE5OTEyMGM0MjA0NThkNmZmZTMyMjNkYmIyNTM2MGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq547p/LefAA9nECM4ODHm0hAqR5a
OxIRKKm4D22O4ZgrLSZNpVjyD090kFPgmb9RYarPqktaXeGzVuo/bImUtQBGSsQx
jW660riG2YWSLVnHpMffPUJrp2ud/vqq1DDmHnrLpYaiWyGfH/6/TYqR6IJFhUWw
ElMw2gPi/HwqJUXUaSxTjDnsa2fUQvZbqC9bHwZidE9Zo8RYzKWWxv9PGTQ3EA9D
lgWiYzRuFhZlUCNgfnt/1NS1qkI5grkX1qyI5sgAhFOnIUZxi7XZUerpKb87Lzg2
YkDUhQ+Phi02mfE+QIGiT/lyu74TyrpJj23uTZWQfztw52aLGDn7hiw6ewIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFIsOAKkZkSDEIEWNb/4yI9uyU2DQMB8GA1UdIwQY
MBaAFIVZ/qfoPmTl2CViMTw6PxkPSfAyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFZuLXAtZy1aT1hZSldJeFBEb19HUTlKOERJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny83NmU4N2QtNzU5NS00YmExLWEyZDct
ODcwZTY0ZDQ2NGQ1LzEvaXc0QXFSbVJJTVFnUlkxdl9qSWoyN0pUWU5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny83NmU4N2QtNzU5NS00YmExLWEyZDctODcwZTY0ZDQ2NGQ1
LzEvaFZuLXAtZy1aT1hZSldJeFBEb19HUTlKOERJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAE+cA4D
BAE+cBADBAA+cBQDBAK5XRAwDQYJKoZIhvcNAQELBQADggEBAFd9PJEXC5RkSP8d
NNxcc/Ubdd5xtw4GozwrarK+nxRvXsGsg4TOEZEfPh4G2iPffoF2cSKzueD9HK/8
dOQcNEywO0s6LJPjrZHa/e6tN1PXUFHP2xrGUkVEgNo/9YqEx2eOZHzJfu0rdrRG
XVvqnsIFQ1I1829s4/TFJBSMJTWTwdOiWu2SLP5TZKHgci1sC9Ds1Y29ut0gQeSw
U1dIa27e+Ml96GjNS1lONXQLZJEjka+hJMY8GaNh5Pux4tkLvEQHYArGMtl9LSdh
iZ0foLtdOfb3ct8P3THN2rS+93eleyZL6IJfKhqH8spCTcbUAkE+O/2Sdmhcd9Pi
n6rDCxs=
-----END CERTIFICATE-----
Generated at Mon Mar 2 08:55:44 2026 by rpki-client