Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/9e2351-8dd0-4b70-a5fc-fb774abdfac2/1/oGf_1Gi6p9BnTcB2h845ELw18yE.roa
File: oGf_1Gi6p9BnTcB2h845ELw18yE.roa (raw, json)
Hash identifier: vZEx0hhPga5gHLIccOXjBsLg2I31ryX+jChcgCG39FM=
Subject key identifier: A0:67:FF:D4:68:BA:A7:D0:67:4D:C0:76:87:CE:39:10:BC:35:F3:21
Certificate issuer: /CN=746395c12672ad958921b62b9dc9b2bcd8a68a9f
Certificate serial: 019D31F08149410A5A4E9ADAA022B50FAF27
Authority key identifier: 74:63:95:C1:26:72:AD:95:89:21:B6:2B:9D:C9:B2:BC:D8:A6:8A:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dGOVwSZyrZWJIbYrncmyvNimip8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/9e2351-8dd0-4b70-a5fc-fb774abdfac2/1/oGf_1Gi6p9BnTcB2h845ELw18yE.roa
Signing time: Sat 28 Mar 2026 00:55:38 +0000
ROA not before: Sat 28 Mar 2026 00:55:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 199839
IP address blocks: 31.24.249.0/24 maxlen: 32
2001:678:f30::/48 maxlen: 48
2a12:4940::/32 maxlen: 48
2a12:4942:174::/48 maxlen: 48
2a12:4942:4009::/48 maxlen: 48
2a12:4946:1500::/48 maxlen: 48
2a12:4946:1600::/48 maxlen: 48
2a12:4946:1650::/48 maxlen: 48
2a12:4946:1655::/48 maxlen: 48
2a12:4946:1658::/48 maxlen: 48
2a12:4946:1700::/48 maxlen: 48
2a12:4946:1800::/48 maxlen: 48
2a12:4946:1900::/48 maxlen: 48
2a12:4946:3000::/48 maxlen: 48
2a12:4946:8000::/40 maxlen: 48
2a12:4946:8000::/48 maxlen: 48
2a12:4946:8010::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/9e2351-8dd0-4b70-a5fc-fb774abdfac2/1/dGOVwSZyrZWJIbYrncmyvNimip8.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/9e2351-8dd0-4b70-a5fc-fb774abdfac2/1/dGOVwSZyrZWJIbYrncmyvNimip8.mft
rsync://rpki.ripe.net/repository/DEFAULT/dGOVwSZyrZWJIbYrncmyvNimip8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:31:f0:81:49:41:0a:5a:4e:9a:da:a0:22:b5:0f:af:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=746395c12672ad958921b62b9dc9b2bcd8a68a9f
Validity
Not Before: Mar 28 00:55:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a067ffd468baa7d0674dc07687ce3910bc35f321
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:66:2a:e8:86:29:49:5d:6e:c1:12:7a:56:31:
35:59:42:87:0e:2a:b3:56:67:29:39:af:04:cb:91:
ef:1f:31:75:45:59:d1:21:12:3c:70:97:2d:4b:31:
18:f8:82:05:fc:47:79:8c:38:55:62:c2:a8:8d:1a:
7e:3c:c1:b5:8e:ec:00:02:89:a6:41:1f:80:d1:63:
df:4e:25:c0:c2:c3:10:d7:8e:d6:67:9c:fd:ab:40:
f2:28:85:6d:3f:d6:6d:37:0b:42:84:14:5d:b8:d3:
52:64:6f:79:49:cd:10:49:c9:02:64:14:2e:e4:39:
b6:82:40:bf:cc:39:55:1b:76:02:af:a1:8f:97:bf:
f5:48:23:c7:40:fe:50:27:89:49:32:99:57:21:82:
c2:43:8d:bc:8e:af:3b:c3:8e:f3:26:54:37:bd:f4:
92:62:4f:08:14:06:55:a1:42:55:a2:97:6c:cb:c7:
42:8b:72:07:a7:48:d4:d3:74:61:1f:33:76:73:b0:
58:db:1f:f0:ee:d7:70:79:29:0d:0a:19:95:2e:49:
77:6c:c0:50:fd:c0:32:18:65:67:ed:97:4e:f7:08:
cb:c1:ce:d4:32:f1:ce:58:cf:47:12:f9:0e:9f:ec:
3b:fb:9d:b5:95:5e:f9:7c:78:41:8b:9f:c5:da:46:
b5:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:67:FF:D4:68:BA:A7:D0:67:4D:C0:76:87:CE:39:10:BC:35:F3:21
X509v3 Authority Key Identifier:
keyid:74:63:95:C1:26:72:AD:95:89:21:B6:2B:9D:C9:B2:BC:D8:A6:8A:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dGOVwSZyrZWJIbYrncmyvNimip8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/9e2351-8dd0-4b70-a5fc-fb774abdfac2/1/oGf_1Gi6p9BnTcB2h845ELw18yE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/9e2351-8dd0-4b70-a5fc-fb774abdfac2/1/dGOVwSZyrZWJIbYrncmyvNimip8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.249.0/24
IPv6:
2001:678:f30::/48
2a12:4940::/32
2a12:4942:174::/48
2a12:4942:4009::/48
2a12:4946:1500::/48
2a12:4946:1600::/48
2a12:4946:1650::/48
2a12:4946:1655::/48
2a12:4946:1658::/48
2a12:4946:1700::/48
2a12:4946:1800::/48
2a12:4946:1900::/48
2a12:4946:3000::/48
2a12:4946:8000::/40
Signature Algorithm: sha256WithRSAEncryption
ba:44:95:7c:58:62:2b:33:0a:79:a8:84:7b:6b:c9:57:fc:0a:
f4:23:eb:e3:c2:c8:32:9f:02:7d:9c:40:d6:45:31:b2:9d:94:
b5:27:dd:83:22:84:4c:67:42:d5:dd:73:9b:be:a7:bf:b2:c8:
21:2b:a5:a5:7e:cb:7e:6f:ab:84:db:3e:b7:4e:3f:55:99:80:
3a:9c:8b:3c:6c:4b:74:2d:d8:17:08:4c:20:b7:58:cf:26:23:
ef:34:6d:b9:36:93:db:43:57:aa:4b:69:50:58:cb:44:0d:c8:
28:ac:4f:b4:a4:7d:f3:ae:d4:a6:00:41:30:37:fc:56:9e:16:
64:29:dd:66:6f:f1:6f:3c:71:cd:34:3a:16:c4:d5:ba:d6:90:
65:85:30:14:ad:c3:de:85:2b:b2:ab:27:2d:4c:1e:c1:3c:e9:
e3:39:4c:13:af:21:e2:a1:ec:02:7d:9d:7b:6a:bd:93:d5:bf:
14:0d:1f:8e:07:a4:5a:dc:c2:dd:a1:73:fc:47:84:ea:e4:c1:
17:97:2a:7e:00:fa:cd:99:3f:1e:0f:61:17:05:d6:bc:22:15:
69:2f:42:80:68:5d:90:58:c7:27:26:80:6d:c3:af:6a:52:51:
f9:51:71:b2:88:01:92:69:fa:4a:48:94:4a:63:f1:39:09:21:
87:2b:90:7e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAZ0x8IFJQQpaTpraoCK1D68nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NjM5NWMxMjY3MmFkOTU4OTIxYjYyYjlkYzliMmJjZDhh
NjhhOWYwHhcNMjYwMzI4MDA1NTM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDY3ZmZkNDY4YmFhN2QwNjc0ZGMwNzY4N2NlMzkxMGJjMzVmMzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAumYq6IYpSV1uwRJ6VjE1WUKHDiqz
VmcpOa8Ey5HvHzF1RVnRIRI8cJctSzEY+IIF/Ed5jDhVYsKojRp+PMG1juwAAomm
QR+A0WPfTiXAwsMQ147WZ5z9q0DyKIVtP9ZtNwtChBRduNNSZG95Sc0QSckCZBQu
5Dm2gkC/zDlVG3YCr6GPl7/1SCPHQP5QJ4lJMplXIYLCQ428jq87w47zJlQ3vfSS
Yk8IFAZVoUJVopdsy8dCi3IHp0jU03RhHzN2c7BY2x/w7tdweSkNChmVLkl3bMBQ
/cAyGGVn7ZdO9wjLwc7UMvHOWM9HEvkOn+w7+521lV75fHhBi5/F2ka1LwIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFKBn/9RouqfQZ03AdofOORC8NfMhMB8GA1UdIwQY
MBaAFHRjlcEmcq2ViSG2K53JsrzYpoqfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEdPVndTWnlyWldKSWJZcm5jbXl2TmltaXA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi85ZTIzNTEtOGRkMC00YjcwLWE1ZmMt
ZmI3NzRhYmRmYWMyLzEvb0dmXzFHaTZwOUJuVGNCMmg4NDVFTHcxOHlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi85ZTIzNTEtOGRkMC00YjcwLWE1ZmMtZmI3NzRhYmRmYWMy
LzEvZEdPVndTWnlyWldKSWJZcm5jbXl2TmltaXA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjAMBAIAATAGAwQAHxj5
MIGBBAIAAjB7AwcAIAEGeA8wAwUAKhJJQAMHACoSSUIBdAMHACoSSUJACQMHACoS
SUYVAAMHACoSSUYWAAMHACoSSUYWUAMHACoSSUYWVQMHACoSSUYWWAMHACoSSUYX
AAMHACoSSUYYAAMHACoSSUYZAAMHACoSSUYwAAMGACoSSUaAMA0GCSqGSIb3DQEB
CwUAA4IBAQC6RJV8WGIrMwp5qIR7a8lX/Ar0I+vjwsgynwJ9nEDWRTGynZS1J92D
IoRMZ0LV3XObvqe/ssghK6Wlfst+b6uE2z63Tj9VmYA6nIs8bEt0LdgXCEwgt1jP
JiPvNG25NpPbQ1eqS2lQWMtEDcgorE+0pH3zrtSmAEEwN/xWnhZkKd1mb/FvPHHN
NDoWxNW61pBlhTAUrcPehSuyqyctTB7BPOnjOUwTryHioewCfZ17ar2T1b8UDR+O
B6Ra3MLdoXP8R4Tq5MEXlyp+APrNmT8eD2EXBda8IhVpL0KAaF2QWMcnJoBtw69q
UlH5UXGyiAGSafpKSJRKY/E5CSGHK5B+
-----END CERTIFICATE-----
Generated at Sun Apr 19 08:23:24 2026 by rpki-client