Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/068cb9-6cba-453d-858a-c5bbf95f8584/1/r0sAkZKQjB0vS8O7iQ56X-aB2xQ.roa
File: r0sAkZKQjB0vS8O7iQ56X-aB2xQ.roa (raw, json)
Hash identifier: WhI0GBlFVNmUWesEvEtCpV14xg5saJG4u4JXvCc5SS0=
Subject key identifier: AF:4B:00:91:92:90:8C:1D:2F:4B:C3:BB:89:0E:7A:5F:E6:81:DB:14
Certificate issuer: /CN=700c030930a9d2e4da88d81852a44c3f78bfb440
Certificate serial: 019B775881DA42BAFB9E006AECD5F69BC628
Authority key identifier: 70:0C:03:09:30:A9:D2:E4:DA:88:D8:18:52:A4:4C:3F:78:BF:B4:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cAwDCTCp0uTaiNgYUqRMP3i_tEA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/068cb9-6cba-453d-858a-c5bbf95f8584/1/r0sAkZKQjB0vS8O7iQ56X-aB2xQ.roa
Signing time: Thu 01 Jan 2026 02:17:27 +0000
ROA not before: Thu 01 Jan 2026 02:17:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 20596
IP address blocks: 185.113.24.0/22 maxlen: 22
2a06:6740::/29 maxlen: 32
2a06:6740::/30 maxlen: 30
2a06:6744::/31 maxlen: 31
2a06:6746::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/068cb9-6cba-453d-858a-c5bbf95f8584/1/cAwDCTCp0uTaiNgYUqRMP3i_tEA.crl
rsync://rpki.ripe.net/repository/DEFAULT/71/068cb9-6cba-453d-858a-c5bbf95f8584/1/cAwDCTCp0uTaiNgYUqRMP3i_tEA.mft
rsync://rpki.ripe.net/repository/DEFAULT/cAwDCTCp0uTaiNgYUqRMP3i_tEA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 11:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:77:58:81:da:42:ba:fb:9e:00:6a:ec:d5:f6:9b:c6:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=700c030930a9d2e4da88d81852a44c3f78bfb440
Validity
Not Before: Jan 1 02:17:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=af4b009192908c1d2f4bc3bb890e7a5fe681db14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:13:cd:e9:34:9d:9b:3e:48:a7:01:5e:a6:29:
ee:bc:4d:31:aa:15:c6:de:2e:65:51:1a:e8:51:e1:
81:52:68:26:c0:fb:13:07:be:50:83:2b:24:02:ab:
80:2c:f0:8a:40:23:c0:c4:f9:90:b4:7e:ba:87:0d:
e1:ab:76:52:4d:34:06:8a:49:f8:52:5d:eb:85:90:
57:c6:dd:76:5b:3d:5a:64:d2:8d:c2:46:dd:f3:0e:
74:93:c7:df:9b:92:ff:07:41:51:05:ed:08:b9:af:
c2:41:ad:4e:b6:04:01:75:b8:e7:29:34:7e:04:e3:
6b:65:83:a4:1c:f6:12:ca:24:90:dd:48:0e:ed:f1:
c8:b1:db:56:80:8f:f8:56:7c:14:ff:98:85:85:54:
a3:bf:ae:4c:dc:b6:55:0a:10:2a:1b:19:ec:9f:e2:
cb:ff:8b:26:4f:48:70:fb:d9:92:f1:51:a2:c9:97:
32:47:95:ff:fb:e1:1e:d2:ad:a5:f2:cb:15:8d:38:
59:31:38:19:65:72:b0:29:17:77:68:a6:77:db:95:
4c:8a:bf:a1:37:ef:4a:b2:e7:18:8e:07:42:e1:d6:
8b:a3:e1:85:db:e6:52:2e:c5:52:48:8a:3a:41:1e:
9d:d9:dc:09:4c:17:df:5a:4c:86:5f:19:d0:75:79:
35:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:4B:00:91:92:90:8C:1D:2F:4B:C3:BB:89:0E:7A:5F:E6:81:DB:14
X509v3 Authority Key Identifier:
keyid:70:0C:03:09:30:A9:D2:E4:DA:88:D8:18:52:A4:4C:3F:78:BF:B4:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cAwDCTCp0uTaiNgYUqRMP3i_tEA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/068cb9-6cba-453d-858a-c5bbf95f8584/1/r0sAkZKQjB0vS8O7iQ56X-aB2xQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/068cb9-6cba-453d-858a-c5bbf95f8584/1/cAwDCTCp0uTaiNgYUqRMP3i_tEA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.113.24.0/22
IPv6:
2a06:6740::/29
Signature Algorithm: sha256WithRSAEncryption
6b:43:bf:21:0e:f2:5c:d1:0f:e4:04:6f:d3:fa:87:c5:5a:c5:
d5:db:c0:2f:49:24:8e:98:c2:7c:80:5e:c4:0a:80:a0:12:bc:
ba:97:ff:5e:e2:7c:42:bb:4b:3c:05:63:33:64:25:7b:86:00:
b1:f1:9f:4f:5d:f8:c6:e3:af:17:61:80:c5:88:bb:e7:b2:11:
22:f4:b1:40:6c:0f:a1:d9:db:05:a5:5c:e7:3e:0c:49:b7:d4:
dd:2d:f0:c3:c3:c1:2f:e8:8f:11:fc:64:38:2e:f0:bc:99:d8:
ff:dc:58:9a:97:b6:a0:20:82:62:2b:ad:c1:ec:a8:d6:6c:14:
3c:fc:64:ed:d0:bd:43:15:ec:81:5a:97:07:63:b0:ef:8b:bf:
d5:c9:1f:46:71:71:6d:9a:8e:ce:59:81:19:56:56:ed:99:49:
6d:5f:48:03:70:a2:a8:2b:30:8c:a8:63:2b:f1:a8:b4:75:5b:
ce:a0:31:51:fc:ec:78:89:1d:be:82:71:76:31:f4:1a:65:a0:
e8:2b:59:f9:da:3e:06:7d:d8:e5:53:21:b7:f7:d0:cd:a2:09:
dd:9b:e9:63:49:65:35:04:cc:0f:6a:18:cb:4d:75:b8:f7:b5:
00:b5:b9:09:c0:e3:bd:4e:da:e8:db:8f:7f:eb:a6:56:00:a8:
0c:0b:4b:d6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZt3WIHaQrr7ngBq7NX2m8YoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwMGMwMzA5MzBhOWQyZTRkYTg4ZDgxODUyYTQ0YzNmNzhi
ZmI0NDAwHhcNMjYwMTAxMDIxNzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjRiMDA5MTkyOTA4YzFkMmY0YmMzYmI4OTBlN2E1ZmU2ODFkYjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2RPN6TSdmz5IpwFepinuvE0xqhXG
3i5lURroUeGBUmgmwPsTB75QgyskAquALPCKQCPAxPmQtH66hw3hq3ZSTTQGikn4
Ul3rhZBXxt12Wz1aZNKNwkbd8w50k8ffm5L/B0FRBe0Iua/CQa1OtgQBdbjnKTR+
BONrZYOkHPYSyiSQ3UgO7fHIsdtWgI/4VnwU/5iFhVSjv65M3LZVChAqGxnsn+LL
/4smT0hw+9mS8VGiyZcyR5X/++Ee0q2l8ssVjThZMTgZZXKwKRd3aKZ325VMir+h
N+9KsucYjgdC4daLo+GF2+ZSLsVSSIo6QR6d2dwJTBffWkyGXxnQdXk1owIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFK9LAJGSkIwdL0vDu4kOel/mgdsUMB8GA1UdIwQY
MBaAFHAMAwkwqdLk2ojYGFKkTD94v7RAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0F3RENUQ3AwdVRhaU5nWVVxUk1QM2lfdEVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS8wNjhjYjktNmNiYS00NTNkLTg1OGEt
YzViYmY5NWY4NTg0LzEvcjBzQWtaS1FqQjB2UzhPN2lRNTZYLWFCMnhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS8wNjhjYjktNmNiYS00NTNkLTg1OGEtYzViYmY5NWY4NTg0
LzEvY0F3RENUQ3AwdVRhaU5nWVVxUk1QM2lfdEVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXEYMA0E
AgACMAcDBQMqBmdAMA0GCSqGSIb3DQEBCwUAA4IBAQBrQ78hDvJc0Q/kBG/T+ofF
WsXV28AvSSSOmMJ8gF7ECoCgEry6l/9e4nxCu0s8BWMzZCV7hgCx8Z9PXfjG468X
YYDFiLvnshEi9LFAbA+h2dsFpVznPgxJt9TdLfDDw8Ev6I8R/GQ4LvC8mdj/3Fia
l7agIIJiK63B7KjWbBQ8/GTt0L1DFeyBWpcHY7Dvi7/VyR9GcXFtmo7OWYEZVlbt
mUltX0gDcKKoKzCMqGMr8ai0dVvOoDFR/Ox4iR2+gnF2MfQaZaDoK1n52j4Gfdjl
UyG399DNogndm+ljSWU1BMwPahjLTXW497UAtbkJwOO9Ttro249/66ZWAKgMC0vW
-----END CERTIFICATE-----
Generated at Mon Mar 2 18:19:45 2026 by rpki-client