Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/c89677-1d9a-418d-8593-c18e3ccc742b/1/OIkvi_D0Bb1aXEA4R8bCV_aIe-c.roa
File: OIkvi_D0Bb1aXEA4R8bCV_aIe-c.roa (raw, json)
Hash identifier: g7Ac10RAOdEnF+OAz8C5tfcB0Xzzvx7Y2MHoIT9m+IM=
Subject key identifier: 38:89:2F:8B:F0:F4:05:BD:5A:5C:40:38:47:C6:C2:57:F6:88:7B:E7
Certificate issuer: /CN=5c6b0c001a99ab6296e242173bf7e7fdcf03c019
Certificate serial: 019D2FABBDC3F16CDB88BAEBE022776A8AAF
Authority key identifier: 5C:6B:0C:00:1A:99:AB:62:96:E2:42:17:3B:F7:E7:FD:CF:03:C0:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XGsMABqZq2KW4kIXO_fn_c8DwBk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/c89677-1d9a-418d-8593-c18e3ccc742b/1/OIkvi_D0Bb1aXEA4R8bCV_aIe-c.roa
Signing time: Fri 27 Mar 2026 14:21:17 +0000
ROA not before: Fri 27 Mar 2026 14:21:17 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 198087
IP address blocks: 178.214.212.0/24 maxlen: 24
178.214.218.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7e/c89677-1d9a-418d-8593-c18e3ccc742b/1/XGsMABqZq2KW4kIXO_fn_c8DwBk.crl
rsync://rpki.ripe.net/repository/DEFAULT/7e/c89677-1d9a-418d-8593-c18e3ccc742b/1/XGsMABqZq2KW4kIXO_fn_c8DwBk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XGsMABqZq2KW4kIXO_fn_c8DwBk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 21:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2f:ab:bd:c3:f1:6c:db:88:ba:eb:e0:22:77:6a:8a:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c6b0c001a99ab6296e242173bf7e7fdcf03c019
Validity
Not Before: Mar 27 14:21:17 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=38892f8bf0f405bd5a5c403847c6c257f6887be7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:ee:6c:c9:82:36:8f:ef:39:ce:85:e1:2d:e4:
09:06:58:a6:fb:5b:75:d6:f5:42:f9:45:4d:8d:5e:
18:70:87:29:ec:3a:b7:32:b1:b4:62:e0:a5:ba:a7:
14:4f:dd:85:3b:a1:2f:54:9b:46:7f:32:6e:89:6c:
9a:bc:5e:9f:db:87:c4:64:85:03:79:70:f5:2f:83:
52:2f:c4:c1:c4:f8:d8:4b:b5:a4:e1:9a:13:eb:dc:
be:04:bc:82:b9:ec:de:9b:44:6e:70:53:1b:a9:3c:
37:d5:4d:30:5c:33:7d:cf:92:ae:4e:b7:41:a7:58:
9b:0f:f3:6c:fe:08:e2:55:0e:3e:a0:0c:ab:97:be:
0f:ce:82:53:e4:ab:de:67:14:31:d3:14:78:60:b3:
36:8a:cc:0a:72:e1:71:5c:71:4d:49:62:6e:a9:c2:
ec:23:2d:06:1f:1f:c2:61:03:0f:39:3b:63:c5:c1:
90:d7:c7:0d:a5:26:64:f0:ea:1b:10:c5:69:74:cc:
0f:16:cf:17:07:d6:ea:72:45:80:45:58:54:9c:09:
b9:35:e6:a0:cf:b5:7f:c4:c3:fc:06:db:ac:80:18:
76:4b:90:8d:8f:27:a2:7c:0a:e2:82:14:ec:c2:e9:
d7:2f:16:a0:a9:0b:6c:69:1b:ec:9a:d8:3e:cc:cc:
4b:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:89:2F:8B:F0:F4:05:BD:5A:5C:40:38:47:C6:C2:57:F6:88:7B:E7
X509v3 Authority Key Identifier:
keyid:5C:6B:0C:00:1A:99:AB:62:96:E2:42:17:3B:F7:E7:FD:CF:03:C0:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XGsMABqZq2KW4kIXO_fn_c8DwBk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/c89677-1d9a-418d-8593-c18e3ccc742b/1/OIkvi_D0Bb1aXEA4R8bCV_aIe-c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/c89677-1d9a-418d-8593-c18e3ccc742b/1/XGsMABqZq2KW4kIXO_fn_c8DwBk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.214.212.0/24
178.214.218.0/24
Signature Algorithm: sha256WithRSAEncryption
84:4f:24:a0:77:47:f5:7d:11:b8:b9:31:27:21:62:46:6e:b5:
7f:26:14:85:a6:73:d8:c6:ee:69:ab:64:0f:af:d6:2c:ec:d0:
a2:7d:c6:72:d3:13:14:b2:f7:d0:c1:fa:83:f9:db:72:b6:8b:
d8:3b:d3:b7:9f:3f:4f:eb:60:ba:c5:69:a5:d0:2c:f5:37:93:
42:44:37:77:d6:6b:7c:64:ae:1a:cb:d4:d0:4b:f3:2b:7a:bc:
74:5a:72:d9:79:ec:ed:1d:80:7f:25:b5:66:9d:0f:e9:1d:c1:
c0:c2:55:e9:31:57:f2:25:9a:46:71:36:94:ba:50:c6:82:3c:
04:10:3f:64:73:8b:7c:c3:d5:7c:bf:86:0b:ac:4b:12:3c:e8:
6e:91:54:ba:35:17:d8:ab:23:6e:2f:2f:c2:ce:dd:bd:57:fe:
76:a8:6a:00:de:bb:60:b7:9c:40:d8:1b:ab:db:46:a0:0a:21:
b3:de:9b:d7:d2:e2:d4:ff:07:a4:21:1f:ba:97:4e:89:57:be:
8f:83:28:5e:1e:df:87:12:e3:f6:9b:3d:30:7c:44:8f:ba:54:
68:30:e3:5f:bf:e0:cf:2b:df:7f:80:32:9d:c1:8a:de:29:e5:
50:9e:54:21:db:f6:0e:be:6d:3d:91:97:00:04:25:c9:1f:c9:
1c:5d:13:c0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ0vq73D8WzbiLrr4CJ3aoqvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNmIwYzAwMWE5OWFiNjI5NmUyNDIxNzNiZjdlN2ZkY2Yw
M2MwMTkwHhcNMjYwMzI3MTQyMTE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODg5MmY4YmYwZjQwNWJkNWE1YzQwMzg0N2M2YzI1N2Y2ODg3YmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlu5syYI2j+85zoXhLeQJBlim+1t1
1vVC+UVNjV4YcIcp7Dq3MrG0YuCluqcUT92FO6EvVJtGfzJuiWyavF6f24fEZIUD
eXD1L4NSL8TBxPjYS7Wk4ZoT69y+BLyCuezem0RucFMbqTw31U0wXDN9z5KuTrdB
p1ibD/Ns/gjiVQ4+oAyrl74PzoJT5KveZxQx0xR4YLM2iswKcuFxXHFNSWJuqcLs
Iy0GHx/CYQMPOTtjxcGQ18cNpSZk8OobEMVpdMwPFs8XB9bqckWARVhUnAm5Neag
z7V/xMP8BtusgBh2S5CNjyeifArighTswunXLxagqQtsaRvsmtg+zMxLhQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDiJL4vw9AW9WlxAOEfGwlf2iHvnMB8GA1UdIwQY
MBaAFFxrDAAamatiluJCFzv35/3PA8AZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEdzTUFCcVpxMktXNGtJWE9fZm5fYzhEd0JrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9jODk2NzctMWQ5YS00MThkLTg1OTMt
YzE4ZTNjY2M3NDJiLzEvT0lrdmlfRDBCYjFhWEVBNFI4YkNWX2FJZS1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9jODk2NzctMWQ5YS00MThkLTg1OTMtYzE4ZTNjY2M3NDJi
LzEvWEdzTUFCcVpxMktXNGtJWE9fZm5fYzhEd0JrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAstbUAwQA
stbaMA0GCSqGSIb3DQEBCwUAA4IBAQCETySgd0f1fRG4uTEnIWJGbrV/JhSFpnPY
xu5pq2QPr9Ys7NCifcZy0xMUsvfQwfqD+dtytovYO9O3nz9P62C6xWml0Cz1N5NC
RDd31mt8ZK4ay9TQS/Mrerx0WnLZeeztHYB/JbVmnQ/pHcHAwlXpMVfyJZpGcTaU
ulDGgjwEED9kc4t8w9V8v4YLrEsSPOhukVS6NRfYqyNuLy/Czt29V/52qGoA3rtg
t5xA2Bur20agCiGz3pvX0uLU/wekIR+6l06JV76PgyheHt+HEuP2mz0wfESPulRo
MONfv+DPK99/gDKdwYreKeVQnlQh2/YOvm09kZcABCXJH8kcXRPA
-----END CERTIFICATE-----
Generated at Fri Apr 17 07:12:41 2026 by rpki-client