Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/e97563-c7e5-4036-a796-22c0ca213380/1/x61bfZf0OubTZvT9w-4WsDstRxI.roa
File: x61bfZf0OubTZvT9w-4WsDstRxI.roa (raw, json)
Hash identifier: fReq0aNolFC2JKGR6X3Q7h0pZyzLILuXa5ALU/lSf40=
Subject key identifier: C7:AD:5B:7D:97:F4:3A:E6:D3:66:F4:FD:C3:EE:16:B0:3B:2D:47:12
Certificate issuer: /CN=08418e9690d0fb711abf3874e1c500a627693c0a
Certificate serial: 019BCF60FEB904E5A9D300F060D703AA5998
Authority key identifier: 08:41:8E:96:90:D0:FB:71:1A:BF:38:74:E1:C5:00:A6:27:69:3C:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CEGOlpDQ-3Eavzh04cUApidpPAo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/e97563-c7e5-4036-a796-22c0ca213380/1/x61bfZf0OubTZvT9w-4WsDstRxI.roa
Signing time: Sun 18 Jan 2026 04:33:18 +0000
ROA not before: Sun 18 Jan 2026 04:33:18 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 33171
IP address blocks: 31.217.254.0/24 maxlen: 24
81.16.183.0/24 maxlen: 24
2a11:7345::/32 maxlen: 32
2a11:7347::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/e97563-c7e5-4036-a796-22c0ca213380/1/CEGOlpDQ-3Eavzh04cUApidpPAo.crl
rsync://rpki.ripe.net/repository/DEFAULT/83/e97563-c7e5-4036-a796-22c0ca213380/1/CEGOlpDQ-3Eavzh04cUApidpPAo.mft
rsync://rpki.ripe.net/repository/DEFAULT/CEGOlpDQ-3Eavzh04cUApidpPAo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 07:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:cf:60:fe:b9:04:e5:a9:d3:00:f0:60:d7:03:aa:59:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08418e9690d0fb711abf3874e1c500a627693c0a
Validity
Not Before: Jan 18 04:33:18 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c7ad5b7d97f43ae6d366f4fdc3ee16b03b2d4712
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:2a:e0:39:a7:00:6f:b7:d1:97:eb:f0:32:41:
40:54:24:d3:77:a0:99:de:09:10:88:a2:8c:18:e2:
c6:be:65:5b:04:66:5f:8a:c5:f4:f0:ce:9b:c5:6f:
29:9f:20:67:5f:70:60:c3:e4:46:8b:d5:5c:83:a5:
75:19:33:2b:75:44:ab:63:28:d4:ec:78:df:b2:d8:
d5:0e:f5:01:b9:d8:5e:22:08:3e:be:07:67:cd:8e:
ff:53:cc:ef:67:d1:fb:c8:d2:6e:6e:d3:49:a7:38:
71:c7:e2:4c:37:1c:f0:36:a8:0d:e5:27:8a:ca:c5:
e6:00:f0:b1:19:66:51:a9:42:0e:5a:f1:01:94:b8:
2b:6c:96:76:3d:4f:74:ce:12:a3:62:0c:d6:a9:7b:
35:c6:0b:25:51:65:3f:b2:b6:3c:88:97:56:e4:e2:
a6:36:6b:d0:94:d7:8e:79:57:7a:54:13:85:0f:95:
e5:02:97:f4:c9:7a:f1:2b:01:c0:5b:15:f5:8f:f9:
ee:4c:0d:fb:76:19:f3:4f:f5:4f:b4:84:46:a9:e1:
5a:c1:38:c1:65:d3:fe:5c:2f:be:8d:c6:a2:7e:72:
00:9c:22:c3:48:36:15:5e:7a:1c:d5:9c:42:d7:b2:
4e:33:b1:38:ea:24:5f:92:76:de:65:dc:a0:2f:17:
f4:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:AD:5B:7D:97:F4:3A:E6:D3:66:F4:FD:C3:EE:16:B0:3B:2D:47:12
X509v3 Authority Key Identifier:
keyid:08:41:8E:96:90:D0:FB:71:1A:BF:38:74:E1:C5:00:A6:27:69:3C:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CEGOlpDQ-3Eavzh04cUApidpPAo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/e97563-c7e5-4036-a796-22c0ca213380/1/x61bfZf0OubTZvT9w-4WsDstRxI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/e97563-c7e5-4036-a796-22c0ca213380/1/CEGOlpDQ-3Eavzh04cUApidpPAo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.217.254.0/24
81.16.183.0/24
IPv6:
2a11:7345::/32
2a11:7347::/32
Signature Algorithm: sha256WithRSAEncryption
8e:c7:3f:52:04:b2:d7:04:bd:87:f7:f3:99:8f:20:06:58:83:
da:d6:30:13:4d:96:41:51:55:2b:fc:99:cb:56:65:12:5e:d8:
7f:dd:72:03:3f:47:74:7d:40:41:4d:7f:ca:1a:55:81:fa:f4:
a7:09:72:3a:94:1b:65:11:ff:9a:13:a7:e4:42:fe:c4:22:c6:
72:d3:a4:43:aa:33:63:e2:ed:2c:bd:da:b7:ed:82:e6:9e:ee:
ae:9d:db:68:93:39:ab:29:d7:f0:91:5c:f7:92:00:28:ec:0a:
dd:25:24:b0:9a:f6:43:35:32:6b:aa:ab:50:ec:b4:6c:af:bb:
b9:e5:76:8b:eb:8e:c6:cc:90:89:ee:71:5a:6f:ff:53:c8:ac:
bb:58:c9:fa:36:4a:e9:7a:4b:15:25:d0:a7:64:83:29:76:69:
2c:79:e4:54:cb:6d:03:e4:e2:b5:eb:fc:a8:89:47:df:55:30:
db:8a:95:1c:55:e1:73:64:50:35:58:dd:10:89:1b:3d:6b:64:
6b:5c:f6:ff:c3:88:26:4c:de:52:dd:8a:94:5e:ba:6e:69:b4:
ed:77:a3:40:20:f9:c8:b5:e7:5b:06:b0:ca:15:54:e0:f5:63:
f5:34:ca:64:10:76:69:81:36:38:82:e7:4b:f4:69:cd:83:7e:
c6:b8:41:b0
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZvPYP65BOWp0wDwYNcDqlmYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4NDE4ZTk2OTBkMGZiNzExYWJmMzg3NGUxYzUwMGE2Mjc2
OTNjMGEwHhcNMjYwMTE4MDQzMzE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2FkNWI3ZDk3ZjQzYWU2ZDM2NmY0ZmRjM2VlMTZiMDNiMmQ0NzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4SrgOacAb7fRl+vwMkFAVCTTd6CZ
3gkQiKKMGOLGvmVbBGZfisX08M6bxW8pnyBnX3Bgw+RGi9Vcg6V1GTMrdUSrYyjU
7HjfstjVDvUBudheIgg+vgdnzY7/U8zvZ9H7yNJubtNJpzhxx+JMNxzwNqgN5SeK
ysXmAPCxGWZRqUIOWvEBlLgrbJZ2PU90zhKjYgzWqXs1xgslUWU/srY8iJdW5OKm
NmvQlNeOeVd6VBOFD5XlApf0yXrxKwHAWxX1j/nuTA37dhnzT/VPtIRGqeFawTjB
ZdP+XC++jcaifnIAnCLDSDYVXnoc1ZxC17JOM7E46iRfknbeZdygLxf0ewIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFMetW32X9Drm02b0/cPuFrA7LUcSMB8GA1UdIwQY
MBaAFAhBjpaQ0PtxGr84dOHFAKYnaTwKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0VHT2xwRFEtM0VhdnpoMDRjVUFwaWRwUEFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My9lOTc1NjMtYzdlNS00MDM2LWE3OTYt
MjJjMGNhMjEzMzgwLzEveDYxYmZaZjBPdWJUWnZUOXctNFdzRHN0UnhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My9lOTc1NjMtYzdlNS00MDM2LWE3OTYtMjJjMGNhMjEzMzgw
LzEvQ0VHT2xwRFEtM0VhdnpoMDRjVUFwaWRwUEFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQAH9n+AwQA
URC3MBQEAgACMA4DBQAqEXNFAwUAKhFzRzANBgkqhkiG9w0BAQsFAAOCAQEAjsc/
UgSy1wS9h/fzmY8gBliD2tYwE02WQVFVK/yZy1ZlEl7Yf91yAz9HdH1AQU1/yhpV
gfr0pwlyOpQbZRH/mhOn5EL+xCLGctOkQ6ozY+LtLL3at+2C5p7urp3baJM5qynX
8JFc95IAKOwK3SUksJr2QzUya6qrUOy0bK+7ueV2i+uOxsyQie5xWm//U8isu1jJ
+jZK6XpLFSXQp2SDKXZpLHnkVMttA+Titev8qIlH31Uw24qVHFXhc2RQNVjdEIkb
PWtka1z2/8OIJkzeUt2KlF66bmm07XejQCD5yLXnWwawyhVU4PVj9TTKZBB2aYE2
OILnS/RpzYN+xrhBsA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 16:04:32 2026 by rpki-client