Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/68bff6-7b2c-4ecf-8006-ed14af6db888/1/0GV7HIOJbZ_Z5nDUI2aFX71AmdA.roa
File: 0GV7HIOJbZ_Z5nDUI2aFX71AmdA.roa (raw, json)
Hash identifier: 4dQasOWIhauSypZVfsQK8qG9tFnDenUp+UzYaSA4Ots=
Subject key identifier: D0:65:7B:1C:83:89:6D:9F:D9:E6:70:D4:23:66:85:5F:BD:40:99:D0
Certificate issuer: /CN=e686965509a649c508ab8ab72f7257bef35f7930
Certificate serial: 019D525E503753C8C6ED96208015F2407A20
Authority key identifier: E6:86:96:55:09:A6:49:C5:08:AB:8A:B7:2F:72:57:BE:F3:5F:79:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5oaWVQmmScUIq4q3L3JXvvNfeTA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/68bff6-7b2c-4ecf-8006-ed14af6db888/1/0GV7HIOJbZ_Z5nDUI2aFX71AmdA.roa
Signing time: Fri 03 Apr 2026 08:03:25 +0000
ROA not before: Fri 03 Apr 2026 08:03:25 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 216058
IP address blocks: 2.56.204.0/22 maxlen: 22
2.56.204.0/24 maxlen: 24
2.56.205.0/24 maxlen: 24
2.56.206.0/24 maxlen: 24
2.56.207.0/24 maxlen: 24
91.195.254.0/23 maxlen: 24
91.195.254.0/24 maxlen: 24
91.195.255.0/24 maxlen: 24
91.198.108.0/23 maxlen: 24
91.198.108.0/24 maxlen: 24
91.198.109.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/68bff6-7b2c-4ecf-8006-ed14af6db888/1/5oaWVQmmScUIq4q3L3JXvvNfeTA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/68bff6-7b2c-4ecf-8006-ed14af6db888/1/5oaWVQmmScUIq4q3L3JXvvNfeTA.mft
rsync://rpki.ripe.net/repository/DEFAULT/5oaWVQmmScUIq4q3L3JXvvNfeTA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:52:5e:50:37:53:c8:c6:ed:96:20:80:15:f2:40:7a:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e686965509a649c508ab8ab72f7257bef35f7930
Validity
Not Before: Apr 3 08:03:25 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d0657b1c83896d9fd9e670d42366855fbd4099d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c7:4d:3f:0e:1d:0c:95:fb:8c:63:9b:36:af:
09:27:6f:9c:e2:70:0d:0e:6b:41:e8:af:4b:75:70:
60:fc:a9:c8:fa:72:8b:42:29:90:d4:d9:9e:a4:d6:
7e:ef:53:66:f4:b3:b2:33:40:d6:af:c3:f6:44:90:
4b:3a:e0:d4:35:39:72:ce:dc:23:04:3d:bb:16:1f:
8d:b1:dc:32:39:94:af:72:8e:78:6e:97:21:10:50:
90:91:f1:b9:7c:af:1c:ef:ec:c7:a1:2d:d4:68:86:
29:bd:18:ca:74:28:20:99:25:19:0e:68:dc:da:4f:
55:e0:54:24:6c:9a:11:34:5a:2c:17:bb:1e:57:0d:
13:c0:e4:84:9e:44:61:bf:ab:93:69:bb:69:a7:96:
fb:c8:a1:5a:98:84:f7:44:ce:98:e2:d1:8f:20:81:
f3:f5:8d:36:0b:f3:3a:2d:00:86:93:a4:2c:d1:ba:
ed:90:72:7c:fa:30:97:35:26:59:e9:5a:b8:ba:61:
ec:67:69:70:27:e8:e4:19:5a:72:b2:b8:39:f9:dd:
63:92:0b:c0:9f:99:8e:99:ef:5a:49:87:18:6c:fc:
96:b0:53:e2:ab:02:02:d9:87:53:55:cf:a0:e9:35:
55:19:c5:49:2c:05:51:dd:55:c1:9e:33:3a:2c:72:
45:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:65:7B:1C:83:89:6D:9F:D9:E6:70:D4:23:66:85:5F:BD:40:99:D0
X509v3 Authority Key Identifier:
keyid:E6:86:96:55:09:A6:49:C5:08:AB:8A:B7:2F:72:57:BE:F3:5F:79:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5oaWVQmmScUIq4q3L3JXvvNfeTA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/68bff6-7b2c-4ecf-8006-ed14af6db888/1/0GV7HIOJbZ_Z5nDUI2aFX71AmdA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/68bff6-7b2c-4ecf-8006-ed14af6db888/1/5oaWVQmmScUIq4q3L3JXvvNfeTA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.204.0/22
91.195.254.0/23
91.198.108.0/23
Signature Algorithm: sha256WithRSAEncryption
6f:42:4e:5e:4d:b0:48:a9:4b:94:c8:ff:6c:ec:49:12:ef:a6:
c2:95:9c:7d:c2:83:d5:4a:ba:e6:a5:26:f0:cb:0a:bc:96:27:
ab:39:ea:3a:93:cf:8f:ea:82:5a:7c:ad:d8:d3:8c:d9:3f:f2:
c5:05:d4:aa:83:df:23:5c:4e:9d:21:eb:66:ff:33:ac:2d:43:
1b:d6:b3:3c:03:63:69:04:48:e4:c8:a7:1d:59:ad:73:a4:f2:
b2:9b:a2:76:eb:18:9e:1b:d0:a5:5c:59:39:70:85:ff:f0:de:
3d:97:a1:01:f4:f2:20:7f:f7:11:fe:20:53:d4:d2:dc:c0:ef:
97:11:06:2b:07:02:d0:69:13:33:48:90:75:02:73:79:fe:a5:
82:7f:e8:c9:4d:f9:1a:75:eb:1e:de:98:5d:46:de:17:9f:c7:
01:ff:57:98:99:21:35:fb:61:af:77:1a:44:00:7f:0c:24:52:
47:c7:e8:45:71:95:98:15:c4:91:15:03:15:09:6b:18:1d:22:
4e:27:8f:30:42:cf:09:f6:44:2e:16:22:a5:65:e8:ab:f2:15:
e0:99:ab:71:6b:d5:dc:d0:9f:b7:67:77:ea:fc:b5:b8:32:65:
cf:e7:a4:15:d2:0e:59:1e:37:0b:ab:df:b3:e2:18:36:96:1c:
c0:2e:e6:c8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZ1SXlA3U8jG7ZYggBXyQHogMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2ODY5NjU1MDlhNjQ5YzUwOGFiOGFiNzJmNzI1N2JlZjM1
Zjc5MzAwHhcNMjYwNDAzMDgwMzI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDY1N2IxYzgzODk2ZDlmZDllNjcwZDQyMzY2ODU1ZmJkNDA5OWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv8dNPw4dDJX7jGObNq8JJ2+c4nAN
DmtB6K9LdXBg/KnI+nKLQimQ1NmepNZ+71Nm9LOyM0DWr8P2RJBLOuDUNTlyztwj
BD27Fh+NsdwyOZSvco54bpchEFCQkfG5fK8c7+zHoS3UaIYpvRjKdCggmSUZDmjc
2k9V4FQkbJoRNFosF7seVw0TwOSEnkRhv6uTabtpp5b7yKFamIT3RM6Y4tGPIIHz
9Y02C/M6LQCGk6Qs0brtkHJ8+jCXNSZZ6Vq4umHsZ2lwJ+jkGVpysrg5+d1jkgvA
n5mOme9aSYcYbPyWsFPiqwIC2YdTVc+g6TVVGcVJLAVR3VXBnjM6LHJFawIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNBlexyDiW2f2eZw1CNmhV+9QJnQMB8GA1UdIwQY
MBaAFOaGllUJpknFCKuKty9yV77zX3kwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNW9hV1ZRbW1TY1VJcTRxM0wzSlh2dk5mZVRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS82OGJmZjYtN2IyYy00ZWNmLTgwMDYt
ZWQxNGFmNmRiODg4LzEvMEdWN0hJT0piWl9aNW5EVUkyYUZYNzFBbWRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS82OGJmZjYtN2IyYy00ZWNmLTgwMDYtZWQxNGFmNmRiODg4
LzEvNW9hV1ZRbW1TY1VJcTRxM0wzSlh2dk5mZVRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCAjjMAwQB
W8P+AwQBW8ZsMA0GCSqGSIb3DQEBCwUAA4IBAQBvQk5eTbBIqUuUyP9s7EkS76bC
lZx9woPVSrrmpSbwywq8lierOeo6k8+P6oJafK3Y04zZP/LFBdSqg98jXE6dIetm
/zOsLUMb1rM8A2NpBEjkyKcdWa1zpPKym6J26xieG9ClXFk5cIX/8N49l6EB9PIg
f/cR/iBT1NLcwO+XEQYrBwLQaRMzSJB1AnN5/qWCf+jJTfkadese3phdRt4Xn8cB
/1eYmSE1+2GvdxpEAH8MJFJHx+hFcZWYFcSRFQMVCWsYHSJOJ48wQs8J9kQuFiKl
Zeir8hXgmatxa9Xc0J+3Z3fq/LW4MmXP56QV0g5ZHjcLq9+z4hg2lhzALubI
-----END CERTIFICATE-----
Generated at Sun Apr 19 11:12:32 2026 by rpki-client