Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/0IAwiAjMTItOOMcHdx5gKsGtGeY.roa
File: 0IAwiAjMTItOOMcHdx5gKsGtGeY.roa (raw, json)
Hash identifier: FhxZfor3bf8rubbZwwQ6rFcyxbTms18uoz9k5T9vvbc=
Subject key identifier: D0:80:30:88:08:CC:4C:8B:4E:38:C7:07:77:1E:60:2A:C1:AD:19:E6
Certificate issuer: /CN=914aa557c3d3d1e6b7f0525c34cc1d488a5a9294
Certificate serial: 019EB1EF038D850F99F6AED7F7F7B2D60CC4
Authority key identifier: 91:4A:A5:57:C3:D3:D1:E6:B7:F0:52:5C:34:CC:1D:48:8A:5A:92:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/0IAwiAjMTItOOMcHdx5gKsGtGeY.roa
Signing time: Wed 10 Jun 2026 14:28:11 +0000
ROA not before: Wed 10 Jun 2026 14:28:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 198487
IP address blocks: 222.167.236.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 20:01:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:b1:ef:03:8d:85:0f:99:f6:ae:d7:f7:f7:b2:d6:0c:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=914aa557c3d3d1e6b7f0525c34cc1d488a5a9294
Validity
Not Before: Jun 10 14:28:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d080308808cc4c8b4e38c707771e602ac1ad19e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:40:85:e1:5e:2e:28:d5:7b:51:56:98:ba:46:
c9:fd:4b:9a:ab:e2:8f:cb:f8:ff:bc:8e:ba:c8:62:
c0:2d:52:11:48:39:3a:f6:76:d1:9c:d3:c5:7b:ae:
21:c4:98:15:90:65:bd:48:5c:10:ea:e7:bf:db:17:
1a:3e:82:06:83:dd:04:1c:ec:77:5c:e3:2b:d2:45:
c2:93:03:bf:e9:c5:eb:3c:3e:7a:1e:58:59:a4:a5:
4f:00:0a:d3:1b:b4:6f:19:7b:21:84:d7:33:00:49:
16:79:67:78:32:09:ab:37:2f:62:94:49:b5:28:46:
9d:52:46:86:0c:b8:05:4a:18:75:29:a2:2e:1b:97:
d7:a2:bb:a8:a1:ed:00:c6:20:43:5a:df:c0:62:00:
bd:9d:71:ad:4d:7c:6d:23:88:34:c2:12:9d:72:0d:
03:21:50:4f:97:23:e1:f9:da:5f:2c:65:e4:4f:46:
47:dd:75:00:10:02:81:3b:3d:a4:df:f5:bf:2b:f8:
d7:45:01:b9:f7:f5:68:50:35:52:0c:03:4e:6a:60:
dc:f3:48:f5:39:40:e9:0b:99:16:c9:91:3b:3b:d3:
1b:01:c1:f6:1d:28:1c:98:5c:13:5e:e6:19:72:16:
e0:17:71:e6:ec:ed:79:ba:11:b0:aa:18:0e:2a:48:
5d:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:80:30:88:08:CC:4C:8B:4E:38:C7:07:77:1E:60:2A:C1:AD:19:E6
X509v3 Authority Key Identifier:
keyid:91:4A:A5:57:C3:D3:D1:E6:B7:F0:52:5C:34:CC:1D:48:8A:5A:92:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/0IAwiAjMTItOOMcHdx5gKsGtGeY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
222.167.236.0/24
Signature Algorithm: sha256WithRSAEncryption
99:ea:41:d8:43:68:1a:42:f5:f1:a3:f6:3f:39:7d:62:b1:ec:
41:4e:86:2d:06:4f:68:7b:28:d3:0b:11:c4:8b:05:74:af:d1:
86:be:32:4d:31:7e:6d:98:0f:ca:6a:f5:60:b4:88:b2:f0:8d:
3c:73:a5:1a:f7:fc:71:80:26:53:89:f3:dd:7f:14:86:77:be:
95:eb:78:ee:40:ef:27:9c:18:e2:fc:18:30:db:0a:da:e6:66:
a4:43:a5:0b:31:de:14:82:b5:57:2c:87:01:7a:7d:1a:d5:09:
79:09:c3:8a:83:ed:75:1e:c1:70:06:6f:a5:b3:57:54:8c:26:
6e:66:6b:b8:2a:f5:7b:07:fd:f5:b0:05:1a:a0:df:59:1b:e6:
9c:f6:49:ac:f9:06:b0:8f:eb:ba:89:0a:b6:7b:d6:b2:15:6c:
fe:92:9f:08:41:aa:fe:cb:19:c0:c8:73:61:4f:d7:fb:ae:ba:
68:c8:7f:a4:24:b3:c8:fe:34:5a:8d:b0:14:e5:23:17:4d:0c:
84:3c:13:50:2f:ba:54:7a:6a:d1:ff:6b:3d:aa:bd:08:2e:5e:
74:01:3b:ce:3a:c1:d0:92:c8:91:26:62:80:57:a9:47:f8:88:
c9:98:79:41:39:33:4f:b9:31:07:32:33:7e:ae:a0:88:27:22:
c1:38:93:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ6x7wONhQ+Z9q7X9/ey1gzEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxNGFhNTU3YzNkM2QxZTZiN2YwNTI1YzM0Y2MxZDQ4OGE1
YTkyOTQwHhcNMjYwNjEwMTQyODExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDgwMzA4ODA4Y2M0YzhiNGUzOGM3MDc3NzFlNjAyYWMxYWQxOWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ECF4V4uKNV7UVaYukbJ/Uuaq+KP
y/j/vI66yGLALVIRSDk69nbRnNPFe64hxJgVkGW9SFwQ6ue/2xcaPoIGg90EHOx3
XOMr0kXCkwO/6cXrPD56HlhZpKVPAArTG7RvGXshhNczAEkWeWd4MgmrNy9ilEm1
KEadUkaGDLgFShh1KaIuG5fXoruooe0AxiBDWt/AYgC9nXGtTXxtI4g0whKdcg0D
IVBPlyPh+dpfLGXkT0ZH3XUAEAKBOz2k3/W/K/jXRQG59/VoUDVSDANOamDc80j1
OUDpC5kWyZE7O9MbAcH2HSgcmFwTXuYZchbgF3Hm7O15uhGwqhgOKkhdTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNCAMIgIzEyLTjjHB3ceYCrBrRnmMB8GA1UdIwQY
MBaAFJFKpVfD09Hmt/BSXDTMHUiKWpKUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1VxbFY4UFQwZWEzOEZKY05Nd2RTSXBha3BRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9kYjk3ZDAtMjhmMi00MzI5LWI4NTYt
NGEzNDhlN2JlNDQxLzEvMElBd2lBak1USXRPT01jSGR4NWdLc0d0R2VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9kYjk3ZDAtMjhmMi00MzI5LWI4NTYtNGEzNDhlN2JlNDQx
LzEva1VxbFY4UFQwZWEzOEZKY05Nd2RTSXBha3BRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA3qfsMA0G
CSqGSIb3DQEBCwUAA4IBAQCZ6kHYQ2gaQvXxo/Y/OX1isexBToYtBk9oeyjTCxHE
iwV0r9GGvjJNMX5tmA/KavVgtIiy8I08c6Ua9/xxgCZTifPdfxSGd76V63juQO8n
nBji/Bgw2wra5makQ6ULMd4UgrVXLIcBen0a1Ql5CcOKg+11HsFwBm+ls1dUjCZu
Zmu4KvV7B/31sAUaoN9ZG+ac9kms+Qawj+u6iQq2e9ayFWz+kp8IQar+yxnAyHNh
T9f7rrpoyH+kJLPI/jRajbAU5SMXTQyEPBNQL7pUemrR/2s9qr0ILl50ATvOOsHQ
ksiRJmKAV6lH+IjJmHlBOTNPuTEHMjN+rqCIJyLBOJPJ
-----END CERTIFICATE-----
Generated at Sat Jun 13 06:51:30 2026 by rpki-client