Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/8bcfd7-f6d3-432a-b5f0-935e418bdbe7/1/gDbaYpByZHpLd0mzqeStmCna8dI.roa
File: gDbaYpByZHpLd0mzqeStmCna8dI.roa (raw, json)
Hash identifier: L/kpgIHgWaHwD4n82QRwP3BnE2jifSCZ3GZu/xc06F8=
Subject key identifier: 80:36:DA:62:90:72:64:7A:4B:77:49:B3:A9:E4:AD:98:29:DA:F1:D2
Certificate issuer: /CN=7e3150f8c67063121027328954968d08d4cf329a
Certificate serial: 019D3DF71AF5D6E36E3A118764C63080F96D
Authority key identifier: 7E:31:50:F8:C6:70:63:12:10:27:32:89:54:96:8D:08:D4:CF:32:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fjFQ-MZwYxIQJzKJVJaNCNTPMpo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/8bcfd7-f6d3-432a-b5f0-935e418bdbe7/1/gDbaYpByZHpLd0mzqeStmCna8dI.roa
Signing time: Mon 30 Mar 2026 08:58:17 +0000
ROA not before: Mon 30 Mar 2026 08:58:17 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 203062
IP address blocks: 2a06:2c80::/36 maxlen: 48
2a06:2c80:b::/48 maxlen: 48
2a06:2c80:1000::/36 maxlen: 48
2a06:2c80:4000::/36 maxlen: 48
2a06:2c81:8000::/33 maxlen: 33
2a06:2c82:8000::/33 maxlen: 33
2a06:2c84::/36 maxlen: 48
2a06:2c84:1000::/36 maxlen: 48
2a06:2c84:2000::/37 maxlen: 48
2a06:2c84:2800::/37 maxlen: 48
2a06:2c84:3000::/37 maxlen: 48
2a06:2c87:e000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/8bcfd7-f6d3-432a-b5f0-935e418bdbe7/1/fjFQ-MZwYxIQJzKJVJaNCNTPMpo.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/8bcfd7-f6d3-432a-b5f0-935e418bdbe7/1/fjFQ-MZwYxIQJzKJVJaNCNTPMpo.mft
rsync://rpki.ripe.net/repository/DEFAULT/fjFQ-MZwYxIQJzKJVJaNCNTPMpo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 19:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:3d:f7:1a:f5:d6:e3:6e:3a:11:87:64:c6:30:80:f9:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e3150f8c67063121027328954968d08d4cf329a
Validity
Not Before: Mar 30 08:58:17 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8036da629072647a4b7749b3a9e4ad9829daf1d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:15:51:45:65:f4:e5:3e:24:98:bc:65:90:ed:
31:fb:bb:b9:71:52:6b:c2:a6:bd:dd:14:a9:a6:3f:
63:d3:3a:3c:c3:23:44:d9:d2:15:08:df:ce:37:7d:
d5:70:80:5e:ce:a8:d9:db:b3:a7:09:54:96:fe:1b:
4d:66:34:51:af:d8:11:33:81:39:f2:c8:1e:f0:60:
78:b5:d6:33:89:f9:0f:d0:f4:7d:56:c7:d2:fa:32:
d8:53:78:77:dd:bb:dc:2a:7b:9f:c0:da:c5:67:95:
3c:ed:6e:85:da:8b:f5:1a:ff:35:be:d1:07:f6:2a:
ff:24:b2:63:92:c6:49:66:c0:c8:98:02:9a:e6:73:
5b:f7:7d:bc:91:4d:42:f0:4a:fc:a7:dd:df:0e:fa:
ed:ef:70:da:aa:73:dc:69:6c:a3:ac:1a:cd:2e:93:
e7:6b:c2:78:19:92:bd:af:5d:55:a6:2e:fa:79:26:
d6:35:6b:6a:25:15:08:60:00:b7:b4:38:02:e5:5a:
a1:72:0d:fe:58:24:b3:20:6e:b3:99:09:f4:3a:ab:
7f:f9:2f:b2:80:2f:85:7c:53:a9:a4:71:9f:f6:c1:
29:b0:42:20:35:df:ee:6e:75:fc:48:50:97:59:fd:
58:c5:48:29:3d:0b:25:ea:a9:68:13:73:cd:24:ee:
6e:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:36:DA:62:90:72:64:7A:4B:77:49:B3:A9:E4:AD:98:29:DA:F1:D2
X509v3 Authority Key Identifier:
keyid:7E:31:50:F8:C6:70:63:12:10:27:32:89:54:96:8D:08:D4:CF:32:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fjFQ-MZwYxIQJzKJVJaNCNTPMpo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/8bcfd7-f6d3-432a-b5f0-935e418bdbe7/1/gDbaYpByZHpLd0mzqeStmCna8dI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/8bcfd7-f6d3-432a-b5f0-935e418bdbe7/1/fjFQ-MZwYxIQJzKJVJaNCNTPMpo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:2c80::/35
2a06:2c80:4000::/36
2a06:2c81:8000::/33
2a06:2c82:8000::/33
2a06:2c84::-2a06:2c84:37ff:ffff:ffff:ffff:ffff:ffff
2a06:2c87:e000::/36
Signature Algorithm: sha256WithRSAEncryption
ad:79:b4:2f:62:86:88:87:6a:74:0d:54:2c:78:f0:6a:3c:be:
e0:a9:87:dd:f4:d5:92:fe:10:ba:bb:d7:96:d3:6a:1f:8d:77:
6b:95:03:36:2e:99:1f:ab:24:31:d3:62:74:9b:0b:60:f5:37:
6b:41:a2:95:3e:00:88:9a:25:a0:27:51:07:7c:16:bf:84:66:
ab:90:52:1f:e5:70:9b:fd:46:8c:dc:aa:0c:ca:8e:a5:22:cc:
6d:1b:7a:e6:34:68:7e:e1:bb:eb:44:fa:91:d2:d9:2e:e0:a0:
c4:3e:b1:9b:24:8a:36:02:83:f2:85:55:f1:34:27:2c:a5:e2:
23:92:ce:8d:d0:87:e7:40:aa:38:c7:f1:12:92:23:8c:aa:76:
7d:bd:73:d8:4d:2e:88:43:41:23:b1:ce:a6:53:13:eb:31:62:
56:19:46:bd:85:2a:85:2f:dd:f0:1e:f2:ed:dc:a3:b4:7d:1e:
38:c6:33:1d:f1:57:08:c2:7b:de:df:e6:9b:bc:37:41:12:2f:
e6:5a:f9:7f:95:4d:b0:38:3a:68:4e:07:65:3b:0d:5e:64:03:
4b:98:72:17:ae:7a:be:ff:04:85:db:e8:3d:83:cf:f8:df:04:
9a:bf:f7:1a:5a:f2:d9:5d:c1:3d:d1:23:3a:66:34:06:cc:ab:
80:49:16:62
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZ099xr11uNuOhGHZMYwgPltMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMzE1MGY4YzY3MDYzMTIxMDI3MzI4OTU0OTY4ZDA4ZDRj
ZjMyOWEwHhcNMjYwMzMwMDg1ODE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDM2ZGE2MjkwNzI2NDdhNGI3NzQ5YjNhOWU0YWQ5ODI5ZGFmMWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0RVRRWX05T4kmLxlkO0x+7u5cVJr
wqa93RSppj9j0zo8wyNE2dIVCN/ON33VcIBezqjZ27OnCVSW/htNZjRRr9gRM4E5
8sge8GB4tdYzifkP0PR9VsfS+jLYU3h33bvcKnufwNrFZ5U87W6F2ov1Gv81vtEH
9ir/JLJjksZJZsDImAKa5nNb9328kU1C8Er8p93fDvrt73DaqnPcaWyjrBrNLpPn
a8J4GZK9r11Vpi76eSbWNWtqJRUIYAC3tDgC5Vqhcg3+WCSzIG6zmQn0Oqt/+S+y
gC+FfFOppHGf9sEpsEIgNd/ubnX8SFCXWf1YxUgpPQsl6qloE3PNJO5unQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFIA22mKQcmR6S3dJs6nkrZgp2vHSMB8GA1UdIwQY
MBaAFH4xUPjGcGMSECcyiVSWjQjUzzKaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmpGUS1NWndZeElRSnpLSlZKYU5DTlRQTXBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi84YmNmZDctZjZkMy00MzJhLWI1ZjAt
OTM1ZTQxOGJkYmU3LzEvZ0RiYVlwQnlaSHBMZDBtenFlU3RtQ25hOGRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi84YmNmZDctZjZkMy00MzJhLWI1ZjAtOTM1ZTQxOGJkYmU3
LzEvZmpGUS1NWndZeElRSnpLSlZKYU5DTlRQTXBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAAjA5AwYFKgYsgAAD
BgQqBiyAQAMGByoGLIGAAwYHKgYsgoAwDwMFAioGLIQDBgMqBiyEMAMGBCoGLIfg
MA0GCSqGSIb3DQEBCwUAA4IBAQCtebQvYoaIh2p0DVQsePBqPL7gqYfd9NWS/hC6
u9eW02ofjXdrlQM2LpkfqyQx02J0mwtg9TdrQaKVPgCImiWgJ1EHfBa/hGarkFIf
5XCb/UaM3KoMyo6lIsxtG3rmNGh+4bvrRPqR0tku4KDEPrGbJIo2AoPyhVXxNCcs
peIjks6N0IfnQKo4x/ESkiOMqnZ9vXPYTS6IQ0Ejsc6mUxPrMWJWGUa9hSqFL93w
HvLt3KO0fR44xjMd8VcIwnve3+abvDdBEi/mWvl/lU2wODpoTgdlOw1eZANLmHIX
rnq+/wSF2+g9g8/43wSav/caWvLZXcE90SM6ZjQGzKuASRZi
-----END CERTIFICATE-----
Generated at Fri Apr 17 05:20:10 2026 by rpki-client