Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/GvocdXe6wVNJkJ9C9lbjBuVNV4w.roa
File: GvocdXe6wVNJkJ9C9lbjBuVNV4w.roa (raw, json)
Hash identifier: qXNK/OlhfSi6qCpNhHI3eFE7KKAyVz86qrnzAuB8L3Q=
Subject key identifier: 1A:FA:1C:75:77:BA:C1:53:49:90:9F:42:F6:56:E3:06:E5:4D:57:8C
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 019EBA986C0E48462AF6065E87D3383C62F5
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/GvocdXe6wVNJkJ9C9lbjBuVNV4w.roa
Signing time: Fri 12 Jun 2026 06:50:11 +0000
ROA not before: Fri 12 Jun 2026 06:50:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 89.42.82.0/23 maxlen: 23
89.42.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.mft
rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 17:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:ba:98:6c:0e:48:46:2a:f6:06:5e:87:d3:38:3c:62:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jun 12 06:50:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1afa1c7577bac15349909f42f656e306e54d578c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:99:55:c3:ae:fc:9f:ab:17:e0:85:0e:9a:08:
06:f5:0c:36:63:ac:5b:ac:7e:9c:0b:41:d7:c4:c6:
fb:8a:19:98:85:03:44:2b:01:5b:30:f9:37:21:e8:
b0:54:bd:13:d7:d0:b2:75:00:37:a6:75:db:7d:3b:
2a:aa:c2:7b:3a:1b:2b:42:0e:e7:c2:22:08:57:3c:
8a:43:35:93:fd:d0:a3:8d:06:0f:9f:7d:c4:b4:bf:
e1:00:2f:01:16:10:93:9a:9d:5c:5f:62:1a:88:16:
66:b2:4c:76:32:a3:73:c7:0e:a2:f0:58:05:5c:f1:
50:d9:de:35:23:a6:fc:53:d8:35:23:65:42:83:0b:
cb:e1:48:aa:2f:48:f0:73:d5:fe:9e:f8:23:08:18:
7e:9b:a5:69:1f:ba:40:33:59:b2:f9:56:f2:c0:fa:
b5:cf:a7:8b:f4:62:bb:73:f8:5b:6a:3c:6b:0f:20:
12:63:b4:14:ec:0a:19:b1:11:07:51:a4:e3:75:e2:
6c:4d:8c:0e:75:81:1c:f4:5d:17:53:64:81:9e:33:
03:02:d6:c8:ca:1c:be:54:ea:5e:d2:96:e9:b1:31:
12:32:1c:f3:fa:72:57:98:26:60:65:de:15:8b:73:
d0:54:95:68:11:28:41:97:ad:43:b7:39:2e:c6:fa:
cd:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:FA:1C:75:77:BA:C1:53:49:90:9F:42:F6:56:E3:06:E5:4D:57:8C
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/GvocdXe6wVNJkJ9C9lbjBuVNV4w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.82.0/23
89.42.95.0/24
Signature Algorithm: sha256WithRSAEncryption
71:97:e5:be:9f:9f:0e:9b:14:d3:43:38:18:10:27:17:2b:0a:
42:39:8d:4d:d4:da:b3:34:37:ba:4f:38:16:89:67:13:48:d6:
14:50:a3:1c:45:e5:88:88:77:5d:fc:cc:c0:60:18:e1:a3:4a:
a4:41:2a:3b:89:8e:d1:dc:53:0b:34:7d:44:42:18:ab:6c:ca:
4c:9d:05:9b:12:d5:72:fa:d5:d0:af:94:bc:d1:83:cc:e8:01:
17:2a:17:52:89:c1:e2:69:c2:b1:3a:1c:3f:01:99:19:82:ba:
85:71:37:f8:97:bc:2d:a5:cc:32:2b:35:f8:79:d1:c2:eb:27:
28:78:e1:b9:e1:c9:5c:2c:11:9b:89:01:86:df:72:b7:cb:a3:
06:79:a2:e2:19:e5:62:bb:a5:d3:fc:ab:7e:cc:15:fd:9c:1d:
29:7b:27:39:71:fb:c7:fe:35:8a:03:0b:5e:b6:69:ec:13:b8:
66:c5:6d:6c:76:af:c4:ab:50:03:ea:30:83:61:65:a7:1d:c1:
b5:25:4d:35:dd:8f:d4:c5:21:59:b1:ae:aa:bb:97:0b:0d:cd:
a8:6c:54:61:93:0d:af:18:2a:f1:43:9e:d5:f5:c8:c1:ca:16:
cb:d2:57:31:29:39:8b:e3:53:2b:e6:3a:8d:6e:35:a1:8e:ef:
30:35:e5:32
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ66mGwOSEYq9gZeh9M4PGL1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjYwNjEyMDY1MDExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWZhMWM3NTc3YmFjMTUzNDk5MDlmNDJmNjU2ZTMwNmU1NGQ1NzhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA25lVw678n6sX4IUOmggG9Qw2Y6xb
rH6cC0HXxMb7ihmYhQNEKwFbMPk3IeiwVL0T19CydQA3pnXbfTsqqsJ7OhsrQg7n
wiIIVzyKQzWT/dCjjQYPn33EtL/hAC8BFhCTmp1cX2IaiBZmskx2MqNzxw6i8FgF
XPFQ2d41I6b8U9g1I2VCgwvL4UiqL0jwc9X+nvgjCBh+m6VpH7pAM1my+VbywPq1
z6eL9GK7c/hbajxrDyASY7QU7AoZsREHUaTjdeJsTYwOdYEc9F0XU2SBnjMDAtbI
yhy+VOpe0pbpsTESMhzz+nJXmCZgZd4Vi3PQVJVoEShBl61DtzkuxvrNvwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBr6HHV3usFTSZCfQvZW4wblTVeMMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvR3ZvY2RYZTZ3Vk5Ka0o5QzlsYmpCdVZOVjR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBWSpSAwQA
WSpfMA0GCSqGSIb3DQEBCwUAA4IBAQBxl+W+n58OmxTTQzgYECcXKwpCOY1N1Nqz
NDe6TzgWiWcTSNYUUKMcReWIiHdd/MzAYBjho0qkQSo7iY7R3FMLNH1EQhirbMpM
nQWbEtVy+tXQr5S80YPM6AEXKhdSicHiacKxOhw/AZkZgrqFcTf4l7wtpcwyKzX4
edHC6ycoeOG54clcLBGbiQGG33K3y6MGeaLiGeViu6XT/Kt+zBX9nB0peyc5cfvH
/jWKAwtetmnsE7hmxW1sdq/Eq1AD6jCDYWWnHcG1JU013Y/UxSFZsa6qu5cLDc2o
bFRhkw2vGCrxQ57V9cjByhbL0lcxKTmL41Mr5jqNbjWhju8wNeUy
-----END CERTIFICATE-----
Generated at Sat Jun 13 23:02:54 2026 by rpki-client