Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/03316d-04e0-4660-a63e-671839200604/1/pAVHO7_V8_WbgzBWy08ggfwQNzk.roa
File: pAVHO7_V8_WbgzBWy08ggfwQNzk.roa (raw, json)
Hash identifier: 48s+jx2jfE5/9tkGuym26/yfL1pMIBfKiFkYHtTjWO0=
Subject key identifier: A4:05:47:3B:BF:D5:F3:F5:9B:83:30:56:CB:4F:20:81:FC:10:37:39
Certificate issuer: /CN=a0bfd06ce855b62d9b688cd8c535d5f494cd3932
Certificate serial: 019EA7204432AB5FCDA6F82781E5257726B4
Authority key identifier: A0:BF:D0:6C:E8:55:B6:2D:9B:68:8C:D8:C5:35:D5:F4:94:CD:39:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oL_QbOhVti2baIzYxTXV9JTNOTI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/03316d-04e0-4660-a63e-671839200604/1/pAVHO7_V8_WbgzBWy08ggfwQNzk.roa
Signing time: Mon 08 Jun 2026 12:06:10 +0000
ROA not before: Mon 08 Jun 2026 12:06:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 51265
IP address blocks: 62.240.128.0/19 maxlen: 24
83.216.32.0/19 maxlen: 22
176.126.39.0/24 maxlen: 24
178.157.4.0/22 maxlen: 22
185.44.52.0/22 maxlen: 22
185.69.244.0/22 maxlen: 22
193.9.252.0/23 maxlen: 24
2a04:9540::/29 maxlen: 29
2a07:1740::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/03316d-04e0-4660-a63e-671839200604/1/oL_QbOhVti2baIzYxTXV9JTNOTI.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/03316d-04e0-4660-a63e-671839200604/1/oL_QbOhVti2baIzYxTXV9JTNOTI.mft
rsync://rpki.ripe.net/repository/DEFAULT/oL_QbOhVti2baIzYxTXV9JTNOTI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 17:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:a7:20:44:32:ab:5f:cd:a6:f8:27:81:e5:25:77:26:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0bfd06ce855b62d9b688cd8c535d5f494cd3932
Validity
Not Before: Jun 8 12:06:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a405473bbfd5f3f59b833056cb4f2081fc103739
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:a9:71:98:a2:dc:25:2e:57:06:14:6c:b7:cf:
c6:27:79:90:03:01:19:ea:8c:51:9a:cf:39:63:1b:
e3:22:41:4a:90:76:5e:91:a3:3c:3f:8f:bd:ed:d4:
25:a4:60:7f:65:02:6b:7d:f4:a4:0a:76:5c:d9:0c:
bf:8d:01:3d:3b:d6:01:a5:5d:c8:0e:10:e0:80:d3:
55:f5:27:d4:74:4e:af:53:30:46:bb:82:82:c5:a2:
9e:45:ed:de:90:97:20:b5:40:d6:78:39:55:b6:cf:
b5:cd:c3:6f:07:bd:7b:69:a8:02:57:5c:56:55:8a:
0b:a7:59:cc:e5:2a:b4:92:b5:3a:08:41:c9:40:44:
e8:fc:f1:5a:58:c6:cf:8e:46:2a:f0:06:f8:29:e6:
41:c9:1e:a0:41:43:c2:33:35:42:4d:ed:71:03:b5:
72:32:b2:cd:9c:b9:82:63:35:8f:51:de:79:bf:48:
33:c4:e2:19:38:ee:21:8e:09:44:91:03:05:45:79:
2b:8a:2d:67:d2:f5:e9:9d:b5:3a:62:96:a0:9b:4f:
d1:ea:42:4c:87:06:84:27:8e:f2:2d:71:83:ed:71:
bc:34:2d:69:ac:64:bb:3a:d7:4a:36:01:e8:63:4e:
a1:9a:73:31:ab:aa:19:56:f3:15:58:24:d6:c8:e1:
7b:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:05:47:3B:BF:D5:F3:F5:9B:83:30:56:CB:4F:20:81:FC:10:37:39
X509v3 Authority Key Identifier:
keyid:A0:BF:D0:6C:E8:55:B6:2D:9B:68:8C:D8:C5:35:D5:F4:94:CD:39:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oL_QbOhVti2baIzYxTXV9JTNOTI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/03316d-04e0-4660-a63e-671839200604/1/pAVHO7_V8_WbgzBWy08ggfwQNzk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/03316d-04e0-4660-a63e-671839200604/1/oL_QbOhVti2baIzYxTXV9JTNOTI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.240.128.0/19
83.216.32.0/19
176.126.39.0/24
178.157.4.0/22
185.44.52.0/22
185.69.244.0/22
193.9.252.0/23
IPv6:
2a04:9540::/29
2a07:1740::/29
Signature Algorithm: sha256WithRSAEncryption
33:dd:0b:12:3c:8f:cd:eb:1c:21:05:39:14:7b:25:b4:30:86:
fc:9f:45:2c:ec:1f:a2:77:19:71:bc:7c:e4:10:f7:b2:76:e2:
88:40:79:84:77:e7:ca:af:c5:66:c3:26:ee:17:58:46:26:af:
a2:51:b8:f4:ed:03:73:68:ba:c1:a2:d2:4e:bd:30:1e:16:6b:
2a:68:bc:bb:4d:8d:e7:2d:f3:cc:15:3e:5c:7b:3d:10:88:41:
f1:14:4f:22:fc:80:6a:04:11:c2:41:b9:f4:13:f2:f9:c1:3d:
e8:74:a4:bb:e4:ba:1d:da:46:b9:56:b4:27:58:eb:8f:81:a4:
56:91:48:a7:ee:49:63:22:4e:fd:28:04:2e:77:ff:d3:ea:5c:
08:eb:60:e7:eb:d8:b4:4a:06:a9:09:ca:69:5e:7e:b1:a9:6c:
2d:51:f5:da:ce:e7:03:37:eb:0a:5e:3f:9d:05:9d:15:ea:cc:
ce:69:63:db:e2:74:cf:e2:a3:a5:c4:85:83:13:ed:4f:2c:37:
67:a1:79:53:d4:2c:b9:73:2b:8c:59:e0:ac:63:7e:13:88:f9:
fc:8c:b8:27:c5:98:dc:25:4a:19:7b:0a:ef:5a:17:2d:c0:06:
b9:43:cb:40:4b:22:25:24:eb:02:69:2d:c1:f1:e2:73:be:4d:
e5:c3:8f:1e
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAZ6nIEQyq1/NpvgngeUldya0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwYmZkMDZjZTg1NWI2MmQ5YjY4OGNkOGM1MzVkNWY0OTRj
ZDM5MzIwHhcNMjYwNjA4MTIwNjEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDA1NDczYmJmZDVmM2Y1OWI4MzMwNTZjYjRmMjA4MWZjMTAzNzM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2alxmKLcJS5XBhRst8/GJ3mQAwEZ
6oxRms85YxvjIkFKkHZekaM8P4+97dQlpGB/ZQJrffSkCnZc2Qy/jQE9O9YBpV3I
DhDggNNV9SfUdE6vUzBGu4KCxaKeRe3ekJcgtUDWeDlVts+1zcNvB717aagCV1xW
VYoLp1nM5Sq0krU6CEHJQETo/PFaWMbPjkYq8Ab4KeZByR6gQUPCMzVCTe1xA7Vy
MrLNnLmCYzWPUd55v0gzxOIZOO4hjglEkQMFRXkrii1n0vXpnbU6Ypagm0/R6kJM
hwaEJ47yLXGD7XG8NC1prGS7OtdKNgHoY06hmnMxq6oZVvMVWCTWyOF7nQIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFKQFRzu/1fP1m4MwVstPIIH8EDc5MB8GA1UdIwQY
MBaAFKC/0GzoVbYtm2iM2MU11fSUzTkyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0xfUWJPaFZ0aTJiYUl6WXhUWFY5SlROT1RJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8wMzMxNmQtMDRlMC00NjYwLWE2M2Ut
NjcxODM5MjAwNjA0LzEvcEFWSE83X1Y4X1diZ3pCV3kwOGdnZndRTnprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8wMzMxNmQtMDRlMC00NjYwLWE2M2UtNjcxODM5MjAwNjA0
LzEvb0xfUWJPaFZ0aTJiYUl6WXhUWFY5SlROT1RJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAwBAIAATAqAwQFPvCAAwQF
U9ggAwQAsH4nAwQCsp0EAwQCuSw0AwQCuUX0AwQBwQn8MBQEAgACMA4DBQMqBJVA
AwUDKgcXQDANBgkqhkiG9w0BAQsFAAOCAQEAM90LEjyPzescIQU5FHsltDCG/J9F
LOwfoncZcbx85BD3snbiiEB5hHfnyq/FZsMm7hdYRiavolG49O0Dc2i6waLSTr0w
HhZrKmi8u02N5y3zzBU+XHs9EIhB8RRPIvyAagQRwkG59BPy+cE96HSku+S6HdpG
uVa0J1jrj4GkVpFIp+5JYyJO/SgELnf/0+pcCOtg5+vYtEoGqQnKaV5+salsLVH1
2s7nAzfrCl4/nQWdFerMzmlj2+J0z+KjpcSFgxPtTyw3Z6F5U9QsuXMrjFngrGN+
E4j5/Iy4J8WY3CVKGXsK71oXLcAGuUPLQEsiJSTrAmktwfHic75N5cOPHg==
-----END CERTIFICATE-----
Generated at Sun Jun 14 00:36:33 2026 by rpki-client