Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/0895d2-b778-46c4-a691-f1237f4c5cf6/1/gnMijO_h2dwSXcAM1Vk2QMu8Rvg.roa
File: gnMijO_h2dwSXcAM1Vk2QMu8Rvg.roa (raw, json)
Hash identifier: ItKHpfgvI2G2Bf7qHm92obBb65iYE/zCUTjfAlC2kIg=
Subject key identifier: 82:73:22:8C:EF:E1:D9:DC:12:5D:C0:0C:D5:59:36:40:CB:BC:46:F8
Certificate issuer: /CN=0837c99b2a4c062d5c20678f9dcf3207aefd5e78
Certificate serial: 019C934261757BE9D0E62D8CDA7875EBA2B9
Authority key identifier: 08:37:C9:9B:2A:4C:06:2D:5C:20:67:8F:9D:CF:32:07:AE:FD:5E:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CDfJmypMBi1cIGePnc8yB679Xng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/0895d2-b778-46c4-a691-f1237f4c5cf6/1/gnMijO_h2dwSXcAM1Vk2QMu8Rvg.roa
Signing time: Wed 25 Feb 2026 05:25:26 +0000
ROA not before: Wed 25 Feb 2026 05:25:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 16968
IP address blocks: 216.195.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/0895d2-b778-46c4-a691-f1237f4c5cf6/1/CDfJmypMBi1cIGePnc8yB679Xng.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/0895d2-b778-46c4-a691-f1237f4c5cf6/1/CDfJmypMBi1cIGePnc8yB679Xng.mft
rsync://rpki.ripe.net/repository/DEFAULT/CDfJmypMBi1cIGePnc8yB679Xng.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 21:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:93:42:61:75:7b:e9:d0:e6:2d:8c:da:78:75:eb:a2:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0837c99b2a4c062d5c20678f9dcf3207aefd5e78
Validity
Not Before: Feb 25 05:25:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8273228cefe1d9dc125dc00cd5593640cbbc46f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:25:ae:46:46:88:1a:df:61:e1:af:1c:51:66:
2b:01:39:7c:ab:9a:f4:1d:71:4e:18:40:8e:4e:2c:
ee:e3:7d:32:f2:38:b9:63:9d:3a:d6:1d:47:fc:c6:
e1:63:2b:05:61:eb:fb:7d:f9:48:bc:ce:47:93:17:
46:c3:40:77:4a:70:1b:be:03:52:0e:06:2f:48:91:
48:75:13:89:ce:bc:11:2b:e9:1f:71:ff:e3:46:25:
d5:61:66:c2:c1:f8:74:c6:3a:ea:87:70:35:05:6e:
7d:64:66:75:83:cd:42:d5:f1:17:d5:19:22:98:de:
33:e2:13:39:45:73:d1:78:50:85:25:a3:c0:f6:0e:
71:b8:3d:00:19:5a:97:18:00:68:e2:ca:01:63:10:
ac:3b:cf:de:c1:f3:aa:f2:f0:b7:50:7f:48:84:e2:
a3:54:f3:74:04:62:94:f7:36:8c:78:7a:9b:06:66:
b7:7f:a3:aa:d7:a7:4a:64:b9:1c:cc:30:c3:20:ae:
b0:d3:7a:39:26:5b:6d:de:9a:95:e4:21:99:db:0d:
20:90:f8:0b:f8:87:a7:67:77:1d:4f:68:4c:7d:87:
1f:d3:f5:96:85:9c:0c:fa:00:d4:e8:5c:27:3f:65:
78:14:6a:dc:66:40:98:28:7d:11:7c:06:42:e6:6c:
98:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:73:22:8C:EF:E1:D9:DC:12:5D:C0:0C:D5:59:36:40:CB:BC:46:F8
X509v3 Authority Key Identifier:
keyid:08:37:C9:9B:2A:4C:06:2D:5C:20:67:8F:9D:CF:32:07:AE:FD:5E:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CDfJmypMBi1cIGePnc8yB679Xng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/0895d2-b778-46c4-a691-f1237f4c5cf6/1/gnMijO_h2dwSXcAM1Vk2QMu8Rvg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/0895d2-b778-46c4-a691-f1237f4c5cf6/1/CDfJmypMBi1cIGePnc8yB679Xng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
216.195.222.0/24
Signature Algorithm: sha256WithRSAEncryption
96:b0:a2:22:8f:7e:f1:52:bb:88:e4:8c:53:17:a4:12:a4:ce:
f2:d4:8a:15:5b:89:16:3c:c3:e3:11:a0:2a:ab:02:0f:56:29:
b5:6b:25:36:6b:65:56:80:c3:8a:88:fd:be:ed:f1:d5:51:e5:
41:4b:f4:e1:26:52:2f:1d:75:5e:f9:ee:a1:2f:20:66:a3:42:
61:0a:c1:bb:5b:31:44:55:15:d6:8f:68:6b:19:e2:ef:2b:37:
5a:33:1d:ac:3f:87:ad:f8:d8:56:30:e9:a2:87:23:3f:3b:90:
2d:ab:3f:21:69:fb:a8:94:22:64:17:2b:9d:47:e6:13:57:0a:
c1:a1:be:ba:ed:e2:6d:ba:a8:8e:fc:4f:f6:8e:0f:3a:5b:b5:
6e:5c:1e:8a:75:76:90:75:6e:58:44:26:3b:f7:4f:5a:2b:ca:
02:b4:97:ba:b4:09:69:16:1c:eb:f9:8d:7c:87:6c:d0:1b:23:
75:8e:83:28:6e:8b:72:79:e5:6a:92:07:93:81:26:45:71:f9:
3b:0c:07:57:7d:bb:49:57:78:ee:ae:fd:0a:28:a7:46:9f:a8:
a0:d6:40:f8:3b:da:bb:d7:11:a4:7b:23:10:d1:5b:e9:65:ea:
a9:28:8d:05:84:27:aa:78:58:82:54:9e:b1:f6:54:b8:cf:8e:
70:b0:5e:68
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZyTQmF1e+nQ5i2M2nh166K5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MzdjOTliMmE0YzA2MmQ1YzIwNjc4ZjlkY2YzMjA3YWVm
ZDVlNzgwHhcNMjYwMjI1MDUyNTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjczMjI4Y2VmZTFkOWRjMTI1ZGMwMGNkNTU5MzY0MGNiYmM0NmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSWuRkaIGt9h4a8cUWYrATl8q5r0
HXFOGECOTizu430y8ji5Y5061h1H/MbhYysFYev7fflIvM5HkxdGw0B3SnAbvgNS
DgYvSJFIdROJzrwRK+kfcf/jRiXVYWbCwfh0xjrqh3A1BW59ZGZ1g81C1fEX1Rki
mN4z4hM5RXPReFCFJaPA9g5xuD0AGVqXGABo4soBYxCsO8/ewfOq8vC3UH9IhOKj
VPN0BGKU9zaMeHqbBma3f6Oq16dKZLkczDDDIK6w03o5Jltt3pqV5CGZ2w0gkPgL
+IenZ3cdT2hMfYcf0/WWhZwM+gDU6FwnP2V4FGrcZkCYKH0RfAZC5myYMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIJzIozv4dncEl3ADNVZNkDLvEb4MB8GA1UdIwQY
MBaAFAg3yZsqTAYtXCBnj53PMgeu/V54MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0RmSm15cE1CaTFjSUdlUG5jOHlCNjc5WG5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8wODk1ZDItYjc3OC00NmM0LWE2OTEt
ZjEyMzdmNGM1Y2Y2LzEvZ25NaWpPX2gyZHdTWGNBTTFWazJRTXU4UnZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8wODk1ZDItYjc3OC00NmM0LWE2OTEtZjEyMzdmNGM1Y2Y2
LzEvQ0RmSm15cE1CaTFjSUdlUG5jOHlCNjc5WG5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2MPeMA0G
CSqGSIb3DQEBCwUAA4IBAQCWsKIij37xUruI5IxTF6QSpM7y1IoVW4kWPMPjEaAq
qwIPVim1ayU2a2VWgMOKiP2+7fHVUeVBS/ThJlIvHXVe+e6hLyBmo0JhCsG7WzFE
VRXWj2hrGeLvKzdaMx2sP4et+NhWMOmihyM/O5Atqz8hafuolCJkFyudR+YTVwrB
ob667eJtuqiO/E/2jg86W7VuXB6KdXaQdW5YRCY7909aK8oCtJe6tAlpFhzr+Y18
h2zQGyN1joMobotyeeVqkgeTgSZFcfk7DAdXfbtJV3jurv0KKKdGn6ig1kD4O9q7
1xGkeyMQ0VvpZeqpKI0FhCeqeFiCVJ6x9lS4z45wsF5o
-----END CERTIFICATE-----
Generated at Mon Mar 2 08:23:27 2026 by rpki-client