Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/e5069b-1cad-45a4-a619-c24ff682f7ad/1/g2b0tfI5DAyRO9sqLcgf2kKw8tI.roa
File: g2b0tfI5DAyRO9sqLcgf2kKw8tI.roa (raw, json)
Hash identifier: b/mHAHFQZqIoz/hcls8xHY15nIJE9JGUhZwiQd60kVE=
Subject key identifier: 83:66:F4:B5:F2:39:0C:0C:91:3B:DB:2A:2D:C8:1F:DA:42:B0:F2:D2
Certificate issuer: /CN=79a3b2c3622df9e87982ea8350978a6c9875a7c8
Certificate serial: 019D3D9E4DBDB44A2F7FD83F5C348B0E6B98
Authority key identifier: 79:A3:B2:C3:62:2D:F9:E8:79:82:EA:83:50:97:8A:6C:98:75:A7:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eaOyw2It-eh5guqDUJeKbJh1p8g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/e5069b-1cad-45a4-a619-c24ff682f7ad/1/g2b0tfI5DAyRO9sqLcgf2kKw8tI.roa
Signing time: Mon 30 Mar 2026 07:21:17 +0000
ROA not before: Mon 30 Mar 2026 07:21:17 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 203674
IP address blocks: 194.187.209.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/e5069b-1cad-45a4-a619-c24ff682f7ad/1/eaOyw2It-eh5guqDUJeKbJh1p8g.crl
rsync://rpki.ripe.net/repository/DEFAULT/d8/e5069b-1cad-45a4-a619-c24ff682f7ad/1/eaOyw2It-eh5guqDUJeKbJh1p8g.mft
rsync://rpki.ripe.net/repository/DEFAULT/eaOyw2It-eh5guqDUJeKbJh1p8g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:3d:9e:4d:bd:b4:4a:2f:7f:d8:3f:5c:34:8b:0e:6b:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79a3b2c3622df9e87982ea8350978a6c9875a7c8
Validity
Not Before: Mar 30 07:21:17 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8366f4b5f2390c0c913bdb2a2dc81fda42b0f2d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:54:fd:6a:9f:38:cf:94:12:d0:52:27:ad:c2:
fd:5c:d1:c3:51:e4:6e:6a:48:ac:f7:2b:27:d1:4e:
9d:61:cc:60:85:e8:04:50:23:f9:69:71:ef:c0:33:
12:52:7e:3c:ee:a5:b8:d8:d2:b3:67:2a:84:6e:8b:
de:d7:38:4c:6b:c0:c3:e8:26:de:67:05:17:1b:73:
3c:ce:1d:29:2f:80:ee:2b:0f:fd:16:7f:f3:47:a7:
ee:0a:38:9c:b0:ee:a1:f0:2f:1e:9d:58:5b:fb:49:
96:74:d5:f8:8b:0d:c0:30:1a:29:37:3a:81:ad:58:
fe:5f:b6:ab:f7:39:7c:4b:1c:94:15:93:e2:78:b6:
38:14:ba:7f:99:4d:55:cb:c3:f6:f5:8d:39:8f:4c:
5f:04:73:91:3f:b3:12:ae:b2:34:f2:1a:18:7a:3f:
0e:23:38:1c:88:f0:d2:d6:ba:51:6f:39:d9:8f:98:
26:6c:3f:b8:45:ff:b5:29:f2:e0:d6:e2:0e:d4:14:
7c:c5:50:9c:45:c3:c9:4a:2b:0d:36:f1:47:7c:f5:
5c:0b:50:80:f5:34:4e:b7:3a:26:f3:49:44:ac:64:
96:8b:ee:87:79:c4:2b:97:ec:c1:74:08:5b:e4:70:
20:10:72:1e:da:01:28:8b:a2:70:6c:1e:af:79:e3:
a2:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:66:F4:B5:F2:39:0C:0C:91:3B:DB:2A:2D:C8:1F:DA:42:B0:F2:D2
X509v3 Authority Key Identifier:
keyid:79:A3:B2:C3:62:2D:F9:E8:79:82:EA:83:50:97:8A:6C:98:75:A7:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eaOyw2It-eh5guqDUJeKbJh1p8g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/e5069b-1cad-45a4-a619-c24ff682f7ad/1/g2b0tfI5DAyRO9sqLcgf2kKw8tI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/e5069b-1cad-45a4-a619-c24ff682f7ad/1/eaOyw2It-eh5guqDUJeKbJh1p8g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.187.209.0/24
Signature Algorithm: sha256WithRSAEncryption
56:84:c2:17:40:2f:a0:3c:5c:31:85:4c:8c:c1:11:9d:92:16:
07:ab:62:1a:dc:b4:9c:b3:b7:ef:90:1e:18:cb:f3:27:ac:cf:
a0:93:f2:0e:f1:aa:8a:16:2c:17:58:83:de:50:63:21:38:d3:
dc:a6:09:1b:c5:0b:15:a4:e5:25:14:17:95:23:04:25:2c:dc:
f6:c6:10:7d:62:1a:e5:57:30:77:d6:03:01:09:33:cf:49:11:
ae:ee:c4:86:36:29:73:95:18:7a:23:0d:30:fa:3d:5f:dd:4c:
dc:f0:2e:dd:2f:de:b0:9b:5f:69:b5:2d:e8:21:e7:89:3b:21:
e4:7d:c7:4c:53:83:0b:3d:7f:10:a2:ec:93:cd:f8:eb:76:72:
b1:c2:a4:d5:fe:34:2b:51:f1:82:da:24:4e:31:ec:40:e4:a0:
1f:05:38:18:64:d5:7b:c6:86:e6:68:58:bb:e4:a7:f8:16:8a:
a8:2c:2f:98:ae:be:05:ca:01:e2:2e:61:30:22:6d:55:68:b7:
8a:97:fa:0f:2b:61:8b:d3:b8:3e:f9:3e:04:23:3b:01:72:cd:
89:3e:82:62:fd:34:b5:3b:cc:1c:65:f1:ce:04:57:eb:a7:ae:
18:11:b7:05:c3:5d:7b:50:1b:71:2c:79:c2:cc:8b:d4:c0:7b:
61:7f:3a:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ09nk29tEovf9g/XDSLDmuYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5YTNiMmMzNjIyZGY5ZTg3OTgyZWE4MzUwOTc4YTZjOTg3
NWE3YzgwHhcNMjYwMzMwMDcyMTE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzY2ZjRiNWYyMzkwYzBjOTEzYmRiMmEyZGM4MWZkYTQyYjBmMmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5FT9ap84z5QS0FInrcL9XNHDUeRu
akis9ysn0U6dYcxghegEUCP5aXHvwDMSUn487qW42NKzZyqEbove1zhMa8DD6Cbe
ZwUXG3M8zh0pL4DuKw/9Fn/zR6fuCjicsO6h8C8enVhb+0mWdNX4iw3AMBopNzqB
rVj+X7ar9zl8SxyUFZPieLY4FLp/mU1Vy8P29Y05j0xfBHORP7MSrrI08hoYej8O
IzgciPDS1rpRbznZj5gmbD+4Rf+1KfLg1uIO1BR8xVCcRcPJSisNNvFHfPVcC1CA
9TROtzom80lErGSWi+6HecQrl+zBdAhb5HAgEHIe2gEoi6JwbB6veeOi6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFINm9LXyOQwMkTvbKi3IH9pCsPLSMB8GA1UdIwQY
MBaAFHmjssNiLfnoeYLqg1CXimyYdafIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWFPeXcySXQtZWg1Z3VxRFVKZUtiSmgxcDhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC9lNTA2OWItMWNhZC00NWE0LWE2MTkt
YzI0ZmY2ODJmN2FkLzEvZzJiMHRmSTVEQXlSTzlzcUxjZ2Yya0t3OHRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC9lNTA2OWItMWNhZC00NWE0LWE2MTktYzI0ZmY2ODJmN2Fk
LzEvZWFPeXcySXQtZWg1Z3VxRFVKZUtiSmgxcDhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwrvRMA0G
CSqGSIb3DQEBCwUAA4IBAQBWhMIXQC+gPFwxhUyMwRGdkhYHq2Ia3LScs7fvkB4Y
y/MnrM+gk/IO8aqKFiwXWIPeUGMhONPcpgkbxQsVpOUlFBeVIwQlLNz2xhB9Yhrl
VzB31gMBCTPPSRGu7sSGNilzlRh6Iw0w+j1f3Uzc8C7dL96wm19ptS3oIeeJOyHk
fcdMU4MLPX8QouyTzfjrdnKxwqTV/jQrUfGC2iROMexA5KAfBTgYZNV7xobmaFi7
5Kf4FoqoLC+Yrr4FygHiLmEwIm1VaLeKl/oPK2GL07g++T4EIzsBcs2JPoJi/TS1
O8wcZfHOBFfrp64YEbcFw117UBtxLHnCzIvUwHthfzoV
-----END CERTIFICATE-----
Generated at Fri Apr 17 13:29:51 2026 by rpki-client