Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/f20df3-2753-4353-a668-621792f7e56a/1/AWjl1sPeUn1UTaLBzc5vN4VqISk.roa
File: AWjl1sPeUn1UTaLBzc5vN4VqISk.roa (raw, json)
Hash identifier: DupQAQckzrcSct0AJBlt8pXhO5fHKNphm7GyxXGlo0Y=
Subject key identifier: 01:68:E5:D6:C3:DE:52:7D:54:4D:A2:C1:CD:CE:6F:37:85:6A:21:29
Certificate issuer: /CN=4b98127943e7175734964010c89ef821416a31b3
Certificate serial: 019D6C950A703DDD604E48132226175C9235
Authority key identifier: 4B:98:12:79:43:E7:17:57:34:96:40:10:C8:9E:F8:21:41:6A:31:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S5gSeUPnF1c0lkAQyJ74IUFqMbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/f20df3-2753-4353-a668-621792f7e56a/1/AWjl1sPeUn1UTaLBzc5vN4VqISk.roa
Signing time: Wed 08 Apr 2026 10:13:19 +0000
ROA not before: Wed 08 Apr 2026 10:13:19 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 31.64.0.0/14 maxlen: 14
31.68.0.0/15 maxlen: 15
31.71.0.0/16 maxlen: 16
31.72.0.0/13 maxlen: 13
31.99.64.0/18 maxlen: 18
31.99.128.0/18 maxlen: 18
31.99.208.0/20 maxlen: 20
31.99.224.0/19 maxlen: 19
178.99.0.0/16 maxlen: 16
178.107.48.0/20 maxlen: 20
178.107.64.0/18 maxlen: 18
185.102.192.0/22 maxlen: 22
185.102.196.0/22 maxlen: 22
185.102.200.0/22 maxlen: 22
194.36.212.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/f20df3-2753-4353-a668-621792f7e56a/1/S5gSeUPnF1c0lkAQyJ74IUFqMbM.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/f20df3-2753-4353-a668-621792f7e56a/1/S5gSeUPnF1c0lkAQyJ74IUFqMbM.mft
rsync://rpki.ripe.net/repository/DEFAULT/S5gSeUPnF1c0lkAQyJ74IUFqMbM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 13:29:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:6c:95:0a:70:3d:dd:60:4e:48:13:22:26:17:5c:92:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b98127943e7175734964010c89ef821416a31b3
Validity
Not Before: Apr 8 10:13:19 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0168e5d6c3de527d544da2c1cdce6f37856a2129
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:1f:33:48:31:49:33:5b:7a:c9:f8:b2:b3:0e:
bd:05:91:ba:b8:33:cf:37:1c:f6:8f:c8:8b:b1:9f:
53:45:60:b4:3d:dc:f3:b8:30:be:c6:38:c5:0e:e2:
7b:8b:cf:96:40:73:50:77:07:73:04:d1:07:e4:d9:
89:85:54:75:cf:6a:db:4a:42:2f:75:23:0e:0a:3f:
ed:4f:93:e6:c3:63:b4:70:2c:35:3e:0e:eb:5d:a1:
64:b4:f7:ec:34:bc:cc:90:cf:c5:62:17:4e:bb:67:
de:59:73:44:d1:8c:c5:36:d2:ad:73:3f:1a:36:29:
6e:b3:4f:69:ab:b3:38:6c:b2:31:bd:10:f3:6a:7b:
b8:ae:2f:6d:90:96:e5:71:16:1e:d2:a0:b5:dd:43:
cf:46:6a:f7:c2:1d:b1:48:47:19:84:d7:f3:f3:f3:
20:cb:fe:dc:03:d6:42:61:6e:77:83:e3:b3:8d:b9:
cd:5e:a6:d6:0f:7e:3c:de:86:ec:67:8c:d2:aa:78:
64:1a:14:9c:0c:8a:2b:90:a7:16:fa:ec:0b:a0:d5:
24:6c:f6:8a:5b:82:e1:69:5b:52:04:c1:f9:66:e0:
fa:f6:db:22:e7:5d:74:d0:6d:b5:39:fd:32:18:39:
27:bb:4c:d8:57:30:c9:65:d3:c2:7a:51:4e:ee:5a:
07:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:68:E5:D6:C3:DE:52:7D:54:4D:A2:C1:CD:CE:6F:37:85:6A:21:29
X509v3 Authority Key Identifier:
keyid:4B:98:12:79:43:E7:17:57:34:96:40:10:C8:9E:F8:21:41:6A:31:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S5gSeUPnF1c0lkAQyJ74IUFqMbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/f20df3-2753-4353-a668-621792f7e56a/1/AWjl1sPeUn1UTaLBzc5vN4VqISk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/f20df3-2753-4353-a668-621792f7e56a/1/S5gSeUPnF1c0lkAQyJ74IUFqMbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.64.0.0-31.69.255.255
31.71.0.0-31.79.255.255
31.99.64.0-31.99.191.255
31.99.208.0-31.99.255.255
178.99.0.0/16
178.107.48.0-178.107.127.255
185.102.192.0-185.102.203.255
194.36.212.0/22
Signature Algorithm: sha256WithRSAEncryption
57:df:bc:72:fa:0a:a2:21:2f:5d:a4:f1:33:30:5e:8c:17:2b:
e9:aa:c4:58:cb:29:08:4d:2c:cf:74:d1:b2:98:9b:a1:1b:73:
08:6a:9c:10:7e:1f:fa:b0:3f:74:99:ca:bd:96:53:f8:39:e5:
ee:23:9b:c5:75:38:0c:d7:92:da:f5:d9:cc:fd:93:cf:3f:d2:
3b:01:8f:74:a9:4b:2b:b7:4a:83:4b:ea:82:3d:ef:71:c4:4f:
ac:86:9b:2e:1c:a7:24:19:53:3f:5a:42:a0:e6:75:69:d2:c0:
76:f8:40:10:e8:11:81:35:65:76:b8:6f:b0:30:41:16:e7:cd:
53:50:d1:37:56:46:47:95:15:a2:ea:44:ad:7d:61:7a:41:fa:
2e:52:04:de:86:f5:8d:f6:d2:6d:30:c2:fc:8d:84:34:b1:ef:
1f:da:b6:35:71:9f:40:56:8e:fd:4b:59:2a:3b:2a:09:93:64:
80:55:88:af:7a:b3:f8:ba:b9:be:15:58:42:15:8b:38:f9:b7:
4d:09:03:b2:ec:34:c4:5d:fc:59:bb:d7:84:27:e0:e4:93:04:
87:79:56:c2:4b:4b:f8:0d:3a:d0:46:2a:8d:23:01:86:6c:d6:
f7:37:7a:60:76:46:84:69:01:e2:ac:7d:7b:a9:32:d5:68:27:
11:2d:65:b9
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAZ1slQpwPd1gTkgTIiYXXJI1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiOTgxMjc5NDNlNzE3NTczNDk2NDAxMGM4OWVmODIxNDE2
YTMxYjMwHhcNMjYwNDA4MTAxMzE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTY4ZTVkNmMzZGU1MjdkNTQ0ZGEyYzFjZGNlNmYzNzg1NmEyMTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyx8zSDFJM1t6yfiysw69BZG6uDPP
Nxz2j8iLsZ9TRWC0PdzzuDC+xjjFDuJ7i8+WQHNQdwdzBNEH5NmJhVR1z2rbSkIv
dSMOCj/tT5Pmw2O0cCw1Pg7rXaFktPfsNLzMkM/FYhdOu2feWXNE0YzFNtKtcz8a
Nilus09pq7M4bLIxvRDzanu4ri9tkJblcRYe0qC13UPPRmr3wh2xSEcZhNfz8/Mg
y/7cA9ZCYW53g+OzjbnNXqbWD3483obsZ4zSqnhkGhScDIorkKcW+uwLoNUkbPaK
W4LhaVtSBMH5ZuD69tsi51100G21Of0yGDknu0zYVzDJZdPCelFO7loHtwIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFAFo5dbD3lJ9VE2iwc3ObzeFaiEpMB8GA1UdIwQY
MBaAFEuYEnlD5xdXNJZAEMie+CFBajGzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzVnU2VVUG5GMWMwbGtBUXlKNzRJVUZxTWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9mMjBkZjMtMjc1My00MzUzLWE2Njgt
NjIxNzkyZjdlNTZhLzEvQVdqbDFzUGVVbjFVVGFMQnpjNXZONFZxSVNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9mMjBkZjMtMjc1My00MzUzLWE2NjgtNjIxNzkyZjdlNTZh
LzEvUzVnU2VVUG5GMWMwbGtBUXlKNzRJVUZxTWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaMAoDAwYfQAMD
AR9EMAoDAwAfRwMDBB9AMAwDBAYfY0ADBAYfY4AwCwMEBB9j0AMDAh9gAwMAsmMw
DAMEBLJrMAMEB7JrADAMAwQGuWbAAwQCuWbIAwQCwiTUMA0GCSqGSIb3DQEBCwUA
A4IBAQBX37xy+gqiIS9dpPEzMF6MFyvpqsRYyykITSzPdNGymJuhG3MIapwQfh/6
sD90mcq9llP4OeXuI5vFdTgM15La9dnM/ZPPP9I7AY90qUsrt0qDS+qCPe9xxE+s
hpsuHKckGVM/WkKg5nVp0sB2+EAQ6BGBNWV2uG+wMEEW581TUNE3VkZHlRWi6kSt
fWF6QfouUgTehvWN9tJtMML8jYQ0se8f2rY1cZ9AVo79S1kqOyoJk2SAVYiverP4
urm+FVhCFYs4+bdNCQOy7DTEXfxZu9eEJ+DkkwSHeVbCS0v4DTrQRiqNIwGGbNb3
N3pgdkaEaQHirH17qTLVaCcRLWW5
-----END CERTIFICATE-----
Generated at Thu Apr 16 22:35:46 2026 by rpki-client