Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/8wOAoL3azCMqc8Knb3AcLGVTybI.roa
File: 8wOAoL3azCMqc8Knb3AcLGVTybI.roa (raw, json)
Hash identifier: asNI2K5mxTKXFPFtSRWKCvSyqLIFWq90JHTW2inR7l0=
Subject key identifier: F3:03:80:A0:BD:DA:CC:23:2A:73:C2:A7:6F:70:1C:2C:65:53:C9:B2
Certificate issuer: /CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Certificate serial: 019F0FE160476249F54041F137DA3B549207
Authority key identifier: D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/8wOAoL3azCMqc8Knb3AcLGVTybI.roa
Signing time: Sun 28 Jun 2026 20:17:36 +0000
ROA not before: Sun 28 Jun 2026 20:17:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 43.240.150.0/24 maxlen: 24
91.109.40.0/24 maxlen: 24
91.109.41.0/24 maxlen: 24
91.109.43.0/24 maxlen: 24
91.109.44.0/24 maxlen: 24
91.109.45.0/24 maxlen: 24
91.109.46.0/24 maxlen: 24
147.185.196.0/24 maxlen: 24
193.168.202.0/24 maxlen: 24
193.168.203.0/24 maxlen: 24
207.244.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.mft
rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Jun 2026 02:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:0f:e1:60:47:62:49:f5:40:41:f1:37:da:3b:54:92:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Validity
Not Before: Jun 28 20:17:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f30380a0bddacc232a73c2a76f701c2c6553c9b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:a0:98:67:99:cb:72:b2:5b:be:20:36:35:5c:
02:4d:3d:0b:60:2c:e4:09:df:a3:c9:78:9f:38:46:
e0:36:68:df:cb:27:16:36:f5:4f:87:0e:d5:b0:f7:
4a:49:75:4b:1a:b9:cd:c1:9b:75:d6:84:86:55:77:
c8:4b:2c:a7:f3:f2:70:8d:41:30:a0:9a:43:dd:ec:
6b:fa:32:37:8b:dd:11:5d:07:91:4d:bc:2f:f3:fb:
20:a4:b2:d5:fe:64:c5:ee:b6:38:ef:32:8c:60:90:
eb:6f:85:d1:c2:63:20:24:24:d6:99:fa:7b:7d:92:
9d:1c:44:ff:f1:93:13:fc:d9:3f:de:79:d6:fc:b1:
4a:56:1c:d6:4c:1d:2a:50:b0:3e:15:b7:fc:a1:f1:
2d:fb:f0:a1:50:e2:7f:83:a9:18:09:c2:48:f8:0f:
21:28:74:f9:13:53:f4:ab:d0:b7:15:18:20:d2:9b:
37:28:70:1e:e9:84:90:5d:07:bc:74:00:6d:c5:cb:
cb:1d:91:7d:0f:7c:5e:6f:25:72:3f:db:7d:cb:10:
1e:93:0e:20:49:80:8a:dd:c2:cc:c5:32:a0:75:cd:
4d:2f:f1:49:c0:e5:d1:05:e0:68:6d:ff:78:ec:3e:
f5:d6:2e:d8:3f:f4:46:53:db:dc:a4:19:43:d5:94:
1c:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:03:80:A0:BD:DA:CC:23:2A:73:C2:A7:6F:70:1C:2C:65:53:C9:B2
X509v3 Authority Key Identifier:
keyid:D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/8wOAoL3azCMqc8Knb3AcLGVTybI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.240.150.0/24
91.109.40.0/23
91.109.43.0-91.109.46.255
147.185.196.0/24
193.168.202.0/23
207.244.198.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:7d:67:c2:35:0b:d0:4b:5e:12:5f:1b:23:d9:75:23:2e:9b:
1d:25:3a:84:cb:6c:46:73:c7:51:0d:fc:b6:09:cb:8f:a5:4e:
48:ba:18:70:de:61:20:10:3b:d5:4d:13:a5:14:81:ef:1d:f7:
af:9b:51:be:ab:df:90:f3:25:79:25:5d:d6:b4:2f:be:0e:b8:
23:6d:d7:94:ba:74:5d:99:80:fa:e9:5d:ba:fe:5c:38:21:da:
35:d1:e9:23:bc:e3:1e:f7:09:15:89:17:c1:48:75:21:be:6b:
0c:df:c6:b2:94:98:ed:31:0c:1c:3e:05:f4:6a:12:37:29:60:
31:7e:8a:ca:ef:15:57:07:da:74:d5:4a:89:3a:22:c8:46:b4:
cc:2d:50:24:b3:b4:04:07:d4:9a:30:69:fd:ee:79:11:38:4b:
15:41:39:d8:d9:ee:8f:58:d8:f4:e5:cd:d0:f6:a1:d7:5f:dd:
c9:86:92:eb:60:16:0e:97:71:aa:49:57:13:e5:6f:9e:3d:70:
ea:5c:3b:5f:39:97:84:36:c6:7a:61:d1:85:93:77:bc:31:a7:
40:db:f1:0b:03:9a:4e:e4:f1:6a:75:df:36:6c:e7:67:e4:8c:
7f:53:cc:43:aa:c6:0e:83:b0:8c:ce:a9:68:1f:ff:1a:a2:66:
4d:ed:0a:04
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZ8P4WBHYkn1QEHxN9o7VJIHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwOGRhOWNmMDBkNGQ1OGI4NTRmZmM2MjAxMGYyMzViMDZk
ZjM1NGEwHhcNMjYwNjI4MjAxNzM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzAzODBhMGJkZGFjYzIzMmE3M2MyYTc2ZjcwMWMyYzY1NTNjOWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyaCYZ5nLcrJbviA2NVwCTT0LYCzk
Cd+jyXifOEbgNmjfyycWNvVPhw7VsPdKSXVLGrnNwZt11oSGVXfISyyn8/JwjUEw
oJpD3exr+jI3i90RXQeRTbwv8/sgpLLV/mTF7rY47zKMYJDrb4XRwmMgJCTWmfp7
fZKdHET/8ZMT/Nk/3nnW/LFKVhzWTB0qULA+Fbf8ofEt+/ChUOJ/g6kYCcJI+A8h
KHT5E1P0q9C3FRgg0ps3KHAe6YSQXQe8dABtxcvLHZF9D3xebyVyP9t9yxAekw4g
SYCK3cLMxTKgdc1NL/FJwOXRBeBobf947D711i7YP/RGU9vcpBlD1ZQcnwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFPMDgKC92swjKnPCp29wHCxlU8myMB8GA1UdIwQY
MBaAFNCNqc8A1NWLhU/8YgEPI1sG3zVKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYt
MjBlMTk3ODBjYjJlLzEvOHdPQW9MM2F6Q01xYzhLbmIzQWNMR1ZUeWJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYtMjBlMTk3ODBjYjJl
LzEvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAK/CWAwQB
W20oMAwDBABbbSsDBABbbS4DBACTucQDBAHBqMoDBADP9MYwDQYJKoZIhvcNAQEL
BQADggEBAEt9Z8I1C9BLXhJfGyPZdSMumx0lOoTLbEZzx1EN/LYJy4+lTki6GHDe
YSAQO9VNE6UUge8d96+bUb6r35DzJXklXda0L74OuCNt15S6dF2ZgPrpXbr+XDgh
2jXR6SO84x73CRWJF8FIdSG+awzfxrKUmO0xDBw+BfRqEjcpYDF+isrvFVcH2nTV
Sok6IshGtMwtUCSztAQH1Jowaf3ueRE4SxVBOdjZ7o9Y2PTlzdD2oddf3cmGkutg
Fg6XcapJVxPlb549cOpcO185l4Q2xnph0YWTd7wxp0Db8QsDmk7k8Wp13zZs52fk
jH9TzEOqxg6DsIzOqWgf/xqiZk3tCgQ=
-----END CERTIFICATE-----
Generated at Mon Jun 29 09:59:53 2026 by rpki-client