Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/h8D1gq051tBYJNb_Y4nlpSpaChc.roa
File: h8D1gq051tBYJNb_Y4nlpSpaChc.roa (raw, json)
Hash identifier: 1sY2UtAw3qppMv1YMtACKA33nss4PyBDyZbo40TbUgc=
Subject key identifier: 87:C0:F5:82:AD:39:D6:D0:58:24:D6:FF:63:89:E5:A5:2A:5A:0A:17
Certificate issuer: /CN=bf84113545d9000760f66062a4221933a2e959d8
Certificate serial: 019D3F0E8F9829A3156DC6B88823265D979B
Authority key identifier: BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/h8D1gq051tBYJNb_Y4nlpSpaChc.roa
Signing time: Mon 30 Mar 2026 14:03:32 +0000
ROA not before: Mon 30 Mar 2026 14:03:32 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215540
IP address blocks: 45.89.60.0/24 maxlen: 24
45.150.66.0/24 maxlen: 24
83.97.78.0/24 maxlen: 24
138.124.181.0/24 maxlen: 24
138.124.186.0/24 maxlen: 24
212.18.104.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.mft
rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 Apr 2026 14:02:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:3f:0e:8f:98:29:a3:15:6d:c6:b8:88:23:26:5d:97:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf84113545d9000760f66062a4221933a2e959d8
Validity
Not Before: Mar 30 14:03:32 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=87c0f582ad39d6d05824d6ff6389e5a52a5a0a17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:90:2b:4b:3b:69:cb:14:8d:5a:52:57:3a:cb:
82:03:83:20:eb:1c:b3:b6:cc:9f:00:58:03:13:10:
3a:c8:a0:4b:6a:8c:e6:df:cf:ed:6b:f0:e3:89:3e:
55:81:45:96:88:2c:c6:7a:d2:2e:91:42:9b:d6:ab:
16:e5:dd:f4:5b:23:09:4d:e4:aa:4c:4a:bd:fd:82:
a2:18:ee:b4:56:3f:60:27:69:cd:24:12:f4:f4:c3:
10:e7:15:45:37:f4:fb:9b:a2:eb:6c:1e:5e:4e:11:
c1:c3:0c:4f:52:f8:8a:80:aa:23:a2:ea:dd:34:34:
16:69:a9:3e:d7:68:ce:af:c4:05:ee:dc:27:64:d3:
f8:39:fa:64:5d:17:ba:b9:23:0a:97:09:f3:3f:38:
b8:9c:7e:d8:1e:f1:52:73:af:f8:44:e9:bc:81:ff:
53:aa:7b:9b:53:fa:5f:43:97:14:2c:d1:9e:74:0c:
15:6e:c9:af:4c:66:72:60:aa:8e:57:cd:b2:90:dd:
c6:08:43:94:f9:3a:4f:07:c6:51:47:aa:6d:3a:73:
f0:47:6c:8d:5a:31:28:a2:26:80:eb:f3:88:9b:fa:
51:78:df:20:0a:e4:a7:47:b0:4d:96:8c:65:85:80:
6d:a0:76:71:a6:70:66:18:44:19:d8:90:db:76:a5:
57:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:C0:F5:82:AD:39:D6:D0:58:24:D6:FF:63:89:E5:A5:2A:5A:0A:17
X509v3 Authority Key Identifier:
keyid:BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/h8D1gq051tBYJNb_Y4nlpSpaChc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.60.0/24
45.150.66.0/24
83.97.78.0/24
138.124.181.0/24
138.124.186.0/24
212.18.104.0/24
Signature Algorithm: sha256WithRSAEncryption
99:d8:3a:db:6e:d4:f1:f7:26:7e:82:3b:28:18:eb:8d:95:ba:
c2:f6:d2:e0:ec:4e:cd:1a:3b:75:9e:19:fe:49:42:41:83:91:
11:40:0e:2f:51:eb:52:3a:21:55:30:e8:28:6f:7a:e4:73:04:
5d:cb:13:e2:12:17:a7:34:20:fd:6b:3f:a9:42:31:97:8c:28:
b9:07:d2:85:73:57:a7:0d:57:7d:c7:27:d4:fc:c4:db:c3:70:
62:58:4c:84:2f:c8:71:d3:f2:fe:39:bc:e4:bd:68:1e:1f:43:
e7:a6:26:b2:1f:ce:70:bb:2e:20:f8:e6:02:56:69:c1:ba:84:
27:ed:54:e1:ee:e8:d0:a8:b6:d0:18:c0:67:2d:0c:72:e8:7f:
b4:e6:06:ec:de:1c:8b:28:40:f5:6b:e8:40:48:67:f9:40:36:
d9:7a:c7:b5:0a:f6:15:e8:8a:38:d0:5c:fc:d6:db:7d:9f:73:
ad:4f:87:61:0d:0b:35:7e:43:1f:f3:d7:7e:4a:a7:50:56:6c:
39:d2:33:de:6b:8e:2f:c9:90:a4:a9:3c:02:e3:3d:0b:ae:90:
35:92:c9:e0:e5:e7:a7:1e:5c:21:24:67:b2:24:d4:87:98:f4:
fd:02:10:8d:c4:fb:56:48:fe:3d:09:81:a5:c5:03:35:c7:85:
7b:d2:4d:f1
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZ0/Do+YKaMVbca4iCMmXZebMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmODQxMTM1NDVkOTAwMDc2MGY2NjA2MmE0MjIxOTMzYTJl
OTU5ZDgwHhcNMjYwMzMwMTQwMzMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2MwZjU4MmFkMzlkNmQwNTgyNGQ2ZmY2Mzg5ZTVhNTJhNWEwYTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJArSztpyxSNWlJXOsuCA4Mg6xyz
tsyfAFgDExA6yKBLaozm38/ta/DjiT5VgUWWiCzGetIukUKb1qsW5d30WyMJTeSq
TEq9/YKiGO60Vj9gJ2nNJBL09MMQ5xVFN/T7m6LrbB5eThHBwwxPUviKgKojourd
NDQWaak+12jOr8QF7twnZNP4OfpkXRe6uSMKlwnzPzi4nH7YHvFSc6/4ROm8gf9T
qnubU/pfQ5cULNGedAwVbsmvTGZyYKqOV82ykN3GCEOU+TpPB8ZRR6ptOnPwR2yN
WjEooiaA6/OIm/pReN8gCuSnR7BNloxlhYBtoHZxpnBmGEQZ2JDbdqVXrwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFIfA9YKtOdbQWCTW/2OJ5aUqWgoXMB8GA1UdIwQY
MBaAFL+EETVF2QAHYPZgYqQiGTOi6VnYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEt
NGJkNjNhZGM3MzU0LzEvaDhEMWdxMDUxdEJZSk5iX1k0bmxwU3BhQ2hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEtNGJkNjNhZGM3MzU0
LzEvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALVk8AwQA
LZZCAwQAU2FOAwQAiny1AwQAiny6AwQA1BJoMA0GCSqGSIb3DQEBCwUAA4IBAQCZ
2DrbbtTx9yZ+gjsoGOuNlbrC9tLg7E7NGjt1nhn+SUJBg5ERQA4vUetSOiFVMOgo
b3rkcwRdyxPiEhenNCD9az+pQjGXjCi5B9KFc1enDVd9xyfU/MTbw3BiWEyEL8hx
0/L+ObzkvWgeH0PnpiayH85wuy4g+OYCVmnBuoQn7VTh7ujQqLbQGMBnLQxy6H+0
5gbs3hyLKED1a+hASGf5QDbZese1CvYV6Io40Fz81tt9n3OtT4dhDQs1fkMf89d+
SqdQVmw50jPea44vyZCkqTwC4z0LrpA1ksng5eenHlwhJGeyJNSHmPT9AhCNxPtW
SP49CYGlxQM1x4V70k3x
-----END CERTIFICATE-----
Generated at Tue Mar 31 22:30:04 2026 by rpki-client