Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0yD3dUli9RCn0lsO0NHYMix-Meg.roa
File: 0yD3dUli9RCn0lsO0NHYMix-Meg.roa (raw, json)
Hash identifier: lx8ww6S2WlbdbExt0dRnkI5cbQkHNVZGe9wOUdB/c9I=
Subject key identifier: D3:20:F7:75:49:62:F5:10:A7:D2:5B:0E:D0:D1:D8:32:2C:7E:31:E8
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019CBD69B60C224507F8F17335E57FD50A37
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0yD3dUli9RCn0lsO0NHYMix-Meg.roa
Signing time: Thu 05 Mar 2026 09:52:27 +0000
ROA not before: Thu 05 Mar 2026 09:52:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 216138
IP address blocks: 82.152.114.0/24 maxlen: 24
82.152.115.0/24 maxlen: 24
82.152.143.0/24 maxlen: 24
82.152.186.0/24 maxlen: 24
82.153.114.0/24 maxlen: 24
82.153.212.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Mar 2026 02:18:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:bd:69:b6:0c:22:45:07:f8:f1:73:35:e5:7f:d5:0a:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Mar 5 09:52:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d320f7754962f510a7d25b0ed0d1d8322c7e31e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:b0:80:5c:1f:b4:c8:d1:cd:6b:03:77:f0:88:
a2:da:a3:c8:18:85:d3:28:8d:7c:65:d3:4a:12:46:
09:3a:f2:1d:60:89:96:be:fd:70:f5:5c:64:c1:3f:
f1:b8:81:1a:63:98:4a:52:10:86:3d:6f:5a:31:8a:
47:7a:42:cb:53:84:ed:cc:3c:5b:a3:b1:e4:54:80:
3b:be:48:2a:af:c8:60:38:9d:39:e5:40:f0:a8:92:
39:18:99:f6:c0:a8:ee:f2:d8:36:e2:1b:1a:af:51:
87:16:21:57:d3:17:20:34:20:85:49:59:a6:af:fb:
ba:04:8c:32:77:c4:54:c4:fa:fe:20:74:75:c1:95:
f9:41:ed:f8:58:a4:26:07:1c:08:e0:4b:4c:c0:f3:
08:b6:47:ab:ef:9e:cd:f3:97:6e:12:09:d3:2e:17:
fd:01:31:9c:3d:94:e1:dd:74:02:b5:77:ed:26:6e:
94:5b:da:46:e7:c8:93:ce:fa:7a:c1:61:c6:ce:1f:
35:53:3a:08:76:d7:38:6a:ec:10:c3:81:a2:02:8e:
a8:c0:32:09:da:bc:b3:8e:62:bd:b1:4f:b6:14:ea:
55:98:31:f5:96:e3:4a:d1:f7:8b:f5:5d:a1:18:44:
01:5f:40:17:0d:34:43:09:7f:87:96:3b:3f:9e:ef:
e9:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:20:F7:75:49:62:F5:10:A7:D2:5B:0E:D0:D1:D8:32:2C:7E:31:E8
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0yD3dUli9RCn0lsO0NHYMix-Meg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.114.0/23
82.152.143.0/24
82.152.186.0/24
82.153.114.0/24
82.153.212.0/24
Signature Algorithm: sha256WithRSAEncryption
02:71:14:79:6f:73:21:e2:b7:3a:7a:4c:2d:dd:f1:e9:67:00:
df:72:6b:3e:da:c9:5a:3c:6e:d2:24:0d:de:17:fa:ad:99:a3:
5b:74:d9:19:39:76:fc:2f:b3:4c:46:63:63:85:e4:94:9d:ff:
e7:af:26:4b:f4:b6:3e:fd:b6:10:03:9f:a6:c8:8a:b2:81:a7:
ee:15:f0:90:97:d2:2e:12:03:a5:87:26:15:a5:2b:77:c7:45:
54:f4:0c:d9:05:41:3b:ff:f1:f6:5c:c2:9e:9a:f7:59:37:66:
83:5e:63:fe:a5:1f:38:9a:53:64:62:93:05:81:99:f9:f8:cb:
10:97:35:f7:ac:30:4a:6e:9d:9e:b2:bd:fe:85:52:9e:b8:b3:
b0:da:d3:7f:b1:02:16:5c:79:e9:96:41:46:39:95:76:a7:5f:
73:e8:0e:45:ac:c0:8e:c1:50:98:d7:92:21:6a:43:4a:9f:bd:
a9:43:e7:8e:92:fa:4c:5e:43:59:d1:3d:76:bc:1f:24:fe:75:
dc:b3:a9:62:1f:22:a1:79:f4:76:bb:cc:c3:68:02:2a:ed:64:
66:19:7e:1f:62:38:6c:b8:17:d2:cb:c7:32:9e:34:29:47:4d:
43:18:ed:11:59:b2:1e:76:66:e4:d3:c1:d2:e2:57:74:34:47:
20:97:fe:0f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZy9abYMIkUH+PFzNeV/1Qo3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjYwMzA1MDk1MjI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzIwZjc3NTQ5NjJmNTEwYTdkMjViMGVkMGQxZDgzMjJjN2UzMWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxrCAXB+0yNHNawN38Iii2qPIGIXT
KI18ZdNKEkYJOvIdYImWvv1w9VxkwT/xuIEaY5hKUhCGPW9aMYpHekLLU4TtzDxb
o7HkVIA7vkgqr8hgOJ055UDwqJI5GJn2wKju8tg24hsar1GHFiFX0xcgNCCFSVmm
r/u6BIwyd8RUxPr+IHR1wZX5Qe34WKQmBxwI4EtMwPMItker757N85duEgnTLhf9
ATGcPZTh3XQCtXftJm6UW9pG58iTzvp6wWHGzh81UzoIdtc4auwQw4GiAo6owDIJ
2ryzjmK9sU+2FOpVmDH1luNK0feL9V2hGEQBX0AXDTRDCX+Hljs/nu/pxQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNMg93VJYvUQp9JbDtDR2DIsfjHoMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMHlEM2RVbGk5UkNuMGxzTzBOSFlNaXgtTWVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBUphyAwQA
UpiPAwQAUpi6AwQAUplyAwQAUpnUMA0GCSqGSIb3DQEBCwUAA4IBAQACcRR5b3Mh
4rc6ekwt3fHpZwDfcms+2slaPG7SJA3eF/qtmaNbdNkZOXb8L7NMRmNjheSUnf/n
ryZL9LY+/bYQA5+myIqygafuFfCQl9IuEgOlhyYVpSt3x0VU9AzZBUE7//H2XMKe
mvdZN2aDXmP+pR84mlNkYpMFgZn5+MsQlzX3rDBKbp2esr3+hVKeuLOw2tN/sQIW
XHnplkFGOZV2p19z6A5FrMCOwVCY15IhakNKn72pQ+eOkvpMXkNZ0T12vB8k/nXc
s6liHyKhefR2u8zDaAIq7WRmGX4fYjhsuBfSy8cynjQpR01DGO0RWbIedmbk08HS
4ld0NEcgl/4P
-----END CERTIFICATE-----
Generated at Sat Mar 21 12:22:36 2026 by rpki-client