Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1-BXb7vAHU8trlpNCV1jCG3aHzbE.roa
File: 1-BXb7vAHU8trlpNCV1jCG3aHzbE.roa (raw, json)
Hash identifier: osKxbvfDPKDSWJG4Qt14iZ8o33OtrU3UWQBtnFbchbo=
Subject key identifier: F8:15:DB:EE:F0:07:53:CB:6B:96:93:42:57:58:C2:1B:76:87:CD:B1
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019CB33A4B1200AA77F9298CBB9A69E27C92
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1-BXb7vAHU8trlpNCV1jCG3aHzbE.roa
Signing time: Tue 03 Mar 2026 10:24:27 +0000
ROA not before: Tue 03 Mar 2026 10:24:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 48266
IP address blocks: 81.5.191.0/24 maxlen: 24
82.152.177.0/24 maxlen: 24
82.153.69.0/24 maxlen: 24
82.153.219.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Mar 2026 09:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:b3:3a:4b:12:00:aa:77:f9:29:8c:bb:9a:69:e2:7c:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Mar 3 10:24:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f815dbeef00753cb6b9693425758c21b7687cdb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:50:be:b3:77:79:fb:13:8c:d5:b6:7c:10:28:
30:26:5c:66:88:1b:96:d9:4a:22:dd:7b:57:fc:fa:
84:c8:92:7d:cc:72:9b:e1:3c:19:99:00:b1:3b:a4:
2e:a6:f5:d0:e6:f9:f2:11:5d:7d:9c:ab:7c:51:32:
93:6a:a8:46:21:be:cb:0d:15:f0:6f:8b:df:82:2d:
5d:1c:36:19:39:7a:f8:ca:dc:d1:79:cf:15:82:f1:
64:cc:16:72:9b:2a:ab:43:c5:70:8a:42:24:f0:a2:
e1:b8:9c:02:29:15:a5:31:43:a3:e4:ba:10:c0:91:
2b:d8:c0:05:9a:52:1b:60:d7:c4:f6:a3:00:23:35:
c8:b6:a0:63:93:4c:26:cb:89:8f:08:b3:22:d5:2c:
6d:14:a0:be:0c:bf:c3:65:db:5f:5f:5e:07:60:c4:
08:7d:8a:24:e3:fc:05:58:c8:45:32:25:df:36:89:
e7:0f:87:ae:f8:46:af:68:68:97:c7:c3:cd:d3:75:
e5:5b:ab:ff:8c:e6:12:f0:80:9e:36:ce:dc:e1:35:
65:1b:24:ef:cf:19:8d:25:39:4a:47:ba:4e:a9:20:
e2:f9:3f:93:1e:9b:77:56:82:53:9d:7c:0e:73:6b:
bb:97:f4:81:fd:d8:8f:20:aa:43:49:f7:ba:72:23:
fe:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:15:DB:EE:F0:07:53:CB:6B:96:93:42:57:58:C2:1B:76:87:CD:B1
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1-BXb7vAHU8trlpNCV1jCG3aHzbE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.191.0/24
82.152.177.0/24
82.153.69.0/24
82.153.219.0/24
Signature Algorithm: sha256WithRSAEncryption
03:be:c0:a7:3c:38:c8:cb:84:97:5f:3d:9c:9f:ed:98:60:17:
6f:9c:11:45:c4:f3:8a:9e:35:64:39:92:db:b5:fd:49:df:29:
ba:5b:2b:60:9f:d1:1f:4e:ba:6f:c5:d8:46:9c:ed:1d:92:55:
9f:05:86:0e:00:23:39:8f:c2:a1:af:b3:b3:f3:16:0e:e9:58:
c9:35:42:e5:ac:96:6e:c3:75:16:48:16:5b:4e:f3:07:6a:d6:
cc:f9:b9:6d:9e:b8:c6:96:a8:9b:c8:c0:ab:41:ad:4b:8d:50:
4c:40:bb:16:13:20:d8:92:f5:0d:e5:db:ae:34:72:42:19:84:
a9:4d:02:f3:20:22:35:ea:f8:88:a9:65:18:fe:01:3d:66:37:
4d:e7:3c:1c:90:4b:ec:5b:a7:c5:41:0c:34:da:d3:c9:b6:67:
0c:85:28:99:3d:ec:0f:0a:c2:c0:e1:c6:30:b0:d1:8d:69:d7:
ae:ce:2b:29:52:00:be:2d:b3:f1:94:e9:1a:7b:bf:72:5f:d0:
96:a7:73:60:df:bc:40:b3:67:b6:58:2d:f1:d5:85:0d:9e:49:
94:d0:72:25:38:01:cc:c0:32:f2:89:94:c2:1d:8b:41:c6:aa:
c9:a8:e0:79:c8:b1:a8:20:1c:78:ce:99:07:62:0c:a8:71:6d:
ef:e4:df:d3
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAZyzOksSAKp3+SmMu5pp4nySMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjYwMzAzMTAyNDI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODE1ZGJlZWYwMDc1M2NiNmI5NjkzNDI1NzU4YzIxYjc2ODdjZGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0lC+s3d5+xOM1bZ8ECgwJlxmiBuW
2Uoi3XtX/PqEyJJ9zHKb4TwZmQCxO6QupvXQ5vnyEV19nKt8UTKTaqhGIb7LDRXw
b4vfgi1dHDYZOXr4ytzRec8VgvFkzBZymyqrQ8VwikIk8KLhuJwCKRWlMUOj5LoQ
wJEr2MAFmlIbYNfE9qMAIzXItqBjk0wmy4mPCLMi1SxtFKC+DL/DZdtfX14HYMQI
fYok4/wFWMhFMiXfNonnD4eu+EavaGiXx8PN03XlW6v/jOYS8ICeNs7c4TVlGyTv
zxmNJTlKR7pOqSDi+T+THpt3VoJTnXwOc2u7l/SB/diPIKpDSfe6ciP+7wIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFPgV2+7wB1PLa5aTQldYwht2h82xMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMS1CWGI3dkFIVTh0cmxwTkNWMWpDRzNhSHpiRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGEvNDlkYzAwLTk3ZTItNDYyOC1hZTM5LTQxMjI4ZTM5ZmY3
Yy8xL1A5TU5pbjRTX0h2Mkxnd1NIbnpDSnQ2bE81cy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAxBggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAFEFvwME
AFKYsQMEAFKZRQMEAFKZ2zANBgkqhkiG9w0BAQsFAAOCAQEAA77Apzw4yMuEl189
nJ/tmGAXb5wRRcTzip41ZDmS27X9Sd8pulsrYJ/RH066b8XYRpztHZJVnwWGDgAj
OY/Coa+zs/MWDulYyTVC5ayWbsN1FkgWW07zB2rWzPm5bZ64xpaom8jAq0GtS41Q
TEC7FhMg2JL1DeXbrjRyQhmEqU0C8yAiNer4iKllGP4BPWY3Tec8HJBL7FunxUEM
NNrTybZnDIUomT3sDwrCwOHGMLDRjWnXrs4rKVIAvi2z8ZTpGnu/cl/QlqdzYN+8
QLNntlgt8dWFDZ5JlNByJTgBzMAy8omUwh2LQcaqyajgecixqCAceM6ZB2IMqHFt
7+Tf0w==
-----END CERTIFICATE-----
Generated at Sat Mar 7 19:48:19 2026 by rpki-client