Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1kRnuKkh70b2WOV_fgTE0dKFtTY.roa
File: 1kRnuKkh70b2WOV_fgTE0dKFtTY.roa (raw, json)
Hash identifier: r7RX37aAftMMKitvzhaHxcpZiqFZENDol7ZJFpAC00U=
Subject key identifier: D6:44:67:B8:A9:21:EF:46:F6:58:E5:7F:7E:04:C4:D1:D2:85:B5:36
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019CB8CB26C1227273119B40F8FE57BAB57E
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1kRnuKkh70b2WOV_fgTE0dKFtTY.roa
Signing time: Wed 04 Mar 2026 12:20:47 +0000
ROA not before: Wed 04 Mar 2026 12:20:47 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 16276
IP address blocks: 77.107.88.0/24 maxlen: 24
82.152.8.0/24 maxlen: 24
82.152.57.0/24 maxlen: 24
82.152.58.0/24 maxlen: 24
82.152.73.0/24 maxlen: 24
82.152.75.0/24 maxlen: 24
82.152.98.0/24 maxlen: 24
82.152.109.0/24 maxlen: 24
82.152.226.0/24 maxlen: 24
82.152.240.0/24 maxlen: 24
82.152.243.0/24 maxlen: 24
82.153.66.0/24 maxlen: 24
82.153.205.0/24 maxlen: 24
109.176.40.0/21 maxlen: 24
109.176.48.0/21 maxlen: 24
109.176.153.0/24 maxlen: 24
213.130.130.0/24 maxlen: 24
213.130.149.0/24 maxlen: 24
213.218.214.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Mar 2026 22:01:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:b8:cb:26:c1:22:72:73:11:9b:40:f8:fe:57:ba:b5:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Mar 4 12:20:47 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d64467b8a921ef46f658e57f7e04c4d1d285b536
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:fb:e5:31:b4:6e:14:4f:4d:36:48:cd:4f:f4:
e1:31:b1:24:c9:59:c4:df:a1:e0:6a:b0:51:36:03:
46:04:7e:9e:ca:28:42:89:2e:59:8c:4b:81:eb:9b:
5b:ab:46:5b:a5:93:cc:aa:7c:42:12:29:5f:28:2c:
a1:c0:bd:37:75:d7:a5:bc:63:a1:16:01:50:ce:e8:
ff:26:05:ed:fd:78:86:12:f7:bb:44:c8:17:54:d8:
f6:38:4f:c1:8a:c4:45:42:2b:48:66:76:d2:f0:26:
f0:45:9a:36:b4:8a:59:f8:5a:fc:df:89:9b:b8:cd:
09:25:4b:c7:37:01:70:b2:23:7f:37:31:2c:ff:f4:
a5:09:74:10:ee:18:b4:1b:5f:5a:4c:ae:c0:12:d1:
18:30:2a:b1:fd:f6:be:97:90:1d:00:35:b8:8a:90:
30:90:97:d4:4c:23:f2:55:1c:1b:1a:43:fb:9f:b9:
0d:6b:c8:d4:62:f8:2a:8a:bc:2c:46:4f:82:ea:af:
b3:cb:ad:ca:70:f6:5b:10:2b:c7:80:2a:1a:ea:1e:
81:69:88:3d:0b:4b:f8:fc:33:f7:02:0e:52:4f:bc:
77:1c:08:62:94:07:90:bb:77:b5:b9:b3:47:22:10:
c0:fe:82:dc:52:e2:a6:8a:27:28:69:50:3f:ec:f1:
29:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:44:67:B8:A9:21:EF:46:F6:58:E5:7F:7E:04:C4:D1:D2:85:B5:36
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1kRnuKkh70b2WOV_fgTE0dKFtTY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.107.88.0/24
82.152.8.0/24
82.152.57.0-82.152.58.255
82.152.73.0/24
82.152.75.0/24
82.152.98.0/24
82.152.109.0/24
82.152.226.0/24
82.152.240.0/24
82.152.243.0/24
82.153.66.0/24
82.153.205.0/24
109.176.40.0-109.176.55.255
109.176.153.0/24
213.130.130.0/24
213.130.149.0/24
213.218.214.0/24
Signature Algorithm: sha256WithRSAEncryption
52:d4:89:4b:cf:ec:ff:c4:81:39:a9:f3:67:a7:80:c5:02:30:
49:bd:e4:7d:50:89:98:4d:3b:84:51:10:83:af:cd:bb:2f:2b:
95:61:14:ba:84:3c:fc:e4:bb:1a:b4:28:6d:d1:e3:3e:9f:a4:
09:5f:ff:ab:56:e4:8d:09:d7:eb:60:cd:8c:6f:b7:7f:81:45:
19:3c:1f:4a:e9:4a:7e:00:01:a5:a3:91:4b:56:6a:15:df:0a:
69:8a:16:00:a9:6a:19:f3:d1:15:fa:4c:cc:1c:3b:2f:41:57:
c2:e8:67:b3:83:3f:77:8a:23:64:13:f0:ec:2b:e9:23:56:5b:
68:22:44:06:04:63:e2:95:7b:f8:b1:2d:f8:ff:d0:c6:cc:4a:
05:f4:c9:10:d4:a0:7a:17:a7:8a:9b:66:7d:53:e0:4f:8a:36:
59:a4:46:35:73:89:88:22:eb:e7:aa:5e:d7:73:bf:7a:78:c0:
67:05:06:80:8e:2f:09:5c:7a:22:2b:40:17:14:44:5b:a8:1d:
6d:30:9e:f0:ee:6b:cf:06:bd:04:2d:f7:d2:3e:87:7f:61:d9:
2f:82:97:e5:f4:0a:44:4b:0f:32:5d:34:cc:8f:7b:f3:7f:4b:
8b:13:9d:cc:ef:fd:e3:1e:03:ca:ef:45:a3:e2:dd:44:29:67:
1d:cd:bb:f1
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAZy4yybBInJzEZtA+P5XurV+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjYwMzA0MTIyMDQ3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjQ0NjdiOGE5MjFlZjQ2ZjY1OGU1N2Y3ZTA0YzRkMWQyODViNTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/vlMbRuFE9NNkjNT/ThMbEkyVnE
36HgarBRNgNGBH6eyihCiS5ZjEuB65tbq0ZbpZPMqnxCEilfKCyhwL03ddelvGOh
FgFQzuj/JgXt/XiGEve7RMgXVNj2OE/BisRFQitIZnbS8CbwRZo2tIpZ+Fr834mb
uM0JJUvHNwFwsiN/NzEs//SlCXQQ7hi0G19aTK7AEtEYMCqx/fa+l5AdADW4ipAw
kJfUTCPyVRwbGkP7n7kNa8jUYvgqirwsRk+C6q+zy63KcPZbECvHgCoa6h6BaYg9
C0v4/DP3Ag5ST7x3HAhilAeQu3e1ubNHIhDA/oLcUuKmiicoaVA/7PEp+QIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFNZEZ7ipIe9G9ljlf34ExNHShbU2MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMWtSbnVLa2g3MGIyV09WX2ZnVEUwZEtGdFRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MHwEAgABMHYDBABNa1gD
BABSmAgwDAMEAFKYOQMEAFKYOgMEAFKYSQMEAFKYSwMEAFKYYgMEAFKYbQMEAFKY
4gMEAFKY8AMEAFKY8wMEAFKZQgMEAFKZzTAMAwQDbbAoAwQDbbAwAwQAbbCZAwQA
1YKCAwQA1YKVAwQA1drWMA0GCSqGSIb3DQEBCwUAA4IBAQBS1IlLz+z/xIE5qfNn
p4DFAjBJveR9UImYTTuEURCDr827LyuVYRS6hDz85LsatCht0eM+n6QJX/+rVuSN
CdfrYM2Mb7d/gUUZPB9K6Up+AAGlo5FLVmoV3wppihYAqWoZ89EV+kzMHDsvQVfC
6Gezgz93iiNkE/DsK+kjVltoIkQGBGPilXv4sS34/9DGzEoF9MkQ1KB6F6eKm2Z9
U+BPijZZpEY1c4mIIuvnql7Xc796eMBnBQaAji8JXHoiK0AXFERbqB1tMJ7w7mvP
Br0ELffSPod/Ydkvgpfl9ApESw8yXTTMj3vzf0uLE53M7/3jHgPK70Wj4t1EKWcd
zbvx
-----END CERTIFICATE-----
Generated at Sat Mar 14 06:13:15 2026 by rpki-client