Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2mcYo1PgtyC3TEAd4lEtjxX_oQ4.roa
File: 2mcYo1PgtyC3TEAd4lEtjxX_oQ4.roa (raw, json)
Hash identifier: OW6dV9RcJ6TtqHuQQlClcyqUAovv4HYCOTMjx/s74AU=
Subject key identifier: DA:67:18:A3:53:E0:B7:20:B7:4C:40:1D:E2:51:2D:8F:15:FF:A1:0E
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019D9A640F2AEC11708855BC19EA5DCA5058
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2mcYo1PgtyC3TEAd4lEtjxX_oQ4.roa
Signing time: Fri 17 Apr 2026 07:42:21 +0000
ROA not before: Fri 17 Apr 2026 07:42:21 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 395470
IP address blocks: 81.5.183.0/24 maxlen: 24
81.168.68.0/24 maxlen: 24
82.152.68.0/24 maxlen: 24
89.213.42.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9a:64:0f:2a:ec:11:70:88:55:bc:19:ea:5d:ca:50:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Apr 17 07:42:21 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=da6718a353e0b720b74c401de2512d8f15ffa10e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:6d:52:36:a8:0e:79:79:4f:b0:93:e2:25:90:
1f:e5:38:f0:69:4a:e5:b7:51:12:e1:dc:e5:ec:7a:
81:12:3e:ee:81:93:3f:df:64:6f:5c:9c:52:b2:30:
47:09:22:26:6b:7c:6d:23:a7:b3:24:3f:fe:5a:2d:
8d:e5:8b:1c:ea:74:e3:aa:ad:3c:33:94:03:23:1c:
d6:5c:10:2c:5d:81:56:15:88:18:37:b5:7a:d4:0a:
8c:12:36:81:44:c6:d4:a9:9b:c7:44:c0:97:2f:b3:
b5:48:7d:36:fd:b7:e6:25:46:71:c7:d6:f6:2e:c9:
4d:e4:6f:56:55:7d:ff:cd:5a:ef:e2:07:16:07:3d:
83:70:f6:9b:65:09:32:2c:9f:02:b5:5a:c1:ab:5f:
38:c8:1d:b1:13:47:00:27:23:c7:18:12:81:df:b6:
cd:86:6c:4d:de:f3:dd:43:e0:20:9d:9d:65:c2:97:
42:02:39:e1:47:de:df:48:dd:b4:c6:ea:82:06:79:
f3:a6:41:2f:44:4e:ff:5d:9b:13:38:ff:38:04:5a:
6e:b5:37:3e:1b:66:c9:aa:cd:28:34:6c:7c:d2:88:
c3:20:d6:05:31:19:e7:9b:6b:95:63:55:2c:f0:f7:
37:21:59:3e:b2:69:70:b6:4f:86:09:2a:64:4f:33:
a3:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:67:18:A3:53:E0:B7:20:B7:4C:40:1D:E2:51:2D:8F:15:FF:A1:0E
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2mcYo1PgtyC3TEAd4lEtjxX_oQ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.183.0/24
81.168.68.0/24
82.152.68.0/24
89.213.42.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:f3:e4:69:77:a7:64:d5:13:0f:45:55:77:54:37:13:ac:40:
de:68:95:e1:b3:0a:54:97:be:bc:eb:6d:89:d6:82:84:bd:8f:
56:6d:e8:b1:43:48:56:21:4a:93:15:30:b9:a7:dc:21:b6:26:
a2:76:1d:d5:ce:89:f8:ac:c3:af:63:6c:ea:06:d1:56:9f:fc:
25:79:dc:f4:2b:ea:2c:1b:36:52:0c:92:18:a1:18:b2:1c:1e:
43:14:ae:7f:87:d6:b4:69:9e:f6:e7:1b:ad:e1:4f:d1:65:90:
cd:91:f5:ad:e1:93:ab:4e:de:69:3d:89:cf:ff:78:60:be:77:
cc:70:fc:b2:d4:00:f9:40:25:6d:84:77:36:51:7c:6b:3a:ac:
60:ab:36:e9:4a:75:a3:4f:1e:14:59:58:36:98:b3:26:89:28:
06:6a:04:0b:93:ff:86:a5:2a:46:4c:2e:5b:bf:b7:09:ee:86:
a6:8e:4c:f9:20:9d:3c:65:82:63:04:39:8a:d1:12:ae:7b:b7:
fe:99:4b:7b:ae:70:3f:91:ab:d3:35:bd:73:e5:ff:af:b1:87:
bf:7e:bc:24:6f:cc:68:60:d2:53:1c:c6:cb:97:67:90:c6:6d:
84:30:a4:b5:16:1e:d2:49:6d:5d:30:8c:c3:e7:67:21:f6:b7:
a8:b9:40:89
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ2aZA8q7BFwiFW8GepdylBYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjYwNDE3MDc0MjIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTY3MThhMzUzZTBiNzIwYjc0YzQwMWRlMjUxMmQ4ZjE1ZmZhMTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5W1SNqgOeXlPsJPiJZAf5TjwaUrl
t1ES4dzl7HqBEj7ugZM/32RvXJxSsjBHCSIma3xtI6ezJD/+Wi2N5Ysc6nTjqq08
M5QDIxzWXBAsXYFWFYgYN7V61AqMEjaBRMbUqZvHRMCXL7O1SH02/bfmJUZxx9b2
LslN5G9WVX3/zVrv4gcWBz2DcPabZQkyLJ8CtVrBq184yB2xE0cAJyPHGBKB37bN
hmxN3vPdQ+AgnZ1lwpdCAjnhR97fSN20xuqCBnnzpkEvRE7/XZsTOP84BFputTc+
G2bJqs0oNGx80ojDINYFMRnnm2uVY1Us8Pc3IVk+smlwtk+GCSpkTzOj5wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNpnGKNT4Lcgt0xAHeJRLY8V/6EOMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMm1jWW8xUGd0eUMzVEVBZDRsRXRqeFhfb1E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUQW3AwQA
UahEAwQAUphEAwQAWdUqMA0GCSqGSIb3DQEBCwUAA4IBAQCL8+Rpd6dk1RMPRVV3
VDcTrEDeaJXhswpUl768622J1oKEvY9WbeixQ0hWIUqTFTC5p9whtiaidh3Vzon4
rMOvY2zqBtFWn/wledz0K+osGzZSDJIYoRiyHB5DFK5/h9a0aZ725xut4U/RZZDN
kfWt4ZOrTt5pPYnP/3hgvnfMcPyy1AD5QCVthHc2UXxrOqxgqzbpSnWjTx4UWVg2
mLMmiSgGagQLk/+GpSpGTC5bv7cJ7oamjkz5IJ08ZYJjBDmK0RKue7f+mUt7rnA/
kavTNb1z5f+vsYe/frwkb8xoYNJTHMbLl2eQxm2EMKS1Fh7SSW1dMIzD52ch9reo
uUCJ
-----END CERTIFICATE-----
Generated at Fri Apr 17 14:12:28 2026 by rpki-client