Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/DS7OPcaQlV03uunqBtPy1Sa2GTs.roa
File: DS7OPcaQlV03uunqBtPy1Sa2GTs.roa (raw, json)
Hash identifier: XgqaF1WRqThhh6nsSKGO8uOay8liYtpySnHHVbzszaw=
Subject key identifier: 0D:2E:CE:3D:C6:90:95:5D:37:BA:E9:EA:06:D3:F2:D5:26:B6:19:3B
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019D4D01F371185212D37CE68D75FE773878
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/DS7OPcaQlV03uunqBtPy1Sa2GTs.roa
Signing time: Thu 02 Apr 2026 07:04:26 +0000
ROA not before: Thu 02 Apr 2026 07:04:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 5511
IP address blocks: 82.153.148.0/24 maxlen: 24
89.213.63.0/24 maxlen: 24
89.213.227.0/24 maxlen: 24
213.130.137.0/24 maxlen: 24
213.130.152.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Apr 2026 20:11:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:4d:01:f3:71:18:52:12:d3:7c:e6:8d:75:fe:77:38:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Apr 2 07:04:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0d2ece3dc690955d37bae9ea06d3f2d526b6193b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:88:5b:5a:6b:7d:a9:25:c9:30:fe:ad:a9:00:
12:a9:b3:54:fb:96:83:b5:be:1c:59:6a:e8:85:b9:
55:c2:4d:3e:04:07:7f:4a:0a:91:27:ac:34:1c:af:
ed:57:27:1f:c3:b1:7e:a3:be:fc:8f:c3:a2:b5:0a:
9d:d9:30:aa:e6:89:13:4e:f4:ad:a2:cf:4e:df:e4:
70:c0:87:36:e8:5e:d7:7d:05:8c:d0:1a:cb:96:10:
3f:79:af:04:cc:88:5a:d2:3c:05:23:f7:47:39:34:
d6:54:77:8e:d2:e5:52:df:f1:de:1b:d6:fc:3c:1e:
eb:db:86:4b:19:2a:53:d4:02:a1:50:77:90:5c:90:
b5:39:df:72:54:5c:0a:f5:8c:b7:3c:30:7b:e1:2c:
ae:da:56:23:fb:b4:79:20:40:8f:45:ee:95:39:39:
3e:c9:74:73:08:3c:26:b2:0d:60:03:e1:f5:2b:00:
92:dc:cc:9a:93:f0:1c:37:aa:32:af:65:2f:32:7d:
63:e3:43:7e:53:5a:0d:c8:e3:7c:9f:32:d2:e8:43:
2f:d6:95:03:40:54:c7:c8:7f:2f:51:b9:a2:04:09:
13:71:e8:2c:65:47:59:a7:7e:fc:e7:78:7e:b8:7b:
fe:28:0b:5f:fa:67:40:25:9a:3b:0f:97:af:89:50:
20:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:2E:CE:3D:C6:90:95:5D:37:BA:E9:EA:06:D3:F2:D5:26:B6:19:3B
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/DS7OPcaQlV03uunqBtPy1Sa2GTs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.148.0/24
89.213.63.0/24
89.213.227.0/24
213.130.137.0/24
213.130.152.0/24
Signature Algorithm: sha256WithRSAEncryption
15:ae:98:15:24:06:d9:94:13:9d:fe:d9:e9:4f:90:65:b9:e0:
62:32:18:03:44:1c:fa:44:e4:f3:fa:df:58:6a:39:22:45:20:
0e:8d:ff:66:b5:ac:6b:45:3c:ae:72:dc:81:9b:99:01:05:7a:
e9:d6:51:c1:e4:fc:af:d1:2d:67:0d:63:25:dd:2d:b3:24:2b:
3b:7b:29:6d:54:75:70:6b:3a:1f:55:6f:72:ce:01:c8:9e:d8:
89:ca:1c:cb:cc:06:58:97:42:33:f4:3c:a2:b1:00:fc:af:da:
67:b9:5c:5b:76:ac:80:da:c6:80:21:39:53:37:f6:e4:f2:f4:
f7:2b:62:56:74:63:a2:a1:5e:f2:8a:9c:3d:1e:aa:fb:b4:68:
c4:ab:20:6c:77:bd:eb:aa:5f:d8:5c:ad:30:b9:bf:36:91:f1:
2e:04:d1:f7:56:e3:d8:25:39:bd:a5:29:bb:90:d2:9b:27:65:
d1:de:4f:70:ba:c8:cd:08:83:18:29:7d:c3:3c:fd:47:5f:2d:
05:e7:89:a7:09:68:46:e3:29:6d:0e:49:da:8e:87:a9:a4:b1:
8e:2c:a7:d2:2e:70:79:b0:0d:2b:be:3f:62:b0:fe:69:3a:af:
c5:f8:58:c5:89:fb:df:73:4f:e2:17:40:06:5f:8a:f7:fa:3b:
f9:8a:0d:b1
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ1NAfNxGFIS03zmjXX+dzh4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjYwNDAyMDcwNDI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDJlY2UzZGM2OTA5NTVkMzdiYWU5ZWEwNmQzZjJkNTI2YjYxOTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoIhbWmt9qSXJMP6tqQASqbNU+5aD
tb4cWWrohblVwk0+BAd/SgqRJ6w0HK/tVycfw7F+o778j8OitQqd2TCq5okTTvSt
os9O3+RwwIc26F7XfQWM0BrLlhA/ea8EzIha0jwFI/dHOTTWVHeO0uVS3/HeG9b8
PB7r24ZLGSpT1AKhUHeQXJC1Od9yVFwK9Yy3PDB74Syu2lYj+7R5IECPRe6VOTk+
yXRzCDwmsg1gA+H1KwCS3Myak/AcN6oyr2UvMn1j40N+U1oNyON8nzLS6EMv1pUD
QFTHyH8vUbmiBAkTcegsZUdZp37853h+uHv+KAtf+mdAJZo7D5eviVAg8QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFA0uzj3GkJVdN7rp6gbT8tUmthk7MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvRFM3T1BjYVFsVjAzdXVucUJ0UHkxU2EyR1RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAUpmUAwQA
WdU/AwQAWdXjAwQA1YKJAwQA1YKYMA0GCSqGSIb3DQEBCwUAA4IBAQAVrpgVJAbZ
lBOd/tnpT5BlueBiMhgDRBz6ROTz+t9YajkiRSAOjf9mtaxrRTyuctyBm5kBBXrp
1lHB5Pyv0S1nDWMl3S2zJCs7eyltVHVwazofVW9yzgHIntiJyhzLzAZYl0Iz9Dyi
sQD8r9pnuVxbdqyA2saAITlTN/bk8vT3K2JWdGOioV7yipw9Hqr7tGjEqyBsd73r
ql/YXK0wub82kfEuBNH3VuPYJTm9pSm7kNKbJ2XR3k9wusjNCIMYKX3DPP1HXy0F
54mnCWhG4yltDknajoeppLGOLKfSLnB5sA0rvj9isP5pOq/F+FjFifvfc0/iF0AG
X4r3+jv5ig2x
-----END CERTIFICATE-----
Generated at Thu Apr 9 05:14:40 2026 by rpki-client