Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ItD_ZaYjhgoe5nNO5HGTmlm5Ihc.roa
File: ItD_ZaYjhgoe5nNO5HGTmlm5Ihc.roa (raw, json)
Hash identifier: Q4RRUCS1j6o8xK0iMOTZFH1dffoQ5fJq14qVE3j+NgE=
Subject key identifier: 22:D0:FF:65:A6:23:86:0A:1E:E6:73:4E:E4:71:93:9A:59:B9:22:17
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019E2C5AA3B214A6C775DFAD60CD7A93ADC5
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ItD_ZaYjhgoe5nNO5HGTmlm5Ihc.roa
Signing time: Fri 15 May 2026 15:56:38 +0000
ROA not before: Fri 15 May 2026 15:56:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 402215
IP address blocks: 81.168.110.0/24 maxlen: 24
89.213.6.0/24 maxlen: 24
109.176.83.0/24 maxlen: 24
109.176.242.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 May 2026 01:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:2c:5a:a3:b2:14:a6:c7:75:df:ad:60:cd:7a:93:ad:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 15 15:56:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=22d0ff65a623860a1ee6734ee471939a59b92217
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:dc:9e:6b:88:21:8e:b9:11:c8:c7:d5:66:a4:
55:c3:75:a5:95:2a:52:ee:44:4b:f2:f9:7c:00:56:
f9:29:05:b9:63:80:4a:29:0a:8d:b4:3a:0c:8c:df:
ca:08:49:34:bf:d6:db:d2:bb:5c:34:63:3f:64:fb:
8c:51:99:89:1c:21:9d:84:52:7d:58:49:3f:12:73:
f5:78:bc:94:54:0e:7e:f2:bc:8c:9a:18:c5:d4:8a:
9f:0b:b1:d8:2b:af:05:8d:bc:31:41:d0:a3:f6:41:
08:c5:b1:37:70:a5:aa:31:28:5f:fb:a5:e6:d7:57:
78:e0:d6:36:75:08:ae:78:15:9f:f8:5a:ce:96:1b:
f2:2d:7e:ff:8f:31:e9:61:58:17:35:44:f2:a7:a3:
ec:b6:ee:33:51:8b:a4:26:17:8e:1c:1b:e8:dd:d7:
f7:27:9a:70:c1:2d:33:10:99:52:82:58:64:23:5a:
b1:a2:36:8c:90:10:65:18:65:6e:d7:1f:fc:5e:95:
fd:87:f1:f1:f7:5a:6a:93:a2:dd:39:4d:48:fe:63:
c1:21:8f:7f:3f:af:49:21:6e:8d:92:e0:ed:dc:5e:
d6:e4:9c:96:ec:aa:fc:fc:a4:cc:ed:30:91:34:95:
2f:38:57:a2:70:8d:02:f0:1b:ab:fa:11:5c:9d:99:
76:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:D0:FF:65:A6:23:86:0A:1E:E6:73:4E:E4:71:93:9A:59:B9:22:17
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ItD_ZaYjhgoe5nNO5HGTmlm5Ihc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.110.0/24
89.213.6.0/24
109.176.83.0/24
109.176.242.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:fa:08:3a:b6:fc:20:0e:94:ae:88:10:99:1f:89:81:cd:f7:
72:1e:17:c8:74:b5:07:fd:c3:ff:bd:fe:26:7b:b0:89:2d:2b:
8a:ae:3a:73:5e:23:0d:c0:5b:15:81:b7:9f:5f:f5:ff:0d:00:
32:a0:48:85:aa:7b:39:6e:2c:3d:82:58:4a:64:64:33:91:6f:
56:f8:18:7f:a5:d0:df:66:47:71:be:18:25:28:ea:65:76:aa:
4b:2b:a2:b2:e2:0b:a1:ee:21:85:c3:a5:5f:5a:81:51:0a:82:
bc:26:4c:30:5a:e0:cb:02:f2:32:0d:34:2d:d9:9d:2d:da:18:
31:e3:fa:0a:cf:8c:25:4f:2f:5d:07:9c:78:77:4f:a3:94:78:
b0:a1:81:ef:92:c9:70:a6:1c:a6:2b:d7:dd:1e:ea:e4:7f:e9:
88:a5:1e:b6:f4:fb:aa:ba:e3:40:76:62:dc:94:c4:d1:9d:75:
59:01:5f:1f:07:11:67:5e:b1:7a:0b:f0:3c:5b:12:44:9b:37:
29:50:59:7a:c0:99:49:aa:d7:c1:96:0d:b3:28:1f:fa:aa:ac:
5e:f0:d4:d8:c2:96:58:b4:be:c4:56:d0:f2:3f:26:d2:44:af:
bb:4f:67:f7:21:58:e8:11:13:17:05:06:2a:56:8f:91:ea:18:
3a:f9:44:4a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ4sWqOyFKbHdd+tYM16k63FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjYwNTE1MTU1NjM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmQwZmY2NWE2MjM4NjBhMWVlNjczNGVlNDcxOTM5YTU5YjkyMjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv9yea4ghjrkRyMfVZqRVw3WllSpS
7kRL8vl8AFb5KQW5Y4BKKQqNtDoMjN/KCEk0v9bb0rtcNGM/ZPuMUZmJHCGdhFJ9
WEk/EnP1eLyUVA5+8ryMmhjF1IqfC7HYK68FjbwxQdCj9kEIxbE3cKWqMShf+6Xm
11d44NY2dQiueBWf+FrOlhvyLX7/jzHpYVgXNUTyp6Pstu4zUYukJheOHBvo3df3
J5pwwS0zEJlSglhkI1qxojaMkBBlGGVu1x/8XpX9h/Hx91pqk6LdOU1I/mPBIY9/
P69JIW6NkuDt3F7W5JyW7Kr8/KTM7TCRNJUvOFeicI0C8Bur+hFcnZl2AQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCLQ/2WmI4YKHuZzTuRxk5pZuSIXMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvSXREX1phWWpoZ29lNW5OTzVIR1RtbG01SWhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUahuAwQA
WdUGAwQAbbBTAwQAbbDyMA0GCSqGSIb3DQEBCwUAA4IBAQBf+gg6tvwgDpSuiBCZ
H4mBzfdyHhfIdLUH/cP/vf4me7CJLSuKrjpzXiMNwFsVgbefX/X/DQAyoEiFqns5
biw9glhKZGQzkW9W+Bh/pdDfZkdxvhglKOpldqpLK6Ky4guh7iGFw6VfWoFRCoK8
JkwwWuDLAvIyDTQt2Z0t2hgx4/oKz4wlTy9dB5x4d0+jlHiwoYHvkslwphymK9fd
Hurkf+mIpR629PuquuNAdmLclMTRnXVZAV8fBxFnXrF6C/A8WxJEmzcpUFl6wJlJ
qtfBlg2zKB/6qqxe8NTYwpZYtL7EVtDyPybSRK+7T2f3IVjoERMXBQYqVo+R6hg6
+URK
-----END CERTIFICATE-----
Generated at Sun May 24 11:40:23 2026 by rpki-client