Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/oEnd6C_S55qzCj8fiC1JIp-3iDg.roa
File: oEnd6C_S55qzCj8fiC1JIp-3iDg.roa (raw, json)
Hash identifier: rlM3+s7kxWmi2extU7PL3HOQD/7P1lpx2t8rtW+5FL8=
Subject key identifier: A0:49:DD:E8:2F:D2:E7:9A:B3:0A:3F:1F:88:2D:49:22:9F:B7:88:38
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019DD80D19AB1FE22C0A4E2B3AEF6E6CE151
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/oEnd6C_S55qzCj8fiC1JIp-3iDg.roa
Signing time: Wed 29 Apr 2026 07:03:50 +0000
ROA not before: Wed 29 Apr 2026 07:03:50 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 32418
IP address blocks: 81.168.122.0/24 maxlen: 24
82.152.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 01 May 2026 10:34:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d8:0d:19:ab:1f:e2:2c:0a:4e:2b:3a:ef:6e:6c:e1:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Apr 29 07:03:50 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a049dde82fd2e79ab30a3f1f882d49229fb78838
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:81:e7:eb:bf:af:8b:19:e2:5d:05:c2:2f:d7:
53:20:01:cc:5a:a7:39:7a:18:19:65:6e:e3:af:0f:
15:35:bc:01:ca:ef:7d:fa:3e:2e:cc:d6:a7:26:d4:
13:dc:80:b8:3f:53:69:1a:a1:65:62:fb:c4:d6:82:
62:bd:06:80:85:59:bc:83:31:73:42:b4:5a:ac:99:
85:8d:84:60:41:92:b2:1a:9c:8d:fe:45:d1:bd:bf:
c3:6e:35:98:f9:81:54:6b:bb:d9:4c:a2:65:76:79:
c9:33:a5:4d:01:64:f7:85:72:20:99:28:90:39:94:
5f:10:4e:70:e2:02:bc:56:99:1a:97:f6:7a:5c:73:
a1:88:8b:5d:6a:4e:bc:d4:92:ff:38:ac:de:5a:14:
8c:9b:51:7d:6e:9e:31:2b:2a:5d:59:f2:3a:1e:2c:
eb:72:48:41:6d:3e:3d:12:5f:e4:19:dd:59:af:0d:
e3:38:49:26:7a:48:40:a6:0f:eb:40:32:59:8b:4a:
96:35:99:d7:9f:47:e6:32:f2:8f:92:e8:50:a4:6a:
80:0e:19:b3:37:a1:2b:ab:23:73:53:51:b8:bf:e5:
83:19:8c:fb:7f:05:1d:38:97:6e:e5:bb:40:ee:9f:
d0:d7:d1:84:33:af:d0:42:f2:7a:3a:c7:a8:40:d4:
33:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:49:DD:E8:2F:D2:E7:9A:B3:0A:3F:1F:88:2D:49:22:9F:B7:88:38
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/oEnd6C_S55qzCj8fiC1JIp-3iDg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.122.0/24
82.152.254.0/24
Signature Algorithm: sha256WithRSAEncryption
62:79:95:bb:86:08:3a:e3:21:b1:02:08:7f:ae:0b:00:a5:e7:
98:d3:63:f7:e4:33:59:bf:26:47:72:33:11:02:9e:55:0a:01:
a0:7d:26:b3:7a:cf:53:14:95:70:68:0a:1a:a8:69:7f:c6:8a:
4a:e4:56:03:e3:8c:31:6c:a4:a8:05:f7:b6:df:92:b7:ee:89:
a0:ee:ba:40:5c:fd:1b:f0:cf:31:5e:ba:33:6f:28:95:48:87:
8e:ef:df:13:49:c6:3b:fc:ee:45:06:36:80:db:89:6e:b0:68:
d1:9c:c5:9b:a5:6a:b6:98:be:e5:4c:77:05:bf:29:79:e5:3d:
a5:4e:f9:6a:db:00:56:c7:d6:1f:1a:ce:32:4e:21:71:0c:23:
64:75:49:fb:52:46:8f:05:47:e8:8b:0b:b1:30:02:a4:1f:d4:
24:49:ab:af:ea:e2:45:98:01:0a:41:af:28:bd:aa:f9:c8:95:
42:bd:b8:8a:a7:5d:b1:90:65:37:83:5c:c6:cd:87:5a:a5:c9:
5d:31:19:20:70:1c:af:b7:f9:ac:dd:ca:58:a9:c1:22:60:da:
59:3b:f5:94:fb:f0:0d:35:a4:44:7d:37:f3:0c:a6:cc:d2:77:
f2:2d:40:4e:a5:e1:de:53:c3:1d:89:aa:77:14:d3:61:3d:33:
d7:2d:02:8b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ3YDRmrH+IsCk4rOu9ubOFRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjYwNDI5MDcwMzUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDQ5ZGRlODJmZDJlNzlhYjMwYTNmMWY4ODJkNDkyMjlmYjc4ODM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsYHn67+vixniXQXCL9dTIAHMWqc5
ehgZZW7jrw8VNbwByu99+j4uzNanJtQT3IC4P1NpGqFlYvvE1oJivQaAhVm8gzFz
QrRarJmFjYRgQZKyGpyN/kXRvb/DbjWY+YFUa7vZTKJldnnJM6VNAWT3hXIgmSiQ
OZRfEE5w4gK8Vpkal/Z6XHOhiItdak681JL/OKzeWhSMm1F9bp4xKypdWfI6Hizr
ckhBbT49El/kGd1Zrw3jOEkmekhApg/rQDJZi0qWNZnXn0fmMvKPkuhQpGqADhmz
N6ErqyNzU1G4v+WDGYz7fwUdOJdu5btA7p/Q19GEM6/QQvJ6OseoQNQzOQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKBJ3egv0ueaswo/H4gtSSKft4g4MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvb0VuZDZDX1M1NXF6Q2o4ZmlDMUpJcC0zaURnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUah6AwQA
Upj+MA0GCSqGSIb3DQEBCwUAA4IBAQBieZW7hgg64yGxAgh/rgsApeeY02P35DNZ
vyZHcjMRAp5VCgGgfSazes9TFJVwaAoaqGl/xopK5FYD44wxbKSoBfe235K37omg
7rpAXP0b8M8xXrozbyiVSIeO798TScY7/O5FBjaA24lusGjRnMWbpWq2mL7lTHcF
vyl55T2lTvlq2wBWx9YfGs4yTiFxDCNkdUn7UkaPBUfoiwuxMAKkH9QkSauv6uJF
mAEKQa8ovar5yJVCvbiKp12xkGU3g1zGzYdapcldMRkgcByvt/ms3cpYqcEiYNpZ
O/WU+/ANNaREfTfzDKbM0nfyLUBOpeHeU8Mdiap3FNNhPTPXLQKL
-----END CERTIFICATE-----
Generated at Thu Apr 30 17:31:59 2026 by rpki-client