Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/sJbJMC49W9o_JIvbkJaJVNg2vjo.roa
File: sJbJMC49W9o_JIvbkJaJVNg2vjo.roa (raw, json)
Hash identifier: CsMMgX53T9hR1htbRnw6OxSq6W4fXniCemw05ApDn9Y=
Subject key identifier: B0:96:C9:30:2E:3D:5B:DA:3F:24:8B:DB:90:96:89:54:D8:36:BE:3A
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019E4964B5FFF9BD3CC09CB78E5C349C34B2
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/sJbJMC49W9o_JIvbkJaJVNg2vjo.roa
Signing time: Thu 21 May 2026 07:16:37 +0000
ROA not before: Thu 21 May 2026 07:16:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 174
IP address blocks: 80.240.95.0/24 maxlen: 24
82.152.56.0/24 maxlen: 24
82.152.60.0/24 maxlen: 24
82.152.69.0/24 maxlen: 24
82.152.78.0/24 maxlen: 24
82.152.80.0/24 maxlen: 24
82.152.112.0/24 maxlen: 24
82.152.113.0/24 maxlen: 24
82.152.119.0/24 maxlen: 24
82.152.123.0/24 maxlen: 24
82.152.124.0/24 maxlen: 24
82.152.125.0/24 maxlen: 24
82.152.126.0/24 maxlen: 24
82.152.135.0/24 maxlen: 24
82.152.137.0/24 maxlen: 24
82.152.185.0/24 maxlen: 24
82.152.235.0/24 maxlen: 24
82.152.237.0/24 maxlen: 24
82.152.239.0/24 maxlen: 24
82.153.59.0/24 maxlen: 24
82.153.87.0/24 maxlen: 24
82.153.141.0/24 maxlen: 24
82.153.176.0/24 maxlen: 24
82.153.183.0/24 maxlen: 24
82.153.188.0/24 maxlen: 24
82.153.214.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 May 2026 01:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:49:64:b5:ff:f9:bd:3c:c0:9c:b7:8e:5c:34:9c:34:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 21 07:16:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b096c9302e3d5bda3f248bdb90968954d836be3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:cb:b2:7f:5e:c0:b0:cd:5d:81:85:9f:f8:92:
e1:ae:a9:28:39:aa:bc:98:27:57:62:2f:9f:a5:28:
79:30:a3:50:5e:51:37:8e:e9:80:1c:d1:b2:3a:05:
65:cc:31:51:5e:44:75:6b:82:d7:b5:35:2f:2d:a4:
17:b9:4c:35:1c:6c:a9:85:d8:a3:c3:a5:df:d8:c9:
5f:5a:db:d4:1c:64:2f:82:ab:b4:68:cc:f3:ad:cb:
7f:fb:ab:e3:a8:69:a8:43:31:c7:8f:f8:75:28:ca:
84:b7:9d:c1:1b:32:04:4e:69:d0:d7:38:13:8a:61:
87:13:ff:4b:87:74:57:56:e9:e4:41:e0:ba:3d:c7:
e8:84:8a:03:3c:0c:1d:36:2a:06:a6:41:ae:31:94:
4c:e5:b2:6b:b2:ca:15:d5:b8:42:cc:fe:41:72:89:
d9:10:3c:3c:e2:5d:d2:5d:b1:f1:4f:20:da:80:92:
3d:fd:19:14:d1:8c:89:df:dd:9a:b3:43:cd:f4:36:
98:d3:80:c2:06:61:39:9a:b4:93:48:4c:c2:c6:b0:
9b:07:2d:a5:3b:38:2c:6d:4f:25:b7:73:9c:ce:06:
7c:d8:2a:f7:d1:d7:37:6f:88:c7:fc:89:cb:2b:f8:
79:96:42:97:e7:76:00:16:39:30:c2:1d:74:04:47:
79:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:96:C9:30:2E:3D:5B:DA:3F:24:8B:DB:90:96:89:54:D8:36:BE:3A
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/sJbJMC49W9o_JIvbkJaJVNg2vjo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.240.95.0/24
82.152.56.0/24
82.152.60.0/24
82.152.69.0/24
82.152.78.0/24
82.152.80.0/24
82.152.112.0/23
82.152.119.0/24
82.152.123.0-82.152.126.255
82.152.135.0/24
82.152.137.0/24
82.152.185.0/24
82.152.235.0/24
82.152.237.0/24
82.152.239.0/24
82.153.59.0/24
82.153.87.0/24
82.153.141.0/24
82.153.176.0/24
82.153.183.0/24
82.153.188.0/24
82.153.214.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:d6:4d:a7:5e:5d:4d:40:3b:9c:6d:9c:47:65:33:ce:59:26:
0d:db:48:c8:57:98:8d:a7:d6:90:62:a8:41:63:c0:0e:76:9e:
7a:1c:df:d8:2b:ca:2a:23:06:95:08:a5:70:8e:e1:f8:1f:f1:
e2:c8:6f:42:fe:cf:d5:d8:e5:ed:61:7a:55:9f:57:c8:51:84:
d9:f3:1f:87:81:7b:0a:84:95:e4:ab:99:44:04:4b:9c:1d:84:
b8:c0:82:9d:ff:08:20:30:0c:68:6e:12:62:42:0d:5e:81:f0:
80:fd:94:7b:de:97:6c:2d:9e:45:9b:9c:34:09:d8:dc:5a:f0:
47:05:27:2f:68:3b:b1:b3:83:7c:2d:f4:05:73:98:8d:dc:2a:
e8:ba:fb:78:c2:9e:a5:38:37:79:7b:89:1b:15:a9:df:2b:1c:
c3:94:49:72:4b:74:ed:74:5c:72:69:a7:de:f3:24:cd:a8:58:
07:bf:6b:c7:5f:5b:da:30:8e:73:ea:f0:ee:77:0e:86:cf:33:
a4:fa:fc:03:dc:5e:94:41:45:8e:4d:03:42:ef:06:30:f5:76:
57:cc:5b:9f:c5:fe:ff:c8:ae:f7:e8:99:f6:ab:2a:7f:52:11:
c4:32:66:14:24:d8:c3:2f:b4:6a:63:f7:ae:7a:d1:82:ca:eb:
fb:ca:01:4b
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAZ5JZLX/+b08wJy3jlw0nDSyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjYwNTIxMDcxNjM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDk2YzkzMDJlM2Q1YmRhM2YyNDhiZGI5MDk2ODk1NGQ4MzZiZTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8uyf17AsM1dgYWf+JLhrqkoOaq8
mCdXYi+fpSh5MKNQXlE3jumAHNGyOgVlzDFRXkR1a4LXtTUvLaQXuUw1HGyphdij
w6Xf2MlfWtvUHGQvgqu0aMzzrct/+6vjqGmoQzHHj/h1KMqEt53BGzIETmnQ1zgT
imGHE/9Lh3RXVunkQeC6PcfohIoDPAwdNioGpkGuMZRM5bJrssoV1bhCzP5BconZ
EDw84l3SXbHxTyDagJI9/RkU0YyJ392as0PN9DaY04DCBmE5mrSTSEzCxrCbBy2l
OzgsbU8lt3OczgZ82Cr30dc3b4jH/InLK/h5lkKX53YAFjkwwh10BEd54wIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFLCWyTAuPVvaPySL25CWiVTYNr46MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvc0piSk1DNDlXOW9fSkl2YmtKYUpWTmcydmpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljCBkwQCAAEwgYwDBABQ
8F8DBABSmDgDBABSmDwDBABSmEUDBABSmE4DBABSmFADBAFSmHADBABSmHcwDAME
AFKYewMEAFKYfgMEAFKYhwMEAFKYiQMEAFKYuQMEAFKY6wMEAFKY7QMEAFKY7wME
AFKZOwMEAFKZVwMEAFKZjQMEAFKZsAMEAFKZtwMEAFKZvAMEAFKZ1jANBgkqhkiG
9w0BAQsFAAOCAQEAPtZNp15dTUA7nG2cR2UzzlkmDdtIyFeYjafWkGKoQWPADnae
ehzf2CvKKiMGlQilcI7h+B/x4shvQv7P1djl7WF6VZ9XyFGE2fMfh4F7CoSV5KuZ
RARLnB2EuMCCnf8IIDAMaG4SYkINXoHwgP2Ue96XbC2eRZucNAnY3FrwRwUnL2g7
sbODfC30BXOYjdwq6Lr7eMKepTg3eXuJGxWp3yscw5RJckt07XRccmmn3vMkzahY
B79rx19b2jCOc+rw7ncOhs8zpPr8A9xelEFFjk0DQu8GMPV2V8xbn8X+/8iu9+iZ
9qsqf1IRxDJmFCTYwy+0amP3rnrRgsrr+8oBSw==
-----END CERTIFICATE-----
Generated at Sun May 24 11:40:23 2026 by rpki-client