Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/spGJviQwmgf27_KidhDx3GkDMs8.roa
File: spGJviQwmgf27_KidhDx3GkDMs8.roa (raw, json)
Hash identifier: SAeSZF18KpR5whylVOF+verqKRYUxacwHUe6ARP9IcA=
Subject key identifier: B2:91:89:BE:24:30:9A:07:F6:EF:F2:A2:76:10:F1:DC:69:03:32:CF
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019D1F5AE0BCACAD9617489EF302891521AD
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/spGJviQwmgf27_KidhDx3GkDMs8.roa
Signing time: Tue 24 Mar 2026 10:19:02 +0000
ROA not before: Tue 24 Mar 2026 10:19:02 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 32693
IP address blocks: 89.213.113.0/24 maxlen: 24
89.213.115.0/24 maxlen: 24
89.213.120.0/24 maxlen: 24
89.213.122.0/24 maxlen: 24
89.213.126.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 13:42:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:1f:5a:e0:bc:ac:ad:96:17:48:9e:f3:02:89:15:21:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Mar 24 10:19:02 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b29189be24309a07f6eff2a27610f1dc690332cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ff:73:1a:ee:df:55:03:ab:fa:3a:7c:f1:20:63:
ca:55:ef:46:36:95:a8:fb:63:99:c5:33:cb:a3:cd:
78:76:4b:d1:85:2c:5b:3e:99:92:5a:62:b0:6c:24:
50:62:aa:a9:32:06:5e:02:3e:21:bf:e7:3e:90:6d:
84:ad:71:c7:c8:43:be:08:a6:1e:18:69:55:03:61:
fe:15:f9:3c:c7:42:5e:ea:8f:f8:33:8f:b6:23:01:
59:27:14:3f:f5:b4:57:1e:2a:5f:0e:1d:90:f6:c0:
51:c2:50:a9:44:c3:d2:84:b0:ec:0c:10:9c:4d:15:
c7:59:70:94:fe:27:b3:2c:89:b5:3a:5d:03:98:f6:
d5:eb:f2:b0:db:67:ca:e7:3e:94:7f:6e:1f:a6:a3:
6a:af:03:dd:0c:fd:de:0d:32:99:c9:24:da:0b:b4:
1a:e6:36:b6:c8:4d:91:06:ba:c3:c8:c5:f2:18:15:
e4:2f:59:a6:a6:04:73:5a:88:19:a8:b4:bd:cc:dc:
e2:5c:75:35:95:54:17:9f:2d:42:27:81:30:63:45:
de:24:fa:21:a9:35:a6:05:4e:2d:2c:57:ad:00:d6:
2a:3a:c4:48:59:f2:dc:6d:aa:f5:ac:ab:dc:5b:71:
3c:b5:24:69:4d:39:7a:7d:63:42:17:1f:cb:d3:84:
df:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:91:89:BE:24:30:9A:07:F6:EF:F2:A2:76:10:F1:DC:69:03:32:CF
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/spGJviQwmgf27_KidhDx3GkDMs8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.113.0/24
89.213.115.0/24
89.213.120.0/24
89.213.122.0/24
89.213.126.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:d6:06:5c:18:cd:13:73:2a:09:9a:76:7b:06:99:be:c5:8d:
33:6c:0e:49:29:38:67:06:6e:22:45:ad:1f:04:23:24:05:b7:
6a:d1:6d:23:59:5d:03:f2:53:fa:66:96:ca:63:ef:dd:2a:f3:
5b:a3:72:b8:15:03:d8:98:27:ca:cc:c5:9c:38:b2:64:cc:6b:
53:30:72:f1:a2:89:22:94:02:e2:05:6c:54:92:7f:29:85:68:
06:5d:c6:da:c8:7e:4d:f2:51:67:bb:b4:0b:5a:b8:64:9a:6b:
74:b4:ec:dc:0e:32:af:f2:f6:02:5a:c4:2d:60:d9:39:b5:3b:
91:09:2d:e6:a8:35:dd:e3:30:74:e0:2a:51:ef:81:57:db:e3:
79:5a:5e:89:c9:96:13:9c:3e:f2:79:39:b0:78:5c:87:24:ae:
13:81:b7:49:43:05:75:5d:f9:dc:c9:4d:25:47:eb:ad:d7:ea:
d3:13:8c:2d:ea:0e:34:95:91:6b:fe:da:61:8d:af:a7:a6:ae:
0f:a2:6a:62:f8:1e:44:17:a9:56:1c:67:9a:e3:2e:61:91:fb:
c2:81:fa:05:d2:b9:84:75:77:32:08:de:d7:d9:b2:4a:75:a9:
6f:d6:f4:0e:4c:0f:f7:40:7c:ac:93:d1:a5:58:7e:8c:b0:b9:
7e:5e:79:62
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ0fWuC8rK2WF0ie8wKJFSGtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjYwMzI0MTAxOTAyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjkxODliZTI0MzA5YTA3ZjZlZmYyYTI3NjEwZjFkYzY5MDMzMmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/3Ma7t9VA6v6OnzxIGPKVe9GNpWo
+2OZxTPLo814dkvRhSxbPpmSWmKwbCRQYqqpMgZeAj4hv+c+kG2ErXHHyEO+CKYe
GGlVA2H+Ffk8x0Je6o/4M4+2IwFZJxQ/9bRXHipfDh2Q9sBRwlCpRMPShLDsDBCc
TRXHWXCU/iezLIm1Ol0DmPbV6/Kw22fK5z6Uf24fpqNqrwPdDP3eDTKZySTaC7Qa
5ja2yE2RBrrDyMXyGBXkL1mmpgRzWogZqLS9zNziXHU1lVQXny1CJ4EwY0XeJPoh
qTWmBU4tLFetANYqOsRIWfLcbar1rKvcW3E8tSRpTTl6fWNCFx/L04TfowIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLKRib4kMJoH9u/yonYQ8dxpAzLPMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvc3BHSnZpUXdtZ2YyN19LaWRoRHgzR2tETXM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAWdVxAwQA
WdVzAwQAWdV4AwQAWdV6AwQAWdV+MA0GCSqGSIb3DQEBCwUAA4IBAQAM1gZcGM0T
cyoJmnZ7Bpm+xY0zbA5JKThnBm4iRa0fBCMkBbdq0W0jWV0D8lP6ZpbKY+/dKvNb
o3K4FQPYmCfKzMWcOLJkzGtTMHLxookilALiBWxUkn8phWgGXcbayH5N8lFnu7QL
Wrhkmmt0tOzcDjKv8vYCWsQtYNk5tTuRCS3mqDXd4zB04CpR74FX2+N5Wl6JyZYT
nD7yeTmweFyHJK4TgbdJQwV1XfncyU0lR+ut1+rTE4wt6g40lZFr/tphja+npq4P
ompi+B5EF6lWHGea4y5hkfvCgfoF0rmEdXcyCN7X2bJKdalv1vQOTA/3QHysk9Gl
WH6MsLl+Xnli
-----END CERTIFICATE-----
Generated at Wed Mar 25 18:14:11 2026 by rpki-client