Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/v_wKwC9Swgdhid1prVRvcotHLG8.roa
File: v_wKwC9Swgdhid1prVRvcotHLG8.roa (raw, json)
Hash identifier: qsXqz8v7jHDYvRKSRixK/YqBkDfj5NgvdNt3jrJT9rc=
Subject key identifier: BF:FC:0A:C0:2F:52:C2:07:61:89:DD:69:AD:54:6F:72:8B:47:2C:6F
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019D4D01F45ACC5E83C878604B55EBAF4878
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/v_wKwC9Swgdhid1prVRvcotHLG8.roa
Signing time: Thu 02 Apr 2026 07:04:26 +0000
ROA not before: Thu 02 Apr 2026 07:04:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215727
IP address blocks: 82.153.148.0/24 maxlen: 24
89.213.63.0/24 maxlen: 24
89.213.227.0/24 maxlen: 24
109.176.208.0/24 maxlen: 24
213.130.137.0/24 maxlen: 24
213.130.152.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Apr 2026 20:11:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:4d:01:f4:5a:cc:5e:83:c8:78:60:4b:55:eb:af:48:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Apr 2 07:04:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=bffc0ac02f52c2076189dd69ad546f728b472c6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:52:5d:63:2d:2a:03:e4:00:c6:d5:31:86:03:
a9:3f:bc:30:f6:f7:76:ac:2b:d7:eb:d8:1b:ac:33:
0a:cb:af:7d:97:97:64:03:5c:e0:4d:21:4b:69:dc:
86:b3:59:ec:41:76:e9:3e:22:78:6b:ca:4e:35:20:
c2:97:f8:39:08:0a:5f:a5:c8:ef:72:99:d7:89:24:
35:5e:06:28:74:c7:10:e3:81:a1:6e:a5:88:59:9b:
21:74:3c:4b:41:e7:a6:d8:d7:49:f7:78:3c:2e:de:
53:1c:cd:c2:2f:bc:f8:88:55:c4:71:0d:44:84:69:
64:aa:bf:91:0c:68:28:84:d0:0d:cf:79:f0:16:11:
71:09:53:95:3c:a1:f4:9a:47:e2:7e:a2:9d:8e:0d:
e1:93:e5:aa:3d:a2:ca:7f:67:08:41:f6:27:8f:55:
f7:5a:89:61:36:1f:65:f3:25:8a:2f:d6:6c:52:f3:
d1:b9:a5:c5:02:6b:fd:72:dd:39:a7:4d:bb:a1:5f:
0d:9e:01:f9:53:31:42:d0:29:83:e8:c9:53:00:37:
35:4d:5d:8d:e8:ae:f7:b5:b6:99:d1:6e:f9:48:60:
5c:ed:bb:a7:cf:a3:79:11:6a:69:9b:d7:48:a4:d4:
d5:46:fb:11:fd:61:90:b4:7d:93:0d:c7:59:48:33:
61:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:FC:0A:C0:2F:52:C2:07:61:89:DD:69:AD:54:6F:72:8B:47:2C:6F
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/v_wKwC9Swgdhid1prVRvcotHLG8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.148.0/24
89.213.63.0/24
89.213.227.0/24
109.176.208.0/24
213.130.137.0/24
213.130.152.0/24
Signature Algorithm: sha256WithRSAEncryption
94:50:6d:e9:01:8a:ce:3e:cb:5a:d1:8a:fd:85:75:b8:5a:d6:
f8:d4:a5:63:d6:32:d6:d7:70:2d:f6:d9:db:94:7d:6c:6a:e2:
5c:1a:52:8c:fe:55:67:9c:42:3a:5d:11:e1:cb:93:e9:33:5f:
5b:8a:73:7b:65:88:9c:7a:ae:cf:63:d6:f8:3f:0d:bf:9d:c9:
2f:2a:b4:35:f0:2a:87:45:b0:de:36:50:c4:d0:54:e6:2b:ba:
15:9e:54:7e:2e:50:0e:b6:7b:21:ca:d0:53:c0:56:40:1f:44:
e2:cb:07:ae:c7:91:b1:2f:32:1d:0a:2b:60:02:ce:63:d8:8e:
69:e7:2e:da:a7:11:a2:cc:0d:c8:35:e7:5d:f9:7b:ce:a1:03:
1c:7e:bb:ac:3f:d1:83:a6:98:d3:a0:e2:da:66:5a:84:3d:eb:
d4:92:f6:91:be:cf:af:5a:39:07:6a:88:e3:5b:d1:f3:ca:fb:
c3:05:a8:1d:e3:04:bd:ad:e5:0c:c4:7c:a4:80:de:a9:8e:fb:
84:40:40:7f:75:79:34:cf:90:44:88:cd:00:f1:e7:28:2e:59:
18:52:d5:f8:04:62:c7:6a:94:95:ee:45:32:f8:84:81:94:88:
c9:59:27:1f:a1:d0:67:d9:e2:04:b5:1b:2d:12:a9:87:d3:0b:
8b:1a:bb:ee
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZ1NAfRazF6DyHhgS1Xrr0h4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjYwNDAyMDcwNDI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmZjMGFjMDJmNTJjMjA3NjE4OWRkNjlhZDU0NmY3MjhiNDcyYzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnlJdYy0qA+QAxtUxhgOpP7ww9vd2
rCvX69gbrDMKy699l5dkA1zgTSFLadyGs1nsQXbpPiJ4a8pONSDCl/g5CApfpcjv
cpnXiSQ1XgYodMcQ44GhbqWIWZshdDxLQeem2NdJ93g8Lt5THM3CL7z4iFXEcQ1E
hGlkqr+RDGgohNANz3nwFhFxCVOVPKH0mkfifqKdjg3hk+WqPaLKf2cIQfYnj1X3
WolhNh9l8yWKL9ZsUvPRuaXFAmv9ct05p027oV8NngH5UzFC0CmD6MlTADc1TV2N
6K73tbaZ0W75SGBc7bunz6N5EWppm9dIpNTVRvsR/WGQtH2TDcdZSDNhGwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFL/8CsAvUsIHYYndaa1Ub3KLRyxvMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdl93S3dDOVN3Z2RoaWQxcHJWUnZjb3RITEc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAUpmUAwQA
WdU/AwQAWdXjAwQAbbDQAwQA1YKJAwQA1YKYMA0GCSqGSIb3DQEBCwUAA4IBAQCU
UG3pAYrOPsta0Yr9hXW4Wtb41KVj1jLW13At9tnblH1sauJcGlKM/lVnnEI6XRHh
y5PpM19binN7ZYiceq7PY9b4Pw2/nckvKrQ18CqHRbDeNlDE0FTmK7oVnlR+LlAO
tnshytBTwFZAH0Tiyweux5GxLzIdCitgAs5j2I5p5y7apxGizA3INedd+XvOoQMc
frusP9GDppjToOLaZlqEPevUkvaRvs+vWjkHaojjW9HzyvvDBagd4wS9reUMxHyk
gN6pjvuEQEB/dXk0z5BEiM0A8ecoLlkYUtX4BGLHapSV7kUy+ISBlIjJWScfodBn
2eIEtRstEqmH0wuLGrvu
-----END CERTIFICATE-----
Generated at Thu Apr 9 05:14:36 2026 by rpki-client