Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vhIsS8QTXX7Q1bxnBCUOFBdw0QI.roa
File: vhIsS8QTXX7Q1bxnBCUOFBdw0QI.roa (raw, json)
Hash identifier: wKZV7k4uWCDZ8rdTSYjula1CrBhU6Md5n2ezKIDtIq0=
Subject key identifier: BE:12:2C:4B:C4:13:5D:7E:D0:D5:BC:67:04:25:0E:14:17:70:D1:02
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019CADA353E6855EEB415AA1BAA39998E0E5
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vhIsS8QTXX7Q1bxnBCUOFBdw0QI.roa
Signing time: Mon 02 Mar 2026 08:21:28 +0000
ROA not before: Mon 02 Mar 2026 08:21:28 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 16509
IP address blocks: 77.93.137.0/24 maxlen: 24
77.93.149.0/24 maxlen: 24
82.153.208.0/22 maxlen: 22
82.163.19.0/24 maxlen: 24
89.213.58.0/24 maxlen: 24
89.213.228.0/24 maxlen: 24
213.210.16.0/24 maxlen: 24
213.210.18.0/24 maxlen: 24
213.210.33.0/24 maxlen: 24
213.210.51.0/24 maxlen: 24
213.218.220.0/24 maxlen: 24
217.144.151.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 20 Mar 2026 08:03:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ad:a3:53:e6:85:5e:eb:41:5a:a1:ba:a3:99:98:e0:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Mar 2 08:21:28 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=be122c4bc4135d7ed0d5bc6704250e141770d102
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:45:70:06:29:b6:4f:1a:ca:45:0b:8b:81:4b:
e2:d4:bc:c3:89:8e:b6:1c:24:ef:e4:9e:ba:36:55:
c7:72:f4:8b:0e:51:0c:75:2c:6e:6b:8e:72:9b:d5:
29:63:18:3d:99:8b:ec:19:f1:95:22:87:cf:e0:e6:
87:92:d7:be:7f:b7:f2:d3:37:44:83:67:f5:76:51:
d9:33:9c:cf:2f:08:be:47:5b:94:38:26:f1:46:9c:
af:5d:a6:45:e2:0e:6b:cb:8d:5e:40:ce:11:39:a1:
3d:e1:70:f5:39:36:bc:68:3e:92:59:3f:80:0d:2f:
87:5a:3a:ba:37:ee:e5:ad:0a:59:6f:d5:62:a7:1f:
2d:b0:c2:2b:ee:66:5e:58:47:1f:b9:49:12:c6:ae:
78:1e:39:5a:b8:a4:4a:27:6b:48:cd:34:0f:07:d3:
32:69:0a:40:94:b4:ec:e7:da:ec:70:d9:28:72:fd:
8f:a2:48:26:69:e2:61:f3:9c:af:75:1b:47:84:38:
fc:d3:00:da:88:9b:f3:cc:59:fd:93:55:39:28:6d:
a7:55:93:cb:90:8e:2c:1a:83:0c:46:b6:00:0b:2a:
20:d5:b5:da:c5:03:8a:a2:eb:98:ff:55:0c:98:33:
cd:0e:e6:59:f5:30:60:59:27:35:7a:c0:3f:fb:c0:
67:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:12:2C:4B:C4:13:5D:7E:D0:D5:BC:67:04:25:0E:14:17:70:D1:02
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vhIsS8QTXX7Q1bxnBCUOFBdw0QI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.93.137.0/24
77.93.149.0/24
82.153.208.0/22
82.163.19.0/24
89.213.58.0/24
89.213.228.0/24
213.210.16.0/24
213.210.18.0/24
213.210.33.0/24
213.210.51.0/24
213.218.220.0/24
217.144.151.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:40:8f:8e:12:87:90:d3:69:b8:d8:fa:11:a2:7c:c1:a2:40:
b0:97:e3:3d:24:8e:ee:8d:ef:0e:9e:45:c0:40:e2:ff:91:87:
de:46:d0:27:9f:ec:2c:44:7d:73:02:83:c6:49:c8:1e:54:38:
41:07:1a:a0:63:92:fe:07:ee:9f:47:fa:15:8d:30:af:77:da:
e5:98:52:63:a5:b2:a3:2c:3c:f6:17:46:23:da:16:70:a4:b7:
e9:ea:5b:c8:f6:6f:1a:c8:b9:97:c9:f2:44:67:3b:57:aa:3e:
b5:dc:11:5a:79:a0:3a:22:03:b9:13:ce:2d:14:75:b2:11:e8:
c1:3c:15:61:af:ed:8a:ac:51:dd:cd:4f:18:99:4c:6b:80:69:
15:ee:29:46:99:a7:96:18:72:52:2a:65:82:39:24:c0:b8:cd:
b0:39:72:91:23:45:61:8b:ce:a5:05:04:e8:3b:84:f2:5c:de:
29:e0:28:1c:b6:4f:88:29:30:07:5d:37:4d:3b:28:0f:76:62:
8c:33:c6:12:d1:5d:4e:d8:ab:44:36:e1:c6:c0:0e:75:1e:33:
e9:35:63:ca:e6:0c:83:f5:c4:f5:89:ab:9c:e3:71:85:f3:5a:
5b:73:7d:ae:b3:c1:66:5e:68:b2:6a:ac:bc:80:ea:02:63:b2:
59:2a:22:4e
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZyto1PmhV7rQVqhuqOZmODlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjYwMzAyMDgyMTI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTEyMmM0YmM0MTM1ZDdlZDBkNWJjNjcwNDI1MGUxNDE3NzBkMTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz0VwBim2TxrKRQuLgUvi1LzDiY62
HCTv5J66NlXHcvSLDlEMdSxua45ym9UpYxg9mYvsGfGVIofP4OaHkte+f7fy0zdE
g2f1dlHZM5zPLwi+R1uUOCbxRpyvXaZF4g5ry41eQM4ROaE94XD1OTa8aD6SWT+A
DS+HWjq6N+7lrQpZb9Vipx8tsMIr7mZeWEcfuUkSxq54HjlauKRKJ2tIzTQPB9My
aQpAlLTs59rscNkocv2PokgmaeJh85yvdRtHhDj80wDaiJvzzFn9k1U5KG2nVZPL
kI4sGoMMRrYACyog1bXaxQOKouuY/1UMmDPNDuZZ9TBgWSc1esA/+8BnKwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFL4SLEvEE11+0NW8ZwQlDhQXcNECMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdmhJc1M4UVRYWDdRMWJ4bkJDVU9GQmR3MFFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQATV2JAwQA
TV2VAwQCUpnQAwQAUqMTAwQAWdU6AwQAWdXkAwQA1dIQAwQA1dISAwQA1dIhAwQA
1dIzAwQA1drcAwQA2ZCXMA0GCSqGSIb3DQEBCwUAA4IBAQBrQI+OEoeQ02m42PoR
onzBokCwl+M9JI7uje8OnkXAQOL/kYfeRtAnn+wsRH1zAoPGScgeVDhBBxqgY5L+
B+6fR/oVjTCvd9rlmFJjpbKjLDz2F0Yj2hZwpLfp6lvI9m8ayLmXyfJEZztXqj61
3BFaeaA6IgO5E84tFHWyEejBPBVhr+2KrFHdzU8YmUxrgGkV7ilGmaeWGHJSKmWC
OSTAuM2wOXKRI0Vhi86lBQToO4TyXN4p4Cgctk+IKTAHXTdNOygPdmKMM8YS0V1O
2KtENuHGwA51HjPpNWPK5gyD9cT1iauc43GF81pbc32us8FmXmiyaqy8gOoCY7JZ
KiJO
-----END CERTIFICATE-----
Generated at Thu Mar 19 12:31:13 2026 by rpki-client