Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/6b6d1f-5421-48b9-b7eb-da1fe9ebee8e/1/B8hP3lu4x-v6AGdd-NBMTGbKn60.roa
File: B8hP3lu4x-v6AGdd-NBMTGbKn60.roa (raw, json)
Hash identifier: J5ElDZLvmlw9NvMlGd8Bg3jT1oh60NlhHSd2q9Cwhys=
Subject key identifier: 07:C8:4F:DE:5B:B8:C7:EB:FA:00:67:5D:F8:D0:4C:4C:66:CA:9F:AD
Certificate issuer: /CN=9b8151ae164a5b782b103de7f7c8a8948932aebf
Certificate serial: 019E62E1C51A740C76FE44C1EB0626EB2044
Authority key identifier: 9B:81:51:AE:16:4A:5B:78:2B:10:3D:E7:F7:C8:A8:94:89:32:AE:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m4FRrhZKW3grED3n98iolIkyrr8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/6b6d1f-5421-48b9-b7eb-da1fe9ebee8e/1/B8hP3lu4x-v6AGdd-NBMTGbKn60.roa
Signing time: Tue 26 May 2026 06:03:43 +0000
ROA not before: Tue 26 May 2026 06:03:43 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 48926
IP address blocks: 37.44.16.0/20 maxlen: 20
37.143.112.0/21 maxlen: 21
91.233.208.0/22 maxlen: 22
94.142.232.0/21 maxlen: 21
178.248.248.0/21 maxlen: 21
185.75.116.0/22 maxlen: 22
2a03:a900::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/6b6d1f-5421-48b9-b7eb-da1fe9ebee8e/1/m4FRrhZKW3grED3n98iolIkyrr8.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/6b6d1f-5421-48b9-b7eb-da1fe9ebee8e/1/m4FRrhZKW3grED3n98iolIkyrr8.mft
rsync://rpki.ripe.net/repository/DEFAULT/m4FRrhZKW3grED3n98iolIkyrr8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 09:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:62:e1:c5:1a:74:0c:76:fe:44:c1:eb:06:26:eb:20:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b8151ae164a5b782b103de7f7c8a8948932aebf
Validity
Not Before: May 26 06:03:43 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=07c84fde5bb8c7ebfa00675df8d04c4c66ca9fad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:fe:9b:a3:ab:cb:cb:91:f5:d8:3b:85:ff:03:
5a:cc:40:e9:29:cd:6e:3b:ec:d8:7d:b6:3d:45:4e:
00:3f:c4:b9:18:e1:d3:97:0a:84:be:c7:50:29:77:
da:9a:71:01:a5:08:09:5c:20:19:e6:64:42:bf:7e:
6a:eb:31:e3:e1:47:6f:f1:a9:7e:21:e1:f2:2f:d2:
c4:db:8e:b4:3a:ff:22:c5:01:4a:8e:84:c2:4b:72:
57:2d:c4:4e:09:0e:9c:37:a9:f5:96:ea:4d:d3:35:
e0:40:1c:1f:4d:47:d1:69:7b:5f:c4:56:1f:6b:ef:
1c:8d:08:f4:1a:44:58:75:83:68:89:3e:aa:f6:7d:
be:d7:68:78:32:62:1c:f2:b0:11:66:05:46:75:91:
7f:6a:83:5a:8f:ae:cd:a9:4e:a0:69:a9:86:e1:28:
e1:83:63:fd:b6:bd:3f:72:0c:e3:8a:71:2f:8b:a4:
14:5c:e1:c9:a3:60:bc:91:cb:3d:06:c1:70:35:73:
d6:01:ad:9c:58:53:9a:e2:20:da:a7:e2:7d:7b:5f:
d4:e9:e6:8d:8c:77:99:6b:a3:22:b4:29:7d:ad:42:
ba:4c:1a:bc:f7:54:a1:6c:e3:5a:68:e2:5a:1f:cc:
c2:47:29:aa:e8:d0:f6:8b:e5:44:af:9f:d8:db:98:
5b:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:C8:4F:DE:5B:B8:C7:EB:FA:00:67:5D:F8:D0:4C:4C:66:CA:9F:AD
X509v3 Authority Key Identifier:
keyid:9B:81:51:AE:16:4A:5B:78:2B:10:3D:E7:F7:C8:A8:94:89:32:AE:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m4FRrhZKW3grED3n98iolIkyrr8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/6b6d1f-5421-48b9-b7eb-da1fe9ebee8e/1/B8hP3lu4x-v6AGdd-NBMTGbKn60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/6b6d1f-5421-48b9-b7eb-da1fe9ebee8e/1/m4FRrhZKW3grED3n98iolIkyrr8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.44.16.0/20
37.143.112.0/21
91.233.208.0/22
94.142.232.0/21
178.248.248.0/21
185.75.116.0/22
IPv6:
2a03:a900::/32
Signature Algorithm: sha256WithRSAEncryption
7c:19:23:f8:50:f0:30:b2:9d:94:e9:99:19:7d:f4:ee:1c:70:
2c:6a:10:15:b7:c4:df:7c:d1:98:f9:15:c7:84:b4:cc:3a:e4:
fa:7e:92:7f:f3:8e:c8:28:86:7c:64:fc:0f:ea:6d:d9:7b:7c:
9f:35:32:a4:1a:11:d8:9c:3f:2c:c6:e1:5c:44:18:b5:0e:78:
81:3a:9f:6d:da:92:bb:98:40:b3:7e:ff:98:84:8c:25:19:8f:
c4:8f:3e:c1:a6:dd:1e:7e:31:60:fe:dd:28:2e:60:40:52:70:
d3:2d:89:d1:16:12:a2:96:d5:6f:d0:ef:98:e7:fc:2d:d2:e4:
b1:03:ac:06:7e:3c:86:41:93:e7:9a:75:3f:a0:31:35:38:b8:
ad:3f:b7:ed:bd:1f:82:2b:34:00:48:ef:52:9c:d2:92:f0:d5:
d1:19:5e:f8:ee:2d:e9:80:f0:69:8c:56:f1:04:6b:35:7b:6a:
6f:8d:af:20:8f:35:0f:13:8a:7a:96:0d:71:a6:75:bd:ab:e8:
fd:fd:2d:f2:34:a8:1f:a6:62:81:49:c3:2a:31:17:10:38:be:
2d:62:92:5f:9a:cc:b3:53:a4:cd:a0:da:6d:f6:ac:b7:eb:45:
5c:de:e6:cb:f6:b2:a6:c1:d5:ef:0f:2c:04:f6:84:37:94:3e:
b7:c8:6f:af
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZ5i4cUadAx2/kTB6wYm6yBEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliODE1MWFlMTY0YTViNzgyYjEwM2RlN2Y3YzhhODk0ODkz
MmFlYmYwHhcNMjYwNTI2MDYwMzQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2M4NGZkZTViYjhjN2ViZmEwMDY3NWRmOGQwNGM0YzY2Y2E5ZmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvf6bo6vLy5H12DuF/wNazEDpKc1u
O+zYfbY9RU4AP8S5GOHTlwqEvsdQKXfamnEBpQgJXCAZ5mRCv35q6zHj4Udv8al+
IeHyL9LE2460Ov8ixQFKjoTCS3JXLcROCQ6cN6n1lupN0zXgQBwfTUfRaXtfxFYf
a+8cjQj0GkRYdYNoiT6q9n2+12h4MmIc8rARZgVGdZF/aoNaj67NqU6gaamG4Sjh
g2P9tr0/cgzjinEvi6QUXOHJo2C8kcs9BsFwNXPWAa2cWFOa4iDap+J9e1/U6eaN
jHeZa6MitCl9rUK6TBq891ShbONaaOJaH8zCRymq6ND2i+VEr5/Y25hbqwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFAfIT95buMfr+gBnXfjQTExmyp+tMB8GA1UdIwQY
MBaAFJuBUa4WSlt4KxA95/fIqJSJMq6/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTRGUnJoWktXM2dyRUQzbjk4aW9sSWt5cnI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC82YjZkMWYtNTQyMS00OGI5LWI3ZWIt
ZGExZmU5ZWJlZThlLzEvQjhoUDNsdTR4LXY2QUdkZC1OQk1UR2JLbjYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC82YjZkMWYtNTQyMS00OGI5LWI3ZWItZGExZmU5ZWJlZThl
LzEvbTRGUnJoWktXM2dyRUQzbjk4aW9sSWt5cnI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQEJSwQAwQD
JY9wAwQCW+nQAwQDXo7oAwQDsvj4AwQCuUt0MA0EAgACMAcDBQAqA6kAMA0GCSqG
SIb3DQEBCwUAA4IBAQB8GSP4UPAwsp2U6ZkZffTuHHAsahAVt8TffNGY+RXHhLTM
OuT6fpJ/847IKIZ8ZPwP6m3Ze3yfNTKkGhHYnD8sxuFcRBi1DniBOp9t2pK7mECz
fv+YhIwlGY/Ejz7Bpt0efjFg/t0oLmBAUnDTLYnRFhKiltVv0O+Y5/wt0uSxA6wG
fjyGQZPnmnU/oDE1OLitP7ftvR+CKzQASO9SnNKS8NXRGV747i3pgPBpjFbxBGs1
e2pvja8gjzUPE4p6lg1xpnW9q+j9/S3yNKgfpmKBScMqMRcQOL4tYpJfmsyzU6TN
oNpt9qy360Vc3ubL9rKmwdXvDywE9oQ3lD63yG+v
-----END CERTIFICATE-----
Generated at Thu Jun 11 19:13:05 2026 by rpki-client