Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/PI7arf47G_AhJ1Kzbao6-p33ijI.roa
File: PI7arf47G_AhJ1Kzbao6-p33ijI.roa (raw, json)
Hash identifier: CiWCajGQCS7TonxoXEkRu+6wny2eTqjCRZrl6ua7tvU=
Subject key identifier: 3C:8E:DA:AD:FE:3B:1B:F0:21:27:52:B3:6D:AA:3A:FA:9D:F7:8A:32
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 019D7093B0B8ACF8202DCC351C57F2CE643B
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/PI7arf47G_AhJ1Kzbao6-p33ijI.roa
Signing time: Thu 09 Apr 2026 04:50:20 +0000
ROA not before: Thu 09 Apr 2026 04:50:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 5650
IP address blocks: 89.40.82.0/24 maxlen: 24
89.47.99.0/24 maxlen: 24
89.47.115.0/24 maxlen: 24
89.47.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.mft
rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 Apr 2026 17:59:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:70:93:b0:b8:ac:f8:20:2d:cc:35:1c:57:f2:ce:64:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Apr 9 04:50:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3c8edaadfe3b1bf0212752b36daa3afa9df78a32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:4f:28:8a:90:dd:c7:5a:d2:58:25:42:55:6e:
ff:4e:43:9b:30:bf:2d:ee:54:e6:eb:18:de:d3:27:
72:84:13:fc:cd:cc:70:3c:bd:19:80:22:cb:c3:cb:
6b:29:37:4f:53:27:fd:c5:dc:a7:ec:ad:ea:ac:ef:
72:92:fd:2e:c1:cc:9e:b2:4b:77:b2:27:10:b3:b8:
38:46:e6:65:11:9d:f8:6a:29:e4:df:47:8e:99:bc:
e2:aa:af:3b:2a:48:19:75:a6:a1:89:ff:66:ac:5d:
07:0d:66:64:eb:2c:88:25:0f:3a:c9:c1:b9:49:6b:
1d:d8:bc:e5:03:30:3c:66:c2:07:d8:b0:f8:a3:f2:
e2:06:82:df:15:77:5d:96:77:71:9f:e5:36:1c:6d:
c4:ee:13:61:b2:0e:92:c7:88:9b:29:89:ce:48:13:
5c:02:82:70:0d:d1:31:d3:1c:3a:83:1e:33:2c:68:
f5:45:89:16:c4:30:ca:ab:ec:cb:54:df:0b:e9:ef:
16:bf:31:5f:b5:0b:d5:dc:33:74:3d:56:75:be:02:
6f:54:93:44:d2:94:dd:56:e7:6f:6c:0b:31:f0:bd:
49:12:79:d4:b8:9d:93:f8:c7:ba:2a:e1:0b:7b:2b:
4f:43:e0:a9:3e:c9:dd:58:44:80:37:82:ac:27:82:
f1:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:8E:DA:AD:FE:3B:1B:F0:21:27:52:B3:6D:AA:3A:FA:9D:F7:8A:32
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/PI7arf47G_AhJ1Kzbao6-p33ijI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.40.82.0/24
89.47.99.0/24
89.47.115.0/24
89.47.119.0/24
Signature Algorithm: sha256WithRSAEncryption
38:7c:4c:f4:62:1c:0c:f0:90:67:95:d2:e4:85:2a:77:6a:4d:
a2:db:1d:64:ec:20:6f:27:ac:be:cf:e6:e1:47:34:cf:5d:8c:
d8:5e:f2:1a:73:0e:9b:ca:ad:b8:c3:5b:76:e1:32:e5:5b:b1:
66:6a:e6:7b:4b:e6:56:ea:60:ab:2e:23:64:ac:09:b2:20:ef:
61:ee:2e:02:bf:c9:19:92:e7:e5:00:a5:a6:84:ba:f9:f5:58:
5f:92:f6:54:0b:21:5b:b6:4d:87:5e:a8:64:4c:34:84:b0:9e:
d7:be:be:3c:a2:be:49:15:73:80:de:79:f7:26:01:4d:fe:7d:
81:4f:c0:d6:8c:f2:1f:0b:cf:77:37:b4:b8:fd:a7:9e:b4:2f:
36:ae:de:91:08:93:4f:5e:62:f5:32:92:3b:ba:21:47:25:c1:
7a:df:0e:84:37:c2:fc:6a:66:2e:85:81:1c:60:4a:a0:a1:97:
16:06:74:11:94:9a:69:3b:b8:53:a9:41:dd:42:41:37:b1:e8:
39:87:6c:26:7b:9b:a0:5d:51:d9:9d:41:ca:f0:c3:c7:7b:d4:
fc:91:94:53:94:83:e5:f7:80:6e:1d:00:0e:22:83:18:32:d3:
ee:a4:e1:44:51:67:60:be:16:9d:ed:c0:66:3d:4e:e2:e1:21:
c2:82:bc:2d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ1wk7C4rPggLcw1HFfyzmQ7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjYwNDA5MDQ1MDIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzhlZGFhZGZlM2IxYmYwMjEyNzUyYjM2ZGFhM2FmYTlkZjc4YTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwE8oipDdx1rSWCVCVW7/TkObML8t
7lTm6xje0ydyhBP8zcxwPL0ZgCLLw8trKTdPUyf9xdyn7K3qrO9ykv0uwcyeskt3
sicQs7g4RuZlEZ34aink30eOmbziqq87KkgZdaahif9mrF0HDWZk6yyIJQ86ycG5
SWsd2LzlAzA8ZsIH2LD4o/LiBoLfFXddlndxn+U2HG3E7hNhsg6Sx4ibKYnOSBNc
AoJwDdEx0xw6gx4zLGj1RYkWxDDKq+zLVN8L6e8WvzFftQvV3DN0PVZ1vgJvVJNE
0pTdVudvbAsx8L1JEnnUuJ2T+Me6KuELeytPQ+CpPsndWESAN4KsJ4Lx+QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDyO2q3+OxvwISdSs22qOvqd94oyMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvUEk3YXJmNDdHX0FoSjFLemJhbzYtcDMzaWpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWShSAwQA
WS9jAwQAWS9zAwQAWS93MA0GCSqGSIb3DQEBCwUAA4IBAQA4fEz0YhwM8JBnldLk
hSp3ak2i2x1k7CBvJ6y+z+bhRzTPXYzYXvIacw6byq24w1t24TLlW7FmauZ7S+ZW
6mCrLiNkrAmyIO9h7i4Cv8kZkuflAKWmhLr59VhfkvZUCyFbtk2HXqhkTDSEsJ7X
vr48or5JFXOA3nn3JgFN/n2BT8DWjPIfC893N7S4/aeetC82rt6RCJNPXmL1MpI7
uiFHJcF63w6EN8L8amYuhYEcYEqgoZcWBnQRlJppO7hTqUHdQkE3seg5h2wme5ug
XVHZnUHK8MPHe9T8kZRTlIPl94BuHQAOIoMYMtPupOFEUWdgvhad7cBmPU7i4SHC
grwt
-----END CERTIFICATE-----
Generated at Sun Apr 19 00:40:15 2026 by rpki-client