Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/7fa943-9ea6-4068-b6ae-a4d413d7f89c/1/8vgRQVd50Rm3giCvTHM9dYeprUI.roa
File: 8vgRQVd50Rm3giCvTHM9dYeprUI.roa (raw, json)
Hash identifier: ZqKjZ1U3B0KeN2GviCp+mRJZ8NNTVw+srqTGM9NBsTk=
Subject key identifier: F2:F8:11:41:57:79:D1:19:B7:82:20:AF:4C:73:3D:75:87:A9:AD:42
Certificate issuer: /CN=93ece780dfda43ab4a841727eb20d71fc76528bc
Certificate serial: 019E3EE1F6D82AFAEFBD5BDF0839AE1DEAD3
Authority key identifier: 93:EC:E7:80:DF:DA:43:AB:4A:84:17:27:EB:20:D7:1F:C7:65:28:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k-zngN_aQ6tKhBcn6yDXH8dlKLw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/7fa943-9ea6-4068-b6ae-a4d413d7f89c/1/8vgRQVd50Rm3giCvTHM9dYeprUI.roa
Signing time: Tue 19 May 2026 06:17:36 +0000
ROA not before: Tue 19 May 2026 06:17:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 214438
IP address blocks: 62.169.158.0/23 maxlen: 24
69.19.136.0/24 maxlen: 24
69.19.137.0/24 maxlen: 24
69.19.138.0/24 maxlen: 24
69.19.140.0/24 maxlen: 24
185.216.20.0/24 maxlen: 24
185.216.21.0/24 maxlen: 24
185.216.22.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/7fa943-9ea6-4068-b6ae-a4d413d7f89c/1/k-zngN_aQ6tKhBcn6yDXH8dlKLw.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/7fa943-9ea6-4068-b6ae-a4d413d7f89c/1/k-zngN_aQ6tKhBcn6yDXH8dlKLw.mft
rsync://rpki.ripe.net/repository/DEFAULT/k-zngN_aQ6tKhBcn6yDXH8dlKLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 29 May 2026 13:25:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:3e:e1:f6:d8:2a:fa:ef:bd:5b:df:08:39:ae:1d:ea:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93ece780dfda43ab4a841727eb20d71fc76528bc
Validity
Not Before: May 19 06:17:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f2f811415779d119b78220af4c733d7587a9ad42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:fe:43:85:7e:ff:43:63:9c:dd:13:c2:b3:9f:
2e:46:12:62:15:fa:9c:b6:ba:2d:e2:8e:de:6b:d5:
1c:27:48:ac:ce:16:cd:99:af:b5:6a:bd:5a:cf:3f:
8e:44:0d:43:3a:27:db:d8:7a:88:32:90:66:81:12:
e0:42:c0:5d:29:05:57:51:92:06:2f:95:1a:5b:40:
6b:f6:cb:40:34:ca:6b:f5:d4:03:5e:01:a7:9e:5a:
11:2d:1a:ea:f0:66:f4:38:17:12:ff:2e:f5:fe:55:
05:1a:f1:10:b1:4f:49:75:71:aa:d9:66:98:b5:ea:
89:19:f3:8d:36:96:b8:24:78:68:b6:53:ac:84:de:
c2:3b:84:c5:76:b1:23:b4:19:a8:1a:4f:b5:3f:29:
0f:ee:74:5e:72:35:e7:ac:cc:25:e6:83:45:af:13:
51:f5:54:a1:f9:fd:1e:c9:13:65:75:00:2f:40:3b:
9b:96:8a:b7:2f:a5:07:08:1c:e4:9b:bb:a5:b3:6c:
63:35:4b:96:70:50:ce:fd:53:01:c4:cc:15:e7:33:
10:75:49:16:4c:e0:6f:5f:ed:a1:90:e4:ee:b2:87:
c9:e0:bd:f3:f0:80:0d:8f:53:b6:e0:90:da:df:03:
49:aa:c8:2f:de:fc:f0:9c:d9:d7:7e:c4:3f:e1:93:
1a:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:F8:11:41:57:79:D1:19:B7:82:20:AF:4C:73:3D:75:87:A9:AD:42
X509v3 Authority Key Identifier:
keyid:93:EC:E7:80:DF:DA:43:AB:4A:84:17:27:EB:20:D7:1F:C7:65:28:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k-zngN_aQ6tKhBcn6yDXH8dlKLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7fa943-9ea6-4068-b6ae-a4d413d7f89c/1/8vgRQVd50Rm3giCvTHM9dYeprUI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7fa943-9ea6-4068-b6ae-a4d413d7f89c/1/k-zngN_aQ6tKhBcn6yDXH8dlKLw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.169.158.0/23
69.19.136.0-69.19.138.255
69.19.140.0/24
185.216.20.0-185.216.22.255
Signature Algorithm: sha256WithRSAEncryption
7e:8f:4b:47:52:fe:71:9e:d3:5a:7f:dc:34:1e:bb:68:6f:33:
60:07:93:39:d2:8d:aa:a6:ac:1f:86:1f:30:a5:7f:39:29:bd:
a3:7f:86:c9:20:27:5f:bb:8e:87:51:af:5f:c4:db:79:9a:b4:
6e:36:37:37:f1:59:80:86:8b:79:12:08:44:52:11:3b:73:1b:
66:c3:07:f7:2d:29:ef:88:6c:8b:5e:17:ed:e0:06:dd:35:7d:
df:03:a7:d9:c4:31:0e:3a:a3:c8:c7:ee:57:44:c8:30:4b:26:
4e:c3:0c:02:8a:58:25:65:2a:db:9c:f1:a0:13:f8:89:80:ac:
33:3c:f1:eb:fb:91:2a:86:af:16:92:e1:7e:e6:1e:ae:5d:6f:
98:88:fd:79:58:e7:51:5a:9f:90:cd:36:c4:76:92:af:5e:c0:
76:4e:77:24:65:5f:b9:fa:07:77:30:29:a5:47:ee:30:e5:e1:
d6:dc:06:4c:e6:90:2f:32:68:38:2a:26:a7:d9:96:25:d7:16:
87:2d:bb:11:eb:65:9c:ba:40:2b:f1:aa:53:43:46:1b:a5:cc:
ff:95:10:cd:98:df:66:c0:f1:03:5d:05:c1:55:fa:d2:37:10:
0f:fc:09:28:a9:99:02:53:e2:d1:d4:86:63:4a:ea:2f:04:05:
e7:fe:77:41
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZ4+4fbYKvrvvVvfCDmuHerTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzZWNlNzgwZGZkYTQzYWI0YTg0MTcyN2ViMjBkNzFmYzc2
NTI4YmMwHhcNMjYwNTE5MDYxNzM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmY4MTE0MTU3NzlkMTE5Yjc4MjIwYWY0YzczM2Q3NTg3YTlhZDQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqf5DhX7/Q2Oc3RPCs58uRhJiFfqc
trot4o7ea9UcJ0iszhbNma+1ar1azz+ORA1DOifb2HqIMpBmgRLgQsBdKQVXUZIG
L5UaW0Br9stANMpr9dQDXgGnnloRLRrq8Gb0OBcS/y71/lUFGvEQsU9JdXGq2WaY
teqJGfONNpa4JHhotlOshN7CO4TFdrEjtBmoGk+1PykP7nRecjXnrMwl5oNFrxNR
9VSh+f0eyRNldQAvQDubloq3L6UHCBzkm7uls2xjNUuWcFDO/VMBxMwV5zMQdUkW
TOBvX+2hkOTusofJ4L3z8IANj1O24JDa3wNJqsgv3vzwnNnXfsQ/4ZMaNQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFPL4EUFXedEZt4Igr0xzPXWHqa1CMB8GA1UdIwQY
MBaAFJPs54Df2kOrSoQXJ+sg1x/HZSi8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvay16bmdOX2FRNnRLaEJjbjZ5RFhIOGRsS0x3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy83ZmE5NDMtOWVhNi00MDY4LWI2YWUt
YTRkNDEzZDdmODljLzEvOHZnUlFWZDUwUm0zZ2lDdlRITTlkWWVwclVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy83ZmE5NDMtOWVhNi00MDY4LWI2YWUtYTRkNDEzZDdmODlj
LzEvay16bmdOX2FRNnRLaEJjbjZ5RFhIOGRsS0x3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQBPqmeMAwD
BANFE4gDBABFE4oDBABFE4wwDAMEArnYFAMEALnYFjANBgkqhkiG9w0BAQsFAAOC
AQEAfo9LR1L+cZ7TWn/cNB67aG8zYAeTOdKNqqasH4YfMKV/OSm9o3+GySAnX7uO
h1GvX8TbeZq0bjY3N/FZgIaLeRIIRFIRO3MbZsMH9y0p74hsi14X7eAG3TV93wOn
2cQxDjqjyMfuV0TIMEsmTsMMAopYJWUq25zxoBP4iYCsMzzx6/uRKoavFpLhfuYe
rl1vmIj9eVjnUVqfkM02xHaSr17Adk53JGVfufoHdzAppUfuMOXh1twGTOaQLzJo
OComp9mWJdcWhy27EetlnLpAK/GqU0NGG6XM/5UQzZjfZsDxA10FwVX60jcQD/wJ
KKmZAlPi0dSGY0rqLwQF5/53QQ==
-----END CERTIFICATE-----
Generated at Thu May 28 17:02:59 2026 by rpki-client