Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/kT1MhOs2pjWPveWnnzpZvLwHE8I.roa
File: kT1MhOs2pjWPveWnnzpZvLwHE8I.roa (raw, json)
Hash identifier: PObzTeTNqjikv/tj+DTeCD2L5aW2W4bJwFPcLIU6GHY=
Subject key identifier: 91:3D:4C:84:EB:36:A6:35:8F:BD:E5:A7:9F:3A:59:BC:BC:07:13:C2
Certificate issuer: /CN=098f7ba34bc6567bd3616d574f7285dd7556dbfd
Certificate serial: 019EF921487D49907AF8C41451D8FEE3FC8A
Authority key identifier: 09:8F:7B:A3:4B:C6:56:7B:D3:61:6D:57:4F:72:85:DD:75:56:DB:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CY97o0vGVnvTYW1XT3KF3XVW2_0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/kT1MhOs2pjWPveWnnzpZvLwHE8I.roa
Signing time: Wed 24 Jun 2026 10:16:08 +0000
ROA not before: Wed 24 Jun 2026 10:16:08 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 80.93.192.0/24 maxlen: 24
80.93.193.0/24 maxlen: 24
80.93.198.0/24 maxlen: 24
80.93.199.0/24 maxlen: 24
80.93.204.0/24 maxlen: 24
80.93.205.0/24 maxlen: 24
80.93.206.0/24 maxlen: 24
80.93.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.crl
rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.mft
rsync://rpki.ripe.net/repository/DEFAULT/CY97o0vGVnvTYW1XT3KF3XVW2_0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Jun 2026 07:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:f9:21:48:7d:49:90:7a:f8:c4:14:51:d8:fe:e3:fc:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=098f7ba34bc6567bd3616d574f7285dd7556dbfd
Validity
Not Before: Jun 24 10:16:08 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=913d4c84eb36a6358fbde5a79f3a59bcbc0713c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:cb:3c:d6:53:1b:94:f7:25:91:ca:87:8b:1d:
74:a5:3f:61:f5:6b:1b:39:44:20:46:74:3c:a4:28:
f5:8d:9b:59:94:ab:d4:92:28:1e:b4:99:b7:c0:cf:
86:59:e0:30:d7:aa:5a:1d:6f:0c:24:a3:79:9e:a1:
f5:72:98:09:e6:69:c5:66:a4:4d:83:4f:3f:3b:87:
9d:9e:1b:57:ee:d4:2d:24:03:1a:7a:71:69:fb:33:
31:4b:30:88:70:ad:c3:15:82:f6:57:14:24:67:39:
07:2d:d4:67:3d:fb:87:17:db:e7:15:3a:76:1d:c8:
e4:46:3a:f5:c1:29:f1:83:af:14:c9:fb:6b:a2:8f:
da:c1:c3:13:f4:b0:c3:e7:8c:aa:14:9f:79:b5:81:
f7:03:04:7e:e3:1e:c7:79:08:bd:6a:4f:72:0c:c8:
9a:ec:fa:b5:cd:ce:e8:c4:91:4e:67:da:2b:ec:e6:
3d:2f:71:36:66:90:13:f4:c8:f0:be:f2:3b:c8:e5:
f2:dc:26:b3:34:1d:92:c5:83:0d:10:b5:d2:c1:e0:
62:9a:65:ef:c2:64:8e:07:50:18:66:af:56:7b:80:
9f:7e:a5:c3:d3:9b:52:b8:38:f5:0c:16:dc:ae:c3:
1d:9a:7b:44:dd:8f:e4:b0:e8:ba:3e:94:34:c9:04:
35:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:3D:4C:84:EB:36:A6:35:8F:BD:E5:A7:9F:3A:59:BC:BC:07:13:C2
X509v3 Authority Key Identifier:
keyid:09:8F:7B:A3:4B:C6:56:7B:D3:61:6D:57:4F:72:85:DD:75:56:DB:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CY97o0vGVnvTYW1XT3KF3XVW2_0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/kT1MhOs2pjWPveWnnzpZvLwHE8I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.93.192.0/23
80.93.198.0/23
80.93.204.0/22
Signature Algorithm: sha256WithRSAEncryption
2b:16:da:c9:28:30:54:f2:4b:36:fa:69:15:cf:d5:4d:d6:27:
85:92:32:a4:a0:64:11:6f:1a:15:c1:8f:c4:4d:9a:6c:dc:2e:
8d:83:84:28:d4:c1:69:75:b9:fa:39:a0:ae:da:51:a9:43:40:
b3:00:11:56:81:45:64:2d:c0:b4:28:5c:39:38:38:2d:65:12:
aa:a9:59:42:ae:2a:e7:1d:fe:32:0b:dd:11:7a:56:a7:2c:4e:
6a:04:56:ac:f4:88:d7:1e:60:40:4a:85:55:26:d3:7b:12:de:
97:a5:9b:84:09:d1:2f:ce:53:a2:55:b5:51:18:9a:ef:4f:7c:
a5:1f:f6:f1:a2:fc:63:e5:44:d0:62:9b:a9:77:73:2e:47:f1:
d5:24:2c:24:fe:67:5d:0f:5e:68:e5:ba:ba:08:47:5d:5e:fb:
cb:0f:bb:a9:91:17:b3:89:a3:22:38:e2:f8:f4:ac:11:bb:ad:
86:2c:5e:63:db:fe:7b:9e:52:81:70:93:ae:1d:5a:df:e4:39:
89:3f:48:bb:ef:54:0d:e4:b3:e3:12:05:0c:75:cb:2f:10:e6:
0b:57:23:f9:7f:56:16:f0:1a:bf:e7:bc:26:c2:03:55:25:95:
24:41:18:c7:62:19:08:17:5f:73:fe:bb:57:cf:38:8a:df:d1:
45:37:1c:01
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZ75IUh9SZB6+MQUUdj+4/yKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5OGY3YmEzNGJjNjU2N2JkMzYxNmQ1NzRmNzI4NWRkNzU1
NmRiZmQwHhcNMjYwNjI0MTAxNjA4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTNkNGM4NGViMzZhNjM1OGZiZGU1YTc5ZjNhNTliY2JjMDcxM2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxMs81lMblPclkcqHix10pT9h9Wsb
OUQgRnQ8pCj1jZtZlKvUkigetJm3wM+GWeAw16paHW8MJKN5nqH1cpgJ5mnFZqRN
g08/O4ednhtX7tQtJAMaenFp+zMxSzCIcK3DFYL2VxQkZzkHLdRnPfuHF9vnFTp2
HcjkRjr1wSnxg68Uyftroo/awcMT9LDD54yqFJ95tYH3AwR+4x7HeQi9ak9yDMia
7Pq1zc7oxJFOZ9or7OY9L3E2ZpAT9MjwvvI7yOXy3CazNB2SxYMNELXSweBimmXv
wmSOB1AYZq9We4CffqXD05tSuDj1DBbcrsMdmntE3Y/ksOi6PpQ0yQQ1mwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJE9TITrNqY1j73lp586Wby8BxPCMB8GA1UdIwQY
MBaAFAmPe6NLxlZ702FtV09yhd11Vtv9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1k5N28wdkdWbnZUWVcxWFQzS0YzWFZXMl8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8zOGM1YWMtYjdlNy00MGRkLTk4ZDMt
ZTIxNjZhZDc0ZTNmLzEva1QxTWhPczJwaldQdmVXbm56cFp2THdIRThJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8zOGM1YWMtYjdlNy00MGRkLTk4ZDMtZTIxNjZhZDc0ZTNm
LzEvQ1k5N28wdkdWbnZUWVcxWFQzS0YzWFZXMl8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBUF3AAwQB
UF3GAwQCUF3MMA0GCSqGSIb3DQEBCwUAA4IBAQArFtrJKDBU8ks2+mkVz9VN1ieF
kjKkoGQRbxoVwY/ETZps3C6Ng4Qo1MFpdbn6OaCu2lGpQ0CzABFWgUVkLcC0KFw5
ODgtZRKqqVlCrirnHf4yC90RelanLE5qBFas9IjXHmBASoVVJtN7Et6XpZuECdEv
zlOiVbVRGJrvT3ylH/bxovxj5UTQYpupd3MuR/HVJCwk/mddD15o5bq6CEddXvvL
D7upkReziaMiOOL49KwRu62GLF5j2/57nlKBcJOuHVrf5DmJP0i771QN5LPjEgUM
dcsvEOYLVyP5f1YW8Bq/57wmwgNVJZUkQRjHYhkIF19z/rtXzziK39FFNxwB
-----END CERTIFICATE-----
Generated at Wed Jun 24 14:48:27 2026 by rpki-client